mirror of
https://github.com/caronc/apprise.git
synced 2025-01-21 05:19:01 +01:00
Strict enforcing of +, -, and : prefixed kwargs in URLs (#302)
This commit is contained in:
parent
fcd81160be
commit
a853546f0f
@ -41,6 +41,10 @@ from ..utils import parse_bool
|
|||||||
from ..utils import parse_urls
|
from ..utils import parse_urls
|
||||||
from . import SCHEMA_MAP
|
from . import SCHEMA_MAP
|
||||||
|
|
||||||
|
# Test whether token is valid or not
|
||||||
|
VALID_TOKEN = re.compile(
|
||||||
|
r'(?P<token>[a-z0-9][a-z0-9_]+)', re.I)
|
||||||
|
|
||||||
|
|
||||||
class ConfigBase(URLBase):
|
class ConfigBase(URLBase):
|
||||||
"""
|
"""
|
||||||
@ -878,6 +882,17 @@ class ConfigBase(URLBase):
|
|||||||
# Just use the global settings
|
# Just use the global settings
|
||||||
_results['tag'] = global_tags
|
_results['tag'] = global_tags
|
||||||
|
|
||||||
|
for key in list(_results.keys()):
|
||||||
|
# Strip out any tokens we know that we can't accept and
|
||||||
|
# warn the user
|
||||||
|
match = VALID_TOKEN.match(key)
|
||||||
|
if not match:
|
||||||
|
ConfigBase.logger.warning(
|
||||||
|
'Ignoring invalid token ({}) found in YAML '
|
||||||
|
'configuration entry #{}, item #{}'
|
||||||
|
.format(key, no + 1, entry))
|
||||||
|
del _results[key]
|
||||||
|
|
||||||
ConfigBase.logger.trace(
|
ConfigBase.logger.trace(
|
||||||
'URL #{}: {} unpacked as:{}{}'
|
'URL #{}: {} unpacked as:{}{}'
|
||||||
.format(no + 1, url, os.linesep, os.linesep.join(
|
.format(no + 1, url, os.linesep, os.linesep.join(
|
||||||
|
@ -338,8 +338,12 @@ class NotifyEnigma2(NotifyBase):
|
|||||||
|
|
||||||
# Add our headers that the user can potentially over-ride if they wish
|
# Add our headers that the user can potentially over-ride if they wish
|
||||||
# to to our returned result set
|
# to to our returned result set
|
||||||
results['headers'] = results['qsd-']
|
results['headers'] = results['qsd+']
|
||||||
results['headers'].update(results['qsd+'])
|
if results['qsd-']:
|
||||||
|
results['headers'].update(results['qsd-'])
|
||||||
|
NotifyBase.logger.deprecate(
|
||||||
|
"minus (-) based Enigma header tokens are being "
|
||||||
|
" removed; use the plus (+) symbol instead.")
|
||||||
|
|
||||||
# Tidy our header entries by unquoting them
|
# Tidy our header entries by unquoting them
|
||||||
results['headers'] = {
|
results['headers'] = {
|
||||||
|
@ -325,6 +325,10 @@ class NotifyIFTTT(NotifyBase):
|
|||||||
# Unquote our API Key
|
# Unquote our API Key
|
||||||
results['webhook_id'] = NotifyIFTTT.unquote(results['webhook_id'])
|
results['webhook_id'] = NotifyIFTTT.unquote(results['webhook_id'])
|
||||||
|
|
||||||
|
# Parse our add_token and del_token arguments (if specified)
|
||||||
|
results['add_token'] = results['qsd+']
|
||||||
|
results['del_token'] = results['qsd-']
|
||||||
|
|
||||||
# Our Event
|
# Our Event
|
||||||
results['events'] = list()
|
results['events'] = list()
|
||||||
if results['user']:
|
if results['user']:
|
||||||
|
@ -259,8 +259,12 @@ class NotifyJSON(NotifyBase):
|
|||||||
|
|
||||||
# Add our headers that the user can potentially over-ride if they wish
|
# Add our headers that the user can potentially over-ride if they wish
|
||||||
# to to our returned result set
|
# to to our returned result set
|
||||||
results['headers'] = results['qsd-']
|
results['headers'] = results['qsd+']
|
||||||
results['headers'].update(results['qsd+'])
|
if results['qsd-']:
|
||||||
|
results['headers'].update(results['qsd-'])
|
||||||
|
NotifyBase.logger.deprecate(
|
||||||
|
"minus (-) based JSON header tokens are being "
|
||||||
|
" removed; use the plus (+) symbol instead.")
