def create_cookies_got(cookies):
import traffic.lib
cookies_got = []
for name, morsel in cookies.items():
cookie = traffic.lib.get_or_create_cookie('got', name, morsel.value)
cookies_got.append(cookie)
return cookies_got
def load_cookies():
cookies = http.cookies.SimpleCookie()
with open("cookie", "r") as f:
cookies.load(f.readline())
result = {}
for k, v in cookies.items():
result[k] = v.value
return result
def update_cookies(self, cookies):
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, http.cookies.Morsel):
dict.__setitem__(self.cookies, name, value)
else:
self.cookies[name] = value
def update_cookies(self, cookies):
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(self.cookies, name, value)
else:
self.cookies[name] = value
def update_cookies(self, cookies):
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(self.cookies, name, value)
else:
self.cookies[name] = value
def parse_cookies(cookie_str):
"""Parse the useful data from Set-Cookie
Set-Cookie includes a lot of junk which is causing the cookie
to be broken. Parse the useful data into a dict.
"""
cookies = http.cookies.SimpleCookie(cookie_str)
d = {}
for c in cookies.items():
d[c[0]] = c[1].value
return d
def set_session_cookies(self, browser, session):
# quickly create a response so the fw sets the cookies, which we copy and explicitly set on selenium.
response = Response()
session.set_session_key(response)
cookies = http.cookies.BaseCookie(', '.join(
response.headers.getall('set-cookie')))
for name, morsel in cookies.items():
cookie = {'name': name, 'value': morsel.value}
cookie.update(
dict([(key, value) for key, value in morsel.items() if value]))
browser.create_cookie(cookie)
def cookies(self, cookies):
_cookie = cookies
if isinstance(cookies, dict):
_cookies = http.cookies.SimpleCookie()
for name, value in cookies.items():
_cookies[name] = value
else:
assert isinstance(cookies, http.cookies.SimpleCookie), \
"Cookies have to be http.cookies.SimpleCookie or dict"
resp = self.response
for cookie in _cookies.output(header='').split('\n'):
resp.add_header('Set-Cookie', cookie.strip())
def test_release(self):
session = Session()
resp = unittest.mock.Mock()
resp.message.should_close = False
cookies = resp.cookies = http.cookies.SimpleCookie()
cookies['c1'] = 'cookie1'
cookies['c2'] = 'cookie2'
tr, proto = unittest.mock.Mock(), unittest.mock.Mock()
session._release(resp, 1, (tr, proto))
self.assertEqual(session._conns[1][0], (tr, proto))
self.assertEqual(session.cookies, dict(cookies.items()))
def test_release(self):
session = Session()
resp = unittest.mock.Mock()
resp.message.should_close = False
cookies = resp.cookies = http.cookies.SimpleCookie()
cookies['c1'] = 'cookie1'
cookies['c2'] = 'cookie2'
tr, proto = unittest.mock.Mock(), unittest.mock.Mock()
session._release(resp, 1, (tr, proto))
self.assertEqual(session._conns[1][0], (tr, proto))
self.assertEqual(session.cookies, dict(cookies.items()))
def _prepare_client(cookies):
client = werkzeug.test.Client(gws.base.web.web_app.application,
werkzeug.wrappers.BaseResponse)
if cookies:
for k, v in cookies.items():
if not v:
client.delete_cookie('localhost', k)
elif isinstance(v, str):
client.set_cookie('localhost', k, v)
else:
client.set_cookie('localhost', k, **v)
return client
def alert_if_sensitive(sensitive_files,
ip=None,
scheme=None,
host=None,
nginx_path=None,
nginx_query_str=None,
referrer=None,
code=None,
size=None,
user_agent=None,
cookies=None,
**kwargs):
if cookies is None:
cookies = {}
import utils
import myadmin.lib
if os.path.basename(nginx_path) in sensitive_files:
filename = os.path.basename(nginx_path)
