예제 #1
0
	def __call__(self, environ, start_response):
		req = qweb.QWebRequest(environ, start_response,session=None)
		if req.PATH_INFO.endswith('/u'):
			s=req.REQUEST["s"]
			k=req.REQUEST["k"]
			c=req.REQUEST["c"]
			w=req.REQUEST.int("w")
			h=req.REQUEST.int("h")
			if s in self.session:
				term=self.session[s]
			else:
				if not (w>2 and w<256 and h>2 and h<100):
					w,h=80,25
				term=self.session[s]=self.multi.create(w,h)
			if k:
				self.multi.proc_write(term,k)
			time.sleep(0.002)
			dump=self.multi.dump(term,c)
			req.response_headers['Content-Type']='text/xml'
			if isinstance(dump,str):
				req.write(dump)
				req.response_gzencode=1
			else:
				del self.session[s]
				req.write('<?xml version="1.0"?><idem></idem>')
#			print "sessions %r"%self.session
		else:
			n=os.path.basename(req.PATH_INFO)
			if n in self.files:
				req.response_headers['Content-Type'] = self.mime.get(os.path.splitext(n)[1].lower(), 'application/octet-stream')
				req.write(self.files[n])
			else:
				req.response_headers['Content-Type'] = 'text/html; charset=UTF-8'
				req.write(self.files['index'])
		return req
예제 #2
0
파일: blog.py 프로젝트: zhivotnoya/qweb
	def __call__(self, environ, start_response):
		req = qweb.QWebRequest(environ, start_response)

		if req.PATH_INFO=="/":
			page='blog_home'
		else:
			page="blog"+req.PATH_INFO

		mo=re.search('blog/post_view/([0-9]+)',page)
		if mo:
			page='blog/post_view'
			req.REQUEST['post']=mo.group(1)

		if not qweb.qweb_control(self,page,[req,req.REQUEST,{}]):
			req.http_404()

		return req
예제 #3
0
    def __call__(self, environ, start_response):
        req = qweb.QWebRequest(environ, start_response,session=None)
        if req.PATH_INFO.endswith('/u'):
            s=req.REQUEST["s"]
            k=req.REQUEST["k"]
            c=req.REQUEST["c"]
            w=req.REQUEST.int("w")
            h=req.REQUEST.int("h")
            if s in self.session:
                term=self.session[s]
            else:
                raise Exception('Not Authorized')
                # The original code below was insecure, because it allowed unauthorized sessions to be created
                # if not (w>2 and w<256 and h>2 and h<100):
                # w,h=80,25
                # term=self.session[s]=self.multi.create(w,h)
            if k:
                self.multi.proc_write(term,k)
            time.sleep(0.002)
            self.multi.lastActivity = time.time();
            dump=self.multi.dump(term,c)
            req.response_headers['Content-Type']='text/xml'
            if isinstance(dump,str):
                req.write(dump)
                req.response_gzencode=1
            else:
                del self.session[s]
                req.write('<?xml version="1.0"?><idem></idem>')
#            print "sessions %r"%self.session
        else:
            n=os.path.basename(req.PATH_INFO)
            if n in self.files:
                req.response_headers['Content-Type'] = self.mime.get(os.path.splitext(n)[1].lower(), 'application/octet-stream')
                req.write(self.files[n])
            elif req.REQUEST['token'] == self.token:
                req.response_headers['Content-Type'] = 'text/html; charset=UTF-8'
                session_id = str(uuid.uuid4())
                req.write(string.Template(self.files['index']).substitute(session_id=session_id))
                term=self.session[session_id]=self.multi.create(80,25)
            else:
                raise Exception("Not Authorized")
        return req
예제 #4
0
파일: ajaxterm.py 프로젝트: easyVDR/five
    def __call__(self, environ, start_response):
        req = qweb.QWebRequest(environ, start_response, session=None)
        if req.PATH_INFO.endswith('/u'):
            req.response_headers['Content-Type'] = 'text/xml'
            uid = ""
            if self.cookie_name not in req.request_cookies:
                req.write('<?xml version="1.0"?><idem></idem>')
                return req
            uid = req.request_cookies[self.cookie_name].value
            s = req.REQUEST["s"]
            k = req.REQUEST["k"]
            c = req.REQUEST["c"]
            w = req.REQUEST.int("w")
            h = req.REQUEST.int("h")
            ip = "unknown"
            if environ.has_key("REMOTE_ADDR"):
                ip = environ['REMOTE_ADDR']
                if ip == "127.0.0.1" and environ.has_key(
                        "HTTP_X_FORWARDED_FOR"):
                    ip = environ["HTTP_X_FORWARDED_FOR"]

            if (uid + s) in self.session:
                term = self.session[uid + s]
                req.response_cookies.load(
                    req.request_cookies[self.cookie_name].OutputString())
                req.response_cookies[self.cookie_name][
                    'expires'] = datetime.utcnow() + timedelta(seconds=60)
            else:
                if not (w > 2 and w < 256 and h > 2 and h < 100):
                    w, h = 80, 25
                # check if there aren't too many open sessions
                if len(self.session) < self.sessions_limit:
                    count = 0
                    for i in self.session_ip.keys():
                        if self.session_ip[i] == ip:
                            count += 1
                    if count <= self.sessions_user_limit:
                        term = self.session[uid + s] = self.multi.create(w, h)
                        self.session_ip[uid + s] = ip
                    else:
                        req.write('<?xml version="1.0"?><idem></idem>')
                        return req
            if k:
                self.multi.proc_write(term, k)
            time.sleep(0.002)
            dump = self.multi.dump(term, c)
            if isinstance(dump, str):
                req.write(dump)
                req.response_gzencode = 1
            else:
                del self.session[uid + s]
                del self.session_ip[uid + s]
                req.write('<?xml version="1.0"?><idem></idem>')


#			print "sessions %r"%self.session
        else:
            n = os.path.basename(req.PATH_INFO)
            if n in self.files:
                req.response_headers['Content-Type'] = self.mime.get(
                    os.path.splitext(n)[1].lower(), 'application/octet-stream')
                req.write(self.files[n])
            elif (not self.token) or (req.REQUEST['token'] == self.token):
                if self.cookie_name not in req.request_cookies:
                    self.genSidCookie(req)
                req.response_headers[
                    'Content-Type'] = 'text/html; charset=UTF-8'
                req.write(self.files['index'])
            else:
                raise Exception('Not Authorized')
        return req