Allow Fake FxA login page to redirect to :7000 (#18718)
This commit is contained in:
Родитель
a42bfb962e
Коммит
2bd1adb585
|
@ -67,6 +67,7 @@ ES_DEFAULT_NUM_REPLICAS = 0
|
|||
|
||||
SITE_URL = os.environ.get('OLYMPIA_SITE_URL') or 'http://localhost:8000'
|
||||
DOMAIN = SERVICES_DOMAIN = urlparse(SITE_URL).netloc
|
||||
ADDONS_FRONTEND_PROXY_PORT = '7000'
|
||||
SERVICES_URL = SITE_URL
|
||||
INTERNAL_SITE_URL = 'http://nginx'
|
||||
EXTERNAL_SITE_URL = SITE_URL
|
||||
|
|
|
@ -96,3 +96,5 @@ CELERY_TASK_ROUTES.update({
|
|||
|
||||
# switch cached_db out for just cache sessions to avoid extra db queries
|
||||
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
|
||||
|
||||
ADDONS_FRONTEND_PROXY_PORT = None
|
||||
|
|
|
@ -6,6 +6,7 @@ from urllib.parse import urlparse
|
|||
|
||||
from django.conf import settings
|
||||
from django.test import RequestFactory
|
||||
from django.test.utils import override_settings
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.http import quote_etag
|
||||
|
||||
|
@ -372,3 +373,15 @@ class TestIsSafeUrl(TestCase):
|
|||
assert not is_safe_url(
|
||||
f'https://{settings.DOMAIN}', request, allowed_hosts=[foobaa_domain]
|
||||
)
|
||||
|
||||
@override_settings(DOMAIN='mozilla.com', ADDONS_FRONTEND_PROXY_PORT='1234')
|
||||
def test_includes_host_for_proxy_when_proxy_port_setting_exists(self):
|
||||
request = RequestFactory().get('/')
|
||||
assert is_safe_url('https://mozilla.com:1234', request)
|
||||
assert not is_safe_url('https://mozilla.com:9876', request)
|
||||
|
||||
@override_settings(DOMAIN='mozilla.com')
|
||||
def test_proxy_port_defaults_to_none(self):
|
||||
request = RequestFactory().get('/')
|
||||
assert is_safe_url('https://mozilla.com', request)
|
||||
assert not is_safe_url('https://mozilla.com:7000', request)
|
||||
|
|
|
@ -1179,10 +1179,16 @@ class HttpResponseTemporaryRedirect(HttpResponseRedirectBase):
|
|||
def is_safe_url(url, request, allowed_hosts=None):
|
||||
"""Use Django's `url_has_allowed_host_and_scheme()` and pass a configured
|
||||
list of allowed hosts and enforce HTTPS. `allowed_hosts` can be specified."""
|
||||
allowed_hosts = allowed_hosts or (
|
||||
settings.DOMAIN,
|
||||
urlparse(settings.CODE_MANAGER_URL).netloc,
|
||||
)
|
||||
if not allowed_hosts:
|
||||
allowed_hosts = (
|
||||
settings.DOMAIN,
|
||||
urlparse(settings.CODE_MANAGER_URL).netloc,
|
||||
)
|
||||
if settings.ADDONS_FRONTEND_PROXY_PORT:
|
||||
allowed_hosts = allowed_hosts + (
|
||||
f'{settings.DOMAIN}:{settings.ADDONS_FRONTEND_PROXY_PORT}',
|
||||
)
|
||||
|
||||
require_https = request.is_secure() if request else False
|
||||
return url_has_allowed_host_and_scheme(
|
||||
url, allowed_hosts=allowed_hosts, require_https=require_https
|
||||
|
|
|
@ -200,6 +200,10 @@ HOSTNAME = socket.gethostname()
|
|||
# need the real domain.
|
||||
DOMAIN = HOSTNAME
|
||||
|
||||
# The port used by the frontend when running frontend locally with
|
||||
# addons-server in docker. This will default it to None for dev/prod/stage.
|
||||
ADDONS_FRONTEND_PROXY_PORT = None
|
||||
|
||||
# Full base URL for your main site including protocol. No trailing slash.
|
||||
# Example: https://addons.mozilla.org
|
||||
SITE_URL = 'http://%s' % DOMAIN
|
||||
|
|
Загрузка…
Ссылка в новой задаче