Commit 3a8b3565 authored by Romain Courteaud's avatar Romain Courteaud Committed by Eteri

[erp5_http_proxy] Prototype of an usable HTTP proxy.

It can be used with an external method by providing the URL to proxy as a query parameter:
ERP5Site_getHTTPResource?url=URL

The query is synchronous (no portal_activities), so, the Zope thread will be blocked until the external request is other.
In order to prevent consuming all threads, there is a really aggressive timeout of 1 second only.
This is enough for a RSS reader.
If the timeout is to short, do not increase it, but change the proxy design to use portal_activities instead.

For now, only authenticated user can use it (to prevent becoming an open proxy).
Only GET query are allowed (until a use case required any other HTTP method).
parent da1de906
import requests
# Extremely aggressive and hardcoded value
TIMEOUT = 1
def request(self, url, REQUEST):
RESPONSE = REQUEST.RESPONSE
portal = self.getPortalObject()
if (portal.portal_membership.isAnonymousUser()):
RESPONSE.setStatus(403)
return ""
elif REQUEST.other['method'] != "GET":
RESPONSE.setStatus(405)
return ""
proxy_query_header = {}
for k in ["Content-Type", "Accept", "Accept-Language", "Range",
"If-Modified-Since", "If-None-Match"]:
v = REQUEST.getHeader(k, None)
if v is not None:
proxy_query_header[k] = v
try:
proxy_response = requests.request(
REQUEST.other['method'],
url,
# Propage the HTTP body (for POST)
data=REQUEST.get('BODY'),
# Propagate to headers to use HTTP cache as much as possible
headers=proxy_query_header,
# Do not block ERP5 if queried server is too slow
timeout=TIMEOUT
)
except requests.exceptions.SSLError:
# Invalid SSL Certificate
status_code = 526
except requests.exceptions.ConnectionError:
status_code = 523
except requests.exceptions.Timeout:
status_code = 524
except requests.exceptions.TooManyRedirects:
status_code = 520
else:
status_code = proxy_response.status_code
if status_code == 500:
status_code = 520
for k, v in proxy_response.headers.items():
k = k.title()
if k in ["Content-Disposition", "Content-Type", "Date", "Last-Modified",
"Vary", "Cache-Control", "Etag", "Accept-Ranges",
"Content-Range"]:
RESPONSE.setHeader(k, v)
"""
elif k == "Location":
# In case of redirect, allow to directly fetch from proxy
"""
RESPONSE.setStatus(status_code)
return proxy_response.content
\ No newline at end of file
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Extension Component" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_recorded_property_dict</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>default_reference</string> </key>
<value> <string>HTTPProxy</string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>extension.erp5.HTTPProxy</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Extension Component</string> </value>
</item>
<item>
<key> <string>sid</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>text_content_error_message</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>text_content_warning_message</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>version</string> </key>
<value> <string>erp5</string> </value>
</item>
<item>
<key> <string>workflow_history</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary>
<item>
<key> <string>component_validation_workflow</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="WorkflowHistoryList" module="Products.ERP5Type.patches.WorkflowTool"/>
</pickle>
<pickle>
<tuple>
<none/>
<list>
<dictionary>
<item>
<key> <string>action</string> </key>
<value> <string>validate</string> </value>
</item>
<item>
<key> <string>validation_state</string> </key>
<value> <string>validated</string> </value>
</item>
</dictionary>
</list>
</tuple>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Folder" module="OFS.Folder"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_objects</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>erp5_http_proxy</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_function</string> </key>
<value> <string>request</string> </value>
</item>
<item>
<key> <string>_module</string> </key>
<value> <string>HTTPProxy</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Site_getHTTPResource</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
Provides an HTTP Proxy to bypass the browser cross domain protection.
\ No newline at end of file
GPL
\ No newline at end of file
extension.erp5.HTTPProxy
\ No newline at end of file
erp5_http_proxy
\ No newline at end of file
erp5_http_proxy
\ No newline at end of file
001
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment