def test_is_blocked_domain(self): """Assert domains validity in issue reporting.""" self.assertTrue(helpers.is_blocked_domain('coco.fr')) self.assertFalse(helpers.is_blocked_domain('w3.org'))
def create_issue(): """Create a new issue or prefill a form for submission. * HTTP GET with (optional) parameters * create a form with prefilled data. * parameters: * url: URL of the Web site * src: source of the request (web, addon, etc.) * label: controled list of labels * HTTP POST with a JSON payload * create a form with prefilled data * content-type is application/json * json may include: * title * User agent string * OS identification * labels list * type of bugs * short summary * full description * tested in another browser * body * utm_ params for Google Analytics * HTTP POST with an attached form * submit a form to GitHub to create a new issue * form submit type: * authenticated: Github authentification * anonymous: handled by webcompat-bot Any deceptive requests will be ended as a 400. See https://tools.ietf.org/html/rfc7231#section-6.5.1 """ push('/dist/webcompat.css', **{'as': 'style', 'rel': 'preload'}) push(bust_cache('/dist/vendor.js'), **{'as': 'script', 'rel': 'preload'}) push(bust_cache('/dist/webcompat.js'), **{ 'as': 'script', 'rel': 'preload' }) push(bust_cache('/dist/formv2.js'), **{'as': 'script', 'rel': 'preload'}) # Starting a logger log = app.logger log.setLevel(logging.INFO) if g.user: get_user_info() # We define which type of requests we are dealing with. request_type = form_type(request) # Form Prefill section if request_type == 'prefill': form_data = prepare_form(request) bug_form = get_form(form_data, form=FormWizard) pagetitle = "New Issue" session['extra_labels'] = form_data['extra_labels'] source = form_data.pop('utm_source', None) campaign = form_data.pop('utm_campaign', None) anonymous_reporting = app.config['ANONYMOUS_REPORTING_ENABLED'] return render_template('new-issue.html', form=bug_form, source=source, campaign=campaign, nonce=request.nonce, pagetitle=pagetitle, anonymous_reporting=anonymous_reporting) # Issue Creation section elif request_type == 'create': # Check if there is a form if not request.form: log.info('400: POST request without form.') abort(400) # Adding parameters to the form form = request.form.copy() extra_labels = get_extra_labels(form) if extra_labels: form['extra_labels'] = extra_labels # Logging the ip and url for investigation log.info('{ip} {url}'.format(ip=request.remote_addr, url=form['url'].encode('utf-8'))) # Check if the form is valid if not is_valid_issue_form(form): log.info('400: POST request w/o valid form (is_valid_issue_form).') abort(400) domain = urllib.parse.urlsplit(normalize_url(form['url'])).hostname if is_darknet_domain(domain): msg = app.config['IS_DARKNET_DOMAIN'].format(form['url']) flash(msg, 'notimeout') return redirect(url_for('index')) if form.get('submit_type') == PROXY_REPORT: if not app.config['ANONYMOUS_REPORTING_ENABLED']: abort(400) # Checking blocked domains if is_blocked_domain(domain): msg = app.config['IS_BLOCKED_DOMAIN'].format(form['url']) flash(msg, 'notimeout') return redirect(url_for('index')) # Anonymous reporting json_response = report_issue(form, proxy=True) session['show_thanks'] = True return redirect( url_for('show_issue', number=json_response.get('number'))) # Authenticated reporting if form.get('submit_type') == AUTH_REPORT: if g.user: # If you're already authed, submit the bug. json_response = report_issue(form) session['show_thanks'] = True return redirect( url_for('show_issue', number=json_response.get('number'))) else: # Stash form data into session, go do GitHub auth session['form'] = form return redirect(url_for('login')) else: log.info('400: Something else happened.') abort(400)