1494

pending completion

Build # 1494

Build Type

Pull #2

travis-ci-com

Committed by

web-flow

Commit Message

Merge f1aa62957 into d47604bd0

Pull Request Pull Request #2: Fixes removal of `_app_ctx_stack`

Run Details

16 of 16 new or added lines in 1 file covered. (100.0%)

6002 of 8464 relevant lines covered (70.91%)

5.53 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

42.42

/src/quorum/extras.py

#!/usr/bin/python
# -*- coding: utf-8 -*-

# Hive Flask Quorum
# Copyright (c) 2008-2022 Hive Solutions Lda.
#
# This file is part of Hive Flask Quorum.
#
# Hive Flask Quorum is free software: you can redistribute it and/or modify
# it under the terms of the Apache License as published by the Apache
# Foundation, either version 2.0 of the License, or (at your option) any
# later version.
#
# Hive Flask Quorum is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# Apache License for more details.
#
# You should have received a copy of the Apache License along with
# Hive Flask Quorum. If not, see <http://www.apache.org/licenses/>.

__author__ = "João Magalhães <joamag@hive.pt>"
""" The author(s) of the module """

__version__ = "1.0.0"
""" The version of the module """

__revision__ = "$LastChangedRevision$"
""" The revision number of the module """

__date__ = "$LastChangedDate$"
""" The last change date of the module """

__copyright__ = "Copyright (c) 2008-2022 Hive Solutions Lda."
""" The copyright for the module """

__license__ = "Apache License, Version 2.0"
""" The license for the module """

import flask

YEAR_IN_SECS = 31536000
""" The number of seconds that exist in a
complete year (365 days) """

class SSLify(object):
    """
    Secures your flask app by enabling the forcing
    of the protocol in the HTTP connection.
    """

    def __init__(self, app, age = YEAR_IN_SECS, subdomains = False):
        """
        Constructor of the class.

        :type app: App
        :param app: The application object to be used in the
        in SSL operation for the forcing of the protocol.
        :type age: int
        :param age: The maximum age of the hsts operation.
        :type subdomains: bool
        :param subdomains: If subdomain should be allows as part
        of the security policy.
        """

        if not app == None:
            self.app = app
            self.hsts_age = age
            self.hsts_include_subdomains = subdomains

            self.init_app(self.app)
        else:
            self.app = None

    def init_app(self, app):
        """
        Configures the configured flask app to enforce SSL.

        :type app: App
        :param app: The application to be configured to enforce
        the SSL redirection support.
        """

        app.before_request(self.redirect_to_ssl)
        app.after_request(self.set_hsts_header)

    @property
    def hsts_header(self):
        """
        Returns the proper hsts policy.

        :rtype: String
        :return: The proper hsts policy string value.
        """

        hsts_policy = "max-age={0}".format(self.hsts_age)
        if self.hsts_include_subdomains: hsts_policy += "; includeSubDomains"

        return hsts_policy

    def redirect_to_ssl(self):
        """
        Redirect incoming requests to HTTPS in case the current
        protocol is not considered secure.

        This is a conditional execution that verifies the current
        request against any of the defined rules of security.

        :rtype: Request
        :return: The changed request containing the redirect
        instruction in case it's required.
        """

        criteria = [
            flask.request.is_secure,
            flask.request.headers.get("X-Forwarded-Proto", "http") == "https"
        ]

        if any(criteria): return
        if not flask.request.url.startswith("http://"): return

        url = flask.request.url.replace("http://", "https://", 1)
        request = flask.redirect(url)
        return request

    def set_hsts_header(self, response):
        """
        Adds hsts header to each response, that should be performed
        at the end of the request handling workflow.

        This header should enable extra security options to be
        interpreted at the client side.

