mirror
/
takahe
kopia lustrzana https://github.com/jointakahe/takahe
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Porównaj commity

baza: mirror:1dec02f89c671a74e5d85023852d9253cbc86c80
Gałęzie Tagi
mirror:main
mirror:thin-ui
mirror:0.11.0
mirror:0.10.1
mirror:0.10.0
mirror:0.9.0
mirror:0.8.0
mirror:0.7.0
mirror:0.6.1
mirror:0.6.0
mirror:0.5.0
mirror:0.4.0
mirror:0.3.0
...
porównaj: mirror:e46992448d8e4de007baba871e07d44dea44225b
Gałęzie Tagi
mirror:main
mirror:thin-ui
mirror:0.11.0
mirror:0.10.1
mirror:0.10.0
mirror:0.9.0
mirror:0.8.0
mirror:0.7.0
mirror:0.6.1
mirror:0.6.0
mirror:0.5.0
mirror:0.4.0
mirror:0.3.0

2 Commity
1dec02f89c ... e46992448d

Autor SHA1 Wiadomość Data
Jamie Bliss e46992448d
Handle socket errors, sign Digest header 
It turns out, signing the header about the content is pretty important.
 2024-01-14 19:06:13 +00:00
Jamie Bliss 3c6820cfe3
Add header allowlist 2024-01-14 18:46:02 +00:00
2 zmienionych plików z 32 dodań i 10 usunięć
Pokaż statystyki Expand all files Collapse all files

28
core/httpy.py
Wyświetl plik

@ -141,18 +141,28 @@ class IpFilterWrapperTransport(httpx.BaseTransport, httpx.AsyncBaseTransport):
# misconfigured or malicious
def handle_request(self, request: httpx.Request) -> httpx.Response:
self._check_addrinfo(
request, socket.getaddrinfo(*self._request_to_addrinfo(request))
)
try:
self._check_addrinfo(
request, socket.getaddrinfo(*self._request_to_addrinfo(request))
)
except socket.gaierror:
# Some kind of look up error. Gonna assume safe and let farther
# down the stack handle it.
pass
return self.wrappee.handle_request(request)
async def handle_async_request(self, request: httpx.Request) -> httpx.Response:
self._check_addrinfo(
request,
await asyncio.get_running_loop().getaddrinfo(
*self._request_to_addrinfo(request)
),
)
try:
self._check_addrinfo(
request,
await asyncio.get_running_loop().getaddrinfo(
*self._request_to_addrinfo(request)
),
)
except socket.gaierror:
# Some kind of look up error. Gonna assume safe and let farther
# down the stack handle it.
pass
return await self.wrappee.handle_await_request(request)

14
core/signatures.py
Wyświetl plik

@ -69,6 +69,16 @@ class HttpSignature:
Allows for calculation and verification of HTTP signatures
"""
#: Headers we should consider when producing signatures
HEADERS_FOR_SIGNING = {
"date",
"host",
"(request-target)",
"content-type",
"content-length",
"digest",
}
@classmethod
def calculate_digest(cls, data, algorithm="sha-256") -> str:
"""
@ -211,7 +221,9 @@ class HttpSignature:
# Sign the headers
signing_headers = [
key for key in request.headers.keys() if key.lower() != "user-agent"
key
for key in request.headers.keys()
if key.lower() in cls.HEADERS_FOR_SIGNING
]
signed_string = "\n".join(
f"{name.lower()}: {value}"