def test_origin(self):
self.assertEqual(wsgi.origin([])({}), "http://invalid.local")
origin = wsgi.origin(["http://foo.bar/", "https://foo.bar"])
self.assertEqual(origin({"HTTP_ORIGIN": "http://foo.bar"}),
"http://foo.bar")
self.assertEqual(origin({"HTTP_ORIGIN": "https://foo.bar"}),
"https://foo.bar")
self.assertEqual(origin({"HTTP_REFERER": "http://foo.bar"}),
"http://foo.bar")
self.assertEqual(origin({"HTTP_ORIGIN": "http://spam.baz"}),
"http://foo.bar")
self.assertEqual(origin({}), "http://foo.bar")
def test_origin(self):
self.assertEqual(wsgi.origin([])({}), "http://invalid.local")
origin = wsgi.origin(["http://foo.bar/", "https://foo.bar"])
self.assertEqual(origin({"HTTP_ORIGIN": "http://foo.bar"}),
"http://foo.bar")
self.assertEqual(origin({"HTTP_ORIGIN": "https://foo.bar"}),
"https://foo.bar")
self.assertEqual(origin({"HTTP_REFERER": "http://foo.bar"}),
"http://foo.bar")
self.assertEqual(origin({"HTTP_ORIGIN": "http://spam.baz"}),
"http://foo.bar")
self.assertEqual(origin({}), "http://foo.bar")
def dispatch(self, request):
local.request = request
local.host = wsgi.host(request.environ)
local.origin = origin(self.conf.getiter("general",
"host"))(request.environ)
adapter = self.urls.bind_to_environ(request.environ)
try:
handler, values = adapter.match()
except HTTPException as e:
return error_handler(request.environ, request, e)
else:
try:
response = handler(request.environ, request, **values)
except HTTPException as e:
return error_handler(request.environ, request, e)
except Exception:
logger.exception("%s %s", request.method,
request.environ["PATH_INFO"])
return error_handler(request.environ, request,
InternalServerError())
else:
return response
def test_simple(self):
app = CORSMiddleware(hello_world,
origin=origin([
"https://example.tld/",
"http://example.tld/",
]),
allowed=("Foo", "Bar"), exposed=("Spam", ))
client = Client(app, Response)
rv = client.get("/", headers={"Origin": "https://example.tld"})
self.assertEqual(
rv.headers["Access-Control-Allow-Origin"], "https://example.tld")
self.assertEqual(
rv.headers["Access-Control-Allow-Credentials"], "true")
self.assertEqual(
rv.headers["Access-Control-Allow-Methods"], "HEAD, GET, POST, PUT, DELETE")
self.assertEqual(
rv.headers["Access-Control-Allow-Headers"], "Foo, Bar")
self.assertEqual(rv.headers["Access-Control-Expose-Headers"], "Spam")
a = client.get("/", headers={"Origin": "http://example.tld"})
self.assertEqual(
a.headers["Access-Control-Allow-Origin"], "http://example.tld")
b = client.get("/", headers={"Origin": "http://example.tld"})
self.assertEqual(
b.headers["Access-Control-Allow-Origin"], "http://example.tld")
c = client.get("/", headers={"Origin": "http://foo.other"})
self.assertEqual(
c.headers["Access-Control-Allow-Origin"], "https://example.tld")
def make_app(conf=None, threading=True, multiprocessing=False, uwsgi=False):
if not any((threading, multiprocessing, uwsgi)):
raise RuntimeError("either set threading, multiprocessing or uwsgi")
if threading:
class App(Isso, ThreadedMixin):
pass
elif multiprocessing:
class App(Isso, ProcessMixin):
pass
else:
class App(Isso, uWSGIMixin):
pass
isso = App(conf)
# check HTTP server connection
for host in conf.getiter("general", "host"):
with http.curl('HEAD', host, '/', 5) as resp:
if resp is not None:
logger.info("connected to %s", host)
break
else:
logger.warn(
"unable to connect to your website, Isso will probably not "
"work correctly. Please make sure, Isso can reach your "
"website via HTTP(S).")
