def verify_request(self, ctx, request):
uri = ctx.uri
px_proxy = PxProxy(self.config)
if px_proxy.should_reverse_request(uri):
return px_proxy.handle_reverse_request(self.config, ctx,
request.get_data())
if px_utils.is_static_file(ctx):
self.logger.debug(
'Filter static file request. uri: {}'.format(uri))
return True
if ctx.whitelist_route:
self.logger.debug(
'The requested uri is whitelisted, passing request')
return True
if len(self.config.enforced_specific_routes
) > 0 and not ctx.enforced_route:
self.logger.debug(
'The request uri {} is not listed in specific routes to enforce, passing request.'
.format(uri))
return True
# PX Cookie verification
if not px_cookie_validator.verify(ctx, self.config):
# Server-to-Server verification fallback
if not px_api.verify(ctx, self.config):
self.report_pass_traffic(ctx)
return True
return self.handle_verification(ctx, request)
def test_send_reverse_xhr_request(self, mock):
content = 'xhr content'
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/xhr/api/v1/collector',
method='POST')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
headers = {
'host': self.config.collector_host,
px_constants.FIRST_PARTY_HEADER: '1',
px_constants.ENFORCER_TRUE_IP_HEADER: context.ip,
px_constants.FIRST_PARTY_FORWARDED_FOR: '127.0.0.1'
}
mock.post(
url=
'https://collector-pxfake_app_id.perimeterx.net/api/v1/collector',
text=content,
request_headers=headers,
status_code=200,
reason='OK')
px_proxy = PxProxy(self.config)
status, headers, body = px_proxy.send_reverse_xhr_request(
config=self.config, ctx=context, body=content)
self.assertEqual(content, body)
def test_send_reverse_captcha_request(self, mock):
content = 'captcha js content'
builder = EnvironBuilder(
headers=self.headers,
path='/fake_app_id/captcha/captcha.js',
query_string=
'a=c&u=cfe74220-f484-11e8-9b14-d7280325a290&v=0701bb80-f482-11e8-8a31-a37cf9620569&m=0'
)
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
headers = {
'host': px_constants.CAPTCHA_HOST,
px_constants.FIRST_PARTY_HEADER: '1',
px_constants.ENFORCER_TRUE_IP_HEADER: context.ip,
px_constants.FIRST_PARTY_FORWARDED_FOR: '127.0.0.1'
}
mock.get(
url=
'https://captcha.px-cdn.net/PXfake_app_id/captcha.js?a=c&u=cfe74220-f484-11e8-9b14-d7280325a290&v=0701bb80-f482-11e8-8a31-a37cf9620569&m=0',
text=content,
request_headers=headers,
status_code=200,
reason='OK')
px_proxy = PxProxy(self.config)
status, headers, body = px_proxy.send_reverse_captcha_request(
config=self.config, ctx=context)
self.assertEqual(content, body)
def test_should_reverse_request(self):
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
px_proxy = PxProxy(self.config)
should_reverse = px_proxy.should_reverse_request(context.uri)
self.assertTrue(should_reverse)
should_reverse = px_proxy.should_reverse_request(context.uri)
self.assertTrue(should_reverse)
should_reverse = px_proxy.should_reverse_request(context.uri)
self.assertTrue(should_reverse)
def test_send_reverse_client_request(self, mock):
content = 'client js content'
builder = EnvironBuilder(headers=self.headers,
path='/fake_app_id/init.js')
env = builder.get_environ()
request = Request(env)
context = PxContext(request, self.config)
headers = {
'host': px_constants.CLIENT_HOST,
px_constants.FIRST_PARTY_HEADER: '1',
px_constants.ENFORCER_TRUE_IP_HEADER: context.ip,
px_constants.FIRST_PARTY_FORWARDED_FOR: '127.0.0.1'
}
mock.get(url='https://client.perimeterx.net/PXfake_app_id/main.min.js',
text=content,
request_headers=headers,
status_code=200,
reason='OK')
px_proxy = PxProxy(self.config)
status, headers, body = px_proxy.send_reverse_client_request(
config=self.config, ctx=context)
self.assertEqual(content, body)