Created
January 14, 2020 19:04
-
-
Save jebeaudet/229daef8d8f86639bb2f529486e165b5 to your computer and use it in GitHub Desktop.
Form resubmission bug in chrome part 2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import http.server | |
import socketserver | |
PORT = 8000 | |
auto_submit_html = """ | |
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> | |
<head> | |
</head> | |
<body onload="document.forms[0].submit()"> | |
<noscript> | |
<p> | |
<strong>Note:</strong> Since your browser does not support JavaScript, | |
you must press the Continue button once to proceed. | |
</p> | |
</noscript> | |
<form action="/saml/callback" method="post"> | |
<div> | |
<input type="hidden" name="SAMLRequest" value="potato"/> | |
</div> | |
<noscript> | |
<div> | |
<input type="submit" value="Continue"/> | |
</div> | |
</noscript> | |
</form> | |
</body> | |
</html> | |
""" | |
start_html = """ | |
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> | |
<head> | |
</head> | |
<body> | |
<form action="/redirect" method="post"> | |
<input type="submit" value="Start here"> | |
</form> | |
</body> | |
</html> | |
""" | |
class ServerHandler(http.server.SimpleHTTPRequestHandler): | |
def do_GET(self): | |
if(self.path == '/start'): | |
self.send_response(200) | |
self.send_header('content-length',len(str.encode(start_html))) | |
self.send_header('content-type','text/html;charset=utf-8') | |
self.end_headers() | |
self.wfile.write(str.encode(start_html)) | |
return | |
if(self.path == '/autosubmit'): | |
if not (self.headers.get('Authorization',None)): | |
self.send_response(401) | |
self.send_header('content-length','0') | |
self.send_header('WWW-Authenticate', 'Basic realm="test"') | |
self.end_headers() | |
else: | |
self.send_response(200) | |
self.send_header('content-length',len(str.encode(auto_submit_html))) | |
self.send_header('content-type','text/html;charset=utf-8') | |
self.end_headers() | |
self.wfile.write(str.encode(auto_submit_html)) | |
def do_POST(self): | |
if(self.path == '/redirect'): | |
self.send_response(302) | |
self.send_header('location','/autosubmit') | |
self.end_headers() | |
return | |
if(self.path == '/saml/callback'): | |
self.send_response(200) | |
response = "You're at the callback" | |
self.send_header('content-length',len(str.encode(response))) | |
self.send_header('content-type','text/plain') | |
self.end_headers() | |
self.wfile.write(str.encode(response)) | |
return | |
Handler = ServerHandler | |
socketserver.TCPServer.allow_reuse_address=True | |
with socketserver.TCPServer(("", PORT), Handler) as httpd: | |
print("serving at port", PORT) | |
httpd.serve_forever() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment