def upload(request):
"""
Multipe File Upload.
"""
from django.http import parse_cookie
# QUERY / PATH CHECK
query = request.GET
path = get_path(query.get('dir', ''))
if path is None:
msg = _('The requested Folder does not exist.')
request.user.message_set.create(message=msg)
return HttpResponseRedirect(reverse("fb_browse"))
abs_path = os.path.join(MEDIA_ROOT, DIRECTORY, path)
# SESSION (used for flash-uploading)
cookie_dict = parse_cookie(request.META.get('HTTP_COOKIE', ''))
engine = __import__(settings.SESSION_ENGINE, {}, {}, [''])
session_key = cookie_dict.get(settings.SESSION_COOKIE_NAME, None)
return render_to_response('filebrowser/upload.html', {
'query': query,
'title': _(u'Select files to upload'),
'settings_var': get_settings_var(),
'session_key': session_key,
'breadcrumbs': get_breadcrumbs(query, path),
'breadcrumbs_title': _(u'Upload')
}, context_instance=Context(request))
def _get_cookies(self):
if not hasattr(self, '_cookies'):
raw_cookie = self.environ.get('HTTP_COOKIE', str(''))
if six.PY3:
raw_cookie = raw_cookie.encode('iso-8859-1').decode('utf-8')
self._cookies = http.parse_cookie(raw_cookie)
return self._cookies
def mod_for_wsgi(socket, path):
environ = {
'HTTP_COOKIE': socket.socket.request_headers["Cookie"],
'PATH_INFO': path,
'SERVER_PROTOCOL': '',
'HTTP_HOST': socket.socket.request_headers.get("Host"),
'HTTP_ACCEPT': '',
'SERVER_PORT': '8000',
'REMOTE_ADDR': socket.socket.remote_address[0],
'REMOTE_HOST': '',
}
try:
socket.COOKIES = lambda: None
socket.COOKIES = http.parse_cookie(environ.get("HTTP_COOKIE"))
socket.user = lambda: None
socket.user = None
socket.session = lambda: None
socket.session = None
socket.environ = lambda: None
socket.environ = environ
socket.META = lambda: None
socket.META = {}
socket.get_host = lambda: environ.get("HTTP_HOST")
socket.path = lambda: None
socket.path = path
except AttributeError:
pass
return environ
def upload(request):
"""
Multiple File Upload.
"""
from django.http import parse_cookie
# QUERY / PATH CHECK
query = request.GET
path = get_path(query.get("dir", ""))
if path is None:
msg = _("The requested Folder does not exist.")
messages.add_message(request, messages.ERROR, msg)
return HttpResponseRedirect(reverse("fb_browse"))
# SESSION (used for flash-uploading)
cookie_dict = parse_cookie(request.META.get("HTTP_COOKIE", ""))
engine = __import__(settings.SESSION_ENGINE, {}, {}, [""])
session_key = cookie_dict.get(settings.SESSION_COOKIE_NAME, None)
return render_to_response(
"filebrowser/upload.html",
{
"query": query,
"title": _("Select files to upload"),
"settings_var": get_settings_var(),
"session_key": session_key,
"breadcrumbs": get_breadcrumbs(query, path),
"breadcrumbs_title": _("Upload"),
},
context_instance=Context(request),
)
def COOKIES(self):
logger.debug("TornadoRequest COOKIES")
# logger.debug("TornadoRequest COOKIES %s",
# self.tornado_request.cookies)
# logger.debug("TornadoRequest COOKIES %s",
# http.parse_cookie(self.tornado_request.cookies))
return http.parse_cookie(self.tornado_request.cookies)
def onConnect(self, request):
self.channel_backend = channel_backends[DEFAULT_CHANNEL_BACKEND]
self.request_info = {
"path": request.path,
"get": request.params,
"cookies": parse_cookie(request.headers.get('cookie', ''))
}
def test_decode_2(self):
c = SimpleCookie()
c['test'] = b"\xf0"
c2 = SimpleCookie()
c2.load(c.output()[12:])
self.assertEqual(c['test'].value, c2['test'].value)
c3 = parse_cookie(c.output()[12:])
self.assertEqual(c['test'].value, c3['test'])
def test_python_cookies(self):
"""
Test cases copied from Python's Lib/test/test_http_cookies.py
"""
self.assertEqual(parse_cookie('chips=ahoy; vienna=finger'), {'chips': 'ahoy', 'vienna': 'finger'})
