class TestCorsMiddlewareProcessRequest(TestCase):
def setUp(self):
self.middleware = CorsMiddleware()
def test_process_request(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
with settings_override(CORS_URLS_REGEX='^.*$'):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_empty_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': ''}
with settings_override(CORS_URLS_REGEX='^.*$'):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_no_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {}
response = self.middleware.process_request(request)
self.assertIsNone(response)
def test_process_request_not_options(self):
request = Mock(path='/')
request.method = 'GET'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
response = self.middleware.process_request(request)
self.assertIsNone(response)
class TestCorsMiddlewareProcessRequest(TestCase):
def setUp(self):
self.middleware = CorsMiddleware()
def test_process_request(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
with settings_override(CORS_URLS_REGEX='^.*$'):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_empty_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': ''}
with settings_override(CORS_URLS_REGEX='^.*$'):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_no_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {}
response = self.middleware.process_request(request)
self.assertIsNone(response)
def test_process_request_not_options(self):
request = Mock(path='/')
request.method = 'GET'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
response = self.middleware.process_request(request)
self.assertIsNone(response)
class TestCorsMiddlewareProcessRequest(TestCase):
def setUp(self):
self.middleware = CorsMiddleware()
def test_process_request(self):
request = Mock(path="/")
request.method = "OPTIONS"
request.META = {"HTTP_ACCESS_CONTROL_REQUEST_METHOD": "value"}
with settings_override(CORS_URLS_REGEX="^.*$"):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_empty_header(self):
request = Mock(path="/")
request.method = "OPTIONS"
request.META = {"HTTP_ACCESS_CONTROL_REQUEST_METHOD": ""}
with settings_override(CORS_URLS_REGEX="^.*$"):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_no_header(self):
request = Mock(path="/")
request.method = "OPTIONS"
request.META = {}
response = self.middleware.process_request(request)
self.assertIsNone(response)
def test_process_request_not_options(self):
request = Mock(path="/")
request.method = "GET"
request.META = {"HTTP_ACCESS_CONTROL_REQUEST_METHOD": "value"}
response = self.middleware.process_request(request)
self.assertIsNone(response)
class TestCorsMiddlewareProcessRequest(TestCase):
def setUp(self):
self.middleware = CorsMiddleware()
def test_process_request(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
with settings_override(CORS_URLS_REGEX='^.*$'):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_empty_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': ''}
with settings_override(CORS_URLS_REGEX='^.*$'):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_no_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {}
response = self.middleware.process_request(request)
self.assertIsNone(response)
def test_process_request_not_options(self):
request = Mock(path='/')
request.method = 'GET'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
response = self.middleware.process_request(request)
self.assertIsNone(response)
def test_process_request_replace_https_referer(self):
post_middleware = CorsPostCsrfMiddleware()
request = Mock(path='/')
request.method = 'GET'
request.is_secure = lambda: False
request.META = {
'HTTP_REFERER': 'http://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'http://foo.google.com',
}
# test that we won't replace if the request is not secure
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_request(request)
self.assertIsNone(response)
self.assertTrue('ORIGINAL_HTTP_REFERER' not in request.META)
self.assertEquals(request.META['HTTP_REFERER'], 'http://foo.google.com/')
request.is_secure = lambda: True
request.META = {
'HTTP_REFERER': 'https://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'https://foo.google.com',
}
# test that we won't replace with the setting off
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*'):
response = self.middleware.process_request(request)
