moksha/api/widgets/global_resources/widget.py | 10 +++++++++- moksha/public/javascript/moksha.js | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-)
New commits: commit 77127d7d6d7223f54b05080984bf5140047e87e0 Author: John (J5) Palmieri johnp@redhat.com Date: Wed Jun 30 12:02:07 2010 -0400
convert moksha_csrf_trusted_domains from a js array to object
* makes lookup much faster * fixes bug where we were calling indexOf on a js array
diff --git a/moksha/api/widgets/global_resources/widget.py b/moksha/api/widgets/global_resources/widget.py index 3f50eeb..356f0aa 100644 --- a/moksha/api/widgets/global_resources/widget.py +++ b/moksha/api/widgets/global_resources/widget.py @@ -94,6 +94,14 @@ class GlobalResourceInjectionWidget(Widget): if asbool(config.get('moksha.extensionpoints', False)): self.javascript.append(moksha_extension_points_js)
+ trusted_domain_list = config.get('moksha.csrf.trusted_domains', '').split(',') + # turn into quick lookup hash + item_list = [] + for domain in trusted_domain_list: + item_list.append('"%s": true' % domain) + trusted_domain_hash = '{%s}' % ','.join(item_list) + self.csrf_trusted_domains_hash = trusted_domain_hash + def update_params(self, d): super(GlobalResourceInjectionWidget, self).update_params(d)
@@ -104,7 +112,7 @@ class GlobalResourceInjectionWidget(Widget): if asbool(config['global_conf'].get('profile')): d['profile'] = 'true'
- d['csrf_trusted_domains'] = config.get('moksha.csrf.trusted_domains', '').split(',') + d['csrf_trusted_domains'] = self.csrf_trusted_domains_hash
identity = request.environ.get('repoze.who.identity') if identity: diff --git a/moksha/public/javascript/moksha.js b/moksha/public/javascript/moksha.js index d2a191f..380bbdf 100644 --- a/moksha/public/javascript/moksha.js +++ b/moksha/public/javascript/moksha.js @@ -689,7 +689,7 @@ moksha = {
moksha.csrf_rewrite_uri(purl); } else { - if (moksha_csrf_trusted_domains.indexOf(purl.host) != -1) + if (moksha_csrf_trusted_domains[purl.host]) moksha.csrf_rewrite_uri(purl); }
moksha-commits@lists.fedorahosted.org