        :type response: Response
        :param response: The response to be used to set the hsts
        policy header.
        :rtype: Response
        :return: The changed response object, containing the strict
        transport security (hsts) header.
        """

        response.headers.setdefault("Strict-Transport-Security", self.hsts_header)
        return response

1	#!/usr/bin/python
2	# -- coding: utf-8 --
3
4	# Hive Flask Quorum
5	# Copyright (c) 2008-2022 Hive Solutions Lda.
6	#
7	# This file is part of Hive Flask Quorum.
8	#
9	# Hive Flask Quorum is free software: you can redistribute it and/or modify
10	# it under the terms of the Apache License as published by the Apache
11	# Foundation, either version 2.0 of the License, or (at your option) any
12	# later version.
13	#
14	# Hive Flask Quorum is distributed in the hope that it will be useful,
15	# but WITHOUT ANY WARRANTY; without even the implied warranty of
16	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17	# Apache License for more details.
18	#
19	# You should have received a copy of the Apache License along with
20	# Hive Flask Quorum. If not, see <http://www.apache.org/licenses/>.
21
22	__author__ = "João Magalhães <joamag@hive.pt>"	8✔
23	""" The author(s) of the module """
24
25	__version__ = "1.0.0"	8✔
26	""" The version of the module """
27
28	__revision__ = "$LastChangedRevision$"	8✔
29	""" The revision number of the module """
30
31	__date__ = "$LastChangedDate$"	8✔
32	""" The last change date of the module """
33
34	__copyright__ = "Copyright (c) 2008-2022 Hive Solutions Lda."	8✔
35	""" The copyright for the module """
36
37	__license__ = "Apache License, Version 2.0"	8✔
38	""" The license for the module """
39
40	import flask	8✔
41
42	YEAR_IN_SECS = 31536000	8✔
43	""" The number of seconds that exist in a
44	complete year (365 days) """
45
46	class SSLify(object):	8✔
47	"""
48	Secures your flask app by enabling the forcing
49	of the protocol in the HTTP connection.
50	"""
51
52	def __init__(self, app, age = YEAR_IN_SECS, subdomains = False):	8✔
53	"""
54	Constructor of the class.
55
56	:type app: App
57	:param app: The application object to be used in the
58	in SSL operation for the forcing of the protocol.
59	:type age: int
60	:param age: The maximum age of the hsts operation.
61	:type subdomains: bool
62	:param subdomains: If subdomain should be allows as part
63	of the security policy.
64	"""
65
66	if not app == None:	×
67	self.app = app	×
68	self.hsts_age = age	×
69	self.hsts_include_subdomains = subdomains	×
70
71	self.init_app(self.app)	×
72	else:
73	self.app = None	×
74
75	def init_app(self, app):	8✔
76	"""
77	Configures the configured flask app to enforce SSL.
78
79	:type app: App
80	:param app: The application to be configured to enforce
81	the SSL redirection support.
82	"""
83
84	app.before_request(self.redirect_to_ssl)	×
85	app.after_request(self.set_hsts_header)	×
86
87	@property	8✔
88	def hsts_header(self):
89	"""
90	Returns the proper hsts policy.
91
92	:rtype: String
93	:return: The proper hsts policy string value.
94	"""
95
96	hsts_policy = "max-age={0}".format(self.hsts_age)	×
97	if self.hsts_include_subdomains: hsts_policy += "; includeSubDomains"	×
98
99	return hsts_policy	×
100
101	def redirect_to_ssl(self):	8✔
102	"""
103	Redirect incoming requests to HTTPS in case the current
104	protocol is not considered secure.
105
106	This is a conditional execution that verifies the current
107	request against any of the defined rules of security.
108
109	:rtype: Request
110	:return: The changed request containing the redirect
111	instruction in case it's required.
112	"""
113
114	criteria = [	×
115	flask.request.is_secure,
116	flask.request.headers.get("X-Forwarded-Proto", "http") == "https"
117	]
118
119	if any(criteria): return	×
120	if not flask.request.url.startswith("http://"): return	×
121
122	url = flask.request.url.replace("http://", "https://", 1)	×
123	request = flask.redirect(url)	×
124	return request	×
125
126	def set_hsts_header(self, response):	8✔
127	"""
128	Adds hsts header to each response, that should be performed
129	at the end of the request handling workflow.
130
131	This header should enable extra security options to be
132	interpreted at the client side.
133
134	:type response: Response
135	:param response: The response to be used to set the hsts
136	policy header.
137	:rtype: Response
138	:return: The changed response object, containing the strict
139	transport security (hsts) header.
140	"""
141
142	response.headers.setdefault("Strict-Transport-Security", self.hsts_header)	×
143	return response	×

hivesolutions / flask-quorum / 1494

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous