domenico/once
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Properly encode URLs and url parameters.

Browse Source
This commit is contained in:
Domenico Testa
2020-06-08 20:37:57 +02:00
parent a2ce68cbf2
commit a465e4ddd3
4 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
client/once.py
View File

@@ -5,6 +5,7 @@ Simple command to share one-time files
import os import os
import json import json
import time import time
import urllib
import click import click
import requests import requests
@@ -47,7 +48,7 @@ def api_req(method: str, url: str, verbose: bool = False, **kwargs):
@click.option('--verbose', '-v', is_flag=True, default=False, help='Enables verbose output.') @click.option('--verbose', '-v', is_flag=True, default=False, help='Enables verbose output.')
def share(file: click.File, verbose: bool): def share(file: click.File, verbose: bool):
entry = api_req('GET', '/', entry = api_req('GET', '/',
params={'f': os.path.basename(file.name)}, params={'f': urllib.parse.quote_plus(os.path.basename(file.name))},
verbose=verbose).json() verbose=verbose).json()
once_url = entry['once_url'] once_url = entry['once_url']

3
once/download-and-delete/handler.py
View File

@@ -3,6 +3,7 @@ import io
import json import json
import logging import logging
import re import re
import urllib
import boto3 import boto3
@@ -49,7 +50,7 @@ def on_event(event, context):
log.debug(f'Files bucket is "{FILES_BUCKET}"') log.debug(f'Files bucket is "{FILES_BUCKET}"')
entry_id = event['pathParameters']['entry_id'] entry_id = event['pathParameters']['entry_id']
filename = event['pathParameters']['filename'] filename = urllib.parse.unquote_plus(event['pathParameters']['filename'])
object_name = f'{entry_id}/{filename}' object_name = f'{entry_id}/{filename}'
dynamodb = boto3.client('dynamodb') dynamodb = boto3.client('dynamodb')

6
once/get-upload-ticket/handler.py
View File

@@ -6,8 +6,8 @@ import logging
import os import os
import random import random
import string import string
import urllib
from typing import Dict from typing import Dict
from urllib.parse import quote_plus, urlencode
import boto3 import boto3
import requests import requests
@@ -61,7 +61,7 @@ def on_event(event, context):
log.debug(f'Pre-signed urls will expire after {EXPIRATION_TIMEOUT} seconds') log.debug(f'Pre-signed urls will expire after {EXPIRATION_TIMEOUT} seconds')
q = event.get('queryStringParameters', {}) q = event.get('queryStringParameters', {})
filename = q.get('f') filename = urllib.parse.unquote_plus(q.get('f'))
response_code = 200 response_code = 200
response = {} response = {}
try: try:
@@ -71,7 +71,7 @@ def on_event(event, context):
domain = string.ascii_uppercase + string.ascii_lowercase + string.digits domain = string.ascii_uppercase + string.ascii_lowercase + string.digits
entry_id = ''.join(random.choice(domain) for _ in range(6)) entry_id = ''.join(random.choice(domain) for _ in range(6))
object_name = f'{entry_id}/{filename}' object_name = f'{entry_id}/{filename}'
response['once_url'] = f'{APP_URL}{entry_id}/{filename}' response['once_url'] = f'{APP_URL}{entry_id}/{urllib.parse.quote(filename)}'
dynamodb = boto3.client('dynamodb') dynamodb = boto3.client('dynamodb')
dynamodb.put_item( dynamodb.put_item(

1
once/once_stack.py
View File

@@ -35,6 +35,7 @@ class ApiGatewayV2Domain(object):
'hostedZoneId': self.domain_name.get_att('RegionalHostedZoneId').to_string() 'hostedZoneId': self.domain_name.get_att('RegionalHostedZoneId').to_string()
} }
class CustomDomainStack(cfn.NestedStack): class CustomDomainStack(cfn.NestedStack):
def __init__(self, scope: core.Construct, id: str, def __init__(self, scope: core.Construct, id: str,
hosted_zone_id: str, hosted_zone_id: str,