# Here parse_cookie() differs from Python's cookie parsing in that it
# treats all semicolons as delimiters, even within quotes.
self.assertEqual(
parse_cookie('keebler="E=mc2; L=\\"Loves\\"; fudge=\\012;"'),
{'keebler': '"E=mc2', 'L': '\\"Loves\\"', 'fudge': '\\012', '': '"'}
)
# Illegal cookies that have an '=' char in an unquoted value.
self.assertEqual(parse_cookie('keebler=E=mc2'), {'keebler': 'E=mc2'})
# Cookies with ':' character in their name.
self.assertEqual(parse_cookie('key:term=value:term'), {'key:term': 'value:term'})
# Cookies with '[' and ']'.
self.assertEqual(parse_cookie('a=b; c=[; d=r; f=h'), {'a': 'b', 'c': '[', 'd': 'r', 'f': 'h'})
def _get_cookies(self):
if not hasattr(self, '_cookies'):
cookies = self._req.getHeader('cookie') or ''
# cookies has to be a string type (not unicode), otherwise
# it SimpleCookie.load() assumed the input is a dictionary.
cookies = str(cookies)
self._cookies = http.parse_cookie(cookies)
return self._cookies
def django_session(cookie_string):
from django.http import parse_cookie
from django.conf import settings
cookie = parse_cookie(cookie_string)
session_key = cookie[settings.SESSION_COOKIE_NAME]
engine = import_module(settings.SESSION_ENGINE)
return engine.SessionStore(session_key)
def test_python_cookies(self):
"""
Test cases copied from Python's Lib/test/test_http_cookies.py
"""
self.assertEqual(parse_cookie("chips=ahoy; vienna=finger"), {"chips": "ahoy", "vienna": "finger"})
# Here parse_cookie() differs from Python's cookie parsing in that it
# treats all semicolons as delimiters, even within quotes.
self.assertEqual(
parse_cookie('keebler="E=mc2; L=\\"Loves\\"; fudge=\\012;"'),
{"keebler": '"E=mc2', "L": '\\"Loves\\"', "fudge": "\\012", "": '"'},
)
# Illegal cookies that have an '=' char in an unquoted value.
self.assertEqual(parse_cookie("keebler=E=mc2"), {"keebler": "E=mc2"})
# Cookies with ':' character in their name.
self.assertEqual(parse_cookie("key:term=value:term"), {"key:term": "value:term"})
# Cookies with '[' and ']'.
self.assertEqual(parse_cookie("a=b; c=[; d=r; f=h"), {"a": "b", "c": "[", "d": "r", "f": "h"})
def __init__(self, fh, client, *args, **kwargs):
self.phr = PythonHttpRequest(fh)
super(DjangoizedHttpRequest, self).__init__(*args, **kwargs)
self.method = self.phr.command.upper()
self.path = self.phr.path
self.COOKIES = parse_cookie(self.phr.headers.get('Cookie', ''))
self.META['REMOTE_ADDR'] = client.getpeername()[0]
self.META['HTTP_X_FORWARDED_FOR'] = self.phr.headers.get('X-Forwarded-For')
def test_decode(self):
"""Semicolons and commas are decoded."""
c = SimpleCookie()
c['test'] = "An,awkward;value"
c2 = SimpleCookie()
c2.load(c.output()[12:])
self.assertEqual(c['test'].value, c2['test'].value)
c3 = parse_cookie(c.output()[12:])
self.assertEqual(c['test'].value, c3['test'])
def get_context_data(self, **kwargs):
context = super(UploadView, self).get_context_data(**kwargs)
cookie_dict = parse_cookie(self.request.META.get('HTTP_COOKIE', ''))
session_key = cookie_dict.get(settings.SESSION_COOKIE_NAME, None)
context.update({
'url_timymce': TINYMCE_URL,
'url_button': BUTTON_IMG_URL,
'session_key': session_key
})
return context
def test_decode(self):
"""
Test that we can still preserve semi-colons and commas
"""
c = SimpleCookie()
c["test"] = "An,awkward;value"
c2 = SimpleCookie()
c2.load(c.output()[12:])
self.assertEqual(c["test"].value, c2["test"].value)
c3 = parse_cookie(c.output()[12:])
self.assertEqual(c["test"].value, c3["test"])
def test_decode_2(self):
"""
Test that we haven't broken normal encoding
"""
c = SimpleCookie()
c["test"] = b"\xf0"
c2 = SimpleCookie()
c2.load(c.output()[12:])
self.assertEqual(c["test"].value, c2["test"].value)
c3 = parse_cookie(c.output()[12:])
self.assertEqual(c["test"].value, c3["test"])
def __call__(self, scope):
