Commits

Evgeniy Kirov committed ceb75ce

IFrameFixMiddleware для Safari (плохо тестировалось; также переместил в этот класс P3P для IE).

Comments (0)

Files changed (2)

 
 ::
 
-    $ pip install django-vkontakte-iframe
+    $ pip install -e hg+http://bitbucket.org/eXtractor/django-vkontakte-iframe/#egg=django-vkontakte-iframe
 
 
 Requirements
         )
 
 
-5. Put 'vk_iframe.middleware.AuthenticationMiddleware' and
+5. Put 'vk_iframe.middleware.AuthenticationMiddleware',
+   'vk_iframe.middleware.IFrameFixMiddleware' and
    'vk_iframe.middleware.LoginRequiredMiddleware' to MIDDLEWARE_CLASSES::
 
         MIDDLEWARE_CLASSES = [
             # ...
             'django.contrib.auth.middleware.AuthenticationMiddleware',
             # ...
+            'vk_iframe.middleware.IFrameFixMiddleware',
             'vk_iframe.middleware.AuthenticationMiddleware',
             # ...
             'django.middleware.locale.LocaleMiddleware',

vk_iframe/middleware.py

 import re
 from django.contrib import auth
 from django.core.exceptions import ImproperlyConfigured
-from django.http import HttpResponseForbidden
+from django.http import HttpResponseForbidden, HttpResponse
 from django.conf import settings
 from django.shortcuts import render_to_response
 from vk_iframe.forms import VkontakteIframeForm
         # пользователь не залогинен или залогинен под другим именем
         vk_form = VkontakteIframeForm(request.GET)
 
-        user = auth.authenticate(vk_form = vk_form)
+        user = auth.authenticate(vk_form=vk_form)
         if user:
             request.user = user
             auth.login(request, user)
         else:
             request.META['VKONTAKTE_LOGIN_ERRORS'] = vk_form.errors
 
+
+class IFrameFixMiddleware(object):
+
+    def process_request(self, request):
+        """
+        Safari default security policy restricts cookie setting in first request in iframe.
+        Solution is to create hidden form to preserve GET variables and REPOST it to current URL.
+        taken from https://gist.github.com/796811
+        """
+        if request.META['HTTP_USER_AGENT'].find('Safari') != -1\
+           and 'sessionid' not in request.COOKIES and 'cookie_fix' not in request.GET:
+            html = """<html><body><form name='cookie_fix' method='GET' action='.'>"""
+            for item in request.GET:
+                html += "<input type='hidden' value='%s' name='%s' />" % (request.GET[item], item)
+            html += "<input type='hidden' name='cookie_fix' value='1' />"
+            html += "</form>"
+            html += '''<script type="text/javascript">document.cookie_fix.submit()</script></html>'''
+            return HttpResponse(html)
+
     def process_response(self, request, response):
+        """
+        P3P policy for Internet Explorer.
+        """
         response["P3P"] = 'CP="%s"' % P3P_POLICY
         return response
 
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.