# Don't alert if it's just me.
is_admin = myadmin.lib.get_admin_cookie(DummyRequest(cookies))
if is_admin:
logging.warning(
'Download of {} detected, but vistor seems to be me.'.format(
filename))
return
subject = 'Visitor downloaded {}!'.format(filename)
url = '{}://{}{}'.format(scheme, host, nginx_path)
if nginx_query_str and nginx_query_str != '-':
url += '?' + nginx_query_str
cookies_list = [
'{}:\t{}'.format(name, morsel.value)
for name, morsel in cookies.items()
]
if cookies_list:
cookies_str = '\n ' + '\n '.join(cookies_list)
else:
cookies_str = 'None'
if referrer and referrer != '-':
referrer_value = referrer
else:
referrer_value = None
body = (
'A visitor from IP address {0} accessed {1} (referrer: {2!r}).\n\n'
'User agent: {3}\n\n'
'Cookies received: {4}\n\n'
'Response code: {5}, bytes served: {6}\n'.format(
ip, url, referrer_value, user_agent, cookies_str, code, size))
logging.warning(
'Download of {} detected. Email alert sent.'.format(filename))
utils.email_admin(subject, body)
def do_GET(self):
# super().handle()
cookies = None
print(self.headers)
if 'Cookie' in self.headers:
cookies = http.cookies.BaseCookie(self.headers['Cookie'])
print(cookies)
print(cookies.keys())
for k, v in cookies.items():
print(k, ":", v)
self.send_response(200) # 响应行
self.send_header('Content-type', 'text/html;charset=utf-8') # 响应头
self.end_headers() # 响应头结束
self.wfile.write('<h1>这是来自服务器的请求</h1>'.encode('utf-8')) # 响应数据体
def test_release(self):
session = Session(loop=self.loop)
session._start_cleanup_task = unittest.mock.Mock()
req = unittest.mock.Mock()
resp = req.response = unittest.mock.Mock()
resp.message.should_close = False
cookies = resp.cookies = http.cookies.SimpleCookie()
cookies['c1'] = 'cookie1'
cookies['c2'] = 'cookie2'
tr, proto = unittest.mock.Mock(), unittest.mock.Mock()
session._release(req, 1, (tr, proto, 0))
self.assertEqual(session._conns[1][0], (tr, proto, 0))
self.assertEqual(session.cookies, dict(cookies.items()))
self.assertTrue(session._start_cleanup_task.called)
def update_cookies(self, cookies):
"""Update request cookies header."""
if not cookies:
return
c = http.cookies.SimpleCookie()
if hdrs.COOKIE in self.headers:
c.load(self.headers.get(hdrs.COOKIE, ''))
del self.headers[hdrs.COOKIE]
for name, value in cookies.items():
if isinstance(value, http.cookies.Morsel):
c[value.key] = value.value
else:
c[name] = value
self.headers[hdrs.COOKIE] = c.output(header='', sep=';').strip()
def update_cookies(self, cookies):
"""Update shared cookies.
Deprecated, use ClientSession instead.
"""
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if PY_343:
self.cookies[name] = value
else:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(self.cookies, name, value)
else:
self.cookies[name] = value
def update_cookies(self, cookies):
"""Update shared cookies.
Deprecated, use ClientSession instead.
"""
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if PY_343:
self.cookies[name] = value
else:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(self.cookies, name, value)
else:
self.cookies[name] = value
def update_cookies(self, cookies):
"""Update request cookies header."""
