Merge "Escape unicode characters when setting logout_reason cookie"

This commit is contained in:
Zuul 2021-09-17 19:49:31 +00:00 committed by Gerrit Code Review
commit 6c2a98c9fe
4 changed files with 21 additions and 11 deletions

View File

@ -52,13 +52,13 @@
</p>
</div>
{% endif %}
{% if request.COOKIES.logout_reason %}
{% if request.COOKIES.logout_status == "success" %}
{% if logout_reason %}
{% if logout_status == "success" %}
<div class="form-group clearfix error help-block alert alert-success" id="logout_reason">
{% else %}
<div class="form-group clearfix error help-block alert alert-danger" id="logout_reason">
{% endif %}
<p>{{ request.COOKIES.logout_reason }}</p>
<p>{{ logout_reason }}</p>
</div>
{% endif %}
{% if csrf_failure %}

View File

@ -31,13 +31,13 @@
</div>
{%endif%}
<fieldset hz-login-finder>
{% if request.COOKIES.logout_reason %}
{% if request.COOKIES.logout_status == "success" %}
{% if logout_reason %}
{% if logout_status == "success" %}
<div class="form-group clearfix error help-block alert alert-success" id="logout_reason">
{% else %}
<div class="form-group clearfix error help-block alert alert-danger" id="logout_reason">
{% endif %}
<p>{{ request.COOKIES.logout_reason }}</p>
<p>{{ logout_reason }}</p>
</div>
{% endif %}
{% include "horizon/common/_form_fields.html" %}

View File

@ -43,7 +43,7 @@ def add_logout_reason(request, response, reason, status='success'):
# Store the translated string in the cookie
lang = translation.get_language_from_request(request)
with translation.override(lang):
reason = str(reason)
reason = force_text(reason).encode('unicode_escape').decode('ascii')
response.set_cookie('logout_reason', reason, max_age=10)
response.set_cookie('logout_status', status, max_age=10)

View File

@ -66,6 +66,11 @@ def get_csrf_reason(reason):
return reason
def set_logout_reason(res, msg):
msg = msg.encode('unicode_escape').decode('ascii')
res.set_cookie('logout_reason', msg, max_age=10)
# TODO(stephenfin): Migrate to CBV
@sensitive_post_parameters()
@csrf_protect
@ -122,6 +127,9 @@ def login(request):
choices = settings.WEBSSO_CHOICES
reason = get_csrf_reason(request.GET.get('csrf_failure'))
logout_reason = request.COOKIES.get(
'logout_reason', '').encode('ascii').decode('unicode_escape')
logout_status = request.COOKIES.get('logout_status')
extra_context = {
'redirect_field_name': auth.REDIRECT_FIELD_NAME,
'csrf_failure': reason,
@ -131,6 +139,8 @@ def login(request):
'single_value': '',
'label': '',
},
'logout_reason': logout_reason,
'logout_status': logout_status,
}
if request.is_ajax():
@ -150,7 +160,7 @@ def login(request):
res = django_http.HttpResponseRedirect(
reverse('password', args=[exc.user_id]))
msg = _("Your password has expired. Please set a new password.")
res.set_cookie('logout_reason', msg, max_age=10)
set_logout_reason(res, msg)
# Save the region in the cookie, this is used as the default
# selected region next time the Login form loads.
@ -201,7 +211,7 @@ def websso(request):
else:
msg = 'Login failed: %s' % exc
res = django_http.HttpResponseRedirect(settings.LOGIN_URL)
res.set_cookie('logout_reason', msg, max_age=10)
set_logout_reason(res, msg)
return res
auth_user.set_session_from_user(request, request.user)
@ -373,7 +383,7 @@ def switch_keystone_provider(request, keystone_provider=None,
except exceptions.KeystoneAuthException as exc:
msg = 'Keystone provider switch failed: %s' % exc
res = django_http.HttpResponseRedirect(settings.LOGIN_URL)
res.set_cookie('logout_reason', msg, max_age=10)
set_logout_reason(res, msg)
return res
auth.login(request, request.user)
auth_user.set_session_from_user(request, request.user)
@ -403,5 +413,5 @@ class PasswordView(edit_views.FormView):
# We have no session here, so regular messages don't work.
msg = _('Password changed. Please log in to continue.')
res = django_http.HttpResponseRedirect(self.success_url)
res.set_cookie('logout_reason', msg, max_age=10)
set_logout_reason(res, msg)
return res