def test_password_hiding(self):
     """errorlib - hide password in frame analysis"""
     try:
         password = '******'
         int('foo')
     except:
         output = get_pretty_traceback(exc_info=sys.exc_info(), force_stack=True)
     self.failIf(password in output, output)
     self.failUnless('<*****>' in output, output)
 def test_nested_password_hiding(self):
     """errorlib - hide password nested in dictionary in frame analysis"""
     try:
         foo = {'bar': 'baz', 'qoox': {'blibpwdblob': '1234'}}
         int(foo)
     except:
         output = get_pretty_traceback(exc_info=sys.exc_info())
     self.failIf('1234' in output, output)
     self.failUnless('<*****>' in output, output)
 def test_password_hiding(self):
     """errorlib - hide password in frame analysis"""
     try:
         password = '******'
         int('foo')
     except:
         output = get_pretty_traceback(exc_info=sys.exc_info())
     self.failIf(password in output, output)
     self.failUnless('<*****>' in output, output)
 def test_password_hiding(self):
     """errorlib - hide password in frame analysis"""
     try:
         password = "******"
         int("foo")
     except:
         output = get_pretty_traceback(exc_info=sys.exc_info())
     self.failIf(password in output, output)
     self.failUnless("<*****>" in output, output)
 def test_nested_password_hiding(self):
     """errorlib - hide password nested in dictionary in frame analysis"""
     try:
         foo = {"bar": "baz", "qoox": {"blibpwdblob": "1234"}}
         int(foo)
     except:
         output = get_pretty_traceback(exc_info=sys.exc_info())
     self.failIf("1234" in output, output)
     self.failUnless("<*****>" in output, output)
def application(environ, start_response):
    """
    Entry point for wsgi.
    """
    ## Needed for mod_wsgi, see: <http://code.google.com/p/modwsgi/wiki/ApplicationIssues>
    req = SimulatedModPythonRequest(environ, start_response)
    #print 'Starting mod_python simulation'
    try:
        try:
            possible_module, possible_handler = is_mp_legacy_publisher_path(
                environ['PATH_INFO'])
            if possible_module is not None:
                mp_legacy_publisher(req, possible_module, possible_handler)
            elif CFG_WSGI_SERVE_STATIC_FILES:
                possible_static_path = is_static_path(environ['PATH_INFO'])
                if possible_static_path is not None:
                    from invenio.bibdocfile import stream_file
                    stream_file(req, possible_static_path)
                else:
                    ret = invenio_handler(req)
            else:
                ret = invenio_handler(req)
            req.flush()
        except SERVER_RETURN, status:
            status = int(str(status))
            if status not in (OK, DONE):
                req.status = status
                req.headers_out['content-type'] = 'text/html'
                admin_to_be_alerted = alert_admin_for_server_status_p(
                    status, req.headers_in.get('referer'))
                if admin_to_be_alerted:
                    register_exception(req=req, alert_admin=True)
                if not req.response_sent_p:
                    start_response(req.get_wsgi_status(),
                                   req.get_low_level_headers(), sys.exc_info())
                return generate_error_page(req, admin_to_be_alerted)
            else:
                req.flush()
        except:
            register_exception(req=req, alert_admin=True)
            if not req.response_sent_p:
                req.status = HTTP_INTERNAL_SERVER_ERROR
                req.headers_out['content-type'] = 'text/html'
                start_response(req.get_wsgi_status(),
                               req.get_low_level_headers(), sys.exc_info())
                if CFG_DEVEL_SITE:
                    return [
                        "<pre>%s</pre>" % cgi.escape(
                            get_pretty_traceback(req=req,
                                                 exc_info=sys.exc_info()))
                    ]
                    from cgitb import html
                    return [html(sys.exc_info())]