self.assertIsNone(response)
self.assertTrue('ORIGINAL_HTTP_REFERER' not in request.META)
self.assertEquals(request.META['HTTP_REFERER'], 'https://foo.google.com/')
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_request(request)
self.assertIsNone(response)
self.assertEquals(request.META['ORIGINAL_HTTP_REFERER'], 'https://foo.google.com/')
self.assertEquals(request.META['HTTP_REFERER'], 'https://foobar.com/')
# make sure the replace code is idempotent
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_view(request, None, None, None)
self.assertIsNone(response)
self.assertEquals(request.META['ORIGINAL_HTTP_REFERER'], 'https://foo.google.com/')
self.assertEquals(request.META['HTTP_REFERER'], 'https://foobar.com/')
with settings_override(CORS_URLS_REGEX='^.*$', CORS_REPLACE_HTTPS_REFERER=True):
post_middleware.process_request(request)
self.assertTrue('ORIGINAL_HTTP_REFERER' not in request.META)
self.assertEquals(request.META['HTTP_REFERER'], 'https://foo.google.com/')
with settings_override(CORS_URLS_REGEX='^.*$', CORS_REPLACE_HTTPS_REFERER=True):
response = post_middleware.process_request(request)
self.assertIsNone(response)
def test_process_view_replace_https_referer(self):
post_middleware = CorsPostCsrfMiddleware()
request = Mock(path='/')
request.method = 'GET'
request.is_secure = lambda: True
request.META = {
'HTTP_REFERER': 'https://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'https://foo.google.com',
}
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_view(request, None, None, None)
self.assertIsNone(response)
self.assertEquals(request.META['ORIGINAL_HTTP_REFERER'], 'https://foo.google.com/')
self.assertEquals(request.META['HTTP_REFERER'], 'https://foobar.com/')
with settings_override(CORS_URLS_REGEX='^.*$', CORS_REPLACE_HTTPS_REFERER=True):
post_middleware.process_view(request, None, None, None)
self.assertTrue('ORIGINAL_HTTP_REFERER' not in request.META)
self.assertEquals(request.META['HTTP_REFERER'], 'https://foo.google.com/')
with settings_override(CORS_URLS_REGEX='^.*$', CORS_REPLACE_HTTPS_REFERER=True):
response = post_middleware.process_view(request, None, None, None)
self.assertIsNone(response)
class TestCorsMiddlewareProcessRequest(TestCase):
def setUp(self):
self.middleware = CorsMiddleware()
def test_process_request(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
response = self.middleware.process_request(request)
assert isinstance(response, HttpResponse)
def test_process_request_empty_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': ''}
response = self.middleware.process_request(request)
assert isinstance(response, HttpResponse)
def test_process_request_no_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {}
response = self.middleware.process_request(request)
assert response is None
def test_process_request_not_options(self):
request = Mock(path='/')
request.method = 'GET'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
response = self.middleware.process_request(request)
assert response is None
@override_settings(
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True,
)
def test_process_request_replace_https_referer(self):
post_middleware = CorsPostCsrfMiddleware()
request = Mock(path='/')
request.method = 'GET'
request.is_secure = lambda: True
# make sure it doesnt blow up when HTTP_REFERER is not present
request.META = {
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'https://foo.google.com',
}
response = self.middleware.process_request(request)
assert response is None
# make sure it doesnt blow up when HTTP_HOST is not present
request.META = {
'HTTP_REFERER': 'http://foo.google.com/',
'HTTP_ORIGIN': 'https://foo.google.com',
}
response = self.middleware.process_request(request)
assert response is None
request.is_secure = lambda: False
request.META = {
'HTTP_REFERER': 'http://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'http://foo.google.com',
}
# test that we won't replace if the request is not secure
response = self.middleware.process_request(request)
assert response is None
assert 'ORIGINAL_HTTP_REFERER' not in request.META
assert request.META['HTTP_REFERER'] == 'http://foo.google.com/'
request.is_secure = lambda: True
request.META = {
'HTTP_REFERER': 'https://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'https://foo.google.com',
