Werkzeug: TypeError in BaseRequest.trusted_hosts, wenn ein Hostname mit einem „.“ beginnt.
Das Hinzufügen eines Hostnamens beginnend mit . zu wrappers.BaseRequest.trusted_hosts ergibt TypeError: must be str, not bytes (Python 3.6) oder TypeError: Can't convert 'bytes' object to str implicitly (Python 3.4), wie in werkzeug.wsgi.host_is_trusted , _normalize ruft zuerst _encode_idna , wodurch ref in bytes kodiert wird und dann, wenn es mit '.' beginnt, es mit '.' verkettet wird , wodurch str und bytes gemischt werden.
Beispiel-App
from flask import Flask, request
class TrustedHosts:
"""Flask extension setting `werkzeug.wrappers.BaseRequest.trusted_hosts`."""
def __init__(self, app=None, trusted_hosts=None):
self.app = app
self.trusted_hosts = trusted_hosts
if app is not None:
self.init_app(app)
def init_app(self, app):
app.before_request(self.set_trusted_hosts)
def set_trusted_hosts(self):
# As host is a <strong i="20">@cached_property</strong> this should before its first access.
request.trusted_hosts = self.trusted_hosts
print(request.host)
app = Flask(__name__)
TrustedHosts(app, trusted_hosts=['.example.com'])
@app.route('/')
def index():
return 'OK'
Full-Stack-Trace
Traceback (most recent call last):
File "c:\program files\python36\lib\site-packages\flask\app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "c:\program files\python36\lib\site-packages\flask\app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "c:\program files\python36\lib\site-packages\flask\app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "c:\program files\python36\lib\site-packages\flask\_compat.py", line 33, in reraise
raise value
File "c:\program files\python36\lib\site-packages\flask\app.py", line 1610, in full_dispatch_request
rv = self.preprocess_request()
File "c:\program files\python36\lib\site-packages\flask\app.py", line 1831, in preprocess_request
rv = func()
File "D:\Dropbox\p\kb\python\web\flask\trusted_hosts.py", line 17, in set_trusted_hosts
print(request.host)
File "c:\program files\python36\lib\site-packages\werkzeug\local.py", line 347, in __getattr__
return getattr(self._get_current_object(), name)
File "c:\program files\python36\lib\site-packages\werkzeug\utils.py", line 73, in __get__
value = self.func(obj)
File "c:\program files\python36\lib\site-packages\werkzeug\wrappers.py", line 635, in host
return get_host(self.environ, trusted_hosts=self.trusted_hosts)
File "c:\program files\python36\lib\site-packages\werkzeug\wsgi.py", line 160, in get_host
if not host_is_trusted(rv, trusted_hosts):
File "c:\program files\python36\lib\site-packages\werkzeug\wsgi.py", line 132, in host_is_trusted
if suffix_match and hostname.endswith('.' + ref):
TypeError: must be str, not bytes
127.0.0.1 - - [11/Dec/2017 17:11:18] "GET / HTTP/1.1" 500 -
ratanasov
>Alle Kommentare
Nebenbei bemerkt, ein before_request Handler, der dies bei jeder Anfrage macht, ist ineffizient. Unterklasse Request , Attribut setzen, Klasse der App zuweisen.
from flask.wrappers import Request
class TrustedRequest(Request):
trusted_hosts = ['a', 'b', 'c']
app.request_class = TrustedRequest
davidism
am 11. Dez. 2017
👍3
War diese Seite hilfreich?
0 / 5 - 0 Bewertungen
Verwandte Themen
c17r
·
4Kommentare
mrx23dot
·
6Kommentare
Nessphoro
·
6Kommentare
paihu
·
7Kommentare
SimonSapin
·
12Kommentare
Hilfreichster Kommentar
Nebenbei bemerkt, ein
before_requestHandler, der dies bei jeder Anfrage macht, ist ineffizient. UnterklasseRequest, Attribut setzen, Klasse der App zuweisen.