1
=== modified file 'settings.py'
2
--- settings.py	2012-09-16 10:52:00 +0000
3
+++ settings.py	2012-09-16 11:02:19 +0000
4
@@ -16,6 +16,14 @@
5
16
# Restrict number of short urls that can be created from a single ip address.
16
# Restrict number of short urls that can be created from a single ip address.
6
17
URLS_PER_IP = 100
17
URLS_PER_IP = 100
7
18
18
8
19
# Whether installation is behind a proxy.
9
20
# Warning: reads X-Forwarded-For to find out REMOTE_ADDR, so make sure you
10
21
# do have a proxy server adding to X-Forwarded-For, since it can otherwise
11
22
# be easily spoofed and will easily defeat the purpose of URLS_PER_IP
12
23
# protection.
13
24
TRANSPARENT_PROXY = True
14
25
15
26
16
19
ADMINS = (
27
ADMINS = (
17
20
    ('Admin', 'root@localhost'),
28
    ('Admin', 'root@localhost'),
18
21
)
29
)
19
22
30
20
=== modified file 'url_shortener/tests.py'
21
--- url_shortener/tests.py	2012-09-16 10:52:00 +0000
22
+++ url_shortener/tests.py	2012-09-16 11:02:19 +0000
23
@@ -6,6 +6,7 @@
24
6
    TooManyUrlsError,
6
    TooManyUrlsError,
25
7
    Url,
7
    Url,
26
8
)
8
)
27
9
from url_shortener.views import UrlCreationView
28
9
import utils
10
import utils
29
10
import settings
11
import settings
30
11
12
31
@@ -82,6 +83,9 @@
32
82
        self.assertEqual(200, response.status_code)
83
        self.assertEqual(200, response.status_code)
33
83
84
34
84
85
35
86
class MockRequest(object):
36
87
    META = {}
37
88
38
85
class TestUrlCreationView(TestCase):
89
class TestUrlCreationView(TestCase):
39
86
    def test_url_creation_view_success(self):
90
    def test_url_creation_view_success(self):
40
87
        response = self.client.post(
91
        response = self.client.post(
41
@@ -92,6 +96,32 @@
42
92
            response.content
96
            response.content
43
93
        )
97
        )
44
94
98
45
99
    def test_get_ip_address_remote_addr(self):
46
100
        # This reads back REMOTE_ADDR from the server environment.
47
101
        request = MockRequest()
48
102
        request.META = { 'REMOTE_ADDR': 'my-ip', }
49
103
        self.assertEqual('my-ip', UrlCreationView.get_ip_address(request))
50
104
51
105
    def test_get_ip_address_x_forwarded_to_no_proxy(self):
52
106
        # This reads back REMOTE_ADDR from the server environment,
53
107
        # and ignores X_FORWARDED_FOR when allow_proxy is False.
54
108
        request = MockRequest()
55
109
        request.META = { 'REMOTE_ADDR': 'my-ip',
56
110
                         'X_FORWARDED_FOR': 'ip1, ip2'}
57
111
        self.assertEqual(
58
112
            'my-ip',
59
113
            UrlCreationView.get_ip_address(request, allow_proxy=False))
60
114
61
115
    def test_get_ip_address_x_forwarded_to_allow_proxy(self):
62
116
        # This reads back REMOTE_ADDR from the server environment,
63
117
        # and ignores X_FORWARDED_FOR when allow_proxy is False.
64
118
        request = MockRequest()
65
119
        request.META = { 'REMOTE_ADDR': 'my-ip',
66
120
                         'X_FORWARDED_FOR': 'ip1, ip2'}
67
121
        self.assertEqual(
68
122
            'ip1',
69
123
            UrlCreationView.get_ip_address(request, allow_proxy=True))
70
124
71
95
    def test_url_creation_view_no_param(self):
125
    def test_url_creation_view_no_param(self):
72
96
        response = self.client.post('/create/')
126
        response = self.client.post('/create/')
73
97
        self.assertEqual(400, response.status_code)
127
        self.assertEqual(400, response.status_code)
74
98
128
75
=== modified file 'url_shortener/views.py'
76
--- url_shortener/views.py	2012-09-15 09:11:25 +0000
77
+++ url_shortener/views.py	2012-09-16 11:02:19 +0000
78
@@ -39,11 +39,22 @@
79
39
39
80
40
40
81
41
class UrlCreationView(View):
41
class UrlCreationView(View):
82
42
    @staticmethod
83
43
    def get_ip_address(request, allow_proxy=False):
84
44
        if allow_proxy and 'X_FORWARDED_FOR' in request.META:
85
45
            all_ips = request.META['X_FORWARDED_FOR'].split(',')
86
46
            # Only the left-most one is accepted.
87
47
            return all_ips[0]
88
48
        else:
89
49
            return request.META['REMOTE_ADDR']
90
50
91
42
    def post(self, request, **kwargs):
51
    def post(self, request, **kwargs):
92
43
        try:
52
        try:
93
53
            ip_address = self.get_ip_address(
94
54
                request, settings.TRANSPARENT_PROXY)
95
44
            url = Url.get_or_create_url(
55
            url = Url.get_or_create_url(
96
45
                long_url=request.POST['long_url'],
56
                long_url=request.POST['long_url'],
98
46
                ip_address=request.META['REMOTE_ADDR']
57
                ip_address=ip_address,
99
47
            )
58
            )
100
48
            host_name = request.META['HTTP_HOST']
59
            host_name = request.META['HTTP_HOST']
101
49
            full_short_url = 'http://%s/%s' % (host_name, url.short_url)
60
            full_short_url = 'http://%s/%s' % (host_name, url.short_url)
Status:	Merged
Approved by:	Sanja on 2012-09-16
Approved revision:	20
Merged at revision:	20
Proposed branch:	lp:~danilo/stega/proxy-support
Merge into:	lp:stega
Diff against target:	101 lines (+50/-1) 3 files modified settings.py (+8/-0) url_shortener/tests.py (+30/-0) url_shortener/views.py (+12/-1)
To merge this branch:	bzr merge lp:~danilo/stega/proxy-support
Related bugs:	Link a bug report
Reviewer	Review Type	Date Requested	Status
Sanja		2012-09-16	Approve on 2012-09-16
Review via email: mp+124567@code.launchpad.net