}
# test that we won't replace with the setting off
with override_settings(CORS_REPLACE_HTTPS_REFERER=False):
response = self.middleware.process_request(request)
assert response is None
assert 'ORIGINAL_HTTP_REFERER' not in request.META
assert request.META['HTTP_REFERER'] == 'https://foo.google.com/'
response = self.middleware.process_request(request)
assert response is None
assert request.META[
'ORIGINAL_HTTP_REFERER'] == 'https://foo.google.com/'
assert request.META['HTTP_REFERER'] == 'https://foobar.com/'
# make sure the replace code is idempotent
response = self.middleware.process_view(request, None, None, None)
assert response is None
assert request.META[
'ORIGINAL_HTTP_REFERER'] == 'https://foo.google.com/'
assert request.META['HTTP_REFERER'] == 'https://foobar.com/'
post_middleware.process_request(request)
assert 'ORIGINAL_HTTP_REFERER' not in request.META
assert request.META['HTTP_REFERER'] == 'https://foo.google.com/'
response = post_middleware.process_request(request)
assert response is None
@override_settings(
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True,
)
def test_process_view_replace_https_referer(self):
post_middleware = CorsPostCsrfMiddleware()
request = Mock(path='/')
request.method = 'GET'
request.is_secure = lambda: True
request.META = {
'HTTP_REFERER': 'https://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'https://foo.google.com',
}
response = self.middleware.process_view(request, None, None, None)
assert response is None
assert request.META[
'ORIGINAL_HTTP_REFERER'] == 'https://foo.google.com/'
assert request.META['HTTP_REFERER'] == 'https://foobar.com/'
post_middleware.process_view(request, None, None, None)
assert 'ORIGINAL_HTTP_REFERER' not in request.META
assert request.META['HTTP_REFERER'] == 'https://foo.google.com/'
response = post_middleware.process_view(request, None, None, None)
assert response is None
class TestCorsMiddlewareProcessRequest(TestCase):
def setUp(self):
self.middleware = CorsMiddleware()
def test_process_request(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
with settings_override(CORS_URLS_REGEX='^.*$'):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_empty_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': ''}
with settings_override(CORS_URLS_REGEX='^.*$'):
response = self.middleware.process_request(request)
self.assertIsInstance(response, HttpResponse)
def test_process_request_no_header(self):
request = Mock(path='/')
request.method = 'OPTIONS'
request.META = {}
response = self.middleware.process_request(request)
self.assertIsNone(response)
def test_process_request_not_options(self):
request = Mock(path='/')
request.method = 'GET'
request.META = {'HTTP_ACCESS_CONTROL_REQUEST_METHOD': 'value'}
response = self.middleware.process_request(request)
self.assertIsNone(response)
def test_process_request_replace_https_referer(self):
post_middleware = CorsPostCsrfMiddleware()
request = Mock(path='/')
request.method = 'GET'
request.is_secure = lambda: True
# make sure it doesnt blow up when HTTP_REFERER is not present
request.META = {
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'https://foo.google.com',
}
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_request(request)
self.assertIsNone(response)
# make sure it doesnt blow up when HTTP_HOST is not present
request.META = {
'HTTP_REFERER': 'http://foo.google.com/',
'HTTP_ORIGIN': 'https://foo.google.com',
}
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_request(request)
self.assertIsNone(response)
request.is_secure = lambda: False
request.META = {
'HTTP_REFERER': 'http://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'http://foo.google.com',
}
# test that we won't replace if the request is not secure
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_request(request)
self.assertIsNone(response)
self.assertTrue('ORIGINAL_HTTP_REFERER' not in request.META)
self.assertEquals(request.META['HTTP_REFERER'], 'http://foo.google.com/')
request.is_secure = lambda: True
request.META = {
'HTTP_REFERER': 'https://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'https://foo.google.com',
}
# test that we won't replace with the setting off
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*'):
response = self.middleware.process_request(request)
self.assertIsNone(response)
