summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGunnar Mills <gmills@us.ibm.com>2018-07-25 09:32:52 -0500
committerGunnar Mills <gmills@us.ibm.com>2018-07-25 09:34:23 -0500
commit3a9a51c969c2aeb7cceb7b2bee203a10afb2da95 (patch)
tree05add0e9f819ff9f782ae534810ad61e9a0b215c
parent1eea5c3beb4ef17f7013a1068bb7cc0064d7b1ff (diff)
downloadphosphor-rest-server-3a9a51c969c2aeb7cceb7b2bee203a10afb2da95.zip
phosphor-rest-server-3a9a51c969c2aeb7cceb7b2bee203a10afb2da95.tar.gz
Revert "Provide the infrastructure to whitelist given URL from REST server"
This reverts commit 0cf702c3948487089723d539efc59275b958bf34. This commit broke accessing the Web UI. Reverting until this can be fixed. Change-Id: Ie49bbcd51561cca5d587bd161ec51f3b6d22ffd0 Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
-rw-r--r--module/obmc/wsgi/apps/rest_dbus.py32
1 files changed, 0 insertions, 32 deletions
diff --git a/module/obmc/wsgi/apps/rest_dbus.py b/module/obmc/wsgi/apps/rest_dbus.py
index d89cb68..5eaffb7 100644
--- a/module/obmc/wsgi/apps/rest_dbus.py
+++ b/module/obmc/wsgi/apps/rest_dbus.py
@@ -31,7 +31,6 @@ import crypt
import tempfile
import re
import mimetypes
-import fnmatch
have_wsock = True
try:
from geventwebsocket import WebSocketError
@@ -1455,36 +1454,6 @@ class ContentCheckerPlugin(object):
return self.Checker(content_type, callback)
-class CheckURLPlugin(object):
- ''' Ensures that anything read and written using only urls listed in
- the url_config.json config file would allowed. '''
- name = 'url_checker'
- api = 2
-
- def __init__(self):
- config_path = '/usr/share/rest-dbus/url_config.json'
- url_config = {}
- urls = {}
- self.pattern = {}
- if os.path.exists(config_path):
- try:
- with open(config_path) as data_file:
- url_config = json.load(data_file)
- urls = url_config.get("urls", ["*"])
- self.pattern = '|'.join(fnmatch.translate(p) for p in urls)
- self.pattern = re.compile(self.pattern)
- except ValueError as e:
- abort(404, str(e))
- else:
- abort(404, "Config file path not found for Whitelisted URLs")
-
- def apply(self, callback, route):
-
- def wrap(*a, **kw):
- if self.pattern.match(request.path):
- return callback(*a, **kw)
- abort(404,"Trying to access Blocked URL")
- return wrap
class App(Bottle):
def __init__(self, **kw):
@@ -1513,7 +1482,6 @@ class App(Bottle):
self.install(JsonApiResponsePlugin(self))
self.install(JsonApiRequestPlugin())
self.install(JsonApiRequestTypePlugin())
- self.install(CheckURLPlugin())
def install_hooks(self):
self.error_handler_type = type(self.default_error_handler)
OpenPOWER on IntegriCloud