-
Notifications
You must be signed in to change notification settings - Fork 154
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
b3b1065
commit b2e5c45
Showing
29 changed files
with
455 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3 changes: 3 additions & 0 deletions
3
source/devops/docs/kindle/kindle_download_helper/install_kindle_download_helper
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
git clone git@github.com:yihong0618/Kindle_download_helper.git | ||
cd Kindle_download_helper | ||
pip3 install -r requirements.txt |
24 changes: 24 additions & 0 deletions
24
source/devops/docs/kindle/kindle_download_helper/kindle.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
def get_devices(self): | ||
""" | ||
This method must be called before each download, so we ensure | ||
the session cookies before it is called | ||
""" | ||
self.ensure_cookie_token() | ||
|
||
payload = {"param": {"GetDevices": {}}} | ||
r = self.session.post( | ||
self.urls["payload"], | ||
data={ | ||
"data": json.dumps(payload), | ||
"csrfToken": self.csrf_token, | ||
}, | ||
) | ||
r.raise_for_status() | ||
devices = r.json() | ||
if devices.get("error"): | ||
self.revoke_cookie_token(open_page=True) | ||
raise Exception( | ||
f"Error: {devices.get('error')}, please visit {self.urls['bookall']} to revoke the csrftoken and cookie" | ||
) | ||
devices = r.json()["GetDevices"]["devices"] | ||
... |
1 change: 1 addition & 0 deletions
1
source/devops/docs/kindle/kindle_download_helper/kindle_download_helper
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
python3 kindle.py --dedrm --cn ## --dedrm 移除 DRM |
5 changes: 5 additions & 0 deletions
5
.../devops/docs/kindle/kindle_download_helper/kindle_download_helper_device_cookie_csrftoken
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
cookie="ZZZ" | ||
csrfToken="XXXXXXXX" | ||
device_sn="YYYYYY" | ||
|
||
python3 kindle.py --device_sn ${device_sn} --dedrm --cn --cookie ${cookie} ${csrfToken} |
4 changes: 4 additions & 0 deletions
4
source/devops/docs/kindle/kindle_download_helper/kindle_download_helper_device_csrftoken
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
csrfToken="XXXXXXXX" | ||
device_sn="YYYYYY" | ||
|
||
python3 kindle.py --device_sn ${device_sn} --dedrm --cn ${csrfToken} |
16 changes: 16 additions & 0 deletions
16
...e/devops/docs/kindle/kindle_download_helper/kindle_download_helper_device_csrftoken_error
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
Traceback (most recent call last): | ||
File "/Users/huataihuang/docs/github.com/yihong0618/Kindle_download_helper/kindle.py", line 5, in <module> | ||
main() | ||
File "/Users/huataihuang/docs/github.com/yihong0618/Kindle_download_helper/kindle_download_helper/cli.py", line 318, in main | ||
kindle.download_books( | ||
File "/Users/huataihuang/docs/github.com/yihong0618/Kindle_download_helper/kindle_download_helper/kindle.py", line 529, in download_books | ||
device = self.find_device() | ||
^^^^^^^^^^^^^^^^^^ | ||
File "/Users/huataihuang/docs/github.com/yihong0618/Kindle_download_helper/kindle_download_helper/kindle.py", line 130, in find_device | ||
devices = self.get_devices() | ||
^^^^^^^^^^^^^^^^^^ | ||
File "/Users/huataihuang/docs/github.com/yihong0618/Kindle_download_helper/kindle_download_helper/kindle.py", line 224, in get_devices | ||
r.raise_for_status() | ||
File "/Users/huataihuang/venv3/lib/python3.11/site-packages/requests/models.py", line 1021, in raise_for_status | ||
raise HTTPError(http_error_msg, response=self) | ||
requests.exceptions.HTTPError: 503 Server Error: Service Unavailable for url: https://www.amazon.cn/hz/mycd/ajax |
2 changes: 2 additions & 0 deletions
2
source/devops/docs/kindle/kindle_download_helper/kindle_download_helper_error
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
... | ||
Exception: Can't get the csrf token, please refresh the page at https://www.amazon.cn/hz/mycd/myx#/home/content/booksAll and retry |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
.. _flask_startup: | ||
|
||
==================== | ||
flask快速起步 | ||
==================== | ||
