resolve conflict in web.py

2024-12-17 19:54:48 -05:00 · 2021-05-31 12:04:24 +00:00 · 2021-05-31 12:04:24 +00:00 · b8b7885a52
commit b8b7885a52
parent ea72440543
1 changed files with 41 additions and 11 deletions
--- a/cli/onionshare_cli/web/web.py
+++ b/cli/onionshare_cli/web/web.py
@ -223,7 +223,7 @@ class Web:
                return _check_login()

        @self.app.after_request
-        def add_security_headers(r):
+        def add_security_headers(self, r):
            """
            Add security headers to a response
            """
@ -244,6 +244,20 @@ class Web:
            mode.cur_history_id += 1
            return self.error404(history_id)

+        @self.app.errorhandler(405)
+        def method_not_allowed(e):
+            mode = self.get_mode()
+            history_id = mode.cur_history_id
+            mode.cur_history_id += 1
+            return self.error405(history_id)
+
+        @self.app.errorhandler(500)
+        def method_not_allowed(e):
+            mode = self.get_mode()
+            history_id = mode.cur_history_id
+            mode.cur_history_id += 1
+            return self.error500(history_id)
+
        @self.app.route("/<password_candidate>/shutdown")
        def shutdown(password_candidate):
            """
@ -289,25 +303,41 @@ class Web:
        return render_template("403.html", static_url_path=self.static_url_path), 403

    def error404(self, history_id):
-        self.add_request(
-            self.REQUEST_INDIVIDUAL_FILE_STARTED,
-            request.path,
-            {"id": history_id, "status_code": 404},
-        )
+        mode = self.get_mode()
+        if mode.supports_file_requests:
+            self.add_request(
+                self.REQUEST_INDIVIDUAL_FILE_STARTED,
+                request.path,
+                {"id": history_id, "status_code": 404},
+            )

        self.add_request(Web.REQUEST_OTHER, request.path)
        return render_template("404.html", static_url_path=self.static_url_path), 404

    def error405(self, history_id):
-        self.add_request(
-            self.REQUEST_INDIVIDUAL_FILE_STARTED,
-            request.path,
-            {"id": history_id, "status_code": 405},
-        )
+        mode = self.get_mode()
+        if mode.supports_file_requests:
+            self.add_request(
+                self.REQUEST_INDIVIDUAL_FILE_STARTED,
+                request.path,
+                {"id": history_id, "status_code": 405},
+            )

        self.add_request(Web.REQUEST_OTHER, request.path)
        return render_template("405.html", static_url_path=self.static_url_path), 405

+    def error500(self, history_id):
+        mode = self.get_mode()
+        if mode.supports_file_requests:
+            self.add_request(
+                self.REQUEST_INDIVIDUAL_FILE_STARTED,
+                request.path,
+                {"id": history_id, "status_code": 500},
+            )
+
+        self.add_request(Web.REQUEST_OTHER, request.path)
+        return render_template("500.html", static_url_path=self.static_url_path), 500
+
    def _safe_select_jinja_autoescape(self, filename):
        if filename is None:
            return True