summaryrefslogtreecommitdiffstats
path: root/virtualenv
diff options
context:
space:
mode:
authorThomas NOEL <tnoel@entrouvert.com>2013-10-31 13:39:38 (GMT)
committerThomas NOEL <tnoel@entrouvert.com>2013-10-31 13:39:38 (GMT)
commitf6dbea879f23aab0cbf7db77a7fe659b5e828f18 (patch)
tree074dfcc79c790a15164ba0da4a830e1391bc31b3 /virtualenv
parent58ac7d9bb3595aa7851743562087df59e3d5d881 (diff)
downloadunivnautes-old-f6dbea879f23aab0cbf7db77a7fe659b5e828f18.zip
univnautes-old-f6dbea879f23aab0cbf7db77a7fe659b5e828f18.tar.gz
univnautes-old-f6dbea879f23aab0cbf7db77a7fe659b5e828f18.tar.bz2
views.redirect don't handle FIRST_URL_BLACKLIST
Diffstat (limited to 'virtualenv')
-rw-r--r--virtualenv/pffedportal/base/views.py7
-rw-r--r--virtualenv/pffedportal/settings.py7
2 files changed, 14 insertions, 0 deletions
diff --git a/virtualenv/pffedportal/base/views.py b/virtualenv/pffedportal/base/views.py
index 41cea64..5f2ef84 100644
--- a/virtualenv/pffedportal/base/views.py
+++ b/virtualenv/pffedportal/base/views.py
@@ -1,6 +1,7 @@
import subprocess
import urlparse
import syslog
+import re
from django.conf import settings
@@ -8,6 +9,7 @@ from django.shortcuts import render_to_response
from django.template import RequestContext
from django.shortcuts import redirect
from django.contrib import messages
+from django.http import HttpResponse
import django.contrib.auth
from authentic2.authsaml2.utils import register_next_target
@@ -22,6 +24,11 @@ from django.core.mail import send_mail
def redirect302(request):
next_url = 'http://' + request.META['HTTP_HOST'] + request.META['REQUEST_URI']
+ # don't redirect to login page if URL is not really a web page,
+ # so don't create a sessiona and just stop here
+ for bl in settings.FIRST_URL_BLACKLIST:
+ if re.match(bl, next_url):
+ return HttpResponse("eduspot", content_type="text/plain", status=503)
return redirect('https://%s/login?next_url=%s' % (settings.HTTPS_HOSTNAME, next_url))
def index(request):
diff --git a/virtualenv/pffedportal/settings.py b/virtualenv/pffedportal/settings.py
index 1b975e9..06268ae 100644
--- a/virtualenv/pffedportal/settings.py
+++ b/virtualenv/pffedportal/settings.py
@@ -248,6 +248,13 @@ try:
except:
REDIRECT_URL = None
+# don't handle these URLs
+try:
+ firsturlbl = root.find('installedpackages/univnautes/config/firsturlbl').text.decode('base64').decode('iso-8859-1').splitlines()
+ FIRST_URL_BLACKLIST = [ u for u in firsturlbl if not re.match('^\s*($|#)', u) ]
+except:
+ FIRST_URL_BLACKLIST = []
+
# /mail form
try:
EMAIL_RCPT = root.find('installedpackages/univnautestexts/config/email_rcpt').text