Merge "Use rfc3986 module for URL validations"

This commit is contained in:
Jenkins 2016-03-10 20:28:58 +00:00 committed by Gerrit Code Review
commit a011b405a7
4 changed files with 13 additions and 5 deletions

View File

@ -116,9 +116,6 @@ MAX_POLICY_POSITION = 2147483647
# 53 rules per policy
MAX_L7RULES_PER_L7POLICY = 50
URL_REGEX = (r'\Ahttp[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*(),]|'
r'(?:%[0-9a-fA-F][0-9a-fA-F]))+')
# See RFCs 2616, 2965, 6265, 7230: Should match characters valid in a
# http header or cookie name.
HTTP_HEADER_NAME_REGEX = r'\A[a-zA-Z0-9!#$%&\'*+-.^_`|~]+\Z'

View File

@ -20,6 +20,7 @@ Defined here so these can also be used at deeper levels than the API.
import re
import rfc3986
from octavia.common import constants
from octavia.common import exceptions
@ -27,8 +28,13 @@ from octavia.common import exceptions
def url(url):
"""Raises an error if the url doesn't look like a URL."""
p = re.compile(constants.URL_REGEX)
if not p.match(url):
try:
if not rfc3986.is_valid_uri(url, require_scheme=True):
raise exceptions.InvalidURL(url=url)
p_url = rfc3986.urlparse(rfc3986.normalize_uri(url))
if p_url.scheme != 'http' and p_url.scheme != 'https':
raise exceptions.InvalidURL(url=url)
except Exception:
raise exceptions.InvalidURL(url=url)
return True

View File

@ -29,6 +29,10 @@ class TestValidations(base.TestCase):
def test_validate_bad_url(self):
self.assertRaises(exceptions.InvalidURL, validate.url, 'bad url')
def test_validate_url_bad_schema(self):
self.assertRaises(exceptions.InvalidURL, validate.url,
'ssh://www.example.com/')
def test_validate_header_name(self):
ret = validate.header_name('Some-header')
self.assertTrue(ret)

View File

@ -8,6 +8,7 @@ SQLAlchemy<1.1.0,>=1.0.10 # MIT
Babel>=1.3 # BSD
eventlet!=0.18.3,>=0.18.2 # MIT
requests!=2.9.0,>=2.8.1 # Apache-2.0
rfc3986>=0.2.0 # Apache-2.0
keystoneauth1>=2.1.0 # Apache-2.0
keystonemiddleware!=4.1.0,>=4.0.0 # Apache-2.0
python-neutronclient!=4.1.0,>=2.6.0 # Apache-2.0