def test_origin(self): self.assertEqual(wsgi.origin([])({}), "http://invalid.local") origin = wsgi.origin(["http://foo.bar/", "https://foo.bar"]) self.assertEqual(origin({"HTTP_ORIGIN": "http://foo.bar"}), "http://foo.bar") self.assertEqual(origin({"HTTP_ORIGIN": "https://foo.bar"}), "https://foo.bar") self.assertEqual(origin({"HTTP_REFERER": "http://foo.bar"}), "http://foo.bar") self.assertEqual(origin({"HTTP_ORIGIN": "http://spam.baz"}), "http://foo.bar") self.assertEqual(origin({}), "http://foo.bar")
def dispatch(self, request): local.request = request local.host = wsgi.host(request.environ) local.origin = origin(self.conf.getiter("general", "host"))(request.environ) adapter = self.urls.bind_to_environ(request.environ) try: handler, values = adapter.match() except HTTPException as e: return error_handler(request.environ, request, e) else: try: response = handler(request.environ, request, **values) except HTTPException as e: return error_handler(request.environ, request, e) except Exception: logger.exception("%s %s", request.method, request.environ["PATH_INFO"]) return error_handler(request.environ, request, InternalServerError()) else: return response
def test_simple(self): app = CORSMiddleware(hello_world, origin=origin([ "https://example.tld/", "http://example.tld/", ]), allowed=("Foo", "Bar"), exposed=("Spam", )) client = Client(app, Response) rv = client.get("/", headers={"Origin": "https://example.tld"}) self.assertEqual( rv.headers["Access-Control-Allow-Origin"], "https://example.tld") self.assertEqual( rv.headers["Access-Control-Allow-Credentials"], "true") self.assertEqual( rv.headers["Access-Control-Allow-Methods"], "HEAD, GET, POST, PUT, DELETE") self.assertEqual( rv.headers["Access-Control-Allow-Headers"], "Foo, Bar") self.assertEqual(rv.headers["Access-Control-Expose-Headers"], "Spam") a = client.get("/", headers={"Origin": "http://example.tld"}) self.assertEqual( a.headers["Access-Control-Allow-Origin"], "http://example.tld") b = client.get("/", headers={"Origin": "http://example.tld"}) self.assertEqual( b.headers["Access-Control-Allow-Origin"], "http://example.tld") c = client.get("/", headers={"Origin": "http://foo.other"}) self.assertEqual( c.headers["Access-Control-Allow-Origin"], "https://example.tld")
def make_app(conf=None, threading=True, multiprocessing=False, uwsgi=False): if not any((threading, multiprocessing, uwsgi)): raise RuntimeError("either set threading, multiprocessing or uwsgi") if threading: class App(Isso, ThreadedMixin): pass elif multiprocessing: class App(Isso, ProcessMixin): pass else: class App(Isso, uWSGIMixin): pass isso = App(conf) # check HTTP server connection for host in conf.getiter("general", "host"): with http.curl('HEAD', host, '/', 5) as resp: if resp is not None: logger.info("connected to %s", host) break else: logger.warn( "unable to connect to your website, Isso will probably not " "work correctly. Please make sure, Isso can reach your " "website via HTTP(S).") wrapper = [local_manager.make_middleware] if isso.conf.getboolean("server", "profile"): wrapper.append( partial(ProfilerMiddleware, sort_by=("cumulative", ), restrictions=("isso/(?!lib)", 10))) wrapper.append( partial(SharedDataMiddleware, exports={ '/js': join(dirname(__file__), 'js/'), '/css': join(dirname(__file__), 'css/'), '/demo': join(dirname(__file__), 'demo/') })) wrapper.append( partial(wsgi.CORSMiddleware, origin=origin(isso.conf.getiter("general", "host")), allowed=("Origin", "Referer", "Content-Type"), exposed=("X-Set-Cookie", "Date"))) wrapper.extend([wsgi.SubURI, ProxyFix]) if werkzeug.version.startswith("0.8"): wrapper.append(wsgi.LegacyWerkzeugMiddleware) return reduce(lambda x, f: f(x), wrapper, isso)
