Change http headers from list to dict

2018-03-06 11:58:56 +01:00 · 2018-03-06 11:58:56 +01:00 · b0a8c4d278
parent b55832df34
commit b0a8c4d278
4 changed files with 27 additions and 28 deletions
--- a/plugins/Bigfile/BigfilePlugin.py
+++ b/plugins/Bigfile/BigfilePlugin.py
@ -44,10 +44,10 @@ class UiRequestPlugin(object):
        upload_info = upload_nonces[nonce]
        del upload_nonces[nonce]

-        self.sendHeader(200, "text/html", noscript=True, extra_headers=[
-            ("Access-Control-Allow-Origin", "null"),
-            ("Access-Control-Allow-Credentials", "true")
-        ])
+        self.sendHeader(200, "text/html", noscript=True, extra_headers={
+            "Access-Control-Allow-Origin": "null",
+            "Access-Control-Allow-Credentials": "true"
+        })

        self.readMultipartHeaders(self.env['wsgi.input'])  # Skip http headers

--- a/plugins/Mute/MutePlugin.py
+++ b/plugins/Mute/MutePlugin.py
@ -143,8 +143,8 @@ class UiRequestPlugin(object):
        if address in site_blacklist:
            site = self.server.site_manager.get(config.homepage)
            if not extra_headers:
-                extra_headers = []
-            self.sendHeader(extra_headers=extra_headers[:])
+                extra_headers = {}
+            self.sendHeader(extra_headers=extra_headers)
            return iter([super(UiRequestPlugin, self).renderWrapper(
                site, path, "uimedia/plugins/mute/blacklisted.html?address=" + address,
                "Blacklisted site", extra_headers, show_loadingscreen=False
--- a/plugins/disabled-Multiuser/MultiuserPlugin.py
+++ b/plugins/disabled-Multiuser/MultiuserPlugin.py
@ -48,8 +48,8 @@ class UiRequestPlugin(object):

        if user_created:
            if not extra_headers:
-                extra_headers = []
-            extra_headers.append(('Set-Cookie', "master_address=%s;path=/;max-age=2592000;" % user.master_address))  # = 30 days
+                extra_headers = {}
+            extra_headers['Set-Cookie'] = "master_address=%s;path=/;max-age=2592000;" % user.master_address  # = 30 days

        loggedin = self.get.get("login") == "done"

--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@ -83,7 +83,7 @@ class UiRequest(object):
            else:
                content_type = self.getContentType(path)

-            extra_headers = [("Access-Control-Allow-Origin", "null")]
+            extra_headers = {"Access-Control-Allow-Origin": "null"}

            self.sendHeader(content_type=content_type, extra_headers=extra_headers)
            return ""
@ -205,21 +205,21 @@ class UiRequest(object):

    # Send response headers
    def sendHeader(self, status=200, content_type="text/html", noscript=False, extra_headers=[]):
-        headers = []
-        headers.append(("Version", "HTTP/1.1"))
-        headers.append(("Connection", "Keep-Alive"))
-        headers.append(("Keep-Alive", "max=25, timeout=30"))
-        headers.append(("X-Frame-Options", "SAMEORIGIN"))
+        headers = {}
+        headers["Version"] = "HTTP/1.1"
+        headers["Connection"] = "Keep-Alive"
+        headers["Keep-Alive"] = "max=25, timeout=30"
+        headers["X-Frame-Options"] = "SAMEORIGIN"
        if content_type != "text/html" and self.env.get("HTTP_REFERER") and self.isSameOrigin(self.getReferer(), self.getRequestUrl()):
-            headers.append(("Access-Control-Allow-Origin", "*"))  # Allow load font files from css
+            headers["Access-Control-Allow-Origin"] = "*"  # Allow load font files from css

        if noscript:
-            headers.append(("Content-Security-Policy", "default-src 'none'; sandbox allow-top-navigation allow-forms; img-src 'self'; font-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline';"))
+            headers["Content-Security-Policy"] = "default-src 'none'; sandbox allow-top-navigation allow-forms; img-src 'self'; font-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline';"

        if self.env["REQUEST_METHOD"] == "OPTIONS":
            # Allow json access
-            headers.append(("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Cookie, Range"))
-            headers.append(("Access-Control-Allow-Credentials", "true"))
+            headers["Access-Control-Allow-Headers"] = "Origin, X-Requested-With, Content-Type, Accept, Cookie, Range"
+            headers["Access-Control-Allow-Credentials"] = "true"

        if content_type == "text/html":
            content_type = "text/html; charset=utf-8"
@ -228,7 +228,7 @@ class UiRequest(object):

        # Download instead of display file types that can be dangerous
        if re.findall("/svg|/xml|/x-shockwave-flash|/pdf", content_type):
-            headers.append(("Content-Disposition", "attachment"))
+            headers["Content-Disposition"] = "attachment"

        cacheable_type = (
            content_type == "text/css" or content_type.startswith("image") or content_type.startswith("video") or
@ -236,13 +236,12 @@ class UiRequest(object):
        )

        if status in (200, 206) and cacheable_type:  # Cache Css, Js, Image files for 10min
-            headers.append(("Cache-Control", "public, max-age=600"))  # Cache 10 min
+            headers["Cache-Control"] = "public, max-age=600"  # Cache 10 min
        else:
-            headers.append(("Cache-Control", "no-cache, no-store, private, must-revalidate, max-age=0"))  # No caching at all
-        headers.append(("Content-Type", content_type))
-        for extra_header in extra_headers:
-            headers.append(extra_header)
-        return self.start_response(status_texts[status], headers)
+            headers["Cache-Control"] = "no-cache, no-store, private, must-revalidate, max-age=0"  # No caching at all
+        headers["Content-Type"] = content_type
+        headers.update(extra_headers)
+        return self.start_response(status_texts[status], headers.items())

    # Renders a template
    def render(self, template_path, *args, **kwargs):
@ -262,7 +261,7 @@ class UiRequest(object):
    # Render a file from media with iframe site wrapper
    def actionWrapper(self, path, extra_headers=None):
        if not extra_headers:
-            extra_headers = []
+            extra_headers = {}

        match = re.match("/(?P<address>[A-Za-z0-9\._-]+)(?P<inner_path>/.*|$)", path)
        if match:
@ -295,7 +294,7 @@ class UiRequest(object):
                if not site:
                    return False

-            self.sendHeader(extra_headers=extra_headers[:])
+            self.sendHeader(extra_headers=extra_headers)
            return iter([self.renderWrapper(site, path, inner_path, title, extra_headers)])
            # Make response be sent at once (see https://github.com/HelloZeroNet/ZeroNet/issues/1092)

@ -570,7 +569,7 @@ class UiRequest(object):
                    status = 200
                if header_allow_ajax:
                    extra_headers["Access-Control-Allow-Origin"] = "null"
-                self.sendHeader(status, content_type=content_type, noscript=header_noscript, extra_headers=extra_headers.items())
+                self.sendHeader(status, content_type=content_type, noscript=header_noscript, extra_headers=extra_headers)
            if self.env["REQUEST_METHOD"] != "OPTIONS":
                if not file_obj:
                    file_obj = open(file_path, "rb")