def render(self, request: Request) -> bytes: """We're adding some CORS headers for future use, also we're sending content-type """ request.setHeader('content-type', 'application/json') acrm = request.getHeader('access-control-request-method') if acrm: request.setHeader('Access-Control-Allow-Methods', acrm) acrh = request.getHeader('access-control-request-headers') if acrh: request.setHeader('Access-Control-Allow-Headers', acrh) origin = request.getHeader('origin') if origin: request.setHeader('Access-Control-Allow-Origin', origin) return super(ChatResource, self).render(request)
async def _async_render_POST(self, request: Request) -> None: requester = await self.auth.get_user_by_req(request) # TODO: The checks here are a bit late. The content will have # already been uploaded to a tmp file at this point content_length = request.getHeader("Content-Length") if content_length is None: raise SynapseError(msg="Request must specify a Content-Length", code=400) if int(content_length) > self.max_upload_size: raise SynapseError( msg="Upload request body is too large", code=413, errcode=Codes.TOO_LARGE, ) upload_name = parse_string(request, b"filename", encoding=None) if upload_name: try: upload_name = upload_name.decode("utf8") except UnicodeDecodeError: raise SynapseError(msg="Invalid UTF-8 filename parameter: %r" % (upload_name), code=400) # If the name is falsey (e.g. an empty byte string) ensure it is None. else: upload_name = None headers = request.requestHeaders if headers.hasHeader(b"Content-Type"): media_type = headers.getRawHeaders(b"Content-Type")[0].decode( "ascii") else: raise SynapseError(msg="Upload request missing 'Content-Type'", code=400) # if headers.hasHeader(b"Content-Disposition"): # disposition = headers.getRawHeaders(b"Content-Disposition")[0] # TODO(markjh): parse content-dispostion try: content_uri = await self.media_repo.create_content( media_type, upload_name, request.content, content_length, requester.user) except SpamMediaException: # For uploading of media we want to respond with a 400, instead of # the default 404, as that would just be confusing. raise SynapseError(400, "Bad content") logger.info("Uploaded content with URI %r", content_uri) respond_with_json(request, 200, {"content_uri": content_uri}, send_cors=True)
def check_auth(self, request: Request) -> Union[bytes, User]: """Checks is user submitted access token and this token is valid """ raw_auth = request.getHeader('authorization') auth = raw_auth.split() if len(auth) == 2: if auth[1] in web_users_by_token: web_users_by_token[auth[1]]['updated'] = time() return web_users_by_token[auth[1]]['user'] return self.abort(request, 401, "You're not authorized")
def _redirectOrJSON(result, request: http.Request, url: urlpath.URLPath, data): try: if request.getHeader('x-requested-with') == 'XMLHttpRequest': request.write(json.dumps(data).encode('utf-8')) if not request.notifyFinish().called: request.finish() return except: pass request.redirect(str(url).encode('ascii')) request.finish()