|
||||||
|
|
||||||
# Tidy our header entries by unquoting them
|
# Tidy our header entries by unquoting them
|
||||||
results['headers'] = {NotifyJSON.unquote(x): NotifyJSON.unquote(y)
|
results['headers'] = {NotifyJSON.unquote(x): NotifyJSON.unquote(y)
|
||||||
|
@ -287,7 +287,11 @@ class NotifyNextcloud(NotifyBase):
|
|||||||
|
|
||||||
# Add our headers that the user can potentially over-ride if they
|
# Add our headers that the user can potentially over-ride if they
|
||||||
# wish to to our returned result set
|
# wish to to our returned result set
|
||||||
results['headers'] = results['qsd-']
|
results['headers'] = results['qsd+']
|
||||||
results['headers'].update(results['qsd+'])
|
if results['qsd-']:
|
||||||
|
results['headers'].update(results['qsd-'])
|
||||||
|
NotifyBase.logger.deprecate(
|
||||||
|
"minus (-) based Nextcloud header tokens are being "
|
||||||
|
" removed; use the plus (+) symbol instead.")
|
||||||
|
|
||||||
return results
|
return results
|
||||||
|
@ -365,8 +365,12 @@ class NotifyNotica(NotifyBase):
|
|||||||
|
|
||||||
# Add our headers that the user can potentially over-ride if they
|
# Add our headers that the user can potentially over-ride if they
|
||||||
# wish to to our returned result set
|
# wish to to our returned result set
|
||||||
results['headers'] = results['qsd-']
|
results['headers'] = results['qsd+']
|
||||||
results['headers'].update(results['qsd+'])
|
if results['qsd-']:
|
||||||
|
results['headers'].update(results['qsd-'])
|
||||||
|
NotifyBase.logger.deprecate(
|
||||||
|
"minus (-) based Notica header tokens are being "
|
||||||
|
" removed; use the plus (+) symbol instead.")
|
||||||
|
|
||||||
return results
|
return results
|
||||||
|
|
||||||
|
@ -278,8 +278,12 @@ class NotifyXML(NotifyBase):
|
|||||||
|
|
||||||
# Add our headers that the user can potentially over-ride if they wish
|
# Add our headers that the user can potentially over-ride if they wish
|
||||||
# to to our returned result set
|
# to to our returned result set
|
||||||
results['headers'] = results['qsd-']
|
results['headers'] = results['qsd+']
|
||||||
results['headers'].update(results['qsd+'])
|
if results['qsd-']:
|
||||||
|
results['headers'].update(results['qsd-'])
|
||||||
|
NotifyBase.logger.deprecate(
|
||||||
|
"minus (-) based XML header tokens are being "
|
||||||
|
"removed; use the plus (+) symbol instead.")
|
||||||
|
|
||||||
# Tidy our header entries by unquoting them
|
# Tidy our header entries by unquoting them
|
||||||
results['headers'] = {NotifyXML.unquote(x): NotifyXML.unquote(y)
|
results['headers'] = {NotifyXML.unquote(x): NotifyXML.unquote(y)
|
||||||
|
@ -83,6 +83,9 @@ def test_apprise_config(tmpdir):
|
|||||||
|
|
||||||
# Just 1 token provided causes exception
|
# Just 1 token provided causes exception
|
||||||
sns://T1JJ3T3L2/
|
sns://T1JJ3T3L2/
|
||||||
|
|
||||||
|
# XML
|
||||||
|
xml://localhost/?+HeaderEntry=Test&:IgnoredEntry=Ignored
|
||||||
""")
|
""")
|
||||||
|
|
||||||
# Create ourselves a config object
|
# Create ourselves a config object
|
||||||
@ -95,8 +98,8 @@ def test_apprise_config(tmpdir):
|
|||||||
# when there is at least one entry
|
# when there is at least one entry
|
||||||
assert ac
|
assert ac
|
||||||
|
|
||||||
# We should be able to read our 3 servers from that
|
# We should be able to read our 4 servers from that
|
||||||
assert len(ac.servers()) == 3
|
assert len(ac.servers()) == 4
|
||||||
|
|
||||||
# Get our URL back
|
# Get our URL back
|
||||||
assert isinstance(ac[0].url(), six.string_types)
|
assert isinstance(ac[0].url(), six.string_types)
|
||||||
@ -345,6 +348,16 @@ def test_apprise_add_config():
|
|||||||
- mailto://usera:pass@gmail.com
|
- mailto://usera:pass@gmail.com
|
||||||
- gnome://:
|
- gnome://:
|
||||||
tag: taga,tagb
|
tag: taga,tagb
|
||||||
|
|
||||||
|
- json://localhost:
|
||||||
|
+HeaderEntry1: 'a header entry'
|
||||||
|
-HeaderEntryDepricated: 'a deprecated entry'
