def _init_middleware():
"""Initialize WSGI middleware.
:returns: None
"""
# Ensure original root app is restored and wrap it with ProxyFix,
# respecting only the last entry in each header if it contains a list of
# values. The following headers are respected: X-Forwarded-For,
# X-Forwarded-Proto, X-Forwarded-Host, X-Forwarded-Port,
# X-Forwarded-Prefix (the last one sets SCRIPT_NAME environment variable
# that is used to construct links).
_app.wsgi_app = proxy_fix.ProxyFix(_wsgi_app,
x_for=1,
x_proto=1,
x_host=1,
x_port=1,
x_prefix=1)
if CONF.auth_strategy == 'keystone':
utils.add_auth_middleware(_app)
elif CONF.auth_strategy == 'http_basic':
utils.add_basic_auth_middleware(_app)
else:
LOG.warning('Starting unauthenticated, please check' ' configuration')
utils.add_cors_middleware(_app)
def setup_app_middleware(app):
# NOTE(morgan): Load the middleware, in reverse order, we wrap the app
# explicitly; reverse order to ensure the first element in _APP_MIDDLEWARE
# processes the request first.
MW = _APP_MIDDLEWARE
IMW = _KEYSTONE_MIDDLEWARE
# Add in optional (config-based) middleware
# NOTE(morgan): Each of these may need to be in a specific location
# within the pipeline therefore cannot be magically appended/prepended
if CONF.wsgi.debug_middleware:
# Add in the Debug Middleware
MW = (_Middleware(namespace='keystone.server_middleware',
ep='debug',
conf={}), ) + _APP_MIDDLEWARE
# Apply internal-only Middleware (e.g. AuthContextMiddleware). These
# are below all externally loaded middleware in request processing.
for mw in reversed(IMW):
app.wsgi_app = mw(app.wsgi_app)
# Apply the middleware to the application.
for mw in reversed(MW):
# TODO(morgan): Explore moving this to ExtensionManager, but we
# want to be super careful about what middleware we load and in
# what order. DriverManager gives us that capability and only loads
# the entry points we care about rather than all of them.
# Load via Stevedore, initialize the class via the factory so we can
# initialize the "loaded" entrypoint with the currently bound
# object pointed at "application". We may need to eventually move away
# from the "factory" mechanism.
loaded = stevedore.DriverManager(mw.namespace,
mw.ep,
invoke_on_load=False)
# NOTE(morgan): global_conf (args[0]) to the factory is always empty
# and local_conf (args[1]) will be the mw.conf dict. This allows for
# configuration to be passed for middleware such as oslo CORS which
# expects oslo_config_project or "allowed_origin" to be in the
# local_conf, this is all a hold-over from paste-ini and pending
# reworking/removal(s)
factory_func = loaded.driver.factory({}, **mw.conf)
app.wsgi_app = factory_func(app.wsgi_app)
# Apply werkzeug specific middleware
app.wsgi_app = proxy_fix.ProxyFix(app.wsgi_app)
return app
from flask import Flask, render_template, request, redirect, send_from_directory
from flask_csp.csp import csp_header
from werkzeug.middleware import proxy_fix
import requests
app = Flask(__name__)
app.wsgi_app = proxy_fix.ProxyFix(app.wsgi_app)
# csp one (data uri) use cookie e397d059d7148ad6ecacdf4af7a1deda
@app.route('/')
@app.route('/csp-one')
@csp_header({'connect-src': "*", 'script-src': "'self' data:"})
def cspOne():
return render_template('csp-one.html')
@app.route('/csp-one-result', methods=['POST', 'GET'])
@csp_header({'connect-src': "*", 'script-src': "'self' data:"})
def cspOneResult():
payload = "None"
if request.method == 'POST':
payload = request.form['payload']
r = requests.post('http://127.0.0.1:3000/submit',
data={
'url': request.base_url,
"payload": payload
})
if request.method == 'GET' and 'admin' in request.cookies and request.cookies.get(
"admin") == u"e397d059d7148ad6ecacdf4af7a1deda":
payload = request.args.get('payload')
"""Flask server to verify and relay client requests to Mailjet API."""
import os
import re
from typing import Any, Dict, Optional
import flask
import requests
from werkzeug.middleware import proxy_fix
app = flask.Flask(__name__)
# Get original host and scheme used before proxies (load balancer, nginx, etc).
app.wsgi_app = proxy_fix.ProxyFix(app.wsgi_app) # type: ignore
# TODO(pascal): Do a health check of those env vars, either at startup, or in the health check.
_ADMIN_EMAIL = os.getenv('ADMIN_EMAIL')
_MAILJET_APIKEY_PUBLIC = os.getenv('MAILJET_APIKEY_PUBLIC')
# See https://app.mailjet.com/account/api_keys
_MAILJET_SECRET = os.getenv('MAILJET_SECRET')
_MAILJET_SMS_TOKEN = os.getenv('MAILJET_SMS_TOKEN')
_MAIL_SENDER_EMAIL = os.getenv('MAIL_SENDER_EMAIL')
_MAIL_SENDER_NAME = os.getenv('MAIL_SENDER_NAME')
_SMS_SENDER = os.getenv('SMS_SENDER')
_TEMPLATE_WHITELISTS = frozenset(
template_id.strip()
for template_id in os.getenv('TEMPLATE_WHITELISTS', '').split(',')
if template_id.strip())
_NUM_RECIPIENTS = int(os.getenv('NUM_RECIPIENTS', '1'))
_VAR_MAX_SIZE = int(os.getenv('VAR_MAX_SIZE', '0'))