Function | maybe_block_offsite_form_post | Check if an attempt was made to post a form from a remote site. |
Class | ProfilingOops | Fake exception used to log OOPS information when profiling pages. |
Class | LoginRoot | Object that provides IPublishTraverse to return only itself. |
Class | LaunchpadBrowserPublication | Subclass of z.a.publication.BrowserPublication that removes ZODB. |
Function | is_browser | Return True if we believe the request was from a browser. |
Function | tracelog | Emit a message to the ITraceLog, or do nothing if there is none. |
Check if an attempt was made to post a form from a remote site. This is a cross-site request forgery (XSRF/CSRF) countermeasure. The OffsiteFormPostError exception is raised if the following holds true: 1. the request method is POST *AND* 2. a. the HTTP referer header is empty *OR* b. the host portion of the referrer is not a registered vhost
There will be false positives and false negatives, as we can only tell this from the User-Agent: header and this cannot be trusted.
Almost all web browsers provide a User-Agent: header starting with 'Mozilla'. This is good enough for our uses. We also add a few other common matches as well for good measure. We could massage one of the user-agent databases that are available into a usable, but we would gain little.