self.assertTrue('ORIGINAL_HTTP_REFERER' not in request.META)
self.assertEquals(request.META['HTTP_REFERER'], 'https://foo.google.com/')
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_request(request)
self.assertIsNone(response)
self.assertEquals(request.META['ORIGINAL_HTTP_REFERER'], 'https://foo.google.com/')
self.assertEquals(request.META['HTTP_REFERER'], 'https://foobar.com/')
# make sure the replace code is idempotent
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_view(request, None, None, None)
self.assertIsNone(response)
self.assertEquals(request.META['ORIGINAL_HTTP_REFERER'], 'https://foo.google.com/')
self.assertEquals(request.META['HTTP_REFERER'], 'https://foobar.com/')
with settings_override(CORS_URLS_REGEX='^.*$', CORS_REPLACE_HTTPS_REFERER=True):
post_middleware.process_request(request)
self.assertTrue('ORIGINAL_HTTP_REFERER' not in request.META)
self.assertEquals(request.META['HTTP_REFERER'], 'https://foo.google.com/')
with settings_override(CORS_URLS_REGEX='^.*$', CORS_REPLACE_HTTPS_REFERER=True):
response = post_middleware.process_request(request)
self.assertIsNone(response)
def test_process_view_replace_https_referer(self):
post_middleware = CorsPostCsrfMiddleware()
request = Mock(path='/')
request.method = 'GET'
request.is_secure = lambda: True
request.META = {
'HTTP_REFERER': 'https://foo.google.com/',
'HTTP_HOST': 'foobar.com',
'HTTP_ORIGIN': 'https://foo.google.com',
}
with settings_override(CORS_URLS_REGEX='^.*$',
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True):
response = self.middleware.process_view(request, None, None, None)
self.assertIsNone(response)
self.assertEquals(request.META['ORIGINAL_HTTP_REFERER'], 'https://foo.google.com/')
self.assertEquals(request.META['HTTP_REFERER'], 'https://foobar.com/')
with settings_override(CORS_URLS_REGEX='^.*$', CORS_REPLACE_HTTPS_REFERER=True):
post_middleware.process_view(request, None, None, None)
self.assertTrue('ORIGINAL_HTTP_REFERER' not in request.META)
self.assertEquals(request.META['HTTP_REFERER'], 'https://foo.google.com/')
with settings_override(CORS_URLS_REGEX='^.*$', CORS_REPLACE_HTTPS_REFERER=True):
response = post_middleware.process_view(request, None, None, None)
self.assertIsNone(response)
class TestCorsMiddlewareProcessRequest(TestCase):
req_factory = RequestFactory()
def setUp(self):
self.middleware = CorsMiddleware()
def test_process_request(self):
request = self.req_factory.options(
'/',
HTTP_ACCESS_CONTROL_REQUEST_METHOD='value',
)
response = self.middleware.process_request(request)
assert isinstance(response, HttpResponse)
def test_process_request_empty_header(self):
request = self.req_factory.options(
'/',
HTTP_ACCESS_CONTROL_REQUEST_METHOD='',
)
response = self.middleware.process_request(request)
assert isinstance(response, HttpResponse)
def test_process_request_no_header(self):
request = self.req_factory.options('/')
response = self.middleware.process_request(request)
assert response is None
def test_process_request_not_options(self):
request = self.req_factory.get(
'/',
HTTP_ACCESS_CONTROL_REQUEST_METHOD='value',
)
response = self.middleware.process_request(request)
assert response is None
@override_settings(
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True,
SECURE_PROXY_SSL_HEADER=('HTTP_FAKE_SECURE', 'true'),
)
def test_process_request_replace_https_referer(self):
post_middleware = CorsPostCsrfMiddleware()
# make sure it doesnt blow up when HTTP_REFERER is not present
request = self.req_factory.get(
'/',
HTTP_FAKE_SECURE='true',
HTTP_HOST='foobar.com',
HTTP_ORIGIN='https://foo.google.com',
)
response = self.middleware.process_request(request)
assert response is None
# make sure it doesnt blow up when HTTP_HOST is not present
request = self.req_factory.get(
'/',
HTTP_FAKE_SECURE='true',
HTTP_ORIGIN='https://foo.google.com',
HTTP_REFERER='http://foo.google.com/',
)
response = self.middleware.process_request(request)
assert response is None
# test that we won't replace if the request is not secure
request = self.req_factory.get(
'/',
HTTP_HOST='foobar.com',
HTTP_ORIGIN='http://foo.google.com',
HTTP_REFERER='http://foo.google.com/',
)
response = self.middleware.process_request(request)
assert response is None
assert 'ORIGINAL_HTTP_REFERER' not in request.META
assert request.META['HTTP_REFERER'] == 'http://foo.google.com/'
