Commits

bslatkin  committed 4ad1b5c

added support for clients to view over https

git-svn-id: http://mirrorrr.googlecode.com/svn/trunk@33d187d8e-b4d8-11dd-90a5-ed332e521da9

  • Participants
  • Parent commits 0fe2087

Comments (0)

Files changed (9)

 application: mirrorrr
-version: opensource
+version: secureable
 runtime: python
 api_version: 1
 
 
 - url: /robots\.txt
   static_files: static/robots.txt
-  upload: static/robots.txt
+  upload: static/robots\.txt
 
 - url: /favicon\.ico
   static_files: static/favicon.ico
-  upload: static/favicon.ico
+  upload: static/favicon\.ico
+  secure: optional
+
+- url: /static/base(\.[0-9])\.css
+  static_files: static/base.css
+  upload: static/base\.css
+  secure: optional
 
 - url: /static
   static_dir: static
+  secure: optional
 
 - url: /admin
   login: admin
   script: mirror.py
+  secure: optional
 
 - url: /cleanup
   login: admin
   script: mirror.py
+  secure: optional
 
 - url: /kaboom
   login: admin
   script: mirror.py
+  secure: optional
 
 - url: /.*
   script: mirror.py
+  secure: optional
 # automatically uploaded to the admin console when you next deploy
 # your application using appcfg.py.
 
-# Used once in query history.
+# Used 19 times in query history.
 - kind: EntryPoint
   properties:
   - name: last_updated
 <html>
 <head>
   <title>mirror - ɹoɹɹıɯ</title>
-  <link rel="stylesheet" href="static/base.css" type="text/css" charset="utf-8"/>
+  <link rel="stylesheet" href="static/base.2.css" type="text/css" charset="utf-8"/>
   <link rel="icon" href="/favicon.ico" type="image/vnd.microsoft.icon" />
   <script type="text/javascript" charset="utf-8">
     var activeColor = "#000000";
   </div>
 </div>
 
+<div class="secure">
+  {% if secure_url %}<a href="{{secure_url}}">{% endif %}<img src="/static/{% if secure_url %}no{% endif %}lock.png" width="16" height="16"> {% if secure_url %}not secure</a>{% else %}secure{% endif %}
+</div>
+
 </div>
 </div>
 
 ## EXPIRATION_RECENT_URLS_SECONDS = 1
 
 HTTP_PREFIX = "http://"
+HTTPS_PREFIX = "http://"
 
 IGNORE_HEADERS = frozenset([
   'set-cookie',
 
 class BaseHandler(webapp.RequestHandler):
   def get_relative_url(self):
-    slash = self.request.url.find("/", len(HTTP_PREFIX))
+    slash = self.request.url.find("/", len(self.request.scheme + "://"))
     if slash == -1:
       return "/"
     return self.request.url[slash:]
 
     # Do this dictionary construction here, to decouple presentation from
     # how we store data.
+    secure_url = None
+    if self.request.scheme == "http":
+      secure_url = "https://mirrorrr.appspot.com"
     context = {
       "latest_urls": latest_urls,
+      "secure_url": secure_url,
     }
     self.response.out.write(template.render("main.html", context))
 
     logging.debug('User-Agent = "%s", Referrer = "%s"',
                   self.request.user_agent,
                   self.request.referer)
+    logging.debug('Base_url = "%s", url = "%s"', base_url, self.request.url)
 
     translated_address = self.get_relative_url()[1:]  # remove leading /
     mirrored_url = HTTP_PREFIX + translated_address

File static/base.css

 .url24 { color: #f5f5f5 !important; }
 .url25 { color: #ffffff !important; }
 
+/* secure link */
+.secure {
+  text-align: center;
+  margin-top: 50px;
+  vertical-align: middle;
+  font-size: 12px;
+}
+
+.secure img {
+  margin-bottom: -0.3em;
+  border: 0;
+}
+
+.secure a, .secure a:hover, .secure a:visited, .secure a:active {
+  color: #000;
+  text-decoration: none;
+}

File static/lock.png

Added
New image

File static/nolock.png

Added
New image

File transform_content.py

 ################################################################################
 
 # URLs that have absolute addresses
-ABSOLUTE_URL_REGEX = r"(http:)?//(?P<url>[^\"'> \t\)]+)"
+ABSOLUTE_URL_REGEX = r"(http(s?):)?//(?P<url>[^\"'> \t\)]+)"
 
 # URLs that are relative to the base of the current hostname.
-BASE_RELATIVE_URL_REGEX = r"/(?!(/)|(http://)|(url\())(?P<url>[^\"'> \t\)]*)"
+BASE_RELATIVE_URL_REGEX = r"/(?!(/)|(http(s?)://)|(url\())(?P<url>[^\"'> \t\)]*)"
 
 # URLs that have '../' or './' to start off their paths.
-TRAVERSAL_URL_REGEX = r"(?P<relative>\.(\.)?)/(?!(/)|(http://)|(url\())(?P<url>[^\"'> \t\)]*)"
+TRAVERSAL_URL_REGEX = r"(?P<relative>\.(\.)?)/(?!(/)|(http(s?)://)|(url\())(?P<url>[^\"'> \t\)]*)"
 
 # URLs that are in the same directory as the requested URL.
-SAME_DIR_URL_REGEX = r"(?!(/)|(http://)|(url\())(?P<url>[^\"'> \t\)]+)"
+SAME_DIR_URL_REGEX = r"(?!(/)|(http(s?)://)|(url\())(?P<url>[^\"'> \t\)]+)"
 
 # URL matches the root directory.
 ROOT_DIR_URL_REGEX = r"(?!//(?!>))/(?P<url>)(?=[ \t\n]*[\"'\)>/])"

File transform_content_test.py

       "http://a248.e.akamai.net/foobar/is/the/path.html",
       "/",
       "/a248.e.akamai.net/")
+  
+  def testSecureContent(self):
+    self._RunTransformTest(
+      "slashdot.org",
+      "https://slashdot.org",
+      "https://images.slashdot.org/iestyles.css?T_2_5_0_204",
+      "/images.slashdot.org/iestyles.css?T_2_5_0_204")
+
+  def testPartiallySecureContent(self):
+    self._RunTransformTest(
+      "slashdot.org",
+      "http://slashdot.org",
+      "https://images.slashdot.org/iestyles.css?T_2_5_0_204",
+      "/images.slashdot.org/iestyles.css?T_2_5_0_204")
 
 ################################################################################