| Function | maybe_block_offsite_form_post | Check if an attempt was made to post a form from a remote site. |
| Class | ProfilingOops | Fake exception used to log OOPS information when profiling pages. |
| Class | LoginRoot | Object that provides IPublishTraverse to return only itself. |
| Class | LaunchpadBrowserPublication | Subclass of z.a.publication.BrowserPublication that removes ZODB. |
| Function | is_browser | Return True if we believe the request was from a browser. |
| Function | tracelog | Emit a message to the ITraceLog, or do nothing if there is none. |
Check if an attempt was made to post a form from a remote site.
This is a cross-site request forgery (XSRF/CSRF) countermeasure.
The OffsiteFormPostError exception is raised if the following
holds true:
1. the request method is POST *AND*
2. a. the HTTP referer header is empty *OR*
b. the host portion of the referrer is not a registered vhost
There will be false positives and false negatives, as we can only tell this from the User-Agent: header and this cannot be trusted.
Almost all web browsers provide a User-Agent: header starting with 'Mozilla'. This is good enough for our uses. We also add a few other common matches as well for good measure. We could massage one of the user-agent databases that are available into a usable, but we would gain little.