                return generate_error_page(req)
            else:
                return generate_error_page(req, page_already_started=True)
 def test_dbquery_password_hiding(self):
     """errorlib - hide dbquery password in frame analysis"""
     from invenio.dbquery import connect
     kwargs = {'host': 'foo', 'port': 999, 'db': 'baz', 'user': '******', 'passwd': '123', 'use_unicode': False, 'charset': 'utf8'}
     try:
         connect(**kwargs)
     except:
         output = get_pretty_traceback(exc_info=sys.exc_info(), force_stack=True)
     self.failIf('123' in output, output)
     self.failUnless('<*****>' in output, output)
 def test_nested_password_hiding(self):
     """errorlib - hide password nested in dictionary in frame analysis"""
     try:
         foo = {'bar': 'baz', 'qoox': {'blibpwdblob': '1234'}}
         int(foo)
     except:
         output = get_pretty_traceback(
             exc_info=sys.exc_info(), force_stack=True)
     self.failIf('1234' in output, output)
     self.failUnless('<*****>' in output, output)
def application(environ, start_response):
    """
    Entry point for wsgi.
    """
    ## Needed for mod_wsgi, see: <http://code.google.com/p/modwsgi/wiki/ApplicationIssues>
    req = SimulatedModPythonRequest(environ, start_response)
    #print 'Starting mod_python simulation'
    try:
        try:
            possible_module, possible_handler = is_mp_legacy_publisher_path(environ['PATH_INFO'])
            if possible_module is not None:
                mp_legacy_publisher(req, possible_module, possible_handler)
            elif CFG_WSGI_SERVE_STATIC_FILES:
                possible_static_path = is_static_path(environ['PATH_INFO'])
                if possible_static_path is not None:
                    from invenio.bibdocfile import stream_file
                    stream_file(req, possible_static_path)
                else:
                    ret = invenio_handler(req)
            else:
                ret = invenio_handler(req)
            req.flush()
        except SERVER_RETURN, status:
            status = int(str(status))
            if status not in (OK, DONE):
                req.status = status
                req.headers_out['content-type'] = 'text/html'
                admin_to_be_alerted = alert_admin_for_server_status_p(status,
                                                  req.headers_in.get('referer'))
                if admin_to_be_alerted:
                    register_exception(req=req, alert_admin=True)
                if not req.response_sent_p:
                    start_response(req.get_wsgi_status(), req.get_low_level_headers(), sys.exc_info())
                return generate_error_page(req, admin_to_be_alerted)
            else:
                req.flush()
        except:
            register_exception(req=req, alert_admin=True)
            if not req.response_sent_p:
                req.status = HTTP_INTERNAL_SERVER_ERROR
                req.headers_out['content-type'] = 'text/html'
                start_response(req.get_wsgi_status(), req.get_low_level_headers(), sys.exc_info())
                if CFG_DEVEL_SITE:
                    return ["<pre>%s</pre>" % cgi.escape(get_pretty_traceback(req=req, exc_info=sys.exc_info()))]
                    from cgitb import html
                    return [html(sys.exc_info())]
                return generate_error_page(req)
            else:
                return generate_error_page(req, page_already_started=True)
 def test_dbquery_password_hiding(self):
     """errorlib - hide dbquery password in frame analysis"""
     from invenio.dbquery import connect
     kwargs = {
         'host': 'foo',
         'port': 999,
         'db': 'baz',
         'user': '******',
         'passwd': '123',
         'use_unicode': False,
         'charset': 'utf8'
     }
     try:
         connect(**kwargs)
     except:
         output = get_pretty_traceback(exc_info=sys.exc_info())
     self.failIf('123' in output, output)
     self.failUnless('<*****>' in output, output)
    def test_dbquery_password_hiding(self):
        """errorlib - hide dbquery password in frame analysis"""
        from invenio.dbquery import connect

