Stega

Merge lp:~danilo/stega/proxy-support into lp:stega

proxy-support
Merge into trunk

Proposed by Данило Шеган on 2012-09-16

Status:	Merged
Approved by:	Sanja on 2012-09-16
Approved revision:	20
Merged at revision:	20
Proposed branch:	lp:~danilo/stega/proxy-support
Merge into:	lp:stega
Diff against target:	101 lines (+50/-1) 3 files modified settings.py (+8/-0) url_shortener/tests.py (+30/-0) url_shortener/views.py (+12/-1)
To merge this branch:	bzr merge lp:~danilo/stega/proxy-support
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Sanja		2012-09-16	Approve on 2012-09-16
Review via email: mp+124567@code.launchpad.net

Description of the change

Add support for handling X-Forwarded-For if hosted behind a semi-transparent
proxy (semi-transparent because it doesn't keep the REMOTE_ADDR but instead
uses X-Forwarded-For header).

Revision history for this message

Sanja (sanjazivotic) on 2012-09-16:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Stega developers

Данило Шеган

 === modified file 'settings.py'
 --- settings.py	2012-09-16 10:52:00 +0000
 +++ settings.py	2012-09-16 11:02:19 +0000
@@ -16,6 +16,14 @@
  # Restrict number of short urls that can be created from a single ip address.
  URLS_PER_IP = 100
++# Whether installation is behind a proxy.
++# Warning: reads X-Forwarded-For to find out REMOTE_ADDR, so make sure you
++# do have a proxy server adding to X-Forwarded-For, since it can otherwise
++# be easily spoofed and will easily defeat the purpose of URLS_PER_IP
++# protection.
++TRANSPARENT_PROXY = True
++
++
  ADMINS = (
      ('Admin', 'root@localhost'),
+ )
 === modified file 'url_shortener/tests.py'
 --- url_shortener/tests.py	2012-09-16 10:52:00 +0000
 +++ url_shortener/tests.py	2012-09-16 11:02:19 +0000
@@ -6,6 +6,7 @@
      TooManyUrlsError,
      Url,
+ )
++from url_shortener.views import UrlCreationView
  import utils
  import settings
@@ -82,6 +83,9 @@
          self.assertEqual(200, response.status_code)
++class MockRequest(object):
++    META = {}
++
  class TestUrlCreationView(TestCase):
      def test_url_creation_view_success(self):
          response = self.client.post(
@@ -92,6 +96,32 @@
              response.content
+         )
++    def test_get_ip_address_remote_addr(self):
++        # This reads back REMOTE_ADDR from the server environment.
++        request = MockRequest()
++        request.META = { 'REMOTE_ADDR': 'my-ip', }
++        self.assertEqual('my-ip', UrlCreationView.get_ip_address(request))
++
++    def test_get_ip_address_x_forwarded_to_no_proxy(self):
++        # This reads back REMOTE_ADDR from the server environment,
++        # and ignores X_FORWARDED_FOR when allow_proxy is False.
++        request = MockRequest()
++        request.META = { 'REMOTE_ADDR': 'my-ip',
++                         'X_FORWARDED_FOR': 'ip1, ip2'}
++        self.assertEqual(
++            'my-ip',
++            UrlCreationView.get_ip_address(request, allow_proxy=False))
++
++    def test_get_ip_address_x_forwarded_to_allow_proxy(self):
++        # This reads back REMOTE_ADDR from the server environment,
++        # and ignores X_FORWARDED_FOR when allow_proxy is False.
++        request = MockRequest()
++        request.META = { 'REMOTE_ADDR': 'my-ip',
++                         'X_FORWARDED_FOR': 'ip1, ip2'}
++        self.assertEqual(
++            'ip1',
++            UrlCreationView.get_ip_address(request, allow_proxy=True))
++
      def test_url_creation_view_no_param(self):
          response = self.client.post('/create/')
          self.assertEqual(400, response.status_code)
 === modified file 'url_shortener/views.py'
 --- url_shortener/views.py	2012-09-15 09:11:25 +0000
 +++ url_shortener/views.py	2012-09-16 11:02:19 +0000
@@ -39,11 +39,22 @@
  class UrlCreationView(View):
++    @staticmethod
++    def get_ip_address(request, allow_proxy=False):
++        if allow_proxy and 'X_FORWARDED_FOR' in request.META:
++            all_ips = request.META['X_FORWARDED_FOR'].split(',')
++            # Only the left-most one is accepted.
++            return all_ips[0]
++        else:
++            return request.META['REMOTE_ADDR']
++
      def post(self, request, **kwargs):
          try:
++            ip_address = self.get_ip_address(
++                request, settings.TRANSPARENT_PROXY)
              url = Url.get_or_create_url(
                  long_url=request.POST['long_url'],
--                ip_address=request.META['REMOTE_ADDR']
++                ip_address=ip_address,
+             )
              host_name = request.META['HTTP_HOST']
              full_short_url = 'http://%s/%s' % (host_name, url.short_url)

Stega

Merge lp:~danilo/stega/proxy-support into lp:stega

Commit message

Description of the change

Preview Diff

Subscribers