# test that we won't replace with the setting off
request = self.req_factory.get(
'/',
HTTP_FAKE_SECURE='true',
HTTP_HOST='foobar.com',
HTTP_ORIGIN='https://foo.google.com',
HTTP_REFERER='https://foo.google.com/',
)
with override_settings(CORS_REPLACE_HTTPS_REFERER=False):
response = self.middleware.process_request(request)
assert response is None
assert 'ORIGINAL_HTTP_REFERER' not in request.META
assert request.META['HTTP_REFERER'] == 'https://foo.google.com/'
response = self.middleware.process_request(request)
assert response is None
assert request.META['ORIGINAL_HTTP_REFERER'] == 'https://foo.google.com/'
assert request.META['HTTP_REFERER'] == 'https://foobar.com/'
# make sure the replace code is idempotent
response = self.middleware.process_view(request, None, None, None)
assert response is None
assert request.META['ORIGINAL_HTTP_REFERER'] == 'https://foo.google.com/'
assert request.META['HTTP_REFERER'] == 'https://foobar.com/'
post_middleware.process_request(request)
assert 'ORIGINAL_HTTP_REFERER' not in request.META
assert request.META['HTTP_REFERER'] == 'https://foo.google.com/'
response = post_middleware.process_request(request)
assert response is None
@override_settings(
CORS_ORIGIN_REGEX_WHITELIST='.*google.*',
CORS_REPLACE_HTTPS_REFERER=True,
SECURE_PROXY_SSL_HEADER=('HTTP_FAKE_SECURE', 'true'),
)
def test_process_view_replace_https_referer(self):
post_middleware = CorsPostCsrfMiddleware()
request = self.req_factory.get(
'/',
HTTP_FAKE_SECURE='true',
HTTP_HOST='foobar.com',
HTTP_ORIGIN='https://foo.google.com',
HTTP_REFERER='https://foo.google.com/',
)
response = self.middleware.process_view(request, None, None, None)
assert response is None
assert request.META['ORIGINAL_HTTP_REFERER'] == 'https://foo.google.com/'
assert request.META['HTTP_REFERER'] == 'https://foobar.com/'
post_middleware.process_view(request, None, None, None)
assert 'ORIGINAL_HTTP_REFERER' not in request.META
assert request.META['HTTP_REFERER'] == 'https://foo.google.com/'
response = post_middleware.process_view(request, None, None, None)
assert response is None
class RequestStartedMiddleware(MiddlewareMixin):
def process_request(self, request):
pretty = True if 'HTTP_X_CSAPI_PRETTY' in request.META and request.META['HTTP_X_CSAPI_PRETTY'].lower() in ['true', 'on', '1' ] else False
request.META = request.META.copy()
request.META['HTTP_X_CSAPI_PRETTY'] = pretty
try:
view_func = resolve(request.META['PATH_INFO'])[0]
app_label = view_func.__module__.rsplit('.', 1)[1]
view_name = view_func.__name__
methods = settings.ALLOW_EXPOSE_CORS_DATA[app_label][view_name]['METHODS']
if methods:
if getattr(request, "_CorsMiddleware", False) is False:
self._CorsMiddleware = CorsMiddleware()
response = self._CorsMiddleware.process_request(request)
if response and request.method == "OPTIONS":
response = self._CorsMiddleware.process_response(request, response)
response[ACCESS_CONTROL_ALLOW_METHODS] = ", ".join(methods)
try:
headers = settings.ALLOW_EXPOSE_CORS_DATA[app_label][view_name]['EXPOSE_HEADERS']
if headers:
response[ACCESS_CONTROL_EXPOSE_HEADERS] = ", ".join(headers)
except Exception as e:
raise e
try:
headers = settings.ALLOW_EXPOSE_CORS_DATA[app_label][view_name]['ALLOW_HEADERS']
if headers:
response[ACCESS_CONTROL_ALLOW_HEADERS] = ", ".join(headers)
except Exception as e:
raise e
response[ACCESS_CONTROL_ALLOW_HEADERS] = '*'
response[ACCESS_CONTROL_EXPOSE_HEADERS] = []
setattr(request, "_cors_enabled", False)
return response
except Exception as e:
raise e
request.META['_time'] = time.time()
""" """
req_key = 'HTTP_X_CSAPI_REQUEST_URL'
req_val = None
url = request.META[req_key] if req_key in request.META else None
req_val = ConsoleAPI.Filter_Request_Url(url)
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_AUTHORIZATION'
req_val = request.META[req_key] if req_key in request.META else None
if req_val:
req_val = str(req_val)
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_COOKIE'
req_val = request.META[req_key] if req_key in request.META else None
if req_val:
req_val = str(req_val)
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_DEBUG'
req_val = request.META[req_key] if req_key in request.META else None
req_val = True if req_val in ['true', 'on', '1', 'yes' ] else False
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_FOLLOW_REDIRECTION'
