aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcedricbonhomme <devnull@localhost>2010-03-10 09:22:27 +0100
committercedricbonhomme <devnull@localhost>2010-03-10 09:22:27 +0100
commit047176bb3d537c09ed44e0f62b7f8f5889ab90d7 (patch)
treeb564339e94aa65db71d983a22f2175091cb78c5d
parentImprovement. Faster display of some pages (using oice.langdet module). (diff)
downloadnewspipe-047176bb3d537c09ed44e0f62b7f8f5889ab90d7.tar.gz
newspipe-047176bb3d537c09ed44e0f62b7f8f5889ab90d7.tar.bz2
newspipe-047176bb3d537c09ed44e0f62b7f8f5889ab90d7.zip
Improvement of the security (test URLs,etc.). Added mutex.
-rw-r--r--css/style.css4
-rw-r--r--pyAggr3g470r.py55
-rw-r--r--utils.py10
3 files changed, 58 insertions, 11 deletions
diff --git a/css/style.css b/css/style.css
index b1039673..67537a82 100644
--- a/css/style.css
+++ b/css/style.css
@@ -12,12 +12,12 @@ html, body {
body {
text-align: justify;
- font: normal .9em/1.5em Cambria, Georgia, "Trebuchet MS", Verdana, sans-serif;
+ font: normal .8em/1.5em Cambria, Georgia, "Trebuchet MS", Verdana, sans-serif;
}
code, pre {
- font-size: 110%;
+ font-size: 100%;
}
img {
diff --git a/pyAggr3g470r.py b/pyAggr3g470r.py
index 4d979f14..4aff21cb 100644
--- a/pyAggr3g470r.py
+++ b/pyAggr3g470r.py
@@ -10,6 +10,7 @@ __license__ = "GPLv3"
import os
import sqlite3
import cherrypy
+import threading
import ConfigParser
from cherrypy.lib.static import serve_file
@@ -275,11 +276,18 @@ class Root:
"""
Display the description of an article in a new Web page.
"""
- feed_id, article_id = param.split(':')
+ try:
+ feed_id, article_id = param.split(':')
+ except:
+ return self.error_page("Bad URL")
+ try:
+ articles_list = self.articles[feed_id]
+ except KeyError:
+ return self.error_page("This feed do not exists.")
html = htmlheader
html += htmlnav
html += """</div> <div class="left inner">"""
- for article in self.articles[feed_id]:
+ for article in articles_list:
if article_id == article[0]:
if article[5] == "0":
@@ -337,6 +345,10 @@ class Root:
"""
Display all articles of a feed.
"""
+ try:
+ articles_list = self.articles[feed_id]
+ except KeyError:
+ return self.error_page("This feed do not exists.")
html = htmlheader
html += htmlnav
html += """<div class="right inner">\n"""
@@ -355,7 +367,7 @@ class Root:
html += """</div> <div class="left inner">"""
html += """<h1>Articles of the feed <i>%s</i></h1><br />""" % (self.feeds[feed_id][3].encode('utf-8'))
- for article in self.articles[feed_id]:
+ for article in articles_list:
if article[5] == "0":
# not readed articles are in bold
@@ -401,9 +413,13 @@ class Root:
self.feeds[rss_feed_id][3].encode('utf-8'))
html += """<hr />\n<a href="/mark_as_read/All:">Mark articles as read</a>\n"""
else:
+ try:
+ articles_list = self.articles[feed_id]
+ except KeyError:
+ return self.error_page("This feed do not exists.")
html += """<h1>Unread article(s) of the feed <a href="/all_articles/%s">%s</a></h1>
<br />""" % (feed_id, self.feeds[feed_id][3].encode('utf-8'))
- for article in self.articles[feed_id]:
+ for article in articles_list:
if article[5] == "0":
html += article[1].encode('utf-8') + \
""" - <a href="/description/%s:%s" rel="noreferrer" target="_blank">%s</a>""" % \
@@ -423,6 +439,8 @@ class Root:
"""
Display articles by language.
"""
+ if lang not in ['english', 'french', 'other']:
+ return self.error_page('This language is not supported.')
html = htmlheader
html += htmlnav
html += """</div> <div class="left inner">"""
@@ -451,11 +469,19 @@ class Root:
"""
Display an article in plain text (without HTML tags).
"""
+ try:
+ feed_id, article_id = target.split(':')
+ except:
+ return self.error_page("This article do not exists.")
+ try:
+ articles_list = self.articles[feed_id]
+ except KeyError:
+ return self.error_page("This feed do not exists.")
html = htmlheader
html += htmlnav
html += """</div> <div class="left inner">"""
feed_id, article_id = target.split(':')
- for article in self.articles[feed_id]:
+ for article in articles_list:
if article_id == article[0]:
html += """<h1><i>%s</i> from <a href="/all_articles/%s">%s</a></h1>\n<br />\n"""% \
(article[2].encode('utf-8'), feed_id, \
@@ -471,11 +497,26 @@ class Root:
plain_text.exposed = True
+ def error_page(self, message):
+ """
+ Display a message (bad feed id, bad article id, etc.)
+ """
+ html = htmlheader
+ html += htmlnav
+ html += """</div> <div class="left inner">"""
+ html += """%s""" % message
+ html += "\n<hr />\n" + htmlfooter
+ return html
+
+ error_page.exposed = True
+
+
def mark_as_read(self, target):
"""
Mark one (or more) article(s) as read by setting the value of the field
'article_readed' of the SQLite database to 1.
"""
+ LOCKER.acquire()
param, _, identifiant = target.partition(':')
try:
conn = sqlite3.connect("./var/feed.db", isolation_level = None)
@@ -496,12 +537,13 @@ class Root:
except Exception, e:
pass
- self.update()
+ threading.Thread(None, self.update, None, ()).start()
if param == "All" or param == "Feed_FromMainPage":
return self.index()
elif param == "Feed":
return self.all_articles(identifiant)
+ LOCKER.release()
mark_as_read.exposed = True
@@ -522,6 +564,7 @@ class Root:
if __name__ == '__main__':
# Point of entry in execution mode
+ LOCKER = threading.Lock()
root = Root()
root.update()
cherrypy.quickstart(root, config=path) \ No newline at end of file
diff --git a/utils.py b/utils.py
index 7b1d7285..1412a50a 100644
--- a/utils.py
+++ b/utils.py
@@ -2,8 +2,8 @@
#-*- coding: utf-8 -*-
__author__ = "Cedric Bonhomme"
-__version__ = "$Revision: 0.2 $"
-__date__ = "$Date: 2010/03/07 $"
+__version__ = "$Revision: 0.3 $"
+__date__ = "$Date: 2010/03/10 $"
__copyright__ = "Copyright (c) 2010 Cedric Bonhomme"
__license__ = "GPLv3"
@@ -30,6 +30,9 @@ try:
except:
IMPORT_ERROR.append("oice")
+import threading
+LOCKER = threading.Lock()
+
def detect_language(text):
"""
Detect the language of a text.
@@ -140,6 +143,7 @@ def load_feed():
"""
Load feeds and articles in a dictionary.
"""
+ LOCKER.acquire()
list_of_feeds = None
list_of_articles = None
try:
@@ -197,6 +201,6 @@ def load_feed():
feed[3], feed[0], feed[2], feed[1] \
)
c.close()
-
+ LOCKER.release()
return (articles, feeds)
return (articles, feeds) \ No newline at end of file
bgstack15