Statistics
| Branch: | Tag: | Revision:

root / snf-webproject / synnefo / webproject / middleware / cleanse.py @ 01d00723

History | View | Annotate | Download (3.8 kB)

1
# Copyright 2011-2012 GRNET S.A. All rights reserved.
2
#
3
# Redistribution and use in source and binary forms, with or
4
# without modification, are permitted provided that the following
5
# conditions are met:
6
#
7
#   1. Redistributions of source code must retain the above
8
#      copyright notice, this list of conditions and the following
9
#      disclaimer.
10
#
11
#   2. Redistributions in binary form must reproduce the above
12
#      copyright notice, this list of conditions and the following
13
#      disclaimer in the documentation and/or other materials
14
#      provided with the distribution.
15
#
16
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
# POSSIBILITY OF SUCH DAMAGE.
28
#
29
# The views and conclusions contained in the software and
30
# documentation are those of the authors and should not be
31
# interpreted as representing official policies, either expressed
32
# or implied, of GRNET S.A.
33

    
34
from django.conf import settings
35
from django.core.exceptions import MiddlewareNotUsed
36

    
37
from django.core import mail
38
from django.views import debug
39

    
40
import re
41

    
42
HIDDEN_ALL = settings.HIDDEN_COOKIES + settings.HIDDEN_HEADERS
43

    
44

    
45
def mail_admins_safe(subject, message, fail_silently=False,
46
                     connection=None, html_message=None):
47
    '''
48
    Wrapper function to cleanse email body from sensitive content before
49
    sending it
50
    '''
51
    new_msg = ""
52

    
53
    if len(message) > settings.MAIL_MAX_LEN:
54
        new_msg += "Mail size over limit (truncated)\n\n"
55
        message = message[:settings.MAIL_MAX_LEN]
56

    
57
    for line in message.splitlines():
58
        # Lines of interest in the mail are in the form of
59
        # key:value.
60
        try:
61
            (key, value) = line.split(':', 1)
62
        except ValueError:
63
            new_msg += line + '\n'
64
            continue
65

    
66
        new_msg += key + ':'
67

    
68
        # Special case when the first header / cookie printed
69
        # (prefixed by 'META:{' or 'COOKIES:{') needs to be hidden.
70
        if value.startswith('{'):
71
            try:
72
                (newkey, newval) = value.split(':', 1)
73
            except ValueError:
74
                new_msg += value + '\n'
75
                continue
76

    
77
            new_msg += newkey + ':'
78
            key = newkey.lstrip('{')
79
            value = newval
80

    
81
        if key.strip(" '") not in HIDDEN_ALL:
82
            new_msg += value + '\n'
83
            continue
84

    
85
        # Append value[-1] to the clensed string, so that commas / closing
86
        # brackets are printed correctly.
87
        # (it will 'eat up' the closing bracket if the header is the last one
88
        # printed)
89
        new_msg += ' ' + '*'*8 + value[-1] + '\n'
90

    
91
    return mail.mail_admins_plain(subject, new_msg, fail_silently, connection)
92

    
93

    
94
class CleanseSettingsMiddleware(object):
95
    '''
96
    Prevent django from printing sensitive information (paswords, tokens
97
    etc), when handling server errors (for both DEBUG and no-DEBUG
98
    deployments.
99
    '''
100
    def __init__(self):
101
        debug.HIDDEN_SETTINGS = re.compile(settings.HIDDEN_SETTINGS)
102

    
103
        if not hasattr(mail, 'mail_admins_plain'):
104
            mail.mail_admins_plain = mail.mail_admins
105
            mail.mail_admins = mail_admins_safe
106

    
107
        raise MiddlewareNotUsed('cleanse settings')