Browse Source

asked changes made, code tested and flask unittests all passed

pull/2105/head
José Oliveira 8 years ago
parent
commit
56b33ab458
  1. 31
      flask/helpers.py
  2. 8
      flask/sessions.py

31
flask/helpers.py

@ -14,7 +14,6 @@ import sys
import pkgutil import pkgutil
import posixpath import posixpath
import mimetypes import mimetypes
import warnings
from time import time from time import time
from zlib import adler32 from zlib import adler32
from threading import RLock from threading import RLock
@ -960,32 +959,22 @@ def total_seconds(td):
""" """
return td.days * 60 * 60 * 24 + td.seconds return td.days * 60 * 60 * 24 + td.seconds
def is_ip(string, var_name): def is_ip(ip):
"""Returns the if the string received is an IP or not. """Returns the if the string received is an IP or not.
:param string: the string to check if it an IP or not :param string: the string to check if it an IP or not
:param var_name: the name of the variable that is being checked :param var_name: the name of the string that is being checked
:returns: True if string is an IP, False if not :returns: True if string is an IP, False if not
:rtype: boolean :rtype: boolean
""" """
ipv4 = string.split('.') import socket
ipv6 = string.split(':')
try:
for i,t in enumerate(ipv6):
if not t:
ipv6[i] = "0"
if(all(int(t,16) >= 0 and int(t,16) <= 65535 for t in ipv6)):
print("IPv6 address introduced in " + var_name)
return True
except ValueError:
pass
if len(ipv4) == 4: for family in (socket.AF_INET, socket.AF_INET6):
try: try:
if(all(int(t) >= 0 and int(t) <= 255 for t in ipv4)): socket.inet_pton(family, ip)
print("IPv4 address introduced in " + var_name) except socket.error:
except ValueError: pass
return False else:
else: return True
return False return False

8
flask/sessions.py

@ -11,13 +11,14 @@
import uuid import uuid
import hashlib import hashlib
from warnings import warn
from base64 import b64encode, b64decode from base64 import b64encode, b64decode
from datetime import datetime from datetime import datetime
from werkzeug.http import http_date, parse_date from werkzeug.http import http_date, parse_date
from werkzeug.datastructures import CallbackDict from werkzeug.datastructures import CallbackDict
from . import Markup, json from . import Markup, json
from ._compat import iteritems, text_type from ._compat import iteritems, text_type
from .helpers import total_seconds, is_IP from .helpers import total_seconds, is_ip
from itsdangerous import URLSafeTimedSerializer, BadSignature from itsdangerous import URLSafeTimedSerializer, BadSignature
@ -332,8 +333,9 @@ class SecureCookieSessionInterface(SessionInterface):
def save_session(self, app, session, response): def save_session(self, app, session, response):
domain = self.get_cookie_domain(app) domain = self.get_cookie_domain(app)
if domain != None: if domain is not None:
is_ip(domain, "SESSION_COOKIE_DOMAIN", self) if is_ip(domain):
warnings.warn("IP introduced in SESSION_COOKIE_DOMAIN", RuntimeWarning)
path = self.get_cookie_path(app) path = self.get_cookie_path(app)
# Delete case. If there is no session we bail early. # Delete case. If there is no session we bail early.

Loading…
Cancel
Save