req_val = request.META[req_key] if req_key in request.META else None
req_val = True if req_val in ['true', 'on', '1', 'yes' ] else False
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_HTTP_VERSION'
req_val = request.META[req_key] if req_key in request.META else None
req_val = 1.0 if req_val in ['1', '1.0'] else ( 1.1 if req_val in ['1.1'] else 2.0 if req_val in ['2', '2.0'] else "2P" if req_val in ['2p', '2P'] else 1.1)
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_IPV6'
req_val = request.META[req_key] if req_key in request.META else None
req_val = 6 if req_val in ['6'] else 4
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_PRETTY'
req_val = request.META[req_key] if req_key in request.META else None
req_val = True if req_val in ['true', 'on', '1', 'yes' ] else False
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_REFERER'
req_val = request.META[req_key] if req_key in request.META else None
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_PROXY'
req_val = request.META[req_key] if req_key in request.META else None
if req_val:
pu = urlparse(req_val)
scheme = pu.scheme
netloc = pu.netloc
if not netloc:
req_val = None
else:
scheme = 'https' if 'https' in scheme else ('http1.0' if 'http1.0' in scheme else ('http' if 'http' in scheme else ('socks4a' if 'socks4a' in scheme else ('socks4' if 'socks4' in scheme else ('socks5' if 'socks5' in scheme else 'socks5_hostname' if 'socks5_hostname' in scheme else 'http')))))
netlocs = netloc.rsplit("@")
userpass = netlocs[0] if len(netlocs)>1 else None
netloc = netlocs[1] if len(netlocs)>1 else netlocs[0]
netlocs = netloc.rsplit(":")
netloc = netlocs[0]
port = netlocs[1] if len(netlocs)>1 else None
username = None
password = None
if userpass:
userpasss = userpass.split(":")
username = userpasss[0]
password = userpasss[1] if len(userpasss[0])>1 else None
req_val = {'ip':netloc, 'port':port, 'scheme':scheme, 'username':username, 'password':password}
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_SSL_VERIFIER'
req_val = request.META[req_key] if req_key in request.META else None
req_val = True if req_val in ['true', 'on', '1', 'yes' ] else False
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_USER_AGENT'
req_val = request.META[req_key] if req_key in request.META else None
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_ACCEPT_LANGUAGE'
req_val = request.META[req_key] if req_key in request.META else None
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_ACCEPT_ENCODING'
req_val = request.META[req_key] if req_key in request.META else None
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_ACCEPT'
req_val = request.META[req_key] if req_key in request.META else None
request.META[req_key] = req_val
#
req_key = 'HTTP_X_CSAPI_TIMEOUT'
req_val = request.META[req_key] if req_key in request.META else None
if req_val:
try:
req_val = int(req_val)
req_val = 60 if req_val >60 else req_val
except Exception as e:
req_val = 60
request.META[req_key] = req_val
""" Extra Headers """
req_key = 'HTTP_X_CSAPI_XHEADERS'
req_val = []
for meta in request.META:
xmatch = re.match(r'^(HTTP_X_CSAPI_(.*))', meta)
if xmatch:
xmkey = xmatch.group(2)
if xmkey not in ['XHEADERS', 'TIMEOUT', 'SSL_VERIFIER', 'USER_AGENT', 'REQUEST_URL', 'PROXY', 'REFERER', 'PRETTY', 'IPV6', 'HTTP_VERSION', 'FOLLOW_REDIRECTION', 'DEBUG', 'ACCEPT', 'ACCEPT_ENCODING', 'ACCEPT_LANGUAGE']:
req_val.append({ xmkey.lower().replace('_', '-').title() :request.META[ xmatch.group(0)]})
request.META[req_key] = req_val
print(request.META['HTTP_X_CSAPI_XHEADERS'])
print(request.META['HTTP_X_CSAPI_TIMEOUT'])
print(request.META['HTTP_X_CSAPI_SSL_VERIFIER'])
print(request.META['HTTP_X_CSAPI_PROXY'])
print(request.META['HTTP_X_CSAPI_PRETTY'])
print(request.META['HTTP_X_CSAPI_IPV6'])
print(request.META['HTTP_X_CSAPI_HTTP_VERSION'])
print(request.META['HTTP_X_CSAPI_DEBUG'])
print(request.META['HTTP_X_CSAPI_FOLLOW_REDIRECTION'])
print(request.META['HTTP_X_CSAPI_COOKIE'])
print(request.META['HTTP_X_CSAPI_AUTHORIZATION'])
print(request.META['HTTP_X_CSAPI_COOKIE'])
print(request.META['HTTP_X_CSAPI_REQUEST_URL'])
print(request.META['HTTP_X_CSAPI_USER_AGENT'])
print(request.META['HTTP_X_CSAPI_ACCEPT_LANGUAGE'])
print(request.META['HTTP_X_CSAPI_ACCEPT_ENCODING'])
print(request.META['HTTP_X_CSAPI_ACCEPT'])
return None
