Revision beb2b785
b/snf-astakos-app/astakos/synnefo_settings.py | ||
---|---|---|
70 | 70 |
middlware_classes = [ |
71 | 71 |
'django.contrib.sessions.middleware.SessionMiddleware', |
72 | 72 |
'django.contrib.auth.middleware.AuthenticationMiddleware', |
73 |
'synnefo.lib.middleware.LoggingConfigMiddleware',
|
|
74 |
'synnefo.lib.middleware.SecureMiddleware',
|
|
73 |
'synnefo.webproject.middleware.LoggingConfigMiddleware',
|
|
74 |
'synnefo.webproject.middleware.SecureMiddleware',
|
|
75 | 75 |
'django.middleware.csrf.CsrfViewMiddleware', |
76 | 76 |
'django.contrib.messages.middleware.MessageMiddleware', |
77 | 77 |
# 'debug_toolbar.middleware.DebugToolbarMiddleware', |
/dev/null | ||
---|---|---|
1 |
from log import LoggingConfigMiddleware |
|
2 |
from secure import SecureMiddleware |
|
3 |
from remoteaddr import RemoteAddrMiddleware |
|
4 |
from cleanse import CleanseSettingsMiddleware |
/dev/null | ||
---|---|---|
1 |
# Copyright 2011-2012 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
from django.conf import settings |
|
35 |
from django.core.exceptions import MiddlewareNotUsed |
|
36 |
|
|
37 |
from django.core import mail |
|
38 |
from django.views import debug |
|
39 |
|
|
40 |
import re |
|
41 |
|
|
42 |
HIDDEN_ALL = settings.HIDDEN_COOKIES + settings.HIDDEN_HEADERS |
|
43 |
|
|
44 |
|
|
45 |
def mail_admins_safe(subject, message, fail_silently=False, connection=None): |
|
46 |
''' |
|
47 |
Wrapper function to cleanse email body from sensitive content before |
|
48 |
sending it |
|
49 |
''' |
|
50 |
new_msg = "" |
|
51 |
|
|
52 |
if len(message) > settings.MAIL_MAX_LEN: |
|
53 |
new_msg += "Mail size over limit (truncated)\n\n" |
|
54 |
message = message[:settings.MAIL_MAX_LEN] |
|
55 |
|
|
56 |
for line in message.splitlines(): |
|
57 |
# Lines of interest in the mail are in the form of |
|
58 |
# key:value. |
|
59 |
try: |
|
60 |
(key, value) = line.split(':', 1) |
|
61 |
except ValueError: |
|
62 |
new_msg += line + '\n' |
|
63 |
continue |
|
64 |
|
|
65 |
new_msg += key + ':' |
|
66 |
|
|
67 |
# Special case when the first header / cookie printed |
|
68 |
# (prefixed by 'META:{' or 'COOKIES:{') needs to be hidden. |
|
69 |
if value.startswith('{'): |
|
70 |
try: |
|
71 |
(newkey, newval) = value.split(':', 1) |
|
72 |
except ValueError: |
|
73 |
new_msg += value + '\n' |
|
74 |
continue |
|
75 |
|
|
76 |
new_msg += newkey + ':' |
|
77 |
key = newkey.lstrip('{') |
|
78 |
value = newval |
|
79 |
|
|
80 |
if key.strip(" '") not in HIDDEN_ALL: |
|
81 |
new_msg += value + '\n' |
|
82 |
continue |
|
83 |
|
|
84 |
# Append value[-1] to the clensed string, so that commas / closing |
|
85 |
# brackets are printed correctly. |
|
86 |
# (it will 'eat up' the closing bracket if the header is the last one |
|
87 |
# printed) |
|
88 |
new_msg += ' ' + '*'*8 + value[-1] + '\n' |
|
89 |
|
|
90 |
return mail.mail_admins_plain(subject, new_msg, fail_silently, connection) |
|
91 |
|
|
92 |
|
|
93 |
class CleanseSettingsMiddleware(object): |
