From e4c4bc0aa0499cabbd7283e77940fc10971e00e8 Mon Sep 17 00:00:00 2001 From: FinnStutzenstein Date: Tue, 15 Oct 2019 10:54:31 +0200 Subject: [PATCH] Closing websocket connections to unknown urls --- openslides/routing.py | 6 ++++-- openslides/utils/consumers.py | 15 +++++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/openslides/routing.py b/openslides/routing.py index 64fd3bee3..af20cfea9 100644 --- a/openslides/routing.py +++ b/openslides/routing.py @@ -1,13 +1,15 @@ from channels.routing import ProtocolTypeRouter, URLRouter from django.conf.urls import url -from openslides.utils.consumers import SiteConsumer +from openslides.utils.consumers import CloseConsumer, SiteConsumer from openslides.utils.middleware import AuthMiddlewareStack application = ProtocolTypeRouter( { # WebSocket chat handler - "websocket": AuthMiddlewareStack(URLRouter([url(r"^ws/$", SiteConsumer)])) + "websocket": AuthMiddlewareStack( + URLRouter([url(r"^ws/$", SiteConsumer), url(".*", CloseConsumer)]) + ) } ) diff --git a/openslides/utils/consumers.py b/openslides/utils/consumers.py index 198e9ac97..21e9a8c98 100644 --- a/openslides/utils/consumers.py +++ b/openslides/utils/consumers.py @@ -3,6 +3,8 @@ from collections import defaultdict from typing import Any, Dict, List, Optional from urllib.parse import parse_qs +from channels.generic.websocket import AsyncWebsocketConsumer + from ..utils.websocket import WEBSOCKET_CHANGE_ID_TOO_HIGH from . import logging from .auth import async_anonymous_is_enabled @@ -217,3 +219,16 @@ class SiteConsumer(ProtocollAsyncJsonWebsocketConsumer): content = {"change_id": change_id, "data": data} await self.send_json(type="projector", content=content, in_response=in_response) + + +class CloseConsumer(AsyncWebsocketConsumer): + """ Auto-closes the connection """ + + groups: List[str] = [] + + def __init__(self, args: Dict[str, Any], **kwargs: Any) -> None: + logger.info(f'Closing connection to unknown websocket url {args["path"]}') + + async def connect(self) -> None: + await self.accept() + await self.close()