From 58f4658154a197a474740e28ba4f9506662ee88f Mon Sep 17 00:00:00 2001 From: Joseph Boiteau Date: Wed, 11 Jan 2017 13:50:42 +1100 Subject: [PATCH] Fix code according to @jparise comments - Refactor is_valid_request code - Add "Facebot/1.0" User-Agent string --- snappass/main.py | 8 ++++---- tests.py | 1 + 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/snappass/main.py b/snappass/main.py index 5f0f164..b6e530d 100644 --- a/snappass/main.py +++ b/snappass/main.py @@ -1,7 +1,7 @@ import os +import re import sys import uuid -import re import redis from redis.exceptions import ConnectionError @@ -9,6 +9,8 @@ from redis.exceptions import ConnectionError from flask import abort, Flask, render_template, request +SNEAKY_USER_AGENTS = ('Slackbot', 'facebookexternalhit', 'Twitterbot', 'Facebot', 'WhatsApp') +SNEAKY_USER_AGENTS_RE = re.compile('|'.join(SNEAKY_USER_AGENTS)) NO_SSL = os.environ.get('NO_SSL', False) app = Flask(__name__) app.secret_key = os.environ.get('SECRET_KEY', 'Secret Key') @@ -84,9 +86,7 @@ def request_is_valid(request): Ensure the request validates the following: - not made by some specific User-Agents (to avoid chat's preview feature issue) """ - known_sneaky_user_agents = ['Slackbot', 'facebookexternalhit', 'Twitterbot', 'Facebot', 'WhatsApp'] - user_agents_regexp = "|".join(known_sneaky_user_agents) - return not re.search(user_agents_regexp, request.headers.get('User-Agent', '')) + return not SNEAKY_USER_AGENTS_RE.search(request.headers.get('User-Agent', '')) @app.route('/', methods=['GET']) diff --git a/tests.py b/tests.py index 11c156a..bc5e709 100644 --- a/tests.py +++ b/tests.py @@ -82,6 +82,7 @@ class SnapPassRoutesTestCase(TestCase): a_few_sneaky_bots = [ "Slackbot-LinkExpanding 1.0 (+https://api.slack.com/robots)", "facebookexternalhit/1.1", + "Facebot/1.0", "Twitterbot/1.0", "_WhatsApp/2.12.81 (Windows NT 6.1; U; es-ES) Presto/2.9.181 Version/12.00", "WhatsApp/2.16.6/i"