|
||
最小化运行 | ||
============= | ||
|
||
- 最小化的flask应用: | ||
|
||
.. literalinclude:: flask_startup/hello.py | ||
:language: python | ||
:caption: 最小化的flask应用 | ||
|
||
- 运行: | ||
|
||
.. literalinclude:: flask_startup/flask_hello_run | ||
:caption: 运行最小化的flask应用 | ||
|
||
简单说明: | ||
|
||
- ``route()`` 告知Flask是哪个URL触发这段程序的功能 | ||
- 这里我使用了 ``hello.py`` ,所以采用 ``--app hello`` 来运行;如果程序名字是 ``app.py`` 或者 ``wsgi.py`` 就不需要 ``--app`` 参数 | ||
|
||
- 对外开放访问的运行: | ||
|
||
.. literalinclude:: flask_startup/flask_hello_run_service | ||
:caption: 运行最小化的flask应用对外提供服务(绑定所有IP) | ||
|
||
简单说明: | ||
|
||
- 默认flask运行只监听本地 ``127.0.0.1`` ,所以需要使用 ``--host=0.0.0.0`` 让flask监听在所有网络接口,也就是对外提供服务 | ||
- 默认flask运行端口是 ``5000`` ,但是在 :ref:`macos` 上和 'AirPlay Receiver' 服务冲突,所以指定 ``--port=5001`` | ||
|
||
现在就可以访问主机的实际IP地址和端口来访问flask: http://192.168.6.1:5001 | ||
|
||
- 开启debug模式(方便调试): | ||
|
||
.. literalinclude:: flask_startup/flask_hello_run_debug | ||
:caption: debug模式运行最小化的flask应用 | ||
|
||
HTML逃逸 | ||
============= | ||
|
||
由于Flask默认响应是返回HTML,所以如果用户提供的值渲染时候需要防范输入特殊的HTML内容,例如,如果用户恶意嵌入一段 JS 代码,必须阻止渲染成HTML,否则就会导致在浏览器中执行恶意脚本。这种技术称为HTML逃逸(HTML Escaping)。 | ||
|
||
Flask 使用的 HTML 渲染模版 `Jinja2 template <http://quintagroup.com/cms/python/jinja2>`_ 已经内嵌了自动防范的功能,也就是说用户恶意注入JS会被自动阻止渲染。不过,这个 ``escape()`` 也可以人工添加: | ||
|
||
.. literalinclude:: flask_startup/flask_escape.py | ||
:language: python | ||
:caption: 明确编写 ``escape()`` 防止恶意注入JS | ||
:emphasize-lines: 2,8 | ||
|
||
此时用户在浏览器中输入 http:://127.0.0.1:5000/<script>alert("bad")</script> 这样的注入,就会直接被拒绝渲染,页面提示:: | ||
|
||
Not Found | ||
The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again. | ||
|
||
.. note:: | ||
|
||
注意, `Jinja2 template <http://quintagroup.com/cms/python/jinja2>`_ 已经内嵌了自动防范的功能,上述代码片段不使用 ``escape()`` 也是有同样效果的 | ||
|
||
所以用户只能输入正常的名字 如 http:://127.0.0.1:5000/huatai | ||
|
||
此时页面才能正常渲染:: | ||
|
||
Hello,huatai! | ||
|
||
参考 | ||
======= | ||
|
||
- `Flask docs: Quickstart <https://flask.palletsprojects.com/en/2.3.x/quickstart/>`_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
from flask import Flask | ||
from markupsafe import escape | ||
|
||
app = Flask(__name__) | ||
|
||
@app.route("/<name>") | ||
def hello_world(name): | ||
return f"Hello, {escape(name)}!" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
flask --app hello run |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
flask --app hello run --debug |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
* Serving Flask app 'hello' | ||
* Debug mode: off | ||
WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead. | ||
* Running on http://127.0.0.1:5000 | ||
Press CTRL+C to quit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
flask --app hello run --host=0.0.0.0 --port=5001 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
from flask import Flask | ||
|
||
app = Flask(__name__) | ||
|
||
@app.route("/") | ||
def hello_world(): | ||
return "<p>Hello, World!</p>" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
.. _install_flask: | ||
|
||
==================== | ||
安装Flask | ||
==================== | ||
|
||
flask支持Python 3.8以及更新版本 | ||
|
||
:ref:`virtualenv` | ||
===================== | ||
|
||
- 安装和初始化 :ref:`virtualenv` : | ||
|
||
.. literalinclude:: ../python/startup/virtualenv/apt_install_pip3_venv | ||
:language: bash | ||
:caption: 在 :ref:`ubuntu_linux` 22.04 LTS 安装 ``pip3`` 以及 ``venv`` | ||
|
||
.. literalinclude:: ../python/startup/virtualenv/venv | ||
:language: bash | ||
:caption: venv初始化 | ||
|
||
.. literalinclude:: ../python/startup/virtualenv/venv_active | ||
:language: bash | ||
:caption: 激活venv | ||
|
||
然后在 :ref:`virtualenv` 就可以继续使用 ``pip`` 安装Flask了 | ||
|
||
安装 | ||
======= | ||
|
||
- 使用pip安装flask: | ||
|
||
.. literalinclude:: install_flask/pip_install_flask | ||
:caption: 使用pip安装flask | ||
|
||
参考 | ||
===== | ||
|
||
- `Flask docs: Installation <https://flask.palletsprojects.com/en/2.3.x/installation/>`_ | ||
- ``OReilly Flak Web Development 2nd Edition`` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
pip install flask |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.