def set_up_embed(embed_key, sr, thing, showedits):
expected_mac = hmac.new(g.secrets['comment_embed'], thing._id36,
hashlib.sha1).hexdigest()
if not constant_time_compare(embed_key or '', expected_mac):
abort(401)
try:
author = Account._byID(thing.author_id) if thing.author_id else None
except NotFound:
author = None
iso_timestamp = request.GET.get("created", "")
c.embed_config = {
"eventtracker_url": g.eventtracker_url or "",
"anon_eventtracker_url": g.anon_eventtracker_url or "",
"created": iso_timestamp,
"showedits": showedits,
"thing": {
"id": thing._id,
"sr_id": sr._id,
"sr_name": sr.name,
"edited": edited_after(thing, iso_timestamp, showedits),
"deleted": thing.deleted or author._deleted,
},
}
c.render_style = "iframe"
c.user = UnloggedUser([c.lang])
c.user_is_loggedin = False
c.forced_loggedout = True
def set_up_comment_embed(sr, thing, showedits):
try:
author = Account._byID(thing.author_id) if thing.author_id else None
except NotFound:
author = None
iso_timestamp = request.GET.get("created", "")
c.embed_config = {
"eventtracker_url": g.eventtracker_url or "",
"anon_eventtracker_url": g.anon_eventtracker_url or "",
"event_clicktracker_url": g.event_clicktracker_url or "",
"created": iso_timestamp,
"showedits": showedits,
"thing": {
"id": thing._id,
"sr_id": sr._id,
"sr_name": sr.name,
"edited": edited_after(thing, iso_timestamp, showedits),
"deleted": thing.deleted or author._deleted,
},
"comment_max_height": 200,
}
c.render_style = "iframe"
c.user = UnloggedUser([c.lang])
c.user_is_loggedin = False
c.forced_loggedout = True
def pre(self):
super(AdServingController, self).pre()
if request.host != g.media_domain:
# don't serve up untrusted content except on our
# specifically untrusted domain
self.abort404()
c.user = UnloggedUser([c.lang])
c.user_is_loggedin = False
c.forced_loggedout = True
c.allow_framing = True
def GET_document(self):
try:
c.errors = c.errors or ErrorSet()
# clear cookies the old fashioned way
c.cookies = Cookies()
code = request.GET.get('code', '')
try:
code = int(code)
except ValueError:
code = 404
srname = request.GET.get('srname', '')
takedown = request.GET.get('takedown', '')
error_name = request.GET.get('error_name', '')
if isinstance(c.user, basestring):
# somehow requests are getting here with c.user unset
c.user_is_loggedin = False
c.user = UnloggedUser(browser_langs=None)
if srname:
c.site = Subreddit._by_name(srname)
if request.GET.has_key('allow_framing'):
c.allow_framing = bool(request.GET['allow_framing'] == '1')
if (error_name == 'IN_TIMEOUT' and
not 'usable_error_content' in request.environ):
timeout_days_remaining = c.user.days_remaining_in_timeout
errpage = pages.InterstitialPage(
_("suspended"),
content=pages.InTimeoutInterstitial(
timeout_days_remaining=timeout_days_remaining,
),
)
request.environ['usable_error_content'] = errpage.render()
if code in (204, 304):
# NEVER return a content body on 204/304 or downstream
# caches may become very confused.
return ""
elif c.render_style not in self.allowed_render_styles:
return str(code)
elif c.render_style in extensions.API_TYPES:
data = request.environ.get('extra_error_data', {'error': code})
message = request.GET.get('message', '')
if message:
data['message'] = message
if request.environ.get("WANT_RAW_JSON"):
return scriptsafe_dumps(data)
return websafe_json(json.dumps(data))
elif takedown and code == 404:
link = Link._by_fullname(takedown)
return pages.TakedownPage(link).render()
elif code == 400:
return self.send400()
elif code == 403:
return self.send403()
elif code == 429:
return self.send429()
elif code == 500:
failien_url = make_failien_url()
sad_message = get_funny_translated_string("500_page")
sad_message %= {'admin': random.choice(self.admins)}
sad_message = safemarkdown(sad_message)
return redditbroke % (failien_url, sad_message)
elif code == 503:
return self.send503()
elif c.site:
return self.send404()
else:
return "page not found"
except Exception as e:
return handle_awful_failure("ErrorController.GET_document: %r" % e)