Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/azure/core/pipeline/policies/_sensitive_header_cleanup_policy.py: 65%

Shortcuts on this page

r m x   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

17 statements  

1# -------------------------------------------------------------------------- 

2# 

3# Copyright (c) Microsoft Corporation. All rights reserved. 

4# 

5# The MIT License (MIT) 

6# 

7# Permission is hereby granted, free of charge, to any person obtaining a copy 

8# of this software and associated documentation files (the ""Software""), to 

9# deal in the Software without restriction, including without limitation the 

10# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 

11# sell copies of the Software, and to permit persons to whom the Software is 

12# furnished to do so, subject to the following conditions: 

13# 

14# The above copyright notice and this permission notice shall be included in 

15# all copies or substantial portions of the Software. 

16# 

17# THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 

18# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 

19# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 

20# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 

21# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 

22# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 

23# IN THE SOFTWARE. 

24# 

25# -------------------------------------------------------------------------- 

26from typing import List, Optional, Any, TypeVar 

27from azure.core.pipeline import PipelineRequest 

28from azure.core.pipeline.transport import HttpRequest as LegacyHttpRequest, HttpResponse as LegacyHttpResponse 

29from azure.core.rest import HttpRequest, HttpResponse 

30from ._base import SansIOHTTPPolicy 

31 

32HTTPResponseType = TypeVar("HTTPResponseType", HttpResponse, LegacyHttpResponse) 

33HTTPRequestType = TypeVar("HTTPRequestType", HttpRequest, LegacyHttpRequest) 

34 

35 

36class SensitiveHeaderCleanupPolicy(SansIOHTTPPolicy[HTTPRequestType, HTTPResponseType]): 

37 """A simple policy that cleans up sensitive headers 

38 

39 :keyword list[str] blocked_redirect_headers: The headers to clean up when redirecting to another domain. 

40 :keyword bool disable_redirect_cleanup: Opt out cleaning up sensitive headers when redirecting to another domain. 

41 """ 

42 

43 DEFAULT_SENSITIVE_HEADERS = set( 

44 [ 

45 "Authorization", 

46 "x-ms-authorization-auxiliary", 

47 ] 

48 ) 

49 

50 def __init__( 

51 self, # pylint: disable=unused-argument 

52 *, 

53 blocked_redirect_headers: Optional[List[str]] = None, 

54 disable_redirect_cleanup: bool = False, 

55 **kwargs: Any 

56 ) -> None: 

57 self._disable_redirect_cleanup = disable_redirect_cleanup 

58 self._blocked_redirect_headers = ( 

59 SensitiveHeaderCleanupPolicy.DEFAULT_SENSITIVE_HEADERS 

60 if blocked_redirect_headers is None 

61 else blocked_redirect_headers 

62 ) 

63 

64 def on_request(self, request: PipelineRequest[HTTPRequestType]) -> None: 

65 """This is executed before sending the request to the next policy. 

66 

67 :param request: The PipelineRequest object. 

68 :type request: ~azure.core.pipeline.PipelineRequest 

69 """ 

70 # "insecure_domain_change" is used to indicate that a redirect 

71 # has occurred to a different domain. This tells the SensitiveHeaderCleanupPolicy 

72 # to clean up sensitive headers. We need to remove it before sending the request 

73 # to the transport layer. 

74 insecure_domain_change = request.context.options.pop("insecure_domain_change", False) 

75 if not self._disable_redirect_cleanup and insecure_domain_change: 

76 for header in self._blocked_redirect_headers: 

77 request.http_request.headers.pop(header, None)