|
||||||
|
:HeaderEntryIgnored: 'an ignored header entry'
|
||||||
|
|
||||||
|
- xml://localhost:
|
||||||
|
+HeaderEntry1: 'a header entry'
|
||||||
|
-HeaderEntryDepricated: 'a deprecated entry'
|
||||||
|
:HeaderEntryIgnored: 'an ignored header entry'
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# Create ourselves a config object
|
# Create ourselves a config object
|
||||||
@ -359,8 +372,8 @@ def test_apprise_add_config():
|
|||||||
# when there is at least one entry
|
# when there is at least one entry
|
||||||
assert ac
|
assert ac
|
||||||
|
|
||||||
# We should be able to read our 2 servers from that
|
# We should be able to read our 4 servers from that
|
||||||
assert len(ac.servers()) == 2
|
assert len(ac.servers()) == 4
|
||||||
|
|
||||||
# Now an invalid configuration file
|
# Now an invalid configuration file
|
||||||
content = "invalid"
|
content = "invalid"
|
||||||
|
@ -234,6 +234,10 @@ def test_config_base_config_parse_text():
|
|||||||
|
|
||||||
# Valid Configuration
|
# Valid Configuration
|
||||||
result, config = ConfigBase.config_parse_text("""
|
result, config = ConfigBase.config_parse_text("""
|
||||||
|
# A completely invalid token on json string (it gets ignored)
|
||||||
|
# but the URL is still valid
|
||||||
|
json://localhost?invalid-token=nodashes
|
||||||
|
|
||||||
# A comment line over top of a URL
|
# A comment line over top of a URL
|
||||||
mailto://userb:pass@gmail.com
|
mailto://userb:pass@gmail.com
|
||||||
|
|
||||||
@ -256,7 +260,7 @@ def test_config_base_config_parse_text():
|
|||||||
# We expect to parse 3 entries from the above
|
# We expect to parse 3 entries from the above
|
||||||
assert isinstance(result, list)
|
assert isinstance(result, list)
|
||||||
assert isinstance(config, list)
|
assert isinstance(config, list)
|
||||||
assert len(result) == 3
|
assert len(result) == 4
|
||||||
assert len(result[0].tags) == 0
|
assert len(result[0].tags) == 0
|
||||||
|
|
||||||
# Our last element will have 2 tags associated with it
|
# Our last element will have 2 tags associated with it
|
||||||
@ -545,12 +549,17 @@ urls:
|
|||||||
- mailto://test:password@gmail.com
|
- mailto://test:password@gmail.com
|
||||||
- https://apprise.ryver.com/application/webhook/ckhrjW8w672m6HG
|
- https://apprise.ryver.com/application/webhook/ckhrjW8w672m6HG
|
||||||
- https://not.a.native.url/
|
- https://not.a.native.url/
|
||||||
|
|
||||||
|
# A completely invalid token on json string (it gets ignored)
|
||||||
|
# but the URL is still valid
|
||||||
|
- json://localhost?invalid-token=nodashes
|
||||||
|
|
||||||
""", asset=asset)
|
""", asset=asset)
|
||||||
|
|
||||||
# We expect to parse 3 entries from the above
|
# We expect to parse 4 entries from the above
|
||||||
# The Ryver one is in a native form and the 4th one is invalid
|
# The Ryver one is in a native form and the 4th one is invalid
|
||||||
assert isinstance(result, list)
|
assert isinstance(result, list)
|
||||||
assert len(result) == 3
|
assert len(result) == 4
|
||||||
assert len(result[0].tags) == 0
|
assert len(result[0].tags) == 0
|
||||||
|
|
||||||
# There were 3 include entries
|
# There were 3 include entries
|
||||||
|
@ -1924,6 +1924,10 @@ TEST_URLS = (
|
|||||||
('notica://localhost:8080//%s/?+HeaderKey=HeaderValue' % ('7' * 6), {
|
('notica://localhost:8080//%s/?+HeaderKey=HeaderValue' % ('7' * 6), {
|
||||||
'instance': plugins.NotifyNotica,
|
'instance': plugins.NotifyNotica,
|
||||||
}),
|
}),
|
||||||
|
# Test Depricated Header overrides
|
||||||
|
('notica://localhost:8080//%s/?-HeaderKey=HeaderValue' % ('7' * 6), {
|
||||||
|
'instance': plugins.NotifyNotica,
|
||||||
|
}),
|
||||||
('notica://%s' % ('c' * 6), {
|
('notica://%s' % ('c' * 6), {
|
||||||
'instance': plugins.NotifyNotica,
|
'instance': plugins.NotifyNotica,
|
||||||
# force a failure
|
# force a failure
|
||||||
|
Loading…
Reference in New Issue
Block a user