if not cookies:
return
c = http.cookies.SimpleCookie()
if hdrs.COOKIE in self.headers:
c.load(self.headers.get(hdrs.COOKIE, ''))
del self.headers[hdrs.COOKIE]
for name, value in cookies.items():
if isinstance(value, http.cookies.Morsel):
c[value.key] = value.value
else:
c[name] = value
self.headers[hdrs.COOKIE] = c.output(header='', sep=';').strip()
def test_release(self, m_time):
m_time.time.return_value = 10
conn = aiohttp.BaseConnector(share_cookies=True, loop=self.loop)
conn._start_cleanup_task = unittest.mock.Mock()
req = unittest.mock.Mock()
resp = req.response = unittest.mock.Mock()
resp.message.should_close = False
cookies = resp.cookies = http.cookies.SimpleCookie()
cookies['c1'] = 'cookie1'
cookies['c2'] = 'cookie2'
tr, proto = unittest.mock.Mock(), unittest.mock.Mock()
conn._release(1, req, tr, proto)
self.assertEqual(conn._conns[1][0], (tr, proto, 10))
self.assertEqual(conn.cookies, dict(cookies.items()))
self.assertTrue(conn._start_cleanup_task.called)
def test_release(self, m_time):
m_time.time.return_value = 10
conn = aiohttp.BaseConnector(share_cookies=True, loop=self.loop)
conn._start_cleanup_task = unittest.mock.Mock()
req = unittest.mock.Mock()
resp = req.response = unittest.mock.Mock()
resp.message.should_close = False
cookies = resp.cookies = http.cookies.SimpleCookie()
cookies['c1'] = 'cookie1'
cookies['c2'] = 'cookie2'
tr, proto = unittest.mock.Mock(), unittest.mock.Mock()
conn._release(1, req, tr, proto)
self.assertEqual(conn._conns[1][0], (tr, proto, 10))
self.assertEqual(conn.cookies, dict(cookies.items()))
self.assertTrue(conn._start_cleanup_task.called)
def update_cookies(self, cookies):
"""Update request cookies header."""
c = http.cookies.SimpleCookie()
if 'cookie' in self.headers:
c.load(self.headers.get('cookie', ''))
del self.headers['cookie']
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(c, name, value)
else:
c[name] = value
self.headers['cookie'] = c.output(header='', sep=';').strip()
def update_cookies(self, cookies):
"""Update request cookies header."""
c = http.cookies.SimpleCookie()
if 'cookie' in self.headers:
c.load(self.headers.get('cookie', ''))
del self.headers['cookie']
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(c, name, value)
else:
c[name] = value
self.headers['cookie'] = c.output(header='', sep=';').strip()
def handle_request(self, request):
if 'Cookie' in request.headers:
cookies = http.cookies.SimpleCookie(request.headers['Cookie'].value)
elif 'HTTP_COOKIE' in request.headers:
cookies = http.cookies.SimpleCookie(request.headers['HTTP_COOKIE'].value)
else:
request.client = client.Information(users.GUEST)
return
if SESSION_TOKEN_IDENTIFIER in cookies and cookies[SESSION_TOKEN_IDENTIFIER].value != session.SESSION_INVALIDATED:
for k,v in cookies.items():
logging.getLogger(__name__).debug('key: {} value: {}'.format(k, v))
db_result = session.validate_session(cookies[SESSION_TOKEN_IDENTIFIER].value)
if db_result is not None:
request.client = client.Information(db_result)
return None
new_cookie = http.cookies.SimpleCookie({SESSION_TOKEN_IDENTIFIER:session.SESSION_INVALIDATED})
new_cookie[SESSION_TOKEN_IDENTIFIER]['expires'] = time.strftime("%a, %d-%b-%Y %Z %z", time.gmtime())
return response.Redirect('/login?destination={}'.format(request.path)
, code=303, cookies=new_cookie)
request.client = client.Information(users.GUEST)
def update_cookies(self, cookies):
"""Update request cookies header."""
if not cookies:
return
c = http.cookies.BaseCookie()
if aiohttp.hdrs.COOKIE in self.headers:
c.load(self.headers.get(aiohttp.hdrs.COOKIE, ''))
del self.headers[aiohttp.hdrs.COOKIE]
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(c, name, value)
else:
c[name] = value
self.headers['Cookie'] = c.output(header='', sep=';', attrs={}).strip()
def update_cookies(self, cookies):
"""Update request cookies header."""