# Check this actually has headers. They're a required scope key for HTTP and WS.
if "headers" not in scope:
raise ValueError(
"CookieMiddleware was passed a scope that did not have a headers key " +
"(make sure it is only passed HTTP or WebSocket connections)"
)
# Go through headers to find the cookie one
for name, value in scope.get("headers", []):
if name == b"cookie":
cookies = parse_cookie(value.decode("ascii"))
break
else:
# No cookie header found - add an empty default.
cookies = {}
# Return inner application
return self.inner(dict(scope, cookies=cookies))
def build_request(connection_info, path = None):
from django.contrib.sessions.backends.db import SessionStore
request = http.HttpRequest()
request.path = path
# request.path_info =
request.method = 'GET'
request.GET = connection_info.arguments
request.COOKIES = http.parse_cookie(connection_info.cookies)
request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
# Authentication
sessionid = request.COOKIES.get('sessionid')
request.session = SessionStore(session_key=sessionid)
request.user = get_user(request)
return request
def initialize(self, request, response):
"""initial webapp.RequestHandler"""
webapp.RequestHandler.initialize(self, request, response)
if not self.request.path.endswith('/'):
return self.redirect(self.request.path + "/", True)
self.setting = Setting.get_setting()
self.template_value = {'setting' : self.setting}
# check cookies and find user
cookies = parse_cookie(self.request.headers.get("Cookie", ""))
self.session_key = cookies.get('bitsable-session-key', None)
self.user = None
if self.session_key is not None and len(self.session_key) == 40:
logging.info("session_key:%s" % self.session_key)
self.user = Session.get_user_by_session(self.session_key)
self.template_value['user'] = self.user
def upload(request):
"""
Multipe File Upload.
"""
from django.http import parse_cookie
query = request.GET
abs_path = u'%s' % os.path.join(MEDIA_ROOT, DIRECTORY, query.get('dir', ''))
# SESSION (used for flash-uploading)
cookie_dict = parse_cookie(request.META.get('HTTP_COOKIE', ''))
engine = __import__(settings.SESSION_ENGINE, {}, {}, [''])
session_key = cookie_dict.get(settings.SESSION_COOKIE_NAME, None)
return render_to_response('filebrowser/upload.html', {
'session_key': session_key,
'query': query,
'title': _(u'Select files to upload'),
'settings_var': get_settings_var(),
'breadcrumbs': get_breadcrumbs(query, query.get('dir', '')),
'breadcrumbs_title': _(u'Upload')
}, context_instance=Context(request))
def upload(request):
"""
Multipe File Upload.
"""
from django.http import parse_cookie
if USE_NATIVE_UPLOAD and request.method == 'POST':
if 'file' in request.FILES:
dir = request.GET.get('dir', '')
_process_fileupload(request, request.FILES['file'], dir)
return HttpResponseRedirect(reverse('admin:filebrowser:browse') +
'?dir=%s' % dir)
else:
# Flash-upload submits to '_upload_file' view instead.
pass
# QUERY / PATH CHECK
query = request.GET
path = get_path(query.get('dir', ''))
if path is None:
msg = _('The requested Folder does not exist.')
