[z3-checkins] r42104 - z3/deliverance/DeliveranceVHoster/trunk/dvhoster
ianb at codespeak.net
ianb at codespeak.net
Mon Apr 16 19:39:38 CEST 2007
Author: ianb
Date: Mon Apr 16 19:39:32 2007
New Revision: 42104
Modified:
z3/deliverance/DeliveranceVHoster/trunk/dvhoster/dispatcher.py
Log:
Switch header cleaning order, so HTTP_HOST is always cleaned
Modified: z3/deliverance/DeliveranceVHoster/trunk/dvhoster/dispatcher.py
==============================================================================
--- z3/deliverance/DeliveranceVHoster/trunk/dvhoster/dispatcher.py (original)
+++ z3/deliverance/DeliveranceVHoster/trunk/dvhoster/dispatcher.py Mon Apr 16 19:39:32 2007
@@ -56,6 +56,10 @@
self.clean_environ_headers_regex = re.compile(app_conf['clean_environ_headers_regex'])
else:
self.clean_environ_headers_regex = None
+ if app_conf.get('safe_header_ips'):
+ self.safe_header_ips = app_conf.get('safe_header_ips').strip().split()
+ else:
+ self.safe_header_ips = None
logger = make_logger(app_conf.get('logger'), 'dvhoster')
self.logger = logger
@@ -169,12 +173,6 @@
Remove any request headers that overlap with internal request
headers (as configured with ``clean_environ_headers_regex``).
"""
- if not self.clean_environ_headers_regex:
- return
- for key in environ.keys():
- if self.clean_environ_headers_regex.search(key):
- # @@: Should log this
- del environ[key]
host = environ.get('HTTP_HOST')
if host is None:
host = environ['SERVER_NAME'] + ':' + environ['SERVER_PORT']
@@ -184,6 +182,16 @@
else:
host += ':80'
environ['HTTP_HOST'] = host
+ if not self.clean_environ_headers_regex:
+ return
+ remote_addr = environ.get('REMOTE_ADDR')
+ if (remote_addr and self.safe_header_ips
+ and remote_addr in self.safe_header_ips):
+ return
+ for key in environ.keys():
+ if self.clean_environ_headers_regex.search(key):
+ # @@: Should log this
+ del environ[key]
def get_domain_info(self, environ):
"""
More information about the z3-checkins
mailing list