if not cookies:
return
c = http.cookies.BaseCookie()
if aiohttp.hdrs.COOKIE in self.headers:
c.load(self.headers.get(aiohttp.hdrs.COOKIE, ''))
del self.headers[aiohttp.hdrs.COOKIE]
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(c, name, value)
else:
c[name] = value
self.headers['Cookie'] = c.output(header='', sep=';', attrs = {}).strip()
def update_cookies(self, cookies):
"""Update request cookies header."""
if not cookies:
return
c = http.cookies.SimpleCookie()
if "COOKIE" in self.headers:
c.load(self.headers.get("COOKIE", ""))
del self.headers["COOKIE"]
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, http.cookies.Morsel):
# use dict method because SimpleCookie class modifies value
dict.__setitem__(c, name, value)
else:
c[name] = value
self.headers["COOKIE"] = c.output(header="", sep=";").strip()
def log_in(self,
browser=None,
session=None,
system_account=None,
stay_logged_in=False):
"""Logs the user into the current webapp without having to navigate to a login page."""
session = session or self.party_account_fixture.session
browser = browser or self.driver_browser
login_session = LoginSession.for_session(session)
login_session.set_as_logged_in(
system_account or self.party_account_fixture.system_account,
stay_logged_in)
# quickly create a response so the fw sets the cookies, which we copy and explicitly set on selenium.
response = Response()
session.set_session_key(response)
cookies = http.cookies.BaseCookie(', '.join(
response.headers.getall('set-cookie')))
for name, morsel in cookies.items():
cookie = {'name': name, 'value': morsel.value}
cookie.update(
dict([(key, value) for key, value in morsel.items() if value]))
browser.create_cookie(cookie)
def __init__(self,
url=None,
type=None,
host=None,
uri=None,
cookies=None,
remote_addr=None,
meta=None):
if url:
type, host, uri, query, fragment = urllib.parse.urlsplit(
url, 'http')
if not uri:
uri = '/'
if query:
uri += '?' + query
self.type = type or 'http'
self.host = host
self.uri = uri
if isinstance(cookies, http.cookies.BaseCookie):
cookies = dict([(k, v.value) for k, v in list(cookies.items())])
self.cookies = cookies or {}
self.remote_addr = remote_addr
self.meta = meta or {}
def __init__(self, method, url, *,
params=None,
headers=None,
data=None,
cookies=None,
files=None,
auth=None,
encoding='utf-8',
version=(1, 1),
compress=None,
chunked=None):
self.method = method.upper()
self.encoding = encoding
if isinstance(version, str):
v = [l.strip() for l in version.split('.', 1)]
version = int(v[0]), int(v[1])
self.version = version
scheme, netloc, path, query, fragment = urllib.parse.urlsplit(url)
if not netloc:
raise ValueError()
if not path:
path = '/'
else:
path = urllib.parse.unquote(path)
# check domain idna encoding
try:
netloc = netloc.encode('idna').decode('utf-8')
except UnicodeError:
raise ValueError('URL has an invalid label.')
