Skip to content

Commit

Permalink
Fix allow_origin_pat property to properly parse regex (#603)
Browse files Browse the repository at this point in the history
* bug fixing allow_origin_pat property

* making requested changes
  • Loading branch information
havok2063 authored Nov 2, 2021
1 parent 121c0e6 commit 3ecb4e0
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 5 deletions.
2 changes: 1 addition & 1 deletion jupyter_server/auth/login.py
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ def _redirect_safe(self, url, default=None):
if self.allow_origin:
allow = self.allow_origin == origin
elif self.allow_origin_pat:
allow = bool(self.allow_origin_pat.match(origin))
allow = bool(re.match(self.allow_origin_pat, origin))
if not allow:
# not allowed, use default
self.log.warning("Not allowing login redirect to %r" % url)
Expand Down
6 changes: 3 additions & 3 deletions jupyter_server/base/handlers.py
Original file line number Diff line number Diff line change
Expand Up @@ -309,7 +309,7 @@ def set_default_headers(self):
self.set_header("Access-Control-Allow-Origin", self.allow_origin)
elif self.allow_origin_pat:
origin = self.get_origin()
if origin and self.allow_origin_pat.match(origin):
if origin and re.match(self.allow_origin_pat, origin):
self.set_header("Access-Control-Allow-Origin", origin)
elif self.token_authenticated and "Access-Control-Allow-Origin" not in self.settings.get(
"headers", {}
Expand Down Expand Up @@ -382,7 +382,7 @@ def check_origin(self, origin_to_satisfy_tornado=""):
if self.allow_origin:
allow = self.allow_origin == origin
elif self.allow_origin_pat:
allow = bool(self.allow_origin_pat.match(origin))
allow = bool(re.match(self.allow_origin_pat, origin))
else:
# No CORS headers deny the request
allow = False
Expand Down Expand Up @@ -427,7 +427,7 @@ def check_referer(self):
if self.allow_origin:
allow = self.allow_origin == origin
elif self.allow_origin_pat:
allow = bool(self.allow_origin_pat.match(origin))
allow = bool(re.match(self.allow_origin_pat, origin))
else:
# No CORS settings, deny the request
allow = False
Expand Down
3 changes: 2 additions & 1 deletion jupyter_server/base/zmqhandlers.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
# Copyright (c) Jupyter Development Team.
# Distributed under the terms of the Modified BSD License.
import json
import re
import struct
import sys
from urllib.parse import urlparse
Expand Down Expand Up @@ -139,7 +140,7 @@ def check_origin(self, origin=None):
if self.allow_origin:
allow = self.allow_origin == origin
elif self.allow_origin_pat:
allow = bool(self.allow_origin_pat.match(origin))
allow = bool(re.match(self.allow_origin_pat, origin))
else:
# No CORS headers deny the request
allow = False
Expand Down

0 comments on commit 3ecb4e0

Please sign in to comment.