dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #292178 from Flakebi/powerdns-admin

Browse Source 
python3Packages.flask-seasurf: fix with werkzeug update and powerdns-admin: 0.4.1 -> 0.4.2
This commit is contained in:
Martin Weinelt 2024-02-29 14:00:42 +01:00 committed by GitHub
commit 9485bf9f5a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 41 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkgs/applications/networking/powerdns-admin/default.nix
View File

@ -1,12 +1,12 @@
{ lib, stdenv, fetchFromGitHub, fetchYarnDeps, mkYarnPackage, nixosTests, writeText, python3 }: { lib, stdenv, fetchFromGitHub, fetchYarnDeps, mkYarnPackage, nixosTests, writeText, python3 }:
let let
version = "0.4.1"; version = "0.4.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "PowerDNS-Admin"; owner = "PowerDNS-Admin";
repo = "PowerDNS-Admin"; repo = "PowerDNS-Admin";
rev = "v${version}"; rev = "v${version}";
hash = "sha256-AwqEcAPD1SF1Ma3wtH03mXlTywM0Q19hciCmTtlr3gk="; hash = "sha256-q9mt8wjSNFb452Xsg+qhNOWa03KJkYVGAeCWVSzZCyk=";
}; };
python = python3; python = python3;
@ -29,7 +29,7 @@ let
offlineCache = fetchYarnDeps { offlineCache = fetchYarnDeps {
yarnLock = "${src}/yarn.lock"; yarnLock = "${src}/yarn.lock";
hash = "sha256-3ebT19LrbYuypdJaoB3tClVVP0Fi8tHx3Xi6ge/DpA4="; hash = "sha256-rXIts+dgOuZQGyiSke1NIG7b4lFlR/Gfu3J6T3wP3aY=";
}; };
# Copied from package.json, see also # Copied from package.json, see also

45
pkgs/development/python-modules/flask-seasurf/0001-Fix-with-new-dependency-versions.patch
View File

@ -1,17 +1,17 @@
From 001549503eed364d4baaa5804242f67c6236f6c2 Mon Sep 17 00:00:00 2001 From d3aed2c18cc3a1c88a8052af1f34d7f81f1be11a Mon Sep 17 00:00:00 2001
From: Flakebi <flakebi@t-online.de> From: Flakebi <flakebi@t-online.de>
Date: Sat, 2 Dec 2023 16:55:05 +0100 Date: Wed, 28 Feb 2024 23:24:14 +0100
Subject: [PATCH] Fix with new dependency versions Subject: [PATCH] Fix with new dependency versions
- cookie_jar is private in werkzeug 2.3, so recreate the client instead - cookie_jar is private in werkzeug 2.3, so recreate the client instead
- set_cookie does not take a hostname argument anymore, use domain instead - set_cookie does not take a hostname argument anymore, use domain instead
- Headers need to specify a content type - Headers need to specify a content type
--- ---
test_seasurf.py | 63 ++++++++++++++++++++++++------------------------- test_seasurf.py | 71 ++++++++++++++++++++++++-------------------------
1 file changed, 31 insertions(+), 32 deletions(-) 1 file changed, 35 insertions(+), 36 deletions(-)
diff --git a/test_seasurf.py b/test_seasurf.py diff --git a/test_seasurf.py b/test_seasurf.py
index 517b2d7..501f82d 100644 index 517b2d7..f940b91 100644
--- a/test_seasurf.py --- a/test_seasurf.py
+++ b/test_seasurf.py +++ b/test_seasurf.py
@@ -71,18 +71,18 @@ class SeaSurfTestCase(BaseTestCase): @@ -71,18 +71,18 @@ class SeaSurfTestCase(BaseTestCase):
@ -37,6 +37,15 @@ index 517b2d7..501f82d 100644
self.assertIn(b('403 Forbidden'), rv.data) self.assertIn(b('403 Forbidden'), rv.data)
def test_json_token_validation_bad(self): def test_json_token_validation_bad(self):
@@ -93,7 +93,7 @@ class SeaSurfTestCase(BaseTestCase):
with self.app.test_client() as client:
with client.session_transaction() as sess:
sess[self.csrf._csrf_name] = tokenA
- client.set_cookie('www.example.com', self.csrf._csrf_name, tokenB)
+ client.set_cookie(self.csrf._csrf_name, tokenB, domain='www.example.com')
rv = client.post('/bar', data=data)
self.assertEqual(rv.status_code, 403, rv)
@@ -107,7 +107,7 @@ class SeaSurfTestCase(BaseTestCase): @@ -107,7 +107,7 @@ class SeaSurfTestCase(BaseTestCase):
data = {'_csrf_token': token} data = {'_csrf_token': token}
with self.app.test_client() as client: with self.app.test_client() as client:
@ -55,7 +64,7 @@ index 517b2d7..501f82d 100644
sess[self.csrf._csrf_name] = token sess[self.csrf._csrf_name] = token
# once this is reached the session was stored # once this is reached the session was stored
@@ -144,7 +144,7 @@ class SeaSurfTestCase(BaseTestCase): @@ -144,18 +144,18 @@ class SeaSurfTestCase(BaseTestCase):
with client.session_transaction() as sess: with client.session_transaction() as sess:
token = self.csrf._generate_token() token = self.csrf._generate_token()
@ -64,6 +73,19 @@ index 517b2d7..501f82d 100644
sess[self.csrf._csrf_name] = token sess[self.csrf._csrf_name] = token
# once this is reached the session was stored # once this is reached the session was stored
- rv = client.post('/bar',
+ rv = client.post('/bar', content_type='application/json',
data={self.csrf._csrf_name: token},
base_url='https://www.example.com',
headers={'Referer': 'https://www.example.com/foobar'})
self.assertEqual(rv.status_code, 200)
- rv = client.post(u'/bar/\xf8',
+ rv = client.post(u'/bar/\xf8', content_type='application/json',
data={self.csrf._csrf_name: token},
base_url='https://www.example.com',
headers={'Referer': 'https://www.example.com/foobar\xf8'})
@@ -167,7 +167,7 @@ class SeaSurfTestCase(BaseTestCase): @@ -167,7 +167,7 @@ class SeaSurfTestCase(BaseTestCase):
with client.session_transaction() as sess: with client.session_transaction() as sess:
token = self.csrf._generate_token() token = self.csrf._generate_token()
@ -252,6 +274,15 @@ index 517b2d7..501f82d 100644
self.assertEqual(res2.status_code, 200) self.assertEqual(res2.status_code, 200)
def test_header_set_cookie_samesite(self): def test_header_set_cookie_samesite(self):
@@ -789,7 +788,7 @@ class SeaSurfTestCaseGenerateNewToken(BaseTestCase):
client.get('/foo')
tokenA = self.csrf._get_token()
- client.set_cookie('www.example.com', self.csrf._csrf_name, tokenA)
+ client.set_cookie(self.csrf._csrf_name, tokenA, domain='www.example.com')
with client.session_transaction() as sess:
sess[self.csrf._csrf_name] = tokenA
-- --
2.42.0 2.43.0