Mercurial > libervia-web

diff src/server/server.py @ 823:027139763511

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server (blog): cleaning & improvments: - use a constant for themes url - moved RSM related constants to server only constants, and renamed theme STATIC_RSM* - raised the default number of items/comments to 10 - removed references to microblog namespace as it is managed by backend - many little improvments for better readability - dont use dynamic relative paths anymore - replaced use of old formatting syntax (%) by format() - profile name in url is now properly (un)quoted - removed max_items as it was used at the same time as RSM (TODO: check RSM support before using it) - renamed render_* methods using camelCase for consistency - put a limit for rsm_max, to avoid overloading - don't sort items after getting them anymore, as sorting is already done by backend/pubsub according to request - use urllib.urlencode when possible
author Goffi <goffi@goffi.org>
date Fri, 08 Jan 2016 14:42:39 +0100
parents 9b9c0fe0a75f
children 4a01be961fd2
line wrap: on
line diff
--- a/src/server/server.py	Fri Jan 08 14:29:52 2016 +0100
+++ b/src/server/server.py	Fri Jan 08 14:42:39 2016 +0100
@@ -1281,6 +1281,7 @@
 
             def putChild(path, resource):
                 """Add a child to the root resource"""
+                # FIXME: check that no information is leaked (c.f. https://twistedmatrix.com/documents/current/web/howto/using-twistedweb.html#request-encoders)
                 root.putChild(path, EncodingResourceWrapper(resource, [server.GzipEncoderFactory()]))
 
             putChild('', Redirect(C.LIBERVIA_MAIN_PAGE))
@@ -1291,7 +1292,7 @@
             putChild('upload_radiocol', _upload_radiocol)
             putChild('upload_avatar', _upload_avatar)
             putChild('blog', MicroBlog(self))
-            putChild('themes', ProtectedFile(self.themes_dir))
+            putChild(C.THEMES_URL, ProtectedFile(self.themes_dir))
             putChild(os.path.dirname(C.MEDIA_DIR), ProtectedFile(self.media_dir))
             putChild(os.path.dirname(C.AVATARS_DIR), ProtectedFile(os.path.join(self.local_dir, C.AVATARS_DIR)))
             putChild('radiocol', ProtectedFile(_upload_radiocol.getTmpDir(), defaultType="audio/ogg"))  # We cheat for PoC because we know we are on the same host, so we use directly upload dir