|
94 |
''' |
|
95 |
Prevent django from printing sensitive information (paswords, tokens |
|
96 |
etc), when handling server errors (for both DEBUG and no-DEBUG |
|
97 |
deployments. |
|
98 |
''' |
|
99 |
def __init__(self): |
|
100 |
debug.HIDDEN_SETTINGS = re.compile(settings.HIDDEN_SETTINGS) |
|
101 |
|
|
102 |
if not hasattr(mail, 'mail_admins_plain'): |
|
103 |
mail.mail_admins_plain = mail.mail_admins |
|
104 |
mail.mail_admins = mail_admins_safe |
|
105 |
|
|
106 |
raise MiddlewareNotUsed('cleanse settings') |
/dev/null | ||
---|---|---|
1 |
# Copyright 2011-2012 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
from django.conf import settings |
|
35 |
from django.core.exceptions import MiddlewareNotUsed |
|
36 |
|
|
37 |
from synnefo.lib.dictconfig import dictConfig |
|
38 |
|
|
39 |
import logging |
|
40 |
|
|
41 |
|
|
42 |
class NullHandler(logging.Handler): |
|
43 |
def emit(self, record): |
|
44 |
pass |
|
45 |
|
|
46 |
|
|
47 |
class LoggingConfigMiddleware: |
|
48 |
def __init__(self): |
|
49 |
"""Initialise the logging setup from settings. |
|
50 |
|
|
51 |
Logging setup is initialized only in the first request. |
|
52 |
""" |
|
53 |
logging_setting = getattr(settings, 'LOGGING_SETUP', None) |
|
54 |
if logging_setting: |
|
55 |
# Disable handlers that are not used by any logger. |
|
56 |
active_handlers = set() |
|
57 |
loggers = logging_setting.get('loggers', {}) |
|
58 |
for logger in loggers.values(): |
|
59 |
active_handlers.update(logger.get('handlers', [])) |
|
60 |
handlers = logging_setting.get('handlers', {}) |
|
61 |
for handler in handlers: |
|
62 |
if handler not in active_handlers: |
|
63 |
handlers[handler] = {'class': 'logging.NullHandler'} |
|
64 |
|
|
65 |
logging.NullHandler = NullHandler |
|
66 |
dictConfig(logging_setting) |
|
67 |
raise MiddlewareNotUsed('Logging setup only.') |
/dev/null | ||
---|---|---|
1 |
class RemoteAddrMiddleware(object): |
|
2 |
""" |
|
3 |
A generic middleware that sets the REMOTE_ADDR if not sent by the server. |
|
4 |
|
|
5 |
Solves issues with nginx deployment that don't sets the REMOTE_ADDR meta |
|
6 |
key. |
|
7 |
""" |
|
8 |
def process_request(self, request): |
|
9 |
if 'REMOTE_ADDR' in request.META: |
|
10 |
request.META['REMOTE_ADDR'] = request.META.get('HTTP_X_REAL_IP', |
|
11 |
None) |
/dev/null | ||
---|---|---|
1 |
# Copyright 2011-2012 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
|
|
35 |
class SecureMiddleware(object): |
|
36 |
def process_request(self, request): |
|
37 |
if 'HTTP_X_FORWARDED_PROTOCOL' in request.META: |
|
38 |
request.is_secure =\ |
|
39 |
lambda: request.META['HTTP_X_FORWARDED_PROTOCOL'] == 'https' |
b/snf-pithos-app/pithos/api/synnefo_settings.py | ||
---|---|---|
6 | 6 |
|
7 | 7 |
# apply required middleware |
8 | 8 |
synnefo_middlewares = [ |
9 |
'synnefo.lib.middleware.LoggingConfigMiddleware',
|
|
10 |
'synnefo.lib.middleware.SecureMiddleware'
|
|
9 |
'synnefo.webproject.middleware.LoggingConfigMiddleware',
