sanic/docs/sanic
L. Kärkkäinen 1e4b1c4d1a Forwarded headers and otherwise improved proxy handling (#1638)
* Added support for HTTP Forwarded header and combined parsing of other proxy headers.

- Accessible via request.forwarded that tries parse_forwarded and then parse_xforwarded
- parse_forwarded uses the Forwarded header, if config.FORWARDED_SECRET is provided and a matching header field is found
- parse_xforwarded uses X-Real-IP and X-Forwarded-* much alike the existing implementation
- This commit does not change existing request properties that still use the old code and won't make use of Forwarded headers.

* Use req.forwarded in req properties server_name, server_port, scheme and remote_addr.

X-Scheme handling moved to parse_xforwarded.

* Cleanup and fix req.server_port; no longer reports socket port if any forwards headers are used.

* Update docstrings to incidate that forwarded header is used first.

* Remove testing function.

* Fix tests and linting.

- One test removed due to change of semantics - no socket port will be used if any forwarded headers are in effect.
- Other tests augmented with X-Forwarded-For, to allow the header being tested take effect (shouldn't affect old implementation).

* Try to workaround buggy tools complaining about incorrect ordering of imports.

* Cleanup forwarded processing, add comments. secret is now also returned.

* Added tests, fixed quoted string handling, cleanup.

* Further tests for full coverage.

* Try'n make linter happy.

* Add support for multiple Forwarded headers. Unify parse_forwarded parameters with parse_xforwarded.

* Implement multiple headers support for X-Forwarded-For.

- Previously only the first header was used, so this BUGFIX may affect functionality.

* Bugfix for request.server_name: strip port and other parts.

- request.server_name docs claim that it returns the hostname only (no port).
- config.SERVER_NAME may be full URL, so strip scheme, port and path
- HTTP Host and consequently forwarded Host may include port number, so
  strip that also for forwarded hosts (previously only done for HTTP Host).
- Possible performance benefit of limiting to one split.

* Fallback to app.url_for and let it handle SERVER_NAME if defined (until a proper solution is implemented).

* Revise previous commit. Only fallback for full URL SERVER_NAMEs; allows host to be defined and proxied information still being used.

* Heil lintnazi.

* Modify testcase not to use underscores in URLs. Use hyphens which the spec allows for.

* Forwarded and Host header parsing improved.

- request.forwarded lowercases hosts, separates host:port into their own fields and lowercases addresses
- forwarded.parse_host helper function added and used for parsing all host-style headers (IPv6 cannot be simply split(":")).
- more tests fixed not to use underscores in hosts as those are no longer accepted and lead to the field being rejected

* Fixed typo in docstring.

* Added IPv6 address tests for Host header.

* Fix regex.

* Further tests and stricter forwarded handling.

* Fix merge commit

* Linter

* Linter

* Linter

* Add  to avoid re-using the  variable. Make a few raw strings non-raw.

* Remove unnecessary or

* Updated docs (work in progress).

* Enable REAL_IP_HEADER parsing irregardless of PROXIES_COUNT setting.

- Also cleanup and added comments

* New defaults for PROXIES_COUNT and REAL_IP_HEADER, updated tests.

* Remove support for PROXIES_COUNT=-1.

* Linter errors.

- This is getting ridiculous: cannot fit an URL on one line, linter requires
  splitting the string literal!

* Add support for by=_proxySecret, updated docs, updated tests.

* Forwarded headers' semantics tuning.

- Forwarded host is now preserved in original format
- request.host now returns a forwarded host if available, else the Host header
- Forwarded options are preserved in original order, and later keys override earlier ones
- Forwarded path is automatically URL-unquoted
- Forwarded 'by' and 'for' are omitted if their value is unknown
- Tests modified accordingly
- Cleanup and improved documentation

* Add ASGI test.

* Linter

* Linter #2
2019-09-02 08:50:56 -05:00
..
api_reference.rst Enable Middleware Support for Blueprint Groups (#1399) 2019-03-03 16:26:05 -06:00
asyncio_python37.rst fix typos in docs 2019-03-28 01:05:39 +00:00
blueprints.md Enable Middleware Support for Blueprint Groups (#1399) 2019-03-03 16:26:05 -06:00
changelog.rst fix: #1631: add towncrier support and fix documentation warnings 2019-07-13 21:47:48 +05:30
class_based_views.md update description 2018-01-24 09:02:07 +08:00
config.md Forwarded headers and otherwise improved proxy handling (#1638) 2019-09-02 08:50:56 -05:00
contributing.rst fix: #1631: add common contribution guidelines and towncrier detail to contribution guides 2019-07-13 21:48:34 +05:30
cookies.rst Added a warning to the cookies documentation about security 2017-06-28 11:05:59 +09:00
custom_protocol.rst make release script black compliant and tweak documentation with indexing and format 2018-12-28 10:24:02 +05:30
debug_mode.rst added init docs (#1167) 2018-04-01 20:53:08 -07:00
decorators.md Fix missing quotes in decorator example 2018-10-08 18:59:15 +09:00
deploying.md Add ASGI documentation 2019-06-18 09:57:42 +03:00
examples.rst fix typos in docs 2019-03-28 01:05:39 +00:00
exceptions.md Fix typo (#1516) 2019-03-15 11:49:18 -05:00
extensions.md fix: #1631: add towncrier support and fix documentation warnings 2019-07-13 21:47:48 +05:30
getting_started.md doc: GIT-1582: add fedora package dependency 2019-05-20 06:46:18 +05:30
index.rst Remove Python 3.5 references in docs 2019-05-14 11:21:24 +03:00
logging.rst make release script black compliant and tweak documentation with indexing and format 2018-12-28 10:24:02 +05:30
middleware.md Fix a grammar error 2019-01-02 20:37:26 +08:00
request_data.md Respect X-Forward-* headers and generate correct URLs in url_for (#1465) 2019-07-04 07:13:43 -05:00
response.md Upadte documentation for streaming response 2019-04-20 23:38:16 +03:00
routing.md fix: #1631: add towncrier support and fix documentation warnings 2019-07-13 21:47:48 +05:30
sockets.rst Added documentation for AF_INET6 and AF_UNIX socket usage 2018-10-19 13:33:01 -05:00
ssl.rst allow running with SSL via commandline 2017-03-07 19:57:10 -08:00
static_files.md did you mean specific? (#1486) 2019-02-06 16:28:32 -06:00
streaming.md Add file streaming section to the streaming documentation page 2019-04-20 23:50:19 +03:00
testing.md Create requests-async based TestClient, remove aiohttp dependency, drop Python 3.5 2019-04-30 15:26:06 +03:00
versioning.md Fix typo in documentation 2017-07-25 13:29:17 +03:00
websocket.rst Fix a minor typo in websocket.rst. 2019-06-30 22:11:02 -07:00