fix formatting in httpapi security
This commit is contained in:
parent
a24c87c5b0
commit
7d8c3f75e4
@ -1,9 +1,12 @@
|
||||
'''
|
||||
Onionr - Private P2P Communication
|
||||
"""Onionr - Private P2P Communication.
|
||||
|
||||
Process incoming requests to the client api server to validate they are legitimate
|
||||
'''
|
||||
'''
|
||||
Process incoming requests to the client api server to validate they are legitimate
|
||||
"""
|
||||
import hmac
|
||||
from flask import Blueprint, request, abort, g
|
||||
from onionrservices import httpheaders
|
||||
from . import pluginwhitelist
|
||||
"""
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
@ -16,11 +19,7 @@
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
'''
|
||||
import hmac
|
||||
from flask import Blueprint, request, abort, g
|
||||
from onionrservices import httpheaders
|
||||
from . import pluginwhitelist
|
||||
"""
|
||||
|
||||
# Be extremely mindful of this. These are endpoints available without a password
|
||||
whitelist_endpoints = ['www', 'staticfiles.homedata', 'staticfiles.sharedContent',
|
||||
@ -36,7 +35,7 @@ class ClientAPISecurity:
|
||||
|
||||
@client_api_security_bp.before_app_request
|
||||
def validate_request():
|
||||
'''Validate request has set password and is the correct hostname'''
|
||||
"""Validate request has set password and is the correct hostname"""
|
||||
# For the purpose of preventing DNS rebinding attacks
|
||||
if request.host != '%s:%s' % (client_api.host, client_api.bindPort):
|
||||
abort(403)
|
||||
|
@ -1,8 +1,8 @@
|
||||
"""
|
||||
Onionr - Private P2P Communication
|
||||
"""Onionr - Private P2P Communication.
|
||||
|
||||
Load web UI client endpoints into the whitelist from plugins
|
||||
Load web UI client endpoints into the whitelist from plugins
|
||||
"""
|
||||
import onionrplugins
|
||||
"""
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
@ -17,7 +17,8 @@
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
"""
|
||||
import onionrplugins
|
||||
|
||||
|
||||
def load_plugin_security_whitelist_endpoints(whitelist: list):
|
||||
"""Accept a list reference of whitelist endpoints from security/client.py and
|
||||
append plugin's specified endpoints to them by attribute"""
|
||||
|
Loading…
Reference in New Issue
Block a user