Exemplo n.º 1
0
 def render(self):
     """
     Renders the requested resource returned from the self.process() method.
     """
     # check for logout
     if self.path == '/manage/logout':
         self.authenticate()
         return
     # traverse the resource tree
     try:
         result = getChildForRequest(self.env.tree, self)
     except SeisHubError, e:
         self.setResponseCode(e.code, e.message)
         self.env.log.http(e.code, e.message)
         self.write('')
         self.finish()
         return
Exemplo n.º 2
0
 def render(self):
     """
     Renders the requested resource returned from the self.process() method.
     """
     # traverse the resource tree
     child = getChildForRequest(self.env.tree, self)
     # check result and either render direct or in thread
     if IFileSystemResource.providedBy(child):
         # render direct
         return child.render(self)
     elif IStatical.providedBy(child):
         # render direct
         return child.render(self)
     elif IScriptResource.providedBy(child):
         msg = "Script resources may not be called via SFTP."
         raise ForbiddenError(msg)
     elif IRESTResource.providedBy(child):
         return child.render(self)
     elif IResource.providedBy(child):
         return child.render(self)
     msg = "I don't know how to handle this resource type %s"
     raise InternalServerError(msg % type(child))
Exemplo n.º 3
0
    def render(self):
        """
        Renders the requested resource returned from the self.process() method.
        """
        # Set the access control header to allow cross origin XMLHttpRequests
        # for all resources.
        self.setHeader("Access-Control-Allow-Origin", "*")

        # Modern browsers adhere to the same origin policy. This can be
        # circumvented to a certain degree by correctly responding to
        # XMLHttpRequest OPTIONS requests. All AJAX requests from other domains
        # will be allowed. The goal is to be as permissive as possible
        if self.method == "OPTIONS":
            # Shortcut name
            h_name = "access-control-request-headers"
            if self.requestHeaders.hasHeader(h_name) and \
                "x-requested-with" in \
                self.requestHeaders.getRawHeaders(h_name)[0].lower():
                # Set correct headers, response code, and return.
                self.setResponseCode(200, "Cross site access granted.")
                self.setHeader("Access-Control-Allow-Headers",
                    "X-Requested-With, X-File-Size, X-File-Name, X-File-Type, "
                    "X-Requested-With, Authorization, "
                    "authorization, content-type")
                self.setHeader("Access-Control-Allow-Methods", "POST, PUT, "
                    "GET, DELETE, OPTIONS")
                self.setHeader("Access-Control-Max-Age", "60")
                self.write('')
                self.finish()
                return

        # Handle 'multipart/form-data' content types.
        # See http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.2
        if self.requestHeaders.hasHeader("content-type") and \
            self.requestHeaders.getRawHeaders("content-type")[0].startswith(
                "multipart/form-data; boundary="):
            boundary = self.requestHeaders.getRawHeaders("content-type")[0]\
                .split("boundary=")[1]
            # The actual boundary is prepended with "--"
            boundary = "--" + boundary
            split_data = self.data.split(boundary)
            split_data = [_i for _i in split_data if _i]
            _, _, content, _ = split_data[:4]
            #  The content can be prepended by Content-Disposition,
            #  Content-Type, or Content-Transfer-Encoding headers. Remove
            #  these.
            content = content.strip().split("\n")
            for _i, line in enumerate(content):
                if line and line.startswith("Content-"):
                    continue
                self.data = "\n".join(content[_i:]).strip()
                break

        # check for logout
        if self.path == '/manage/logout':
            self.authenticate()
            return
        # traverse the resource tree
        try:
            result = getChildForRequest(self.env.tree, self)
        except SeisHubError, e:
            self.setResponseCode(e.code, e.message)
            self.env.log.http(e.code, e.message)
            self.write('')
            self.finish()
            return