|
|
10 |
'synnefo.webproject.middleware.SecureMiddleware'
|
|
11 | 11 |
] |
b/snf-webproject/synnefo/webproject/middleware/__init__.py | ||
---|---|---|
1 |
from log import LoggingConfigMiddleware |
|
2 |
from secure import SecureMiddleware |
|
3 |
from remoteaddr import RemoteAddrMiddleware |
|
4 |
from cleanse import CleanseSettingsMiddleware |
b/snf-webproject/synnefo/webproject/middleware/cleanse.py | ||
---|---|---|
1 |
# Copyright 2011-2012 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
from django.conf import settings |
|
35 |
from django.core.exceptions import MiddlewareNotUsed |
|
36 |
|
|
37 |
from django.core import mail |
|
38 |
from django.views import debug |
|
39 |
|
|
40 |
import re |
|
41 |
|
|
42 |
HIDDEN_ALL = settings.HIDDEN_COOKIES + settings.HIDDEN_HEADERS |
|
43 |
|
|
44 |
|
|
45 |
def mail_admins_safe(subject, message, fail_silently=False, connection=None): |
|
46 |
''' |
|
47 |
Wrapper function to cleanse email body from sensitive content before |
|
48 |
sending it |
|
49 |
''' |
|
50 |
new_msg = "" |
|
51 |
|
|
52 |
if len(message) > settings.MAIL_MAX_LEN: |
|
53 |
new_msg += "Mail size over limit (truncated)\n\n" |
|
54 |
message = message[:settings.MAIL_MAX_LEN] |
|
55 |
|
|
56 |
for line in message.splitlines(): |
|
57 |
# Lines of interest in the mail are in the form of |
|
58 |
# key:value. |
|
59 |
try: |
|
60 |
(key, value) = line.split(':', 1) |
|
61 |
except ValueError: |
|
62 |
new_msg += line + '\n' |
|
63 |
continue |
|
64 |
|
|
65 |
new_msg += key + ':' |
|
66 |
|
|
67 |
# Special case when the first header / cookie printed |
|
68 |
# (prefixed by 'META:{' or 'COOKIES:{') needs to be hidden. |
|
69 |
if value.startswith('{'): |
|
70 |
try: |
|
71 |
(newkey, newval) = value.split(':', 1) |
|
72 |
except ValueError: |
|
73 |
new_msg += value + '\n' |
|
74 |
continue |
|
75 |
|
|
76 |
new_msg += newkey + ':' |
|
77 |
key = newkey.lstrip('{') |
|
78 |
value = newval |
|
79 |
|
|
80 |
if key.strip(" '") not in HIDDEN_ALL: |
|
81 |
new_msg += value + '\n' |
|
82 |
continue |
|
83 |
|
|
84 |
# Append value[-1] to the clensed string, so that commas / closing |
|
85 |
# brackets are printed correctly. |
|
86 |
# (it will 'eat up' the closing bracket if the header is the last one |
|
87 |
# printed) |
|
88 |
new_msg += ' ' + '*'*8 + value[-1] + '\n' |
|
89 |
|
|
90 |
return mail.mail_admins_plain(subject, new_msg, fail_silently, connection) |
|
91 |
|
|
92 |
|
|
93 |
class CleanseSettingsMiddleware(object): |
|
94 |
''' |
|
95 |
Prevent django from printing sensitive information (paswords, tokens |
|
96 |
etc), when handling server errors (for both DEBUG and no-DEBUG |
|
97 |
deployments. |
|
98 |
''' |
|
99 |
def __init__(self): |
|
100 |
debug.HIDDEN_SETTINGS = re.compile(settings.HIDDEN_SETTINGS) |
|
101 |
|
|
102 |
if not hasattr(mail, 'mail_admins_plain'): |
|
103 |
mail.mail_admins_plain = mail.mail_admins |
|
104 |
mail.mail_admins = mail_admins_safe |
|
105 |
|
|
106 |