if '@' in netloc:
authinfo, netloc = netloc.split('@', 1)
if not auth:
auth = authinfo.split(':', 1)
if len(auth) == 1:
auth.append('')
# extract host and port
ssl = scheme == 'https'
if ':' in netloc:
netloc, port_s = netloc.split(':', 1)
port = int(port_s)
else:
if ssl:
port = http.client.HTTPS_PORT
else:
port = http.client.HTTP_PORT
self.host = netloc
self.port = port
self.ssl = ssl
# build url query
if isinstance(params, dict):
params = list(params.items())
if data and self.method in self.GET_METHODS:
# include data to query
if isinstance(data, dict):
data = data.items()
params = list(itertools.chain(params or (), data))
data = None
if params:
params = urllib.parse.urlencode(params)
if query:
query = '%s&%s' % (query, params)
else:
query = params
# build path
path = urllib.parse.quote(path)
self.path = urllib.parse.urlunsplit(('', '', path, query, fragment))
# headers
self.headers = email.message.Message()
if headers:
if isinstance(headers, dict):
headers = list(headers.items())
for key, value in headers:
self.headers[key] = value
for hdr, val in self.DEFAULT_HEADERS.items():
if hdr not in self.headers:
self.headers[hdr] = val
# host
if 'host' not in self.headers:
self.headers['Host'] = self.host
# cookies
if cookies:
c = http.cookies.SimpleCookie()
if 'cookie' in self.headers:
c.load(self.headers.get('cookie', ''))
del self.headers['cookie']
for name, value in cookies.items():
if isinstance(value, http.cookies.Morsel):
dict.__setitem__(c, name, value)
else:
c[name] = value
self.headers['cookie'] = c.output(header='', sep=';').strip()
# auth
if auth:
if isinstance(auth, (tuple, list)) and len(auth) == 2:
# basic auth
self.headers['Authorization'] = 'Basic %s' % (
base64.b64encode(
('%s:%s' % (auth[0], auth[1])).encode('latin1'))
.strip().decode('latin1'))
else:
raise ValueError("Only basic auth is supported")
self._params = (chunked, compress, files, data, encoding)
def __init__(self, cookies):
self.COOKIES = {}
for name, morsel in cookies.items():
self.COOKIES[name] = morsel.value
def __init__(self,
method,
url,
*,
params=None,
headers=None,
data=None,
cookies=None,
files=None,
auth=None,
encoding='utf-8',
version=(1, 1),
compress=None,
chunked=None):
self.method = method.upper()
self.encoding = encoding
if isinstance(version, str):
v = [l.strip() for l in version.split('.', 1)]
version = int(v[0]), int(v[1])
self.version = version
scheme, netloc, path, query, fragment = urllib.parse.urlsplit(url)
if not netloc:
raise ValueError()
if not path:
path = '/'
else:
path = urllib.parse.unquote(path)
# check domain idna encoding
try:
netloc = netloc.encode('idna').decode('utf-8')
except UnicodeError:
raise ValueError('URL has an invalid label.')
if '@' in netloc:
authinfo, netloc = netloc.split('@', 1)
if not auth:
auth = authinfo.split(':', 1)
if len(auth) == 1:
auth.append('')
# extract host and port
ssl = scheme == 'https'
if ':' in netloc:
netloc, port_s = netloc.split(':', 1)
port = int(port_s)
else:
if ssl:
port = http.client.HTTPS_PORT
else:
port = http.client.HTTP_PORT
self.host = netloc
self.port = port
self.ssl = ssl
# build url query
if isinstance(params, dict):
params = list(params.items())
if data and self.method in self.GET_METHODS:
# include data to query
if isinstance(data, dict):
data = data.items()
params = list(itertools.chain(params or (), data))
data = None
if params:
params = urllib.parse.urlencode(params)
if query:
query = '%s&%s' % (query, params)
else:
query = params
# build path
path = urllib.parse.quote(path)
self.path = urllib.parse.urlunsplit(('', '', path, query, fragment))
# headers
self.headers = email.message.Message()
if headers:
if isinstance(headers, dict):
headers = list(headers.items())
for key, value in headers:
self.headers[key] = value
for hdr, val in self.DEFAULT_HEADERS.items():
if hdr not in self.headers:
self.headers[hdr] = val
# host
if 'host' not in self.headers:
self.headers['Host'] = self.host
# cookies
if cookies:
c = http.cookies.SimpleCookie()
if 'cookie' in self.headers:
c.load(self.headers.get('cookie', ''))
del self.headers['cookie']
for name, value in cookies.items():
if isinstance(value, http.cookies.Morsel):
dict.__setitem__(c, name, value)
else:
c[name] = value
self.headers['cookie'] = c.output(header='', sep=';').strip()
# auth
if auth:
if isinstance(auth, (tuple, list)) and len(auth) == 2:
# basic auth
self.headers['Authorization'] = 'Basic %s' % (base64.b64encode(
('%s:%s' % (auth[0], auth[1])
).encode('latin1')).strip().decode('latin1'))
else:
raise ValueError("Only basic auth is supported")
self._params = (chunked, compress, files, data, encoding)