        kwargs = {
            "host": "foo",
            "port": 999,
            "db": "baz",
            "user": "******",
            "passwd": "123",
            "use_unicode": False,
            "charset": "utf8",
        }
        try:
            connect(**kwargs)
        except:
            output = get_pretty_traceback(exc_info=sys.exc_info())
        self.failIf("123" in output, output)
        self.failUnless("<*****>" in output, output)
def application(environ, start_response):
    """
    Entry point for wsgi.
    """
    ## Needed for mod_wsgi, see: <http://code.google.com/p/modwsgi/wiki/ApplicationIssues>
    req = SimulatedModPythonRequest(environ, start_response)
    #print 'Starting mod_python simulation'
    try:
        try:
            if (CFG_FULL_HTTPS or (CFG_HAS_HTTPS_SUPPORT and get_session(req).need_https)) and not req.is_https():
                # We need to isolate the part of the URI that is after
                # CFG_SITE_URL, and append that to our CFG_SITE_SECURE_URL.
                original_parts = urlparse(req.unparsed_uri)
                plain_prefix_parts = urlparse(CFG_SITE_URL)
                secure_prefix_parts = urlparse(CFG_SITE_SECURE_URL)

                # Compute the new path
                plain_path = original_parts[2]
                plain_path = secure_prefix_parts[2] + \
                            plain_path[len(plain_prefix_parts[2]):]

                # ...and recompose the complete URL
                final_parts = list(secure_prefix_parts)
                final_parts[2] = plain_path
                final_parts[-3:] = original_parts[-3:]

                target = urlunparse(final_parts)
                redirect_to_url(req, target)

            possible_module, possible_handler = is_mp_legacy_publisher_path(environ['PATH_INFO'])
            if possible_module is not None:
                mp_legacy_publisher(req, possible_module, possible_handler)
            elif CFG_WSGI_SERVE_STATIC_FILES:
                possible_static_path = is_static_path(environ['PATH_INFO'])
                if possible_static_path is not None:
                    from invenio.bibdocfile import stream_file
                    stream_file(req, possible_static_path)
                else:
                    ret = invenio_handler(req)
            else:
                ret = invenio_handler(req)
            req.flush()
        except SERVER_RETURN, status:
            status = int(str(status))
            if status not in (OK, DONE):
                req.status = status
                req.headers_out['content-type'] = 'text/html'
                admin_to_be_alerted = alert_admin_for_server_status_p(status,
                                                  req.headers_in.get('referer'))
                if admin_to_be_alerted:
                    register_exception(req=req, alert_admin=True)
                if not req.response_sent_p:
                    start_response(req.get_wsgi_status(), req.get_low_level_headers(), sys.exc_info())
                return generate_error_page(req, admin_to_be_alerted)
            else:
                req.flush()
        except:
            register_exception(req=req, alert_admin=True)
            if not req.response_sent_p:
                req.status = HTTP_INTERNAL_SERVER_ERROR
                req.headers_out['content-type'] = 'text/html'
                start_response(req.get_wsgi_status(), req.get_low_level_headers(), sys.exc_info())
                if CFG_DEVEL_SITE:
                    return ["<pre>%s</pre>" % cgi.escape(get_pretty_traceback(req=req, exc_info=sys.exc_info()))]
                    from cgitb import html
                    return [html(sys.exc_info())]
                return generate_error_page(req)
            else:
                return generate_error_page(req, page_already_started=True)
def application(environ, start_response):
    """
    Entry point for wsgi.
    """
    ## Needed for mod_wsgi, see: <http://code.google.com/p/modwsgi/wiki/ApplicationIssues>
    req = SimulatedModPythonRequest(environ, start_response)
    #print 'Starting mod_python simulation'
    try:
        try:
            if (CFG_FULL_HTTPS or (CFG_HAS_HTTPS_SUPPORT and get_session(req).need_https)) and not req.is_https():
                # We need to isolate the part of the URI that is after
                # CFG_SITE_URL, and append that to our CFG_SITE_SECURE_URL.
                original_parts = urlparse(req.unparsed_uri)
                plain_prefix_parts = urlparse(CFG_SITE_URL)
                secure_prefix_parts = urlparse(CFG_SITE_SECURE_URL)

                # Compute the new path
                plain_path = original_parts[2]
                plain_path = secure_prefix_parts[2] + \
                            plain_path[len(plain_prefix_parts[2]):]