raise MiddlewareNotUsed('cleanse settings') |
b/snf-webproject/synnefo/webproject/middleware/log.py | ||
---|---|---|
1 |
# Copyright 2011-2012 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
from django.conf import settings |
|
35 |
from django.core.exceptions import MiddlewareNotUsed |
|
36 |
|
|
37 |
from synnefo.lib.dictconfig import dictConfig |
|
38 |
|
|
39 |
import logging |
|
40 |
|
|
41 |
|
|
42 |
class NullHandler(logging.Handler): |
|
43 |
def emit(self, record): |
|
44 |
pass |
|
45 |
|
|
46 |
|
|
47 |
class LoggingConfigMiddleware: |
|
48 |
def __init__(self): |
|
49 |
"""Initialise the logging setup from settings. |
|
50 |
|
|
51 |
Logging setup is initialized only in the first request. |
|
52 |
""" |
|
53 |
logging_setting = getattr(settings, 'LOGGING_SETUP', None) |
|
54 |
if logging_setting: |
|
55 |
# Disable handlers that are not used by any logger. |
|
56 |
active_handlers = set() |
|
57 |
loggers = logging_setting.get('loggers', {}) |
|
58 |
for logger in loggers.values(): |
|
59 |
active_handlers.update(logger.get('handlers', [])) |
|
60 |
handlers = logging_setting.get('handlers', {}) |
|
61 |
for handler in handlers: |
|
62 |
if handler not in active_handlers: |
|
63 |
handlers[handler] = {'class': 'logging.NullHandler'} |
|
64 |
|
|
65 |
logging.NullHandler = NullHandler |
|
66 |
dictConfig(logging_setting) |
|
67 |
raise MiddlewareNotUsed('Logging setup only.') |
b/snf-webproject/synnefo/webproject/middleware/remoteaddr.py | ||
---|---|---|
1 |
class RemoteAddrMiddleware(object): |
|
2 |
""" |
|
3 |
A generic middleware that sets the REMOTE_ADDR if not sent by the server. |
|
4 |
|
|
5 |
Solves issues with nginx deployment that don't sets the REMOTE_ADDR meta |
|
6 |
key. |
|
7 |
""" |
|
8 |
def process_request(self, request): |
|
9 |
if 'REMOTE_ADDR' in request.META: |
|
10 |
request.META['REMOTE_ADDR'] = request.META.get('HTTP_X_REAL_IP', |
|
11 |
None) |
b/snf-webproject/synnefo/webproject/middleware/secure.py | ||
---|---|---|
1 |
# Copyright 2011-2012 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
|
|
35 |
class SecureMiddleware(object): |
|
36 |
def process_request(self, request): |
|
37 |
if 'HTTP_X_FORWARDED_PROTOCOL' in request.META: |
|
38 |
request.is_secure =\ |
|
39 |
lambda: request.META['HTTP_X_FORWARDED_PROTOCOL'] == 'https' |
b/snf-webproject/synnefo/webproject/settings/__init__.py | ||
---|---|---|
65 | 65 |
'django.middleware.locale.LocaleMiddleware', |
66 | 66 |
'django.middleware.common.CommonMiddleware', |
67 | 67 |
#'django.contrib.messages.middleware.MessageMiddleware', |
68 |
'synnefo.lib.middleware.LoggingConfigMiddleware',
|
|
69 |
'synnefo.lib.middleware.CleanseSettingsMiddleware'
|
|
68 |
'synnefo.webproject.middleware.LoggingConfigMiddleware',
|
|
69 |
'synnefo.webproject.middleware.CleanseSettingsMiddleware'
|
|
70 | 70 |
) |
71 | 71 |
MIDDLEWARE_CLASSES = extend_list_from_entry_point(MIDDLEWARE_CLASSES, \ |
72 | 72 |
'synnefo', 'web_middleware') |
Also available in: Unified diff