More security, middleware upgrade, dj-reg.2.5

flatpages/views.py

@@ -14,8 +14,10 @@ import troggle.core.views_caves
 import troggle.settings as settings
 
 def flatpage(request, path):
+    #print(" - FLATPAGES delivering the file: {} as MIME type: {}".format(path,getmimetype(path)))
     try:
         r = Redirect.objects.get(originalURL = path)
+        #print(" - FLATPAGES REDIRECT the file: {} as: {}".format(path,r))
         return HttpResponseRedirect(r.newURL) # Redirect after POST
     except Redirect.DoesNotExist:
         pass
@@ -26,7 +28,7 @@ def flatpage(request, path):
     except Cave.DoesNotExist:
         pass
     except:
-        print(" ! FAILED to get only one cave per slug for: "+path)
+        #print(" ! FAILED to get only one cave per slug for: "+path)
         caves = Cave.objects.all().filter(url = path)
         for c in caves:
             print(path, c.slug())
@@ -46,6 +48,8 @@ def flatpage(request, path):
         return HttpResponseRedirect(reverse("auth_login") + '?next=%s' % request.path)
 
     if path.endswith("/") or path == "":
+        #print(" - FLATPAGES the file: {} ENDSWITH ...".format(path))
+
         try:
             o = open(os.path.normpath(settings.EXPOWEB + path + "index.html"), "rb")
             path = path + "index.html"
@@ -55,15 +59,28 @@ def flatpage(request, path):
                 path = path + "index.htm"
             except IOError:
                 return render(request, 'pagenotfound.html', {'path': path})
-    else:        
+    else:
         try:
-            filetobeopened = os.path.normpath(settings.EXPOWEB + path)
+            #print(" - FLATPAGES the file: {}  ...".format(path))
+            if path.startswith("site_media"):
+                #print(" - MEDIA_ROOT: {}  ...".format(settings.MEDIA_ROOT))
+                path = path.replace("site_media", settings.MEDIA_ROOT)
+                filetobeopened = os.path.normpath(path)
+            elif path.startswith("static"):
+                #print(" - STATIC_ROOT: {}  ...".format(settings.MEDIA_ROOT))
+                path = path.replace("static", settings.MEDIA_ROOT)
+                filetobeopened = os.path.normpath(path)
+            else:
+                filetobeopened = os.path.normpath(settings.EXPOWEB + path)
+            #print(" - FLATPAGES full path : {}  ...".format(filetobeopened))
             o = open(filetobeopened, "rb")
+            #print(" - FLATPAGES full path no error: {}  ...".format(filetobeopened))
         except IOError:
+            #print(" - FLATPAGES ERROR: {}  ...".format(filetobeopened))
             return render(request, 'pagenotfound.html', {'path': path})
     if path.endswith(".htm") or path.endswith(".html"):
         html = o.read()
-        
+
         m = re.search(rb'(.*)<\s*head([^>]*)>(.*)<\s*/head\s*>(.*)<\s*body([^>]*)>(.*)<\s*/body\s*>(.*)', html, re.DOTALL + re.IGNORECASE)
         if m:
             preheader, headerattrs, head, postheader, bodyattrs, body, postbody = m.groups()
@@ -94,9 +111,12 @@ def flatpage(request, path):
         return render(request, 'flatpage.html', {'editable': editable, 'path': path, 'title': title, 
                     'body': body, 'homepage': (path == "index.htm"), 'has_menu': has_menu})
     else:
+        #print(" - FLATPAGES delivering the file: {} as MIME type: {}".format(path,getmimetype(path)))
         return HttpResponse(o.read(), content_type=getmimetype(path))
 
 def getmimetype(path):
+    if path.lower().endswith(".css"): return "text/css"
+    if path.lower().endswith(".js"): return "application/javascript"
     if path.lower().endswith(".png"): return "image/png"
     if path.lower().endswith(".tif"): return "image/tif"
     if path.lower().endswith(".gif"): return "image/gif"