Merge pull request #1957 from jakedt/absolutecorruption
Always use absolute URLs in Location headers.
This commit is contained in:
Jake Moshenko
GitHub
commit
7a3ee86e53
2 changed files with 23 additions and 13 deletions
|
|
@ -5,7 +5,7 @@ from flask import url_for, request, redirect, Response, abort as flask_abort
|
||||||
|
|
||||||
import resumablehashlib
|
import resumablehashlib
|
||||||
|
|
||||||
from app import storage, app
|
from app import storage, app, get_app_url
|
||||||
from auth.registry_jwt_auth import process_registry_jwt_auth
|
from auth.registry_jwt_auth import process_registry_jwt_auth
|
||||||
from data import database
|
from data import database
|
||||||
from data.interfaces.v2 import pre_oci_model as model
|
from data.interfaces.v2 import pre_oci_model as model
|
||||||
|
|
@ -128,7 +128,8 @@ def start_blob_upload(namespace_name, repo_name):
|
||||||
headers={
|
headers={
|
||||||
'Docker-Upload-UUID': new_upload_uuid,
|
'Docker-Upload-UUID': new_upload_uuid,
|
||||||
'Range': _render_range(0),
|
'Range': _render_range(0),
|
||||||
'Location': url_for('v2.upload_chunk', repository='%s/%s' % (namespace_name, repo_name),
|
'Location': get_app_url() + url_for('v2.upload_chunk',
|
||||||
|
repository='%s/%s' % (namespace_name, repo_name),
|
||||||
upload_uuid=new_upload_uuid)
|
upload_uuid=new_upload_uuid)
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
@ -156,7 +157,8 @@ def start_blob_upload(namespace_name, repo_name):
|
||||||
status=201,
|
status=201,
|
||||||
headers={
|
headers={
|
||||||
'Docker-Content-Digest': digest,
|
'Docker-Content-Digest': digest,
|
||||||
'Location': url_for('v2.download_blob', repository='%s/%s' % (namespace_name, repo_name),
|
'Location': get_app_url() + url_for('v2.download_blob',
|
||||||
|
repository='%s/%s' % (namespace_name, repo_name),
|
||||||
digest=digest),
|
digest=digest),
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
@ -205,7 +207,7 @@ def upload_chunk(namespace_name, repo_name, upload_uuid):
|
||||||
return Response(
|
return Response(
|
||||||
status=204,
|
status=204,
|
||||||
headers={
|
headers={
|
||||||
'Location': _current_request_path(),
|
'Location': _current_request_url(),
|
||||||
'Range': _render_range(updated_blob_upload.byte_count, with_bytes_prefix=False),
|
'Range': _render_range(updated_blob_upload.byte_count, with_bytes_prefix=False),
|
||||||
'Docker-Upload-UUID': upload_uuid,
|
'Docker-Upload-UUID': upload_uuid,
|
||||||
},
|
},
|
||||||
|
|
@ -242,7 +244,8 @@ def monolithic_upload_or_last_chunk(namespace_name, repo_name, upload_uuid):
|
||||||
status=201,
|
status=201,
|
||||||
headers={
|
headers={
|
||||||
'Docker-Content-Digest': digest,
|
'Docker-Content-Digest': digest,
|
||||||
'Location': url_for('v2.download_blob', repository='%s/%s' % (namespace_name, repo_name),
|
'Location': get_app_url() + url_for('v2.download_blob',
|
||||||
|
repository='%s/%s' % (namespace_name, repo_name),
|
||||||
digest=digest),
|
digest=digest),
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
@ -284,8 +287,8 @@ def _render_range(num_uploaded_bytes, with_bytes_prefix=True):
|
||||||
return '{0}0-{1}'.format('bytes=' if with_bytes_prefix else '', num_uploaded_bytes - 1)
|
return '{0}0-{1}'.format('bytes=' if with_bytes_prefix else '', num_uploaded_bytes - 1)
|
||||||
|
|
||||||
|
|
||||||
def _current_request_path():
|
def _current_request_url():
|
||||||
return '{0}{1}'.format(request.script_root, request.path)
|
return '{0}{1}{2}'.format(get_app_url(), request.script_root, request.path)
|
||||||
|
|
||||||
|
|
||||||
def _abort_range_not_satisfiable(valid_end, upload_uuid):
|
def _abort_range_not_satisfiable(valid_end, upload_uuid):
|
||||||
|
|
@ -295,7 +298,7 @@ def _abort_range_not_satisfiable(valid_end, upload_uuid):
|
||||||
|
|
||||||
TODO(jzelinskie): Unify this with the V2RegistryException class.
|
TODO(jzelinskie): Unify this with the V2RegistryException class.
|
||||||
"""
|
"""
|
||||||
flask_abort(Response(status=416, headers={'Location': _current_request_path(),
|
flask_abort(Response(status=416, headers={'Location': _current_request_url(),
|
||||||
'Range': '0-{0}'.format(valid_end),
|
'Range': '0-{0}'.format(valid_end),
|
||||||
'Docker-Upload-UUID': upload_uuid}))
|
'Docker-Upload-UUID': upload_uuid}))
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ from jwkest.jwk import RSAKey
|
||||||
|
|
||||||
import endpoints.decorated # required for side effect
|
import endpoints.decorated # required for side effect
|
||||||
|
|
||||||
from app import app, storage, instance_keys
|
from app import app, storage, instance_keys, get_app_url
|
||||||
from data.database import close_db_filter, configure, DerivedStorageForImage, QueueItem, Image
|
from data.database import close_db_filter, configure, DerivedStorageForImage, QueueItem, Image
|
||||||
from data import model
|
from data import model
|
||||||
from digest.checksums import compute_simple
|
from digest.checksums import compute_simple
|
||||||
|
|
@ -603,7 +603,14 @@ class V2RegistryPushMixin(V2RegistryMixin):
|
||||||
expected_code=202, auth='jwt')
|
expected_code=202, auth='jwt')
|
||||||
|
|
||||||
upload_uuid = response.headers['Docker-Upload-UUID']
|
upload_uuid = response.headers['Docker-Upload-UUID']
|
||||||
location = response.headers['Location'][len(self.get_server_url()):]
|
|
||||||
|
server_hostname = get_app_url()
|
||||||
|
new_upload_location = response.headers['Location']
|
||||||
|
self.assertTrue(new_upload_location.startswith(server_hostname))
|
||||||
|
|
||||||
|
# We need to make this relative just for the tests because the live server test
|
||||||
|
# case modifies the port.
|
||||||
|
location = response.headers['Location'][len(server_hostname):]
|
||||||
|
|
||||||
# PATCH the image data into the layer.
|
# PATCH the image data into the layer.
|
||||||
if chunks is None:
|
if chunks is None:
|
||||||
|
|
|
||||||
Reference in a new issue