Bug 1088752: Add Shape of the Web app to serve JSON.

Shape of the Web is a standalone site that pulls data from JSON files.
In order to make the l10n easier initially, we’re going to host the
JSON files on Bedrock to take advantage of the existing l10n process.

Also adds a middleware to handle adding CORS headers to the locale
redirects when loading the JSON.

bedrock/mozorg/middleware.py

@@ -4,6 +4,7 @@

import datetime
from email.utils import formatdate
import re
import time

from django.conf import settings
@@ -45,3 +46,17 @@ def process_view(self, request, view, view_args, view_kwargs):
        else:
            f = super(MozorgRequestTimingMiddleware, self)
            f.process_view(request, view, view_args, view_kwargs)


class CrossOriginResourceSharingMiddleware(object):

    def process_response(self, request, response):
        """
        If the URL pattern for the request matches one of those
        in the CORS_URLS setting, apply the matching
        Access-Control-Allow-Origin header to the response.
        """
        for pattern, origin in settings.CORS_URLS.items():
            if re.search(pattern, request.path):
                response['Access-Control-Allow-Origin'] = origin
        return response

bedrock/mozorg/tests/test_middleware.py

@@ -0,0 +1,39 @@
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
from django.http import HttpRequest, HttpResponse

from bedrock.mozorg.middleware import CrossOriginResourceSharingMiddleware
from bedrock.mozorg.tests import TestCase


class TestCrossOriginResourceSharingMiddleware(TestCase):
    def setUp(self):
        self.middleware = CrossOriginResourceSharingMiddleware()
        self.request = HttpRequest()
        self.response = HttpResponse()

    def test_match(self):
        self.request.path = '/foo/bar/baz/'

        cors_urls = {r'^/foo/bar': '*'}
        with self.settings(CORS_URLS=cors_urls):
            self.middleware.process_response(self.request, self.response)
            self.assertEqual(self.response['Access-Control-Allow-Origin'], '*')

    def test_middle_match(self):
        # Ensure that matches in the middle of the URL work.
        self.request.path = '/foo/bar/baz/'

        cors_urls = {r'/bar': '*'}
        with self.settings(CORS_URLS=cors_urls):
            self.middleware.process_response(self.request, self.response)
            self.assertEqual(self.response['Access-Control-Allow-Origin'], '*')

    def test_no_match(self):
        self.request.path = '/foo/bar/baz/'

        cors_urls = {r'^/biff/bak': '*'}
        with self.settings(CORS_URLS=cors_urls):
            self.middleware.process_response(self.request, self.response)
            self.assertFalse('Access-Control-Allow-Origin' in self.response)

bedrock/settings/base.py

@@ -1057,6 +1057,7 @@ def JINJA_CONFIG():
    'dnt.middleware.DoNotTrackMiddleware',
    'lib.l10n_utils.middleware.FixLangFileTranslationsMiddleware',
    'bedrock.mozorg.middleware.ConditionalAuthMiddleware',
    'bedrock.mozorg.middleware.CrossOriginResourceSharingMiddleware',
))

AUTHENTICATED_URL_PREFIXES = ('/admin/', '/rna/')
@@ -1106,6 +1107,7 @@ def JINJA_CONFIG():
    '%s.events' % PROJECT_MODULE,
    '%s.releasenotes' % PROJECT_MODULE,
    '%s.thunderbird' % PROJECT_MODULE,
    '%s.shapeoftheweb' % PROJECT_MODULE,

    # libs
    'django_extensions',
@@ -1416,6 +1418,10 @@ def facebook_tab_url_lazy():
MOFO_SECURITY_ADVISORIES_PATH = path('mofo_security_advisories')
MOFO_SECURITY_ADVISORIES_REPO = 'https://github.com/mozilla/foundation-security-advisories.git'

CORS_URLS = {
    r'^/([a-zA-Z-]+/)?shapeoftheweb': '*',
}

LOGGING = {
    'root': {
        'level': 'WARNING',