-
Notifications
You must be signed in to change notification settings - Fork 56
/
ui.py
66 lines (49 loc) · 2.25 KB
/
ui.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
"""Provides the user intefaces for browse."""
from typing import Union
from arxiv import status
from flask import Blueprint, render_template, request, Response, session, \
redirect, current_app, url_for
from werkzeug.exceptions import InternalServerError, NotFound
from browse.controllers import abs_page, get_institution_from_request
from browse.domain.clickthrough import is_hash_valid
blueprint = Blueprint('browse', __name__, url_prefix='')
@blueprint.before_request
def before_request() -> None:
"""Get instituional affiliation from session."""
if 'institution' not in session:
institution = get_institution_from_request()
session['institution'] = institution
@blueprint.after_request
def apply_response_headers(response: Response) -> Response:
"""Prevent UI redress attacks."""
"""Hook for applying response headers to all responses."""
response.headers["Content-Security-Policy"] = "frame-ancestors 'none'"
response.headers["X-Frame-Options"] = "SAMEORIGIN"
return response
@blueprint.route('/abs', methods=['GET'])
def bare_abs():
"""Return 404."""
raise NotFound
@blueprint.route('/abs/', methods=['GET'], defaults={'arxiv_id': ''})
@blueprint.route('/abs/<path:arxiv_id>', methods=['GET', 'POST'])
def abstract(arxiv_id: str) -> Union[str, Response]:
"""Abstract (abs) page view."""
response, code, headers = abs_page.get_abs_page(arxiv_id, request.args)
if code == status.HTTP_200_OK:
return render_template('abs/abs.html', **response), code, headers
elif code == status.HTTP_301_MOVED_PERMANENTLY:
return redirect(headers['Location'], code=code)
raise InternalServerError('Unexpected error')
@blueprint.route('/trackback/', methods=['GET'], defaults={'arxiv_id': ''})
@blueprint.route('/trackback/<path:arxiv_id>', methods=['GET', 'POST'])
def trackback(arxiv_id: str) -> Union[str, Response]:
"Route to define new trackbacks for papers"
# TODO implement
raise NotFound
@blueprint.route('/ct')
def clickthrough():
if 'host' in request.args and 'v' in request.args \
and is_hash_valid(current_app.config['SECRET_KEY'], request.args.get('host'), request.args.get('v')):
return redirect(request.args.get('host'))
else:
raise NotFound()