1
0
mirror of https://gitlab.crans.org/bde/nk20 synced 2024-12-23 07:52:23 +00:00

Remove django-turbolinks dependency

This commit is contained in:
Yohann D'ANELLO 2020-02-21 18:45:18 +01:00
parent 3fd99ebac7
commit db1e3eb98d
3 changed files with 53 additions and 4 deletions

52
note_kfet/middlewares.py Normal file
View File

@ -0,0 +1,52 @@
# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from urllib3.packages.rfc3986 import urlparse
try:
from django.utils.deprecation import MiddlewareMixin
except ImportError:
MiddlewareMixin = object
from django.http import HttpResponseForbidden
def same_origin(current_uri, redirect_uri):
a = urlparse(current_uri)
if not a.scheme:
return True
b = urlparse(redirect_uri)
return (a.scheme, a.hostname, a.port) == (b.scheme, b.hostname, b.port)
class TurbolinksMiddleware(MiddlewareMixin):
def process_request(self, request):
referrer = request.META.get('HTTP_X_XHR_REFERER')
if referrer:
# overwrite referrer
request.META['HTTP_REFERER'] = referrer
return
def process_response(self, request, response):
referrer = request.META.get('HTTP_X_XHR_REFERER')
if not referrer:
# turbolinks not enabled
return response
method = request.COOKIES.get('request_method')
if not method or method != request.method:
response.set_cookie('request_method', request.method)
if response.has_header('Location'):
# this is a redirect response
loc = response['Location']
request.session['_turbolinks_redirect_to'] = loc
# cross domain blocker
if referrer and not same_origin(loc, referrer):
return HttpResponseForbidden()
else:
if request.session.get('_turbolinks_redirect_to'):
loc = request.session.pop('_turbolinks_redirect_to')
response['X-XHR-Redirected-To'] = loc
return response

View File

@ -55,8 +55,6 @@ INSTALLED_APPS = [
# Autocomplete
'dal',
'dal_select2',
# turbolinks
'turbolinks',
# Note apps
'activity',
@ -77,7 +75,7 @@ MIDDLEWARE = [
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.locale.LocaleMiddleware',
'django.contrib.sites.middleware.CurrentSiteMiddleware',
'turbolinks.middleware.TurbolinksMiddleware',
'note_kfet.middlewares.TurbolinksMiddleware',
]
ROOT_URLCONF = 'note_kfet.urls'

View File

@ -13,7 +13,6 @@ djangorestframework==3.9.0
django-rest-polymorphic==0.1.8
django-reversion==3.0.3
django-tables2==2.1.0
django-turbolinks==0.5.1
docutils==0.14
psycopg2==2.8.4
idna==2.8