wrapper = [local_manager.make_middleware]
if isso.conf.getboolean("server", "profile"):
wrapper.append(
partial(ProfilerMiddleware,
sort_by=("cumulative", ),
restrictions=("isso/(?!lib)", 10)))
wrapper.append(
partial(SharedDataMiddleware,
exports={
'/js': join(dirname(__file__), 'js/'),
'/css': join(dirname(__file__), 'css/'),
'/demo': join(dirname(__file__), 'demo/')
}))
wrapper.append(
partial(wsgi.CORSMiddleware,
origin=origin(isso.conf.getiter("general", "host")),
allowed=("Origin", "Referer", "Content-Type"),
exposed=("X-Set-Cookie", "Date")))
wrapper.extend([wsgi.SubURI, ProxyFix])
if werkzeug.version.startswith("0.8"):
wrapper.append(wsgi.LegacyWerkzeugMiddleware)
return reduce(lambda x, f: f(x), wrapper, isso)
def make_app(conf=None, threading=True, multiprocessing=False, uwsgi=False):
if not any((threading, multiprocessing, uwsgi)):
raise RuntimeError("either set threading, multiprocessing or uwsgi")
if threading:
class App(Isso, ThreadedMixin):
pass
elif multiprocessing:
class App(Isso, ProcessMixin):
pass
else:
class App(Isso, uWSGIMixin):
pass
isso = App(conf)
# check HTTP server connection
for host in conf.getiter("general", "host"):
with http.curl('HEAD', host, '/', 5) as resp:
if resp is not None:
logger.info("connected to %s", host)
break
else:
logger.warn("unable to connect to your website, Isso will probably not "
"work correctly. Please make sure, Isso can reach your "
"website via HTTP(S).")
wrapper = [local_manager.make_middleware]
if isso.conf.getboolean("server", "profile"):
wrapper.append(partial(ProfilerMiddleware,
sort_by=("cumulative", ), restrictions=("isso/(?!lib)", 10)))
wrapper.append(partial(SharedDataMiddleware, exports={
'/js': join(dirname(__file__), 'js/'),
'/css': join(dirname(__file__), 'css/'),
'/demo': join(dirname(__file__), 'demo/')
}))
wrapper.append(partial(wsgi.CORSMiddleware,
origin=origin(isso.conf.getiter("general", "host")),
allowed=("Origin", "Referer", "Content-Type"),
exposed=("X-Set-Cookie", "Date")))
wrapper.extend([wsgi.SubURI, ProxyFix, wsgi.LegacyWerkzeugMiddleware])
if werkzeug.version.startswith("0.8"):
wrapper.append(wsgi.LegacyWerkzeugMiddleware)
return reduce(lambda x, f: f(x), wrapper, isso)
def test_preflight(self):
app = CORSMiddleware(hello_world, origin=origin(["http://example.tld"]),
allowed=("Foo", ), exposed=("Bar", ))
client = Client(app, Response)
rv = client.open(method="OPTIONS", path="/", headers={"Origin": "http://example.tld"})
self.assertEqual(rv.status_code, 200)
for hdr in ("Origin", "Headers", "Credentials", "Methods"):
self.assertIn("Access-Control-Allow-%s" % hdr, rv.headers)
self.assertEqual(rv.headers["Access-Control-Allow-Origin"], "http://example.tld")
def make_app(conf=None, threading=True, multiprocessing=False, uwsgi=False):
if not any((threading, multiprocessing, uwsgi)):
raise RuntimeError("either set threading, multiprocessing or uwsgi")
if threading:
class App(Isso, ThreadedMixin):
pass
elif multiprocessing:
class App(Isso, ProcessMixin):
pass
else:
class App(Isso, uWSGIMixin):
pass
isso = App(conf)
wrapper = [local_manager.make_middleware]
if isso.conf.getboolean("server", "profile"):
wrapper.append(
partial(ProfilerMiddleware,
sort_by=("cumulative", ),
restrictions=("isso/(?!lib)", 10)))
wrapper.append(
partial(SharedDataMiddleware,
exports={
'/js': join(dirname(__file__), 'js/'),
'/css': join(dirname(__file__), 'css/'),
}))
wrapper.append(
partial(wsgi.CORSMiddleware,
origin=origin(isso.conf.getiter("general", "host")),
allowed=("Origin", "Referer", "Content-Type"),
exposed=("X-Set-Cookie", "Date")))
wrapper.extend([wsgi.SubURI, ProxyFix])
if werkzeug.version.startswith("0.8"):
wrapper.append(wsgi.LegacyWerkzeugMiddleware)
return reduce(lambda x, f: f(x), wrapper, isso)
def dispatch(self, request):
local.request = request
local.host = wsgi.host(request.environ)
local.origin = origin(self.conf.getiter("general", "host"))(request.environ)
adapter = self.urls.bind_to_environ(request.environ)
try:
handler, values = adapter.match()
except HTTPException as e:
return e
else:
try:
response = handler(request.environ, request, **values)
except HTTPException as e:
return e
except Exception:
logger.exception("%s %s", request.method, request.environ["PATH_INFO"])
return InternalServerError()
else:
return response
