innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
django1/django/contrib/messages/storage/cookie.py

166 lines
6.4 KiB
Python
Raw Normal View History

Fixed #18023 -- Removed bundled simplejson. And started the deprecation path for django.utils.simplejson. Thanks Alex Ogier, Clueless, and other contributors for their work on the patch.
2012-04-30 01:58:00 +08:00
import json
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
from django.conf import settings
from django.contrib.messages.storage.base import BaseStorage, Message
Rationalised CompatCookie/SimpleCookie into single SimpleCookie class with all fixes. Since upstream Python has fixed the encoding bug (see http://bugs.python.org/issue9824), we don't want a separate class for this bug fix, or several layers for the different fixes. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-25 04:35:46 +08:00
from django.http import SimpleCookie
[py3] Fixed access to dict keys/values/items.
2012-07-21 03:14:27 +08:00
from django.utils import six
Sorted imports with isort; refs #23860.
2015-01-28 20:35:27 +08:00
from django.utils.crypto import constant_time_compare, salted_hmac
from django.utils.safestring import SafeData, mark_safe
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
class MessageEncoder(json.JSONEncoder):
"""
Compactly serializes instances of the ``Message`` class as JSON.
"""
message_key = '__json_message'
def default(self, obj):
if isinstance(obj, Message):
Fixed #19387 -- Preserved SafeData status in contrib.messages Thanks Anton Baklanov for the report and the patch.
2012-12-21 17:01:03 +08:00
# Using 0/1 here instead of False/True to produce more compact json
is_safedata = 1 if isinstance(obj.message, SafeData) else 0
message = [self.message_key, is_safedata, obj.level, obj.message]
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
if obj.extra_tags:
message.append(obj.extra_tags)
return message
return super(MessageEncoder, self).default(obj)
class MessageDecoder(json.JSONDecoder):
"""
Decodes JSON that includes serialized ``Message`` instances.
"""
def process_messages(self, obj):
if isinstance(obj, list) and obj:
if obj[0] == MessageEncoder.message_key:
Fixed #22426 -- Added support old-style d.c.messages format. Forward ported code from 1.5 that adds backwards compatibility with legacy message length. See commit 9e7183073f64e541587e8dcfd8bb3ddeb47f8162 for details. Thanks to Ofir Ovadia for the initial patch.
2014-04-15 23:52:30 +08:00
if len(obj) == 3:
# Compatibility with previously-encoded messages
return Message(*obj[1:])
Fixed #19387 -- Preserved SafeData status in contrib.messages Thanks Anton Baklanov for the report and the patch.
2012-12-21 17:01:03 +08:00
if obj[1]:
obj[3] = mark_safe(obj[3])
return Message(*obj[2:])
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
return [self.process_messages(item) for item in obj]
if isinstance(obj, dict):
Fixed #23968 -- Replaced list comprehension with generators and dict comprehension
2014-12-07 05:00:09 +08:00
return {key: self.process_messages(value)
for key, value in six.iteritems(obj)}
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
return obj
def decode(self, s, **kwargs):
decoded = super(MessageDecoder, self).decode(s, **kwargs)
return self.process_messages(decoded)
More attacking E302 violators
2013-11-03 04:12:09 +08:00
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
class CookieStorage(BaseStorage):
"""
Stores messages in a cookie.
"""
cookie_name = 'messages'
Fixed #18781 -- Reduced max session cookie size.
2012-09-08 07:23:16 +08:00
# uwsgi's default configuration enforces a maximum size of 4kb for all the
# HTTP headers. In order to leave some room for other cookies and headers,
# restrict the session cookie to 1/2 of 4kb. See #18781.
max_cookie_size = 2048
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
not_finished = '__messagesnotfinished__'
def _get(self, *args, **kwargs):
"""
Retrieves a list of messages from the messages cookie. If the
not_finished sentinel value is found at the end of the message list,
remove it and return a result indicating that not all messages were
retrieved by this storage.
"""
data = self.request.COOKIES.get(self.cookie_name)
messages = self._decode(data)
all_retrieved = not (messages and messages[-1] == self.not_finished)
if messages and not all_retrieved:
# remove the sentinel value
messages.pop()
return messages, all_retrieved
def _update_cookie(self, encoded_data, response):
"""
Either sets the cookie with the encoded data if there is any data to
store, or deletes the cookie.
"""
if encoded_data:
Fixed #15618 -- CookieStorage storage in messages framework now honors SESSION_COOKIE_DOMAIN. Thanks for the report and patch, lamby git-svn-id: http://code.djangoproject.com/svn/django/trunk@15848 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-16 11:50:51 +08:00
response.set_cookie(self.cookie_name, encoded_data,
Fixed #20972 -- Make messages cookie follow session cookie secure/httponly
2013-08-27 03:34:29 +08:00
domain=settings.SESSION_COOKIE_DOMAIN,
secure=settings.SESSION_COOKIE_SECURE or None,
httponly=settings.SESSION_COOKIE_HTTPONLY or None)
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
else:
Fixed #15618 -- Fixed regression introduced in r15848 regarding not properly deleting messages cookies when honoring SESSION_COOKIE_DOMAIN. Thanks, Julien. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15885 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-20 19:27:03 +08:00
response.delete_cookie(self.cookie_name,
domain=settings.SESSION_COOKIE_DOMAIN)
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
def _store(self, messages, response, remove_oldest=True, *args, **kwargs):
"""
Stores the messages to a cookie, returning a list of any messages which
could not be stored.
If the encoded data is larger than ``max_cookie_size``, removes
messages until the data fits (these are the messages which are
returned), and add the not_finished sentinel value to indicate as much.
"""
unstored_messages = []
encoded_data = self._encode(messages)
if self.max_cookie_size:
Rationalised CompatCookie/SimpleCookie into single SimpleCookie class with all fixes. Since upstream Python has fixed the encoding bug (see http://bugs.python.org/issue9824), we don't want a separate class for this bug fix, or several layers for the different fixes. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-25 04:35:46 +08:00
# data is going to be stored eventually by SimpleCookie, which
Fix many many typos in comments throughout the codebase
2014-04-27 01:18:45 +08:00
# adds its own overhead, which we must account for.
Fixed all E261 warnings
2013-11-03 05:02:56 +08:00
cookie = SimpleCookie() # create outside the loop
Fixed #21298 -- Fixed E301 pep8 warnings
2013-10-22 18:21:07 +08:00
Made CookieStorage account for the overhead added by the underlying cookie encoding git-svn-id: http://code.djangoproject.com/svn/django/trunk@12285 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-24 07:56:04 +08:00
def stored_length(val):
Small optimization on r12285 git-svn-id: http://code.djangoproject.com/svn/django/trunk@12292 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-26 02:14:30 +08:00
return len(cookie.value_encode(val)[1])
Made CookieStorage account for the overhead added by the underlying cookie encoding git-svn-id: http://code.djangoproject.com/svn/django/trunk@12285 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-24 07:56:04 +08:00
while encoded_data and stored_length(encoded_data) > self.max_cookie_size:
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
if remove_oldest:
unstored_messages.append(messages.pop(0))
else:
unstored_messages.insert(0, messages.pop())
encoded_data = self._encode(messages + [self.not_finished],
encode_empty=unstored_messages)
self._update_cookie(encoded_data, response)
return unstored_messages
def _hash(self, value):
"""
Creates an HMAC/SHA1 hash based on the value and the project setting's
SECRET_KEY, modified to make it unique for the present purpose.
"""
Fixed #14445 - Use HMAC and constant-time comparison functions where needed. All adhoc MAC applications have been updated to use HMAC, using SHA1 to generate unique keys for each application based on the SECRET_KEY, which is common practice for this situation. In all cases, backwards compatibility with existing hashes has been maintained, aiming to phase this out as per the normal deprecation process. In this way, under most normal circumstances the old hashes will have expired (e.g. by session expiration etc.) before they become invalid. In the case of the messages framework and the cookie backend, which was already using HMAC, there is the possibility of a backwards incompatibility if the SECRET_KEY is shorter than the default 50 bytes, but the low likelihood and low impact meant compatibility code was not worth it. All known instances where tokens/hashes were compared using simple string equality, which could potentially open timing based attacks, have also been fixed using a constant-time comparison function. There are no known practical attacks against the existing implementations, so these security improvements will not be backported. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-15 04:54:30 +08:00
key_salt = 'django.contrib.messages'
return salted_hmac(key_salt, value).hexdigest()
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
def _encode(self, messages, encode_empty=False):
"""
Returns an encoded version of the messages list which can be stored as
plain text.
Since the data will be retrieved from the client-side, the encoded data
also contains a hash to ensure that the data was not tampered with.
"""
if messages or encode_empty:
encoder = MessageEncoder(separators=(',', ':'))
value = encoder.encode(messages)
return '%s$%s' % (self._hash(value), value)
def _decode(self, data):
"""
Fixed several typos in Django
2014-05-29 08:39:14 +08:00
Safely decodes an encoded text stream back into a list of messages.
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
If the encoded text stream contained an invalid hash or was in an
invalid format, ``None`` is returned.
"""
if not data:
return None
bits = data.split('$', 1)
if len(bits) == 2:
hash, value = bits
Fixed #14445 - Use HMAC and constant-time comparison functions where needed. All adhoc MAC applications have been updated to use HMAC, using SHA1 to generate unique keys for each application based on the SECRET_KEY, which is common practice for this situation. In all cases, backwards compatibility with existing hashes has been maintained, aiming to phase this out as per the normal deprecation process. In this way, under most normal circumstances the old hashes will have expired (e.g. by session expiration etc.) before they become invalid. In the case of the messages framework and the cookie backend, which was already using HMAC, there is the possibility of a backwards incompatibility if the SECRET_KEY is shorter than the default 50 bytes, but the low likelihood and low impact meant compatibility code was not worth it. All known instances where tokens/hashes were compared using simple string equality, which could potentially open timing based attacks, have also been fixed using a constant-time comparison function. There are no known practical attacks against the existing implementations, so these security improvements will not be backported. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-15 04:54:30 +08:00
if constant_time_compare(hash, self._hash(value)):
Fixed #4604 - Configurable message passing system, supporting anonymous users This deprecates User.message_set in favour of a configurable messaging system, with backends provided for cookie storage, session storage and backward compatibility. Many thanks to Tobias McNulty for the bulk of the work here, with contributions from Chris Beaven (SmileyChris) and lots of code review from Russell Keith-Magee, and input from many others. Also credit to the authors of various messaging systems for Django whose ideas may have been pinched :-) git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 00:57:23 +08:00
try:
# If we get here (and the JSON decode works), everything is
# good. In any other case, drop back and return None.
return json.loads(value, cls=MessageDecoder)
except ValueError:
pass
# Mark the data as used (so it gets removed) since something was wrong
# with the data.
self.used = True
return None