messages.warning(request, message=msg)
return HttpResponseRedirect(reverse("admin:filebrowser:browse"))
abs_path = os.path.join(MEDIA_ROOT, DIRECTORY, path)
# SESSION (used for flash-uploading)
cookie_dict = parse_cookie(request.META.get('HTTP_COOKIE', ''))
engine = __import__(settings.SESSION_ENGINE, {}, {}, [''])
session_key = cookie_dict.get(settings.SESSION_COOKIE_NAME, None)
return render_to_response('filebrowser/upload.html', {
'query': query,
'title': _(u'Select files to upload'),
'settings_var': get_settings_var(),
'breadcrumbs': get_breadcrumbs(query, path, _(u'Upload')),
'session_key': session_key,
}, context_instance=Context(request))
def initialize(self,request,response):
'''
init webapp.RequestHandler
'''
webapp.RequestHandler.initialize(self,request,response)
self.setting = settings.Setting()
self.template_value={'setting':self.setting}
#handler xfox-session-key
cookies = parse_cookie(self.request.headers.get("Cookie",""))
self.session_key = cookies.get('xfox-session-key',None)
logging.info("session_key:%s" % (self.session_key))
self.user = None
self.role = ['G'] #Guest User
if not self.session_key is None and len(self.session_key)==32:
self.user = Session.get_user_by_session(self.session_key)
if not self.user is None:
self.role = self.user.role
self.template_value['user']=self.user
self.template_value['role']=self.role
#handler os
self.os = 'default' #html5
user_agent = self.request.headers.get("User-Agent",'')
#if "MSIE" in user_agent:
#self.os = 'ie'
#handler not endswith /
self.template_value['os']=self.os
self.p = self.request.path.lower() #path
self.template_value['tp']=self.p
if not self.request.path.endswith("/"):
return self.redirect(self.request.path+"/",True)
def upload(request):
"""
Multiple File Upload.
"""
from django.http import parse_cookie
# QUERY / PATH CHECK
query = request.GET
path = get_path(query.get('dir', ''))
if path is None:
msg = _('The requested Folder does not exist.')
messages.add_message(request, messages.ERROR, msg)
return HttpResponseRedirect(True)
# SESSION (used for flash-uploading)
cookie_dict = parse_cookie(request.META.get('HTTP_COOKIE', ''))
engine = __import__(settings.SESSION_ENGINE, {}, {}, [''])
session_key = cookie_dict.get(settings.SESSION_COOKIE_NAME, None)
display = request.GET.get('type',False)
template = 'upload.html'
allowed_file_formats = ",".join(chain.from_iterable(get_settings_var()['EXTENSIONS'].values()))
breadcrumbs_title = _(u'Upload')
if display:
template = 'yt_upload.html'
allowed_file_formats = ",".join(chain.from_iterable(get_settings_var()['YT_SUPPORTED_FILE_FORMATS'].values()))
breadcrumbs_title = _(u'Youtube Upload')
return render_to_response('filebrowser/'+template, {
'query': query,
'allowed_file_formats':allowed_file_formats,
'display': display,
'title': _(u'Select files to upload'),
'settings_var': get_settings_var(),
'session_key': session_key,
'breadcrumbs': get_breadcrumbs(query, path),
'breadcrumbs_title': breadcrumbs_title,
}, context_instance=Context(request))
def create(request):
from django.http import parse_cookie
# QUERY / PATH CHECK
query = request.GET
path = get_path(query.get('dir', ''))
if path is None:
msg = _('The requested Folder does not exist.')
messages.add_message(request, messages.ERROR, msg)
return HttpResponseRedirect(reverse("nb_browse"))
# SESSION (used for flash-uploading)
cookie_dict = parse_cookie(request.META.get('HTTP_COOKIE', ''))
engine = __import__(settings.SESSION_ENGINE, {}, {}, [''])
session_key = cookie_dict.get(settings.SESSION_COOKIE_NAME, None)
return render_to_response('notebrowser/notebook.html', {
'query': query,
'title': _(u'Select files to upload'),
'settings_var': get_settings_var(),
'session_key': session_key,
'breadcrumbs': get_breadcrumbs(query, path),
'breadcrumbs_title': _(u'Upload')
}, context_instance=Context(request))
def test_invalid_cookies(self):
"""
Cookie strings that go against RFC6265 but browsers will send if set
via document.cookie.
