def test_valid_key(self): """Make sure the key is valid""" actual_ip_plus_desc = actual_ip_plus_context( lambda req: req.POST.get('description', 'no description')) url = reverse('feedback') factory = RequestFactory(HTTP_X_CLUSTER_CLIENT_IP='192.168.100.101') # create a request with this as the description desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16 req = factory.post(url, {'description': desc}) key = actual_ip_plus_desc(req) # Key can't exceed memcached 250 character max length = len(key) ok_(length < 250) # Key must be a string ok_(isinstance(key, str)) # create a request with this as the description second_desc = u'\u62e9\u201c\u5728\u65b0\u6807\u7b7e\u9875\u4e2d' * 16 second_req = factory.post(url, {'description': second_desc}) second_key = actual_ip_plus_desc(second_req) # Two descriptions with the same ip address should produce # different keys. assert key != second_key
def test_valid_key(self): """Make sure the key is valid""" actual_ip_plus_desc = actual_ip_plus_context( lambda req: req.POST.get('description', 'no description') ) url = reverse('feedback') factory = RequestFactory(HTTP_X_CLUSTER_CLIENT_IP='192.168.100.101') # create a request with this as the description desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16 req = factory.post(url, { 'description': desc }) key = actual_ip_plus_desc(req) # Key can't exceed memcached 250 character max length = len(key) assert length < 250 # Key must be a string assert isinstance(key, str) # create a request with this as the description second_desc = u'\u62e9\u201c\u5728\u65b0\u6807\u7b7e\u9875\u4e2d' * 16 second_req = factory.post(url, { 'description': second_desc }) second_key = actual_ip_plus_desc(second_req) # Two descriptions with the same ip address should produce # different keys. assert key != second_key
def get_throttles(self): """Returns throttle class instances""" def _get_desc(req): return req.data.get('description', u'no description') return [ RatelimitThrottle( rulename='api_post_{n}ph'.format(n=PER_HOUR_LIMIT), rate='{n}/h'.format(n=PER_HOUR_LIMIT)), RatelimitThrottle(rulename='api_post_doublesubmit_1p10m', rate='1/10m', keyfun=actual_ip_plus_context(_get_desc)) ]
def get_throttles(self): """Returns throttle class instances""" def _get_desc(req): return req.data.get('description', u'no description') return [ RatelimitThrottle( rulename='api_post_{n}ph'.format(n=PER_HOUR_LIMIT), rate='{n}/h'.format(n=PER_HOUR_LIMIT)), RatelimitThrottle( rulename='api_post_doublesubmit_1p10m', rate='1/10m', keyfun=actual_ip_plus_context(_get_desc)) ]
def get_throttles(self): """Returns throttle class instances""" def _get_desc(req): return req.data.get('description', u'no description') return [ RatelimitThrottle( rulename='api_post_50ph', rate='50/h'), RatelimitThrottle( rulename='api_post_doublesubmit_1p10m', rate='1/10m', keyfun=actual_ip_plus_context(_get_desc)) ]
def get_throttles(self): """Returns throttle class instances""" def _get_desc(req): return req.DATA.get('description', u'no description') return [ RatelimitThrottle( rulename='api_post_50ph', rate='50/h'), RatelimitThrottle( rulename='api_post_doublesubmit_1p10m', rate='1/10m', keyfun=actual_ip_plus_context(_get_desc)) ]
def test_valid_key_ipv6(self): """Make sure ipv6 keys work""" actual_ip_plus_desc = actual_ip_plus_context(lambda req: req.POST.get("description", "no description")) url = reverse("feedback") factory = RequestFactory(HTTP_X_CLUSTER_CLIENT_IP="0000:0000:0000:0000:0000:0000:0000:0000") # create a request with this as the description desc = u"\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e" * 16 req = factory.post(url, {"description": desc}) key = actual_ip_plus_desc(req) # Key can't exceed memcached 250 character max length = len(key) ok_(length < 250)
def test_valid_key_ipv6(self): """Make sure ipv6 keys work""" actual_ip_plus_desc = actual_ip_plus_context( lambda req: req.POST.get('description', 'no description')) url = reverse('feedback') factory = RequestFactory( HTTP_X_CLUSTER_CLIENT_IP='0000:0000:0000:0000:0000:0000:0000:0000') # create a request with this as the description desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16 req = factory.post(url, {'description': desc}) key = actual_ip_plus_desc(req) # Key can't exceed memcached 250 character max length = len(key) ok_(length < 250)
def test_valid_key_ipv6(self): """Make sure ipv6 keys work""" actual_ip_plus_desc = actual_ip_plus_context( lambda req: req.POST.get('description', 'no description') ) url = reverse('feedback') factory = RequestFactory( HTTP_X_CLUSTER_CLIENT_IP='0000:0000:0000:0000:0000:0000:0000:0000') # create a request with this as the description desc = u'\u5347\u7ea7\u4e86\u65b0\u7248\u672c\u4e4b\u540e' * 16 req = factory.post(url, { 'description': desc }) key = actual_ip_plus_desc(req) # Key can't exceed memcached 250 character max length = len(key) assert length < 250
""" @wraps(func) def _requires_firefox(request, *args, **kwargs): # Note: This is sort of a lie. What's going on here is that # parse_ua only parses Firefox-y browsers. So if it's UNKNOWN # at this point, then it's not Firefox-y. If parse_ua ever # changes, then this will cease to be true. if request.BROWSER.browser == UNKNOWN: return HttpResponseRedirect(reverse('download-firefox')) return func(request, *args, **kwargs) return _requires_firefox @ratelimit(rulename='doublesubmit_1p10m', keyfun=actual_ip_plus_context( lambda req: req.POST.get('description', u'no description')), rate='1/10m') @ratelimit(rulename='50ph', rate='50/h') def _handle_feedback_post(request, locale=None, product=None, version=None, channel=None): """Saves feedback post to db accounting for throttling :arg request: request we're handling the post for :arg locale: locale specified in the url :arg product: None or the Product :arg version: validated and sanitized version specified in the url :arg channel: validated and sanitized channel specified in the url """ if getattr(request, 'limited', False): # If we're throttled, then return the thanks page, but don't
""" @wraps(func) def _requires_firefox(request, *args, **kwargs): # Note: This is sort of a lie. What's going on here is that # parse_ua only parses Firefox-y browsers. So if it's UNKNOWN # at this point, then it's not Firefox-y. If parse_ua ever # changes, then this will cease to be true. if request.BROWSER.browser == UNKNOWN: return HttpResponseRedirect(reverse('download-firefox')) return func(request, *args, **kwargs) return _requires_firefox @ratelimit(rulename='doublesubmit_1p10m', keyfun=actual_ip_plus_context( lambda req: req.POST.get('description', u'no description')), rate='1/10m') @ratelimit(rulename='50ph', rate='50/h') def _handle_feedback_post(request, locale=None, product=None, version=None, channel=None): """Saves feedback post to db accounting for throttling :arg request: request we're handling the post for :arg locale: locale specified in the url :arg product: None or the Product :arg version: validated and sanitized version specified in the url :arg channel: validated and sanitized channel specified in the url