Exclude URLs of some domains from outgoing URL rewrite.
Bug 598826
This commit is contained in:
chenba
Chris Van
Родитель
1fbc73803c
Коммит
b520b3a860
|
|
@ -170,8 +170,10 @@ def test_redirect():
|
||||||
def test_outgoing_url():
|
def test_outgoing_url():
|
||||||
redirect_url = settings.REDIRECT_URL
|
redirect_url = settings.REDIRECT_URL
|
||||||
secretkey = settings.REDIRECT_SECRET_KEY
|
secretkey = settings.REDIRECT_SECRET_KEY
|
||||||
|
exceptions = settings.REDIRECT_URL_WHITELIST
|
||||||
settings.REDIRECT_URL = 'http://example.net'
|
settings.REDIRECT_URL = 'http://example.net'
|
||||||
settings.REDIRECT_SECRET_KEY = 'sekrit'
|
settings.REDIRECT_SECRET_KEY = 'sekrit'
|
||||||
|
settings.REDIRECT_URL_WHITELIST = ['nicedomain.com']
|
||||||
|
|
||||||
try:
|
try:
|
||||||
myurl = 'http://example.com'
|
myurl = 'http://example.com'
|
||||||
|
|
@ -191,9 +193,13 @@ def test_outgoing_url():
|
||||||
assert_not_equal(s, evil,
|
assert_not_equal(s, evil,
|
||||||
'No subdomain abuse of double-escaping protection.')
|
'No subdomain abuse of double-escaping protection.')
|
||||||
|
|
||||||
|
nice = 'http://nicedomain.com/lets/go/go/go'
|
||||||
|
eq_(nice, urlresolvers.get_outgoing_url(nice))
|
||||||
|
|
||||||
finally:
|
finally:
|
||||||
settings.REDIRECT_URL = redirect_url
|
settings.REDIRECT_URL = redirect_url
|
||||||
settings.REDIRECT_SECRET_KEY = secretkey
|
settings.REDIRECT_SECRET_KEY = secretkey
|
||||||
|
settings.REDIRECT_URL_WHITELIST = exceptions
|
||||||
|
|
||||||
|
|
||||||
def test_outgoing_url_dirty_unicode():
|
def test_outgoing_url_dirty_unicode():
|
||||||
|
|
|
||||||
|
|
@ -149,8 +149,11 @@ def get_outgoing_url(url):
|
||||||
if not settings.REDIRECT_URL:
|
if not settings.REDIRECT_URL:
|
||||||
return url
|
return url
|
||||||
|
|
||||||
# no double-escaping
|
url_netloc = urlparse(url).netloc
|
||||||
if urlparse(url).netloc == urlparse(settings.REDIRECT_URL).netloc:
|
|
||||||
|
# No double-escaping, and some domain names are excluded.
|
||||||
|
if (url_netloc == urlparse(settings.REDIRECT_URL).netloc
|
||||||
|
or url_netloc in settings.REDIRECT_URL_WHITELIST):
|
||||||
return url
|
return url
|
||||||
|
|
||||||
url = encoding.smart_str(jinja2.utils.Markup(url).unescape())
|
url = encoding.smart_str(jinja2.utils.Markup(url).unescape())
|
||||||
|
|
|
||||||
|
|
@ -856,6 +856,8 @@ PERSONAS_UPDATE_URL = 'https://www.getpersonas.com/update_check/%d'
|
||||||
# Outgoing URL bouncer
|
# Outgoing URL bouncer
|
||||||
REDIRECT_URL = 'http://outgoing.mozilla.org/v1/'
|
REDIRECT_URL = 'http://outgoing.mozilla.org/v1/'
|
||||||
REDIRECT_SECRET_KEY = ''
|
REDIRECT_SECRET_KEY = ''
|
||||||
|
# Allow URLs from these servers. Use full domain names.
|
||||||
|
REDIRECT_URL_WHITELIST = ['addons.mozilla.org']
|
||||||
|
|
||||||
# Default to short expiration; check "remember me" to override
|
# Default to short expiration; check "remember me" to override
|
||||||
SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db'
|
SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db'
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче