def __call__(self, environ, start_response):
req = qweb.QWebRequest(environ, start_response,session=None)
if req.PATH_INFO.endswith('/u'):
s=req.REQUEST["s"]
k=req.REQUEST["k"]
c=req.REQUEST["c"]
w=req.REQUEST.int("w")
h=req.REQUEST.int("h")
if s in self.session:
term=self.session[s]
else:
if not (w>2 and w<256 and h>2 and h<100):
w,h=80,25
term=self.session[s]=self.multi.create(w,h)
if k:
self.multi.proc_write(term,k)
time.sleep(0.002)
dump=self.multi.dump(term,c)
req.response_headers['Content-Type']='text/xml'
if isinstance(dump,str):
req.write(dump)
req.response_gzencode=1
else:
del self.session[s]
req.write('<?xml version="1.0"?><idem></idem>')
# print "sessions %r"%self.session
else:
n=os.path.basename(req.PATH_INFO)
if n in self.files:
req.response_headers['Content-Type'] = self.mime.get(os.path.splitext(n)[1].lower(), 'application/octet-stream')
req.write(self.files[n])
else:
req.response_headers['Content-Type'] = 'text/html; charset=UTF-8'
req.write(self.files['index'])
return req
def __call__(self, environ, start_response):
req = qweb.QWebRequest(environ, start_response)
if req.PATH_INFO=="/":
page='blog_home'
else:
page="blog"+req.PATH_INFO
mo=re.search('blog/post_view/([0-9]+)',page)
if mo:
page='blog/post_view'
req.REQUEST['post']=mo.group(1)
if not qweb.qweb_control(self,page,[req,req.REQUEST,{}]):
req.http_404()
return req
def __call__(self, environ, start_response):
req = qweb.QWebRequest(environ, start_response,session=None)
if req.PATH_INFO.endswith('/u'):
s=req.REQUEST["s"]
k=req.REQUEST["k"]
c=req.REQUEST["c"]
w=req.REQUEST.int("w")
h=req.REQUEST.int("h")
if s in self.session:
term=self.session[s]
else:
raise Exception('Not Authorized')
# The original code below was insecure, because it allowed unauthorized sessions to be created
# if not (w>2 and w<256 and h>2 and h<100):
# w,h=80,25
# term=self.session[s]=self.multi.create(w,h)
if k:
self.multi.proc_write(term,k)
time.sleep(0.002)
self.multi.lastActivity = time.time();
dump=self.multi.dump(term,c)
req.response_headers['Content-Type']='text/xml'
if isinstance(dump,str):
req.write(dump)
req.response_gzencode=1
else:
del self.session[s]
req.write('<?xml version="1.0"?><idem></idem>')
# print "sessions %r"%self.session
else:
n=os.path.basename(req.PATH_INFO)
if n in self.files:
req.response_headers['Content-Type'] = self.mime.get(os.path.splitext(n)[1].lower(), 'application/octet-stream')
req.write(self.files[n])
elif req.REQUEST['token'] == self.token:
req.response_headers['Content-Type'] = 'text/html; charset=UTF-8'
session_id = str(uuid.uuid4())
req.write(string.Template(self.files['index']).substitute(session_id=session_id))
term=self.session[session_id]=self.multi.create(80,25)
else:
raise Exception("Not Authorized")
return req
def __call__(self, environ, start_response):
req = qweb.QWebRequest(environ, start_response, session=None)
if req.PATH_INFO.endswith('/u'):
req.response_headers['Content-Type'] = 'text/xml'
uid = ""
if self.cookie_name not in req.request_cookies:
req.write('<?xml version="1.0"?><idem></idem>')
return req
uid = req.request_cookies[self.cookie_name].value
s = req.REQUEST["s"]
k = req.REQUEST["k"]
c = req.REQUEST["c"]
w = req.REQUEST.int("w")
h = req.REQUEST.int("h")
ip = "unknown"
if environ.has_key("REMOTE_ADDR"):
ip = environ['REMOTE_ADDR']
if ip == "127.0.0.1" and environ.has_key(
"HTTP_X_FORWARDED_FOR"):
ip = environ["HTTP_X_FORWARDED_FOR"]
if (uid + s) in self.session:
term = self.session[uid + s]
req.response_cookies.load(
req.request_cookies[self.cookie_name].OutputString())
req.response_cookies[self.cookie_name][
'expires'] = datetime.utcnow() + timedelta(seconds=60)
else:
if not (w > 2 and w < 256 and h > 2 and h < 100):
w, h = 80, 25
# check if there aren't too many open sessions
if len(self.session) < self.sessions_limit:
count = 0
for i in self.session_ip.keys():
if self.session_ip[i] == ip:
count += 1
if count <= self.sessions_user_limit:
term = self.session[uid + s] = self.multi.create(w, h)
self.session_ip[uid + s] = ip
else:
req.write('<?xml version="1.0"?><idem></idem>')
return req
if k:
self.multi.proc_write(term, k)
time.sleep(0.002)
dump = self.multi.dump(term, c)
if isinstance(dump, str):
req.write(dump)
req.response_gzencode = 1
else:
del self.session[uid + s]
del self.session_ip[uid + s]
req.write('<?xml version="1.0"?><idem></idem>')
# print "sessions %r"%self.session
else:
n = os.path.basename(req.PATH_INFO)
if n in self.files:
req.response_headers['Content-Type'] = self.mime.get(
os.path.splitext(n)[1].lower(), 'application/octet-stream')
req.write(self.files[n])
elif (not self.token) or (req.REQUEST['token'] == self.token):
if self.cookie_name not in req.request_cookies:
self.genSidCookie(req)
req.response_headers[
'Content-Type'] = 'text/html; charset=UTF-8'
req.write(self.files['index'])
else:
raise Exception('Not Authorized')
return req