from cStringIO import StringIO
from django.conf import settings
from django.contrib.auth.models import AnonymousUser
from django.contrib.sites.models import Site
from django.core.urlresolvers import resolve, reverse
from django.db import connections
from django.http import Http404, HttpResponseRedirect, HttpResponsePermanentRedirect, get_host
from ilanlar.core import cache
import logging, os, sys, tempfile
import logging.handlers
import re
from prive.profile.models import Profil as User
from urlparse import urlsplit, urlunsplit
class MultipleProxyMiddleware(object):
FORWARDED_FOR_FIELDS = [
'HTTP_X_FORWARDED_FOR',
'HTTP_X_FORWARDED_HOST',
'HTTP_X_FORWARDED_SERVER',
]
def process_request(self, request):
for field in self.FORWARDED_FOR_FIELDS:
if field in request.META:
if ',' in request.META[field]:
parts = request.META[field].split(',')
request.META[field] = parts[-1].strip()
def secure(func):
def _secure(*args, **kwargs):
return func(*args, **kwargs)
_secure.is_secure = True
_secure.__name__ = func.__name__
return _secure
HREF_PATTERN = re.compile(r"""(?P<attribute>href|src)\s*=\s*["'](?P<url>[^"']+)["']""", re.IGNORECASE)
class SSLMiddleware(object):
def process_view(self, request, view_func, view_args, view_kwargs):
is_secure = "https" == request.META.get("HTTP_X_FORWARDED_PROTO", "http")
needs_secure = self._resolves_to_secure_view(request.path)
if needs_secure != is_secure and not settings.IGNORE_HTTPS:
return self._redirect(request, needs_secure)
return None
def process_response(self, request, response):
if response['Content-Type'].find('html') >= 0:
protocol = request.META.get("HTTP_X_FORWARDED_PROTO", "http")
if protocol == "http":
return response
def rewrite_url(match):
attribute = match.groupdict()["attribute"]
split_url = urlsplit(match.groupdict()["url"])
if split_url.scheme == 'javascript' and request.path.startswith(reverse('admin:index')):
return '%s="%s"' % (attribute, split_url.geturl())
host = split_url.netloc if split_url.netloc else settings.HTTP_HOST
request_path = request.path if request.path and request.path[-1] != "/" else request.path[:-1]
path = split_url.path if split_url.path and split_url.path[0] == "/" else "%s/%s" % (request_path, split_url.path)
new_url = urlunsplit((protocol, host, path, split_url[3],split_url[4]))
return '%s="%s"' % (attribute, new_url)
try:
decoded_content = response.content.decode('utf-8')
except UnicodeDecodeError:
decoded_content = response.content
response.content = \
HREF_PATTERN.sub(rewrite_url, decoded_content).encode('utf-8')
return response
def _redirect(self, request, needs_secure):
protocol = needs_secure and "https" or "http"
new_url = self._add_protocol(request, protocol)
if settings.DEBUG and request.method == "POST":
raise RuntimeError, "SSL YONLERDIRMESI BASARISIZ<============!"
return HttpResponseRedirect(new_url)
def _add_protocol(self, request, protocol):
return "%s://%s%s" % (protocol, get_host(request), request.get_full_path())
def _resolves_to_secure_view(self, url):
try:
view_func, args, kwargs = resolve(url)
except:
return None
else:
return getattr(view_func, 'is_secure', False)