fix formatting in httpapi security

master
Kevin 2020-06-21 15:48:00 -05:00
parent a24c87c5b0
commit 7d8c3f75e4
2 changed files with 15 additions and 15 deletions

View File

@ -1,9 +1,12 @@
'''
Onionr - Private P2P Communication
"""Onionr - Private P2P Communication.
Process incoming requests to the client api server to validate they are legitimate
'''
'''
Process incoming requests to the client api server to validate they are legitimate
"""
import hmac
from flask import Blueprint, request, abort, g
from onionrservices import httpheaders
from . import pluginwhitelist
"""
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
@ -16,11 +19,7 @@
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
'''
import hmac
from flask import Blueprint, request, abort, g
from onionrservices import httpheaders
from . import pluginwhitelist
"""
# Be extremely mindful of this. These are endpoints available without a password
whitelist_endpoints = ['www', 'staticfiles.homedata', 'staticfiles.sharedContent',
@ -36,7 +35,7 @@ class ClientAPISecurity:
@client_api_security_bp.before_app_request
def validate_request():
'''Validate request has set password and is the correct hostname'''
"""Validate request has set password and is the correct hostname"""
# For the purpose of preventing DNS rebinding attacks
if request.host != '%s:%s' % (client_api.host, client_api.bindPort):
abort(403)

View File

@ -1,8 +1,8 @@
"""
Onionr - Private P2P Communication
"""Onionr - Private P2P Communication.
Load web UI client endpoints into the whitelist from plugins
Load web UI client endpoints into the whitelist from plugins
"""
import onionrplugins
"""
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,8 @@
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
"""
import onionrplugins
def load_plugin_security_whitelist_endpoints(whitelist: list):
"""Accept a list reference of whitelist endpoints from security/client.py and
append plugin's specified endpoints to them by attribute"""