def validate_request(self, pw, data, log=None): # We should also be checking for replay attacks by using nonce_count, # however, various HTTP clients, most prominently Firefox dont # implement nonce-counts correctly, so we cannot do the check. # https://bugzil.la/114451 path = parse_uri(self.uri.encode('utf-8'))[1] if path != data.path: if log is not None: log.warn('Authorization URI mismatch: %s != %s from client: %s' % ( data.path, path, data.remote_addr)) raise HTTPSimpleResponse(httplib.BAD_REQUEST, 'The uri in the Request Line and the Authorization header do not match') return self.response is not None and data.path == path and self.request_digest(pw, data) == self.response
def opds_search(ctx, rd, query): try: offset = int(rd.query.get('offset', 0)) except Exception: raise HTTPNotFound('Not found') rc = RequestContext(ctx, rd) if query: path = parse_uri(rd.request_original_uri, parse_query=False, unquote_func=unquote_plus)[1] query = path[-1] if isinstance(query, bytes): query = query.decode('utf-8') try: ids = rc.search(query) except Exception: raise HTTPNotFound('Search: %r not understood'%query) page_url = rc.url_for('/opds/search', query=query) return get_acquisition_feed(rc, ids, offset, page_url, rc.url_for('/opds'), 'calibre-search:'+query)