def _handler(req): """ This handler is invoked by mod_python with the apache request.""" allowed_methods = ("GET", "POST", "HEAD", "OPTIONS", "PUT") #req.allow_methods(allowed_methods, 1) #if req.method not in allowed_methods: # raise apache.SERVER_RETURN, apache.HTTP_METHOD_NOT_ALLOWED if req.method == 'OPTIONS': ## OPTIONS is used to now which method are allowed req.headers_out['Allow'] = ', '.join(allowed_methods) raise apache.SERVER_RETURN, apache.OK # Set user agent for fckeditor.py, which needs it here os.environ["HTTP_USER_AGENT"] = req.headers_in.get('User-Agent', '') # Check if REST authentication can be performed if req.args: args = cgi.parse_qs(req.args) if 'apikey' in args and req.is_https(): uid = web_api_key.acc_get_uid_from_request(req.uri, req.args) if uid < 0: raise apache.SERVER_RETURN, apache.HTTP_UNAUTHORIZED else: setUid(req=req, uid=uid) guest_p = isGuestUser(getUid(req), run_on_slave=False) uri = req.uri if uri == '/': path = [''] else: ## Let's collapse multiple slashes into a single / uri = RE_SLASHES.sub('/', uri) path = uri[1:].split('/') if CFG_ACCESS_CONTROL_LEVEL_SITE > 1: ## If the site is under maintainance mode let's return ## 503 to casual crawler to avoid having the site being ## indexed req.status = 503 g = _RE_BAD_MSIE.search(req.headers_in.get('User-Agent', "MSIE 6.0")) bad_msie = g and float(g.group(1)) < 9.0 if uri.startswith('/yours') or not guest_p: ## Private/personalized request should not be cached if bad_msie and req.is_https(): req.headers_out['Cache-Control'] = 'private, max-age=0, must-revalidate' else: req.headers_out['Cache-Control'] = 'private, no-cache, no-store, max-age=0, must-revalidate' req.headers_out['Pragma'] = 'no-cache' req.headers_out['Vary'] = '*' elif not (bad_msie and req.is_https()): req.headers_out['Cache-Control'] = 'public, max-age=3600' req.headers_out['Vary'] = 'Cookie, ETag, Cache-Control' try: if req.header_only and not RE_SPECIAL_URI.match(req.uri): return root._traverse(req, path, True, guest_p) else: ## bibdocfile have a special treatment for HEAD return root._traverse(req, path, False, guest_p) except TraversalError: raise apache.SERVER_RETURN, apache.HTTP_NOT_FOUND except apache.SERVER_RETURN: ## This is one of mod_python way of communicating raise except IOError, exc: if 'Write failed, client closed connection' not in "%s" % exc: ## Workaround for considering as false positive exceptions ## rised by mod_python when the user close the connection ## or in some other rare and not well identified cases. register_exception(req=req, alert_admin=True) raise
def _handler(req): """ This handler is invoked by mod_python with the apache request.""" allowed_methods = ("GET", "POST", "HEAD", "OPTIONS", "PUT") req.allow_methods(allowed_methods, 1) if req.method not in allowed_methods: raise apache.SERVER_RETURN, apache.HTTP_METHOD_NOT_ALLOWED if req.method == 'OPTIONS': ## OPTIONS is used to now which method are allowed req.headers_out['Allow'] = ', '.join(allowed_methods) raise apache.SERVER_RETURN, apache.OK # Set user agent for fckeditor.py, which needs it here os.environ["HTTP_USER_AGENT"] = req.headers_in.get('User-Agent', '') # Check if REST authentication can be performed if req.args: args = cgi.parse_qs(req.args) if 'apikey' in args and req.is_https(): uid = web_api_key.acc_get_uid_from_request(req.uri, req.args) if uid < 0: raise apache.SERVER_RETURN, apache.HTTP_UNAUTHORIZED else: setUid(req=req, uid=uid) guest_p = isGuestUser(getUid(req), run_on_slave=False) uri = req.uri if uri == '/': path = [''] else: ## Let's collapse multiple slashes into a single / uri = RE_SLASHES.sub('/', uri) path = uri[1:].split('/') if CFG_ACCESS_CONTROL_LEVEL_SITE > 1: ## If the site is under maintainance mode let's return ## 503 to casual crawler to avoid having the site being ## indexed req.status = 503 g = _RE_BAD_MSIE.search(req.headers_in.get('User-Agent', "MSIE 6.0")) bad_msie = g and float(g.group(1)) < 9.0 if uri.startswith('/yours') or not guest_p: ## Private/personalized request should not be cached if bad_msie and req.is_https(): req.headers_out['Cache-Control'] = 'private, max-age=0, must-revalidate' else: req.headers_out['Cache-Control'] = 'private, no-cache, no-store, max-age=0, must-revalidate' req.headers_out['Pragma'] = 'no-cache' req.headers_out['Vary'] = '*' elif not (bad_msie and req.is_https()): req.headers_out['Cache-Control'] = 'public, max-age=3600' req.headers_out['Vary'] = 'Cookie, ETag, Cache-Control' try: if req.header_only and not RE_SPECIAL_URI.match(req.uri): return root._traverse(req, path, True, guest_p) else: ## bibdocfile have a special treatment for HEAD return root._traverse(req, path, False, guest_p) except TraversalError: raise apache.SERVER_RETURN, apache.HTTP_NOT_FOUND except apache.SERVER_RETURN: ## This is one of mod_python way of communicating raise except IOError, exc: if 'Write failed, client closed connection' not in "%s" % exc: ## Workaround for considering as false positive exceptions ## rised by mod_python when the user close the connection ## or in some other rare and not well identified cases. register_exception(req=req, alert_admin=True) raise