"""
# Chunks without an equals sign appear as unnamed values per
# https://bugzilla.mozilla.org/show_bug.cgi?id=169091
self.assertIn('django_language', parse_cookie('abc=def; unnamed; django_language=en'))
# Even a double quote may be an unnamed value.
self.assertEqual(parse_cookie('a=b; "; c=d'), {'a': 'b', '': '"', 'c': 'd'})
# Spaces in names and values, and an equals sign in values.
self.assertEqual(parse_cookie('a b c=d e = f; gh=i'), {'a b c': 'd e = f', 'gh': 'i'})
# More characters the spec forbids.
self.assertEqual(parse_cookie('a b,c<>@:/[]?{}=d " =e,f g'), {'a b,c<>@:/[]?{}': 'd " =e,f g'})
# Unicode characters. The spec only allows ASCII.
self.assertEqual(parse_cookie('saint=André Bessette'), {'saint': 'André Bessette'})
# Browsers don't send extra whitespace or semicolons in Cookie headers,
# but parse_cookie() should parse whitespace the same way
# document.cookie parses whitespace.
self.assertEqual(parse_cookie(' = b ; ; = ; c = ; '), {'': 'b', 'c': ''})
def test_invalid_cookies(self):
"""
Cookie strings that go against RFC6265 but browsers will send if set
via document.cookie.
"""
# Chunks without an equals sign appear as unnamed values per
# https://bugzilla.mozilla.org/show_bug.cgi?id=169091
self.assertIn("django_language", parse_cookie("abc=def; unnamed; django_language=en").keys())
# Even a double quote may be an unamed value.
self.assertEqual(parse_cookie('a=b; "; c=d'), {"a": "b", "": '"', "c": "d"})
# Spaces in names and values, and an equals sign in values.
self.assertEqual(parse_cookie("a b c=d e = f; gh=i"), {"a b c": "d e = f", "gh": "i"})
# More characters the spec forbids.
self.assertEqual(parse_cookie('a b,c<>@:/[]?{}=d " =e,f g'), {"a b,c<>@:/[]?{}": 'd " =e,f g'})
# Unicode characters. The spec only allows ASCII.
self.assertEqual(parse_cookie("saint=André Bessette"), {"saint": force_str("André Bessette")})
# Browsers don't send extra whitespace or semicolons in Cookie headers,
# but parse_cookie() should parse whitespace the same way
# document.cookie parses whitespace.
self.assertEqual(parse_cookie(" = b ; ; = ; c = ; "), {"": "b", "c": ""})
def test_nonstandard_keys(self):
"""
A single non-standard cookie name doesn't affect all cookies (#13007).
"""
self.assertIn('good_cookie', parse_cookie('good_cookie=yes;bad:cookie=yes'))
def COOKIES(self):
# parse_cookie expects cookies list as a ; separated string
return parse_cookie(";".join(self.event.get("cookies", [])))
def _get_cookies(self):
if not hasattr(self, '_cookies'):
self._cookies = http.parse_cookie(self.environ.get('HTTP_COOKIE', ''))
return self._cookies
def test_cookie_edgecases(self):
# Cookies that RFC6265 allows.
self.assertEqual(parse_cookie('a=b; Domain=example.com'), {'a': 'b', 'Domain': 'example.com'})
