diff --git a/openedx/core/djangoapps/cors_csrf/authentication.py b/openedx/core/djangoapps/cors_csrf/authentication.py index 5d4d39695d..5b216c6747 100644 --- a/openedx/core/djangoapps/cors_csrf/authentication.py +++ b/openedx/core/djangoapps/cors_csrf/authentication.py @@ -27,7 +27,7 @@ class SessionAuthenticationCrossDomainCsrf(authentication.SessionAuthentication) """ def _process_enforce_csrf(self, request): CsrfViewMiddleware().process_request(request) - return super(SessionAuthenticationCrossDomainCsrf, self).enforce_csrf(request) # lint-amnesty, pylint: disable=super-with-arguments + return super().enforce_csrf(request) def enforce_csrf(self, request): """ diff --git a/openedx/core/djangoapps/cors_csrf/helpers.py b/openedx/core/djangoapps/cors_csrf/helpers.py index 560fbb3e45..fb36621f13 100644 --- a/openedx/core/djangoapps/cors_csrf/helpers.py +++ b/openedx/core/djangoapps/cors_csrf/helpers.py @@ -3,7 +3,7 @@ import contextlib import logging -import six.moves.urllib.parse # pylint: disable=import-error +import urllib.parse from django.conf import settings @@ -26,7 +26,7 @@ def is_cross_domain_request_allowed(request): """ referer = request.META.get('HTTP_REFERER') - referer_parts = six.moves.urllib.parse.urlparse(referer) if referer else None + referer_parts = urllib.parse.urlparse(referer) if referer else None referer_hostname = referer_parts.hostname if referer_parts is not None else None # Use CORS_ALLOW_INSECURE *only* for development and testing environments; @@ -34,18 +34,18 @@ def is_cross_domain_request_allowed(request): if not getattr(settings, 'CORS_ALLOW_INSECURE', False): if not request.is_secure(): log.debug( - u"Request is not secure, so we cannot send the CSRF token. " - u"For testing purposes, you can disable this check by setting " - u"`CORS_ALLOW_INSECURE` to True in the settings" + "Request is not secure, so we cannot send the CSRF token. " + "For testing purposes, you can disable this check by setting " + "`CORS_ALLOW_INSECURE` to True in the settings" ) return False if not referer: - log.debug(u"No referer provided over a secure connection, so we cannot check the protocol.") + log.debug("No referer provided over a secure connection, so we cannot check the protocol.") return False if not referer_parts.scheme == 'https': - log.debug(u"Referer '%s' must have the scheme 'https'") + log.debug("Referer '%s' must have the scheme 'https'") return False domain_is_whitelisted = ( @@ -56,20 +56,20 @@ def is_cross_domain_request_allowed(request): if referer_hostname is None: # If no referer is specified, we can't check if it's a cross-domain # request or not. - log.debug(u"Referrer hostname is `None`, so it is not on the whitelist.") + log.debug("Referrer hostname is `None`, so it is not on the whitelist.") elif referer_hostname != request.get_host(): log.info( ( - u"Domain '%s' is not on the cross domain whitelist. " - u"Add the domain to `CORS_ORIGIN_WHITELIST` or