Mercurial > p > roundup > code
view website/issues/detectors/patches.py @ 5212:d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
This was an easy addon compared to the complexity of the CSRF nonce
support. It only works in chromium browsers (Chrome, Opera...) at
the moment. But there is recent activity on implementing it in
firefox. Who know when edge/ie will adopt it. So csrf nonce and
header analysis will be needed for a while.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 19 Mar 2017 19:01:41 -0400 |
| parents | c2d0d3e9099d |
| children | 0942fe89e82e |
line wrap: on
line source
# Auditor for patch files # Patches should be declared as text/plain (also .py files), # independent of what the browser says, and # the "patch" keyword should get set automatically. import posixpath patchtypes = ('.diff', '.patch') sourcetypes = ('.diff', '.patch', '.py') def ispatch(file, types): return posixpath.splitext(file)[1] in types def patches_text_plain(db, cl, nodeid, newvalues): if ispatch(newvalues['name'], sourcetypes): newvalues['type'] = 'text/plain' def patches_keyword(db, cl, nodeid, newvalues): # Check whether there are any new files newfiles = set(newvalues.get('files',())) if nodeid: newfiles -= set(db.issue.get(nodeid, 'files')) # Check whether any of these is a patch newpatch = False for fileid in newfiles: if ispatch(db.file.get(fileid, 'name'), patchtypes): newpatch = True break if newpatch: # Add the patch keyword if its not already there patchid = db.keyword.lookup("patch") oldkeywords = [] if nodeid: oldkeywords = db.issue.get(nodeid, 'keywords') if patchid in oldkeywords: # This is already marked as a patch return if not newvalues.has_key('keywords'): newvalues['keywords'] = oldkeywords newvalues['keywords'].append(patchid) def init(db): db.file.audit('create', patches_text_plain) db.issue.audit('create', patches_keyword) db.issue.audit('set', patches_keyword)