Changeset View
Changeset View
Standalone View
Standalone View
swh/web/browse/utils.py
| # Copyright (C) 2017-2019 The Software Heritage developers | # Copyright (C) 2017-2019 The Software Heritage developers | ||||
| # See the AUTHORS file at the top-level directory of this distribution | # See the AUTHORS file at the top-level directory of this distribution | ||||
| # License: GNU Affero General Public License version 3, or any later version | # License: GNU Affero General Public License version 3, or any later version | ||||
| # See top-level LICENSE file for more information | # See top-level LICENSE file for more information | ||||
| import base64 | import base64 | ||||
| from collections import defaultdict | from collections import defaultdict | ||||
| import magic | import magic | ||||
| import pypandoc | import pypandoc | ||||
| import stat | import stat | ||||
| import textwrap | import textwrap | ||||
| from django.core.cache import cache | from django.core.cache import cache | ||||
| from django.utils.safestring import mark_safe | from django.utils.safestring import mark_safe | ||||
| from django.utils.html import escape | |||||
| from importlib import reload | from importlib import reload | ||||
| from swh.model.identifiers import persistent_identifier | from swh.model.identifiers import persistent_identifier | ||||
| from swh.web.common import highlightjs, service | from swh.web.common import highlightjs, service | ||||
| from swh.web.common.exc import NotFoundExc, http_status_code_message | from swh.web.common.exc import NotFoundExc, http_status_code_message | ||||
| from swh.web.common.origin_visits import get_origin_visit | from swh.web.common.origin_visits import get_origin_visit | ||||
| from swh.web.common.utils import ( | from swh.web.common.utils import ( | ||||
| ▲ Show 20 Lines • Show All 461 Lines • ▼ Show 20 Lines | def gen_link(url, link_text=None, link_attrs=None): | ||||
| """ | """ | ||||
| attrs = ' ' | attrs = ' ' | ||||
| if link_attrs: | if link_attrs: | ||||
| for k, v in link_attrs.items(): | for k, v in link_attrs.items(): | ||||
| attrs += '%s="%s" ' % (k, v) | attrs += '%s="%s" ' % (k, v) | ||||
| if not link_text: | if not link_text: | ||||
| link_text = url | link_text = url | ||||
| link = '<a%shref="%s">%s</a>' % (attrs, url, link_text) | link = '<a%shref="%s">%s</a>' \ | ||||
anlambert: Can you remove the escaping of `attrs` here. It breaks some link styles and as the value of… | |||||
| % (attrs, escape(url), escape(link_text)) | |||||
| return mark_safe(link) | return mark_safe(link) | ||||
| def _snapshot_context_query_params(snapshot_context): | def _snapshot_context_query_params(snapshot_context): | ||||
| query_params = None | query_params = None | ||||
| if snapshot_context and snapshot_context['origin_info']: | if snapshot_context and snapshot_context['origin_info']: | ||||
| origin_info = snapshot_context['origin_info'] | origin_info = snapshot_context['origin_info'] | ||||
| query_params = {'origin': origin_info['url']} | query_params = {'origin': origin_info['url']} | ||||
| ▲ Show 20 Lines • Show All 355 Lines • ▼ Show 20 Lines | def get_origin_info(origin_url, origin_type=None): | ||||
| else: | else: | ||||
| for origin_type in _swh_origin_types: | for origin_type in _swh_origin_types: | ||||
| try: | try: | ||||
| origin_info = service.lookup_origin({'type': origin_type, | origin_info = service.lookup_origin({'type': origin_type, | ||||
| 'url': origin_url}) | 'url': origin_url}) | ||||
| return origin_info | return origin_info | ||||
| except Exception: | except Exception: | ||||
| pass | pass | ||||
| raise NotFoundExc('Origin with url %s not found!' % origin_url) | raise NotFoundExc('Origin with url %s not found!' % escape(origin_url)) | ||||
Not Done Inline ActionsThis url must also be escaped. anlambert: This url must also be escaped. | |||||
| def get_snapshot_context(snapshot_id=None, origin_type=None, origin_url=None, | def get_snapshot_context(snapshot_id=None, origin_type=None, origin_url=None, | ||||
| timestamp=None, visit_id=None): | timestamp=None, visit_id=None): | ||||
| """ | """ | ||||
| Utility function to compute relevant information when navigating | Utility function to compute relevant information when navigating | ||||
| the archive in a snapshot context. The snapshot is either | the archive in a snapshot context. The snapshot is either | ||||
| referenced by its id or it will be retrieved from an origin visit. | referenced by its id or it will be retrieved from an origin visit. | ||||
| ▲ Show 20 Lines • Show All 45 Lines • ▼ Show 20 Lines | if origin_url: | ||||
| visit_info = get_origin_visit(origin_info, timestamp, visit_id, | visit_info = get_origin_visit(origin_info, timestamp, visit_id, | ||||
| snapshot_id) | snapshot_id) | ||||
| fmt_date = format_utc_iso_date(visit_info['date']) | fmt_date = format_utc_iso_date(visit_info['date']) | ||||
| visit_info['fmt_date'] = fmt_date | visit_info['fmt_date'] = fmt_date | ||||
| snapshot_id = visit_info['snapshot'] | snapshot_id = visit_info['snapshot'] | ||||
| if not snapshot_id: | if not snapshot_id: | ||||
| raise NotFoundExc('No snapshot associated to the visit of origin ' | raise NotFoundExc('No snapshot associated to the visit of origin ' | ||||
| '%s on %s' % (origin_url, fmt_date)) | '%s on %s' % (escape(origin_url), fmt_date)) | ||||
| # provided timestamp is not necessarily equals to the one | # provided timestamp is not necessarily equals to the one | ||||
| # of the retrieved visit, so get the exact one in order | # of the retrieved visit, so get the exact one in order | ||||
| # use it in the urls generated below | # use it in the urls generated below | ||||
| if timestamp: | if timestamp: | ||||
| timestamp = visit_info['date'] | timestamp = visit_info['date'] | ||||
| branches, releases = \ | branches, releases = \ | ||||
| ▲ Show 20 Lines • Show All 177 Lines • Show Last 20 Lines | |||||
Can you remove the escaping of attrs here. It breaks some link styles and as the value of this parameter is provided from string literals in the code, we can consider it safe.