def test_is_darknet_domain(self):
"""Assert domains validity in issue reporting."""
self.assertTrue(is_darknet_domain('www.gjobqjj7wyczbqie.onion'))
self.assertFalse(is_darknet_domain('example.com'))
self.assertFalse(is_darknet_domain('gjobqjj7wyczbqie.onion.com'))
self.assertFalse(is_darknet_domain(None))
def create_issue():
"""Create a new issue or prefill a form for submission.
* HTTP GET with (optional) parameters
* create a form with prefilled data.
* parameters:
* url: URL of the Web site
* src: source of the request (web, addon, etc.)
* label: controled list of labels
* HTTP POST with a JSON payload
* create a form with prefilled data
* content-type is application/json
* json may include:
* title
* User agent string
* OS identification
* labels list
* type of bugs
* short summary
* full description
* tested in another browser
* body
* utm_ params for Google Analytics
* HTTP POST with an attached form
* submit a form to GitHub to create a new issue
* form submit type:
* authenticated: Github authentification
* anonymous: handled by webcompat-bot
Any deceptive requests will be ended as a 400.
See https://tools.ietf.org/html/rfc7231#section-6.5.1
"""
push('/dist/webcompat.css', **{'as': 'style', 'rel': 'preload'})
push(bust_cache('/dist/vendor.js'), **{'as': 'script', 'rel': 'preload'})
push(bust_cache('/dist/webcompat.js'), **{
'as': 'script',
'rel': 'preload'
})
push(bust_cache('/dist/formv2.js'), **{'as': 'script', 'rel': 'preload'})
# Starting a logger
log = app.logger
log.setLevel(logging.INFO)
if g.user:
get_user_info()
# We define which type of requests we are dealing with.
request_type = form_type(request)
# Form Prefill section
if request_type == 'prefill':
form_data = prepare_form(request)
bug_form = get_form(form_data, form=FormWizard)
pagetitle = "New Issue"
session['extra_labels'] = form_data['extra_labels']
source = form_data.pop('utm_source', None)
campaign = form_data.pop('utm_campaign', None)
anonymous_reporting = app.config['ANONYMOUS_REPORTING_ENABLED']
return render_template('new-issue.html',
form=bug_form,
source=source,
campaign=campaign,
nonce=request.nonce,
pagetitle=pagetitle,
anonymous_reporting=anonymous_reporting)
# Issue Creation section
elif request_type == 'create':
# Check if there is a form
if not request.form:
log.info('400: POST request without form.')
abort(400)
# Adding parameters to the form
form = request.form.copy()
extra_labels = get_extra_labels(form)
if extra_labels:
form['extra_labels'] = extra_labels
# Logging the ip and url for investigation
log.info('{ip} {url}'.format(ip=request.remote_addr,
url=form['url'].encode('utf-8')))
# Check if the form is valid
if not is_valid_issue_form(form):
log.info('400: POST request w/o valid form (is_valid_issue_form).')
abort(400)
domain = urllib.parse.urlsplit(normalize_url(form['url'])).hostname
if is_darknet_domain(domain):
msg = app.config['IS_DARKNET_DOMAIN'].format(form['url'])
flash(msg, 'notimeout')
return redirect(url_for('index'))
if form.get('submit_type') == PROXY_REPORT:
if not app.config['ANONYMOUS_REPORTING_ENABLED']:
abort(400)
# Checking blocked domains
if is_blocked_domain(domain):
msg = app.config['IS_BLOCKED_DOMAIN'].format(form['url'])
flash(msg, 'notimeout')
return redirect(url_for('index'))
# Anonymous reporting
json_response = report_issue(form, proxy=True)
session['show_thanks'] = True
return redirect(
url_for('show_issue', number=json_response.get('number')))
# Authenticated reporting
if form.get('submit_type') == AUTH_REPORT:
if g.user: # If you're already authed, submit the bug.
json_response = report_issue(form)
session['show_thanks'] = True
return redirect(
url_for('show_issue', number=json_response.get('number')))
else:
# Stash form data into session, go do GitHub auth
session['form'] = form
return redirect(url_for('login'))
else:
log.info('400: Something else happened.')
abort(400)