                # ...and recompose the complete URL
                final_parts = list(secure_prefix_parts)
                final_parts[2] = plain_path
                final_parts[-3:] = original_parts[-3:]

                target = urlunparse(final_parts)
                redirect_to_url(req, target)

            possible_module, possible_handler = is_mp_legacy_publisher_path(environ['PATH_INFO'])
            if possible_module is not None:
                mp_legacy_publisher(req, possible_module, possible_handler)
            elif CFG_WSGI_SERVE_STATIC_FILES:
                possible_static_path = is_static_path(environ['PATH_INFO'])
                if possible_static_path is not None:
                    from invenio.bibdocfile import stream_file
                    stream_file(req, possible_static_path)
                else:
                    ret = invenio_handler(req)
            else:
                ret = invenio_handler(req)
            req.flush()
        except SERVER_RETURN, status:
            status = int(str(status))
            if status not in (OK, DONE):
                req.status = status
                req.headers_out['content-type'] = 'text/html'
                admin_to_be_alerted = alert_admin_for_server_status_p(status,
                                                  req.headers_in.get('referer'))
                if admin_to_be_alerted:
                    register_exception(req=req, alert_admin=True)
                if not req.response_sent_p:
                    start_response(req.get_wsgi_status(), req.get_low_level_headers(), sys.exc_info())
                return generate_error_page(req, admin_to_be_alerted)
            else:
                req.flush()
        except:
            register_exception(req=req, alert_admin=True)
            if not req.response_sent_p:
                req.status = HTTP_INTERNAL_SERVER_ERROR
                req.headers_out['content-type'] = 'text/html'
                start_response(req.get_wsgi_status(), req.get_low_level_headers(), sys.exc_info())
                if CFG_DEVEL_SITE:
                    return ["<pre>%s</pre>" % cgi.escape(get_pretty_traceback(req=req, exc_info=sys.exc_info()))]
                    from cgitb import html
                    return [html(sys.exc_info())]
                return generate_error_page(req)
            else:
                return generate_error_page(req, page_already_started=True)
Exemple #14
0
         return generate_error_page(req, admin_to_be_alerted)
     else:
         req.flush()
 except ClientDisconnected:
     pass
 except:
     register_exception(req=req, alert_admin=True)
     if not req.response_sent_p:
         req.status = HTTP_INTERNAL_SERVER_ERROR
         req.headers_out['content-type'] = 'text/html'
         start_response(req.get_wsgi_status(), req.get_low_level_headers(),
                        sys.exc_info())
         if CFG_DEVEL_SITE:
             return [
                 "<pre>%s</pre>" % cgi.escape(
                     get_pretty_traceback(req=req, exc_info=sys.exc_info()))
             ]
             from cgitb import html
             return [html(sys.exc_info())]
         return generate_error_page(req)
     else:
         return generate_error_page(req, page_already_started=True)
 finally:
     try:
         ## Let's save the session.
         session = get_session(req)
         try:
             if req.is_https() or not session.need_https:
                 ## We save the session only if it's safe to do it, i.e.
                 ## if we well had a valid session.
                 session.dirty = True
             register_exception(req=req, alert_admin=True)
         if not req.response_sent_p:
             start_response(req.get_wsgi_status(), req.get_low_level_headers(), sys.exc_info())
         return generate_error_page(req, admin_to_be_alerted)
     else:
         req.flush()
 except ClientDisconnected:
     pass
 except:
     register_exception(req=req, alert_admin=True)
     if not req.response_sent_p:
         req.status = HTTP_INTERNAL_SERVER_ERROR
         req.headers_out['content-type'] = 'text/html'
         start_response(req.get_wsgi_status(), req.get_low_level_headers(), sys.exc_info())
         if CFG_DEVEL_SITE:
             return ["<pre>%s</pre>" % cgi.escape(get_pretty_traceback(req=req, exc_info=sys.exc_info()))]
             from cgitb import html
             return [html(sys.exc_info())]
         return generate_error_page(req)
     else:
         return generate_error_page(req, page_already_started=True)
 finally:
     try:
         ## Let's save the session.
         session = get_session(req)
         try:
             if req.is_https() or not session.need_https:
                 ## We save the session only if it's safe to do it, i.e.
                 ## if we well had a valid session.
                 session.dirty = True
                 session.save()