Python is_untrustedの例

プログラミング言語: Python

名前空間/パッケージ名: kuma.core.utils

メソッド/関数: is_untrusted

hotexamples.comのコード掲載数: 5

Python is_untrusted - 5件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたPythonのkuma.core.utils.is_untrustedの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

コード例 #1

ファイルを表示

ファイル: views.py プロジェクト: mashrikt/kuma

def raw_file(request, attachment_id, filename):
    """
    Serve up an attachment's file.
    """
    qs = Attachment.objects.select_related('current_revision')
    attachment = get_object_or_404(qs, pk=attachment_id)
    if attachment.current_revision is None:
        raise Http404

    if is_untrusted(request):
        rev = attachment.current_revision
        if settings.DEBUG:
            # to work around an issue of the localdevstorage with streamed
            # files we'll have to read some of the file here first
            rev.file.read(rev.file.DEFAULT_CHUNK_SIZE)
        response = StreamingHttpResponse(rev.file, content_type=rev.mime_type)
        try:
            response['Content-Length'] = rev.file.size
        except OSError:
            pass
        response['Last-Modified'] = convert_to_http_date(rev.created)
        response['X-Frame-Options'] = 'ALLOW-FROM %s' % settings.DOMAIN
        return response

    return redirect(attachment.get_file_url(), permanent=True)

コード例 #2

ファイルを表示

ファイル: views.py プロジェクト: tqrg-bot/kuma

def raw_file(request, attachment_id, filename):
    """
    Serve up an attachment's file.
    """
    qs = Attachment.objects.select_related("current_revision")
    attachment = get_object_or_404(qs, pk=attachment_id)
    rev = attachment.current_revision
    if rev is None:
        raise Http404

    # Attachments must be served from safe (untrusted) domains
    if not is_untrusted(request):
        return redirect(attachment.get_file_url(), permanent=True)

    # NOTE: All of this, just to support conditional requests (last-modified / if-modified-since)
    # Very important while we're potentially serving attachments from disk.
    # Far less important when we're just redirecting to S3.
    # Consider removing?
    if_modified_since = parse_http_date_safe(
        request.META.get("HTTP_IF_MODIFIED_SINCE"))
    if if_modified_since and if_modified_since >= calendar.timegm(
            rev.created.utctimetuple()):
        response = HttpResponseNotModified()
        response["Last-Modified"] = convert_to_http_date(rev.created)
        return response

    if settings.ATTACHMENTS_USE_S3:
        response = redirect(rev.file.url)
    else:
        response = StreamingHttpResponse(rev.file, content_type=rev.mime_type)
        response["Content-Length"] = rev.file.size

    response["Last-Modified"] = convert_to_http_date(rev.created)
    response["X-Frame-Options"] = f"ALLOW-FROM {settings.DOMAIN}"
    return response

コード例 #3

ファイルを表示

ファイル: views.py プロジェクト: MatonAnthony/kuma

def raw_file(request, attachment_id, filename):
    """
    Serve up an attachment's file.
    """
    qs = Attachment.objects.select_related('current_revision')
    attachment = get_object_or_404(qs, pk=attachment_id)
    if attachment.current_revision is None:
        raise Http404

    if is_untrusted(request):
        rev = attachment.current_revision
        if settings.DEBUG:
            # to work around an issue of the localdevstorage with streamed
            # files we'll have to read some of the file here first
            rev.file.read(rev.file.DEFAULT_CHUNK_SIZE)
        response = StreamingHttpResponse(rev.file, content_type=rev.mime_type)
        try:
            response['Content-Length'] = rev.file.size
        except OSError:
            pass
        response['Last-Modified'] = convert_to_http_date(rev.created)
        response['X-Frame-Options'] = 'ALLOW-FROM %s' % settings.DOMAIN
        return response

    return redirect(attachment.get_file_url(), permanent=True)

コード例 #4

ファイルを表示

ファイル: views.py プロジェクト: Elchi3/kuma

def raw_file(request, attachment_id, filename):
    """
    Serve up an attachment's file.
    """
    qs = Attachment.objects.select_related('current_revision')
    attachment = get_object_or_404(qs, pk=attachment_id)
    if attachment.current_revision is None:
        raise Http404

    if is_untrusted(request):
        rev = attachment.current_revision
        response = StreamingHttpResponse(rev.file, content_type=rev.mime_type)
        response['Content-Length'] = rev.file.size
        response['Last-Modified'] = convert_to_http_date(rev.created)
        response['X-Frame-Options'] = 'ALLOW-FROM %s' % settings.DOMAIN
        return response

    return redirect(attachment.get_file_url(), permanent=True)

コード例 #5

ファイルを表示

ファイル: views.py プロジェクト: sato-hirokazu/kuma

def raw_file(request, attachment_id, filename):
    """
    Serve up an attachment's file.
    """
    qs = Attachment.objects.select_related('current_revision')
    attachment = get_object_or_404(qs, pk=attachment_id)
    if attachment.current_revision is None:
        raise Http404

    if is_untrusted(request):
        rev = attachment.current_revision
        response = StreamingHttpResponse(rev.file, content_type=rev.mime_type)
        response['Content-Length'] = rev.file.size
        response['Last-Modified'] = convert_to_http_date(rev.created)
        response['X-Frame-Options'] = 'ALLOW-FROM %s' % settings.DOMAIN
        return response

    return redirect(attachment.get_file_url(), permanent=True)