Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
caucase
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
2
Merge Requests
2
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
nexedi
caucase
Commits
feaedb4f
Commit
feaedb4f
authored
Oct 19, 2017
by
Vincent Pelletier
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
http: Exclude OS environment variables from WSGI environment.
parent
c829f2a6
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
116 additions
and
1 deletion
+116
-1
caucase/http.py
caucase/http.py
+2
-1
caucase/http_wsgibase.py
caucase/http_wsgibase.py
+32
-0
caucase/http_wsgirequesthandler.py
caucase/http_wsgirequesthandler.py
+82
-0
No files found.
caucase/http.py
View file @
feaedb4f
...
...
@@ -31,13 +31,14 @@ import sys
import
tempfile
from
threading
import
Thread
from
urlparse
import
urlparse
from
wsgiref.simple_server
import
make_server
,
WSGIServer
,
WSGIRequestHandler
from
wsgiref.simple_server
import
make_server
,
WSGIServer
from
cryptography
import
x509
from
cryptography.hazmat.backends
import
default_backend
from
.
import
utils
from
.wsgi
import
Application
from
.ca
import
CertificateAuthority
,
UserCertificateAuthority
from
.storage
import
SQLite3Storage
from
.http_wsgirequesthandler
import
WSGIRequestHandler
_cryptography_backend
=
default_backend
()
...
...
caucase/http_wsgibase.py
0 → 100644
View file @
feaedb4f
# This file is part of caucase
# Copyright (C) 2017 Nexedi
# Alain Takoudjou <alain.takoudjou@nexedi.com>
# Vincent Pelletier <vincent@nexedi.com>
#
# caucase is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# caucase is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with caucase. If not, see <http://www.gnu.org/licenses/>.
"""
Base WSGI-related classes for caucase HTTP(S) server.
Separate from .http because of different-licensed code in the middle.
"""
from
__future__
import
absolute_import
from
wsgiref.simple_server
import
ServerHandler
class
CleanServerHandler
(
ServerHandler
):
"""
Do not include OS environment variables in each request's WSGI environment.
Seriously, what the fsck, python ?
"""
os_environ
=
{}
caucase/http_wsgirequesthandler.py
0 → 100644
View file @
feaedb4f
# This file is part of caucase, but contains code copied from python 2.7.14.
# As a consequence is it under the PSFv2 licence, which follows:
#
# PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2
# --------------------------------------------
#
# 1. This LICENSE AGREEMENT is between the Python Software Foundation
# ("PSF"), and the Individual or Organization ("Licensee") accessing and
# otherwise using this software ("Python") in source or binary form and
# its associated documentation.
#
# 2. Subject to the terms and conditions of this License Agreement, PSF hereby
# grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce,
# analyze, test, perform and/or display publicly, prepare derivative works,
# distribute, and otherwise use Python alone or in any derivative version,
# provided, however, that PSF's License Agreement and PSF's notice of copyright,
# i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
# 2011, 2012, 2013, 2014, 2015, 2016 Python Software Foundation; All Rights
# Reserved" are retained in Python alone or in any derivative version prepared by
# Licensee.
#
# 3. In the event Licensee prepares a derivative work that is based on
# or incorporates Python or any part thereof, and wants to make
# the derivative work available to others as provided herein, then
# Licensee hereby agrees to include in any such work a brief summary of
# the changes made to Python.
#
# 4. PSF is making Python available to Licensee on an "AS IS"
# basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR
# IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND
# DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS
# FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT
# INFRINGE ANY THIRD PARTY RIGHTS.
#
# 5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON
# FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS
# A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON,
# OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF.
#
# 6. This License Agreement will automatically terminate upon a material
# breach of its terms and conditions.
#
# 7. Nothing in this License Agreement shall be deemed to create any
# relationship of agency, partnership, or joint venture between PSF and
# Licensee. This License Agreement does not grant permission to use PSF
# trademarks or trade name in a trademark sense to endorse or promote
# products or services of Licensee, or any third party.
#
# 8. By copying, installing or otherwise using Python, Licensee
# agrees to be bound by the terms and conditions of this License
# Agreement.
from
__future__
import
absolute_import
from
wsgiref.simple_server
import
WSGIRequestHandler
as
WSGIRequestHandler_org
from
.http_wsgibase
import
CleanServerHandler
class
WSGIRequestHandler
(
WSGIRequestHandler_org
):
"""
wsgiref.simple_server.WSGIRequestHandler customised to use
.http_wsgibase.CleanServerHandler .
"""
def
handle
(
self
):
"""
Handle a single HTTP request
Copied from python's WSGIRequestHandler class to override ServerHandler
usage (see CleanServerHandler class).
"""
# As a result, this piece of code is under the Python Software License v2
self
.
raw_requestline
=
self
.
rfile
.
readline
(
65537
)
if
len
(
self
.
raw_requestline
)
>
65536
:
self
.
requestline
=
''
self
.
request_version
=
''
self
.
command
=
''
self
.
send_error
(
414
)
return
if
not
self
.
parse_request
():
# An error code has been sent, just exit
return
handler
=
CleanServerHandler
(
self
.
rfile
,
self
.
wfile
,
self
.
get_stderr
(),
self
.
get_environ
()
)
handler
.
request_handler
=
self
# backpointer for logging
handler
.
run
(
self
.
server
.
get_app
())
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment