allow limiting servers with a white list

[punjab-krb5-preauth] / punjab / httpb.py

diff --git a/punjab/httpb.py b/punjab/httpb.py
index e2ef23d..35debf7 100644 (file)
--- a/punjab/httpb.py
+++ b/punjab/httpb.py
@@ -302,11 +302,20 @@ class Httpb(resource.Resource):
         self.verbose  = v
 
         self.polling = self.service.polling or 15
+
+    def render_OPTIONS(self, request):
+        request.setHeader('Access-Control-Allow-Origin', '*')
+        request.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS')
+        request.setHeader('Access-Control-Allow-Headers', 'Content-Type')
+        request.setHeader('Access-Control-Max-Age', '86400')
+        return ""
                 
     def render_GET(self, request):
         """
         GET is not used, print docs.
         """
+        request.setHeader('Access-Control-Allow-Origin', '*')
+        request.setHeader('Access-Control-Allow-Headers', 'Content-Type')
         return """<html>
                  <body>
                  <a href='http://www.xmpp.org/extensions/xep-0124.html'>XEP-0124</a> - BOSH
@@ -317,6 +326,8 @@ class Httpb(resource.Resource):
         """
         Parse received xml
         """
+        request.setHeader('Access-Control-Allow-Origin', '*')
+        request.setHeader('Access-Control-Allow-Headers', 'Content-Type')
         request.content.seek(0, 0)
         if self.service.v:
             log.msg('HEADERS %s:' % (str(time.time()),))
@@ -462,6 +473,7 @@ class Httpb(resource.Resource):
     def return_body(self, request, b, charset="utf-8"):
         request.setResponseCode(200)
         bxml = b.toXml(prefixes=ns.XMPP_PREFIXES.copy()).encode(charset,'replace')
+        
         request.setHeader('content-type', 'text/xml')
         request.setHeader('content-length', len(bxml))
         if self.service.v:
@@ -520,7 +532,16 @@ class HttpbService(punjab.Service):
 
     implements(IHttpbService)
 
-    def __init__(self, verbose = 0, polling = 15, use_raw = False, bindAddress=("0.0.0.0", 0)):
+    white_list = []
+
+    def __init__(self, 
+                 verbose = 0, polling = 15, 
+                 use_raw = False, bindAddress=("0.0.0.0", 0), 
+                 session_creator = None):
+        if session_creator is not None:
+            self.make_session = session_creator
+        else:
+            self.make_session = make_session
         self.v  = verbose
         self.sessions = {}
         self.counter  = 0
@@ -560,6 +581,9 @@ class HttpbService(punjab.Service):
         if not body.hasAttribute('to') or body['to']=='':
             return None, defer.fail(error.BadRequest)
         
+        if self.white_list and body['to'] not in self.white_list:
+            return None, defer.fail(error.BadRequest)
+
         # look for wait
         if not body.hasAttribute('wait') or body['wait']=='':
             body['wait'] = 3
@@ -576,7 +600,7 @@ class HttpbService(punjab.Service):
         if not body.hasAttribute('inactivity'):
             body['inactivity'] = 60 
         
-        return make_session(self, body.attributes)
+        return self.make_session(self, body.attributes)
                 
 
     def parseBody(self, body, xmpp_elements):