-
Notifications
You must be signed in to change notification settings - Fork 65
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
127 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,25 +1,47 @@ | ||
import logging | ||
import re | ||
from typing import Tuple | ||
from urllib.parse import parse_qs, urlencode, urlparse | ||
|
||
from mfr.extensions import settings | ||
|
||
logger = logging.getLogger(__name__) | ||
|
||
def munge_url_for_localdev(url): | ||
""" | ||
If MFR is being run in a local development environment (i.e. LOCAL_DEVELOPMENT is True), we | ||
|
||
def munge_url_for_localdev(url: str) -> Tuple: | ||
"""If MFR is being run in a local development environment (i.e. LOCAL_DEVELOPMENT is True), we | ||
need to replace the internal host (the one the backend services communicate on, default: | ||
192.168.168.167) with the external host (the one the user provides, default: "localhost") | ||
e.g. http://192.168.168.167:7777/foo/bar => http://localhost:7777/foo/bar | ||
""" | ||
|
||
url_obj = urlparse(url) | ||
if (settings.LOCAL_DEVELOPMENT and url_obj.hostname == settings.DOCKER_LOCAL_HOST): | ||
query_dict = parse_qs(url_obj.query, keep_blank_values=True) | ||
if settings.LOCAL_DEVELOPMENT and url_obj.hostname == settings.DOCKER_LOCAL_HOST: | ||
query_dict = parse_qs(url_obj.query, keep_blank_values=True) | ||
# the 'mode' param will break image downloads from the osf | ||
query_dict.pop('mode', None) | ||
url_obj = url_obj._replace( | ||
query=urlencode(query_dict, doseq=True), | ||
netloc='{}:{}'.format(settings.LOCAL_HOST, url_obj.port) | ||
) | ||
return url_obj | ||
|
||
# the 'mode' param will break image downloads from the osf | ||
query_dict.pop('mode', None) | ||
|
||
url_obj = url_obj._replace( | ||
query=urlencode(query_dict, doseq=True), | ||
netloc='{}:{}'.format(settings.LOCAL_HOST, url_obj.port) | ||
) | ||
def escape_url_for_template(url: str, logs=False) -> str: | ||
"""Escape (URL Encode) single and double quote(s) for the given URL. | ||
return url_obj | ||
Download and export URLs may end up not properly encoded right before they are about to be sent | ||
to the mako template due to issues including (but not limited to) (1) ``furl`` dropping encoding | ||
for single quote (2) URL (provided by users or constructed by scripts) not having the correct | ||
encoding. This helper method must be called for each render request that sends URL to the mako | ||
template. | ||
:param url: the URL to be sent to the mako template | ||
:param logs: whether to enable warnings | ||
:return: the properly encoded URL | ||
""" | ||
|
||
safe_url = re.sub(r'\"', '%22', re.sub(r'\'', '%27', url)) | ||
if url != safe_url and logs: | ||
logger.warning('Unsafe URL containing unescaped single (double) quote(s) has been replaced') | ||
return safe_url |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters