def get_token_and_csrf(self, code): # Paypal will try to create an infinite loop to make the parse fail, based on different # weird things like a check of 'ind\\u0435xOf' vs 'indexOf'. cleaner_code = code.replace(r"'ind\\u0435xOf'", "'indexOf'") # It also calls "data" which is undefined instead of a return (next call is an infinite # recursive function). This should theorically not happen if window.domain is correctly set # to "paypal.com" though. cleaner_code = cleaner_code.replace("data;", "return;") # Remove setCookie function content cleaner_code = re.sub(r"'setCookie'.*(?=,'removeCookie')", "'setCookie':function(){}", cleaner_code) # Paypal will try to send a XHR, let's use a fake method to catch the values sent cleaner_code = """ XMLHttpRequest.prototype.send = function(body) { window.PAYPAL_TOKENS = body; }; function GET_JS_TOKENS() { return window.PAYPAL_TOKENS || "INVALID_TOKENS"; } """ + cleaner_code try: raw = str( Javascript(cleaner_code, None, "paypal.com").call("GET_JS_TOKENS")) raw = raw.split("&") tokens = {} for r in raw: r = r.split("=") k = r[0] v = unquote(r[1]) if k not in ["ads_token_js", "_sessionID", "_csrf"]: tokens["key"] = k tokens["value"] = v else: tokens[k] = v token = tokens["ads_token_js"] sessionID = tokens["_sessionID"] csrf = tokens["_csrf"] key = tokens["key"] value = tokens["value"] except: raise BrowserUnavailable("Could not grab tokens") # Clean string obfuscation like: '\x70\x61\x79\x70\x61\x6c\x20\x73\x75\x63\x6b\x73' def basic_decoder(mtc): return repr(literal_eval(mtc.group(0)).encode('utf-8')) cleaner_code = re.sub(r"'.*?(?<!\\)'", basic_decoder, code) cookie = re.search(r'xppcts = (\w+);', cleaner_code).group(1) return token, csrf, key, value, sessionID, cookie
def do_login(self): scrf, scrn = mkstemp('.js') cookf, cookn = mkstemp('.json') os.write( scrf, LOGIN_JS % { 'timeout': 300, 'username': self.username, 'password': self.password, 'output': cookn, 'code': self.code_file, 'phone': self.phone[-4:], 'agent': self.session.headers['User-Agent'] }) os.close(scrf) os.close(cookf) for i in xrange(self.MAX_RETRIES): try: check_output(["phantomjs", scrn], stderr=STDOUT) break except CalledProcessError as error: pass else: raise error with open(cookn) as cookf: cookies = json.loads(cookf.read()) os.remove(scrn) os.remove(cookn) self.session.cookies.clear() for c in cookies: for k in ['expiry', 'expires', 'httponly']: c.pop(k, None) c['value'] = unquote(c['value']) self.session.cookies.set(**c) if not self.summary.go().logged: raise BrowserIncorrectPassword()
def do_login(self): scrf, scrn = mkstemp('.js') cookf, cookn = mkstemp('.json') os.write(scrf, LOGIN_JS % { 'timeout': 300, 'username': self.username, 'password': self.password, 'output': cookn, 'code': self.code_file, 'phone': self.phone[-4:], 'agent': self.session.headers['User-Agent']}) os.close(scrf) os.close(cookf) for i in xrange(self.MAX_RETRIES): try: check_output(["phantomjs", scrn], stderr=STDOUT) break except CalledProcessError as error: pass else: raise error with open(cookn) as cookf: cookies = json.loads(cookf.read()) os.remove(scrn) os.remove(cookn) self.session.cookies.clear() for c in cookies: for k in ['expiry', 'expires', 'httponly']: c.pop(k, None) c['value'] = unquote(c['value']) self.session.cookies.set(**c) if not self.summary.go().logged: raise BrowserIncorrectPassword()
def get_json_url(self): if self.doc.xpath('//div[@class="video-container"]'): return self.doc.xpath('//div[@class="video-container"]')[0].attrib['arte_vp_url'] elif self.doc.xpath('//iframe'): url = Regexp(CleanText('./@src'), '.*json_url=(.*)', default='')(self.doc.xpath('//iframe')[0]) return unquote(url) return ''
def filter(self, txt): from weboob.tools.compat import unquote try: txt = unquote(txt.encode('ascii')).decode(self.encoding) except (UnicodeDecodeError, UnicodeEncodeError): pass return txt
def obj_photos(self): url = CleanText('./div[has-class("default-img")]/img/@data-src')(self) if url: url = unquote(url) if "http://" in url[3:]: rindex = url.rfind("?") if rindex == -1: rindex = None url = url[url.find("http://", 3):rindex] return [HousingPhoto(url)] else: return NotLoaded
def obj_photos(self): url = CleanText( './div[has-class("default-img")]/img/@data-src')(self) if url: url = unquote(url) if "http://" in url[3:]: rindex = url.rfind("?") if rindex == -1: rindex = None url = url[url.find("http://", 3):rindex] return [HousingPhoto(url)] else: return NotLoaded
def obj_photos(self): url = Attr( './div/div/a/div/img[@itemprop="image"]', 'src', default=None )(self) if url: url = unquote(url) if "http://" in url[3:]: url = url[url.find("http://", 3):url.rfind("?")] return [HousingPhoto(url)] else: return NotAvailable
def obj_photos(self): url = Attr( '.', 'data-img', default=None )(self) if url: url = unquote(url) if "http://" in url[3:]: rindex = url.rfind("?") if rindex == -1: rindex = None url = url[url.find("http://", 3):rindex] return [HousingPhoto(url)] else: return NotLoaded
def is_here(self, **kwargs): """ Returns True if the current page of browser matches this URL. If arguments are provided, and only then, they are checked against the arguments that were used to build the current page URL. """ assert self.klass is not None, "You can use this method only if there is a Page class handler." if len(kwargs): params = self.match(self.build(**kwargs)).groupdict() else: params = None # XXX use unquote on current params values because if there are spaces # or special characters in them, it is encoded only in but not in kwargs. return self.browser.page and isinstance(self.browser.page, self.klass) \ and (params is None or params == dict([(k,unquote(v)) for k,v in self.browser.page.params.items()]))
def do_login(self): ''' There's a bunch of dynamically generated obfuscated JavaScript, which uses DOM. For now the easiest option seems to be to run it in PhantomJs. ''' for i in range(self.MAX_RETRIES): scrf, scrn = mkstemp('.js') cookf, cookn = mkstemp('.json') os.write( scrf, LOGIN_JS % { 'scriptTimeout': self.TIMEOUT * 2, 'resourceTimeout': self.TIMEOUT, 'username': self.username, 'password': self.password, 'output': cookn, 'question1': self.question1, 'answer1': self.answer1, 'question2': self.question2, 'answer2': self.answer2, 'question3': self.question3, 'answer3': self.answer3 }) os.close(scrf) os.close(cookf) try: check_output(["phantomjs", scrn], stderr=STDOUT) with open(cookn) as cookf: cookies = json.loads(cookf.read()) except CalledProcessError: continue finally: os.remove(scrn) os.remove(cookn) self.session.cookies.clear() for c in cookies: for k in ['expiry', 'expires', 'httponly']: c.pop(k, None) c['value'] = unquote(c['value']) self.session.cookies.set(**c) self.summary.go() if self.page.logged: break else: raise BrowserIncorrectPassword
def do_login(self): ''' There's a bunch of dynamically generated obfuscated JavaScript, which uses DOM. For now the easiest option seems to be to run it in PhantomJs. ''' for i in xrange(self.MAX_RETRIES): scrf, scrn = mkstemp('.js') cookf, cookn = mkstemp('.json') os.write(scrf, LOGIN_JS % { 'scriptTimeout': self.TIMEOUT*2, 'resourceTimeout': self.TIMEOUT, 'username': self.username, 'password': self.password, 'output': cookn, 'question1': self.question1, 'answer1': self.answer1, 'question2': self.question2, 'answer2': self.answer2, 'question3': self.question3, 'answer3': self.answer3}) os.close(scrf) os.close(cookf) try: check_output(["phantomjs", scrn], stderr=STDOUT) with open(cookn) as cookf: cookies = json.loads(cookf.read()) except CalledProcessError: continue finally: os.remove(scrn) os.remove(cookn) self.session.cookies.clear() for c in cookies: for k in ['expiry', 'expires', 'httponly']: c.pop(k, None) c['value'] = unquote(c['value']) self.session.cookies.set(**c) self.summary.go() if self.page.logged: break else: raise BrowserIncorrectPassword