Files
@ 9c2fc1390291
Branch filter:
Location: kallithea/init.d/kallithea-daemon-redhat - annotation
9c2fc1390291
2.6 KiB
text/plain
tests: prepare for adding CSRF protection on login forms
CSRF is about avoiding abuse of credentials by doing things in existing
sessions. The login form does not have any previous credentials, so there is
nothing to abuse and no real need for CSRF protection. But there is still an
unauth session, so we *can* have CSRF protection.
CSRF protection is currently in LoginRequired (which obviously isn't
applied to the login form), but let's prepare for changing that.
CSRF is about avoiding abuse of credentials by doing things in existing
sessions. The login form does not have any previous credentials, so there is
nothing to abuse and no real need for CSRF protection. But there is still an
unauth session, so we *can* have CSRF protection.
CSRF protection is currently in LoginRequired (which obviously isn't
applied to the login form), but let's prepare for changing that.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 | 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 24c0d584ba86 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 2c3d30095d5e 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 24c0d584ba86 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 2c3d30095d5e 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 2c3d30095d5e 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 24c0d584ba86 99ad9d0af1a3 24c0d584ba86 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 99ad9d0af1a3 e285bb7abb28 | #!/bin/sh
########################################
#### THIS IS A REDHAT INIT.D SCRIPT ####
########################################
##################################################
#
# Kallithea server startup script
# Recommended default-startup: 2 3 4 5
# Recommended default-stop: 0 1 6
#
##################################################
APP_NAME="kallithea"
# the location of your app
# since this is a web app, it should go in /var/www
APP_PATH="/var/www/$APP_NAME"
CONF_NAME="production.ini"
# write to wherever the PID should be stored, just ensure
# that the user you run gearbox as has the appropriate permissions
# same goes for the log file
PID_PATH="/var/run/kallithea/pid"
LOG_PATH="/var/log/kallithea/kallithea.log"
# replace this with the path to the virtual environment you
# made for Kallithea
PYTHON_PATH="/opt/python_virtualenvironments/kallithea-venv"
RUN_AS="kallithea"
DAEMON="$PYTHON_PATH/bin/gearbox"
DAEMON_OPTS="serve --daemon \
--user=$RUN_AS \
--group=$RUN_AS \
--pid-file=$PID_PATH \
--log-file=$LOG_PATH -c $APP_PATH/$CONF_NAME"
DESC="kallithea-server"
LOCK_FILE="/var/lock/subsys/$APP_NAME"
# source CentOS init functions
. /etc/init.d/functions
RETVAL=0
remove_pid () {
rm -f ${PID_PATH}
rmdir `dirname ${PID_PATH}`
}
ensure_pid_dir () {
PID_DIR=`dirname ${PID_PATH}`
if [ ! -d ${PID_DIR} ] ; then
mkdir -p ${PID_DIR}
chown -R ${RUN_AS}:${RUN_AS} ${PID_DIR}
chmod 755 ${PID_DIR}
fi
}
start_kallithea () {
ensure_pid_dir
PYTHON_EGG_CACHE="/tmp" daemon --pidfile $PID_PATH \
--user $RUN_AS "$DAEMON $DAEMON_OPTS"
RETVAL=$?
[ $RETVAL -eq 0 ] && touch $LOCK_FILE
return $RETVAL
}
stop_kallithea () {
if [ -e $LOCK_FILE ]; then
killproc -p $PID_PATH
RETVAL=$?
rm -f $LOCK_FILE
rm -f $PID_PATH
else
RETVAL=1
fi
return $RETVAL
}
status_kallithea() {
if [ -e $LOCK_FILE ]; then
# exit with non-zero to indicate failure
RETVAL=1
else
RETVAL=0
fi
return $RETVAL
}
restart_kallithea () {
stop_kallithea
start_kallithea
RETVAL=$?
}
case "$1" in
start)
echo -n $"Starting $DESC: "
start_kallithea
echo
;;
stop)
echo -n $"Stopping $DESC: "
stop_kallithea
echo
;;
status)
status_kallithea
RETVAL=$?
if [ ! $RETVAL -eq 0 ]; then
echo "Kallithea server is running..."
else
echo "Kallithea server is stopped."
fi
;;
restart)
echo -n $"Restarting $DESC: "
restart_kallithea
echo
;;
*)
echo $"Usage: $0 {start|stop|restart|status}"
RETVAL=1
;;
esac
exit $RETVAL
|