def make_app(conf=None, threading=True, multiprocessing=False, uwsgi=False): if not any((threading, multiprocessing, uwsgi)): raise RuntimeError("either set threading, multiprocessing or uwsgi") if threading: class App(Isso, ThreadedMixin): pass elif multiprocessing: class App(Isso, ProcessMixin): pass else: class App(Isso, uWSGIMixin): pass isso = App(conf) # check HTTP server connection for host in conf.getiter("general", "host"): with http.curl('HEAD', host, '/', 5) as resp: if resp is not None: logger.info("connected to %s", host) break else: logger.warn("unable to connect to your website, Isso will probably not " "work correctly. Please make sure, Isso can reach your " "website via HTTP(S).") wrapper = [local_manager.make_middleware] if isso.conf.getboolean("server", "profile"): wrapper.append(partial(ProfilerMiddleware, sort_by=("cumulative", ), restrictions=("isso/(?!lib)", 10))) wrapper.append(partial(SharedDataMiddleware, exports={ '/js': join(dirname(__file__), 'js/'), '/css': join(dirname(__file__), 'css/'), '/demo': join(dirname(__file__), 'demo/') })) wrapper.append(partial(wsgi.CORSMiddleware, origin=origin(isso.conf.getiter("general", "host")), allowed=("Origin", "Referer", "Content-Type"), exposed=("X-Set-Cookie", "Date"))) wrapper.extend([wsgi.SubURI, ProxyFix, wsgi.LegacyWerkzeugMiddleware]) if werkzeug.version.startswith("0.8"): wrapper.append(wsgi.LegacyWerkzeugMiddleware) return reduce(lambda x, f: f(x), wrapper, isso)
def test_preflight(self): app = CORSMiddleware(hello_world, origin=origin(["http://example.tld"]), allowed=("Foo", ), exposed=("Bar", )) client = Client(app, Response) rv = client.open(method="OPTIONS", path="/", headers={"Origin": "http://example.tld"}) self.assertEqual(rv.status_code, 200) for hdr in ("Origin", "Headers", "Credentials", "Methods"): self.assertIn("Access-Control-Allow-%s" % hdr, rv.headers) self.assertEqual(rv.headers["Access-Control-Allow-Origin"], "http://example.tld")
def make_app(conf=None, threading=True, multiprocessing=False, uwsgi=False): if not any((threading, multiprocessing, uwsgi)): raise RuntimeError("either set threading, multiprocessing or uwsgi") if threading: class App(Isso, ThreadedMixin): pass elif multiprocessing: class App(Isso, ProcessMixin): pass else: class App(Isso, uWSGIMixin): pass isso = App(conf) wrapper = [local_manager.make_middleware] if isso.conf.getboolean("server", "profile"): wrapper.append( partial(ProfilerMiddleware, sort_by=("cumulative", ), restrictions=("isso/(?!lib)", 10))) wrapper.append( partial(SharedDataMiddleware, exports={ '/js': join(dirname(__file__), 'js/'), '/css': join(dirname(__file__), 'css/'), })) wrapper.append( partial(wsgi.CORSMiddleware, origin=origin(isso.conf.getiter("general", "host")), allowed=("Origin", "Referer", "Content-Type"), exposed=("X-Set-Cookie", "Date"))) wrapper.extend([wsgi.SubURI, ProxyFix]) if werkzeug.version.startswith("0.8"): wrapper.append(wsgi.LegacyWerkzeugMiddleware) return reduce(lambda x, f: f(x), wrapper, isso)
def dispatch(self, request): local.request = request local.host = wsgi.host(request.environ) local.origin = origin(self.conf.getiter("general", "host"))(request.environ) adapter = self.urls.bind_to_environ(request.environ) try: handler, values = adapter.match() except HTTPException as e: return e else: try: response = handler(request.environ, request, **values) except HTTPException as e: return e except Exception: logger.exception("%s %s", request.method, request.environ["PATH_INFO"]) return InternalServerError() else: return response