diff options
author | Gunnar Mills <gmills@us.ibm.com> | 2018-07-25 09:32:52 -0500 |
---|---|---|
committer | Gunnar Mills <gmills@us.ibm.com> | 2018-07-25 09:34:23 -0500 |
commit | 3a9a51c969c2aeb7cceb7b2bee203a10afb2da95 (patch) | |
tree | 05add0e9f819ff9f782ae534810ad61e9a0b215c | |
parent | 1eea5c3beb4ef17f7013a1068bb7cc0064d7b1ff (diff) | |
download | phosphor-rest-server-3a9a51c969c2aeb7cceb7b2bee203a10afb2da95.tar.gz phosphor-rest-server-3a9a51c969c2aeb7cceb7b2bee203a10afb2da95.zip |
Revert "Provide the infrastructure to whitelist given URL from REST server"
This reverts commit 0cf702c3948487089723d539efc59275b958bf34.
This commit broke accessing the Web UI. Reverting until this can be
fixed.
Change-Id: Ie49bbcd51561cca5d587bd161ec51f3b6d22ffd0
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
-rw-r--r-- | module/obmc/wsgi/apps/rest_dbus.py | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/module/obmc/wsgi/apps/rest_dbus.py b/module/obmc/wsgi/apps/rest_dbus.py index d89cb68..5eaffb7 100644 --- a/module/obmc/wsgi/apps/rest_dbus.py +++ b/module/obmc/wsgi/apps/rest_dbus.py @@ -31,7 +31,6 @@ import crypt import tempfile import re import mimetypes -import fnmatch have_wsock = True try: from geventwebsocket import WebSocketError @@ -1455,36 +1454,6 @@ class ContentCheckerPlugin(object): return self.Checker(content_type, callback) -class CheckURLPlugin(object): - ''' Ensures that anything read and written using only urls listed in - the url_config.json config file would allowed. ''' - name = 'url_checker' - api = 2 - - def __init__(self): - config_path = '/usr/share/rest-dbus/url_config.json' - url_config = {} - urls = {} - self.pattern = {} - if os.path.exists(config_path): - try: - with open(config_path) as data_file: - url_config = json.load(data_file) - urls = url_config.get("urls", ["*"]) - self.pattern = '|'.join(fnmatch.translate(p) for p in urls) - self.pattern = re.compile(self.pattern) - except ValueError as e: - abort(404, str(e)) - else: - abort(404, "Config file path not found for Whitelisted URLs") - - def apply(self, callback, route): - - def wrap(*a, **kw): - if self.pattern.match(request.path): - return callback(*a, **kw) - abort(404,"Trying to access Blocked URL") - return wrap class App(Bottle): def __init__(self, **kw): @@ -1513,7 +1482,6 @@ class App(Bottle): self.install(JsonApiResponsePlugin(self)) self.install(JsonApiRequestPlugin()) self.install(JsonApiRequestTypePlugin()) - self.install(CheckURLPlugin()) def install_hooks(self): self.error_handler_type = type(self.default_error_handler) |