# parse_cookie() has historically kept only the last cookie with the
# same name.
self.assertEqual(parse_cookie('a=b; h=i; a=c'), {'a': 'c', 'h': 'i'})
def websocket_app(environ, start_response):
if not 'wsgi.websocket' in environ:
print "Not a websocket"
return
ws = environ["wsgi.websocket"]
print ws
# Important to call, otherwise we may get stale user sessions
SessionStore.clear_expired()
# Get the session object and implicitly check if the session is valid
cookie = parse_cookie(environ['HTTP_COOKIE'])
if not 'sessionid' in cookie:
print "No session cookie"
return
s = SessionStore(session_key=cookie['sessionid'])
if not '_auth_user_id' in s:
print "Invalid session"
return
user = User.objects.get(pk=s['_auth_user_id'])
if not user:
print "Invalid user"
return
path = environ['PATH_INFO'].split('/')
if len(path) < 3 or path[1] != 'websocket' or path[
2] != 'conference' or not path[3].isdigit():
print "Invalid path"
return
conference_id = int(path[3])
conference = Reservation.objects.get(pk=conference_id)
if conference.user != user:
print "User not owner of this conference"
return
#if conference.end_time < timezone.now() or conference.begin_time > timezone.now():
# print "Conference not currently in progress"
# return
# FIXME Hardcoded
backend_info = {
'mcu': '127.0.0.1',
'room': 'room101',
}
socket_info = copy(global_sockets)
socket_info.subscribe(ws, conference)
interface = Handler(backend_info=backend_info,
conference=conference,
sockets=socket_info)
while True:
try:
data = ws.receive()
if data is None:
socket_info.close(socket_info.local)
return
try:
message = json.loads(data)
except Exception as e:
print repr(e), data
return
handlers = {
'LIST_MOSAIC': 'list_mosaic',
'LIST_PARTICIPANTS': 'list_participants',
'MOVE_PARTICIPANT': 'move_participant',
'REMOVE_PARTICIPANT': 'remove_participant',
'OFFER_SDP': 'offer_sdp',
'SDP_OK': 'sdp_ok',
}
if not 'message_type' in message:
print "Message has no message type"
return
if not message['message_type'] in handlers:
print "No handler for message type", message['message_type']
return
print message['message_type'], "received"
# Find and call the method in the MCUInterface class instance
func = getattr(interface, handlers[message['message_type']])
func(message['data'])
except:
socket_info.close(socket_info.local)
ws.close()
raise
def test_parse_cookie(self):
self.assertEqual(parse_cookie('invalid@key=true'), {})
def test_cookie_edgecases(self):
# Cookies that RFC6265 allows.
self.assertEqual(parse_cookie('a=b; Domain=example.com'), {'a': 'b', 'Domain': 'example.com'})
# parse_cookie() has historically kept only the last cookie with the
# same name.
self.assertEqual(parse_cookie('a=b; h=i; a=c'), {'a': 'c', 'h': 'i'})
def _get_cookies(self):
if not hasattr(self, '_cookies'):
self._cookies = http.parse_cookie(
self._req.headers_in.get('cookie', ''))
return self._cookies
def test_nonstandard_keys(self):
"""
Test that a single non-standard cookie name doesn't affect all cookies. Ticket #13007.
"""
self.assertIn('good_cookie', parse_cookie('good_cookie=yes;bad:cookie=yes').keys())
def test_repeated_nonstandard_keys(self):
"""
Test that a repeated non-standard name doesn't affect all cookies. Ticket #15852
"""
self.assertIn('good_cookie', parse_cookie('a:=b; a:=c; good_cookie=yes').keys())
def _get_cookies(self):
if not hasattr(self, '_cookies'):
self._cookies = http.parse_cookie(
self.environ.get('HTTP_COOKIE', ''))
return self._cookies
def test_nonstandard_keys(self):
"""
A single non-standard cookie name doesn't affect all cookies (#13007).
"""
self.assertIn('good_cookie',
parse_cookie('good_cookie=yes;bad:cookie=yes'))
def test_repeated_nonstandard_keys(self):
"""
A repeated non-standard name doesn't affect all cookies (#15852).
"""
self.assertIn('good_cookie',
parse_cookie('a:=b; a:=c; good_cookie=yes'))
def COOKIES(self):
return http.parse_cookie(self.META.get('HTTP_COOKIE', ''))
def test_repeated_nonstandard_keys(self):
"""
A repeated non-standard name doesn't affect all cookies (#15852).
"""
self.assertIn('good_cookie', parse_cookie('a:=b; a:=c; good_cookie=yes'))
def COOKIES(self):
cookies = dict()
raw_cookie = get_str_from_wsgi(self.environ, 'HTTP_COOKIE', '')
for cookie in [cookie for cookie in raw_cookie.split(';')]:
cookies.update(http.parse_cookie(cookie))
return cookies
def _get_cookies(This):
if not hasattr(This, '_cookies'):
This._cookies = http.parse_cookie(
This._headers_in.get('cookie', ''))
return This._cookies
def COOKIES(self):
raw_cookie = get_str_from_wsgi(self.environ, 'HTTP_COOKIE', '')
return parse_cookie(raw_cookie)
def COOKIES(self):
return parse_cookie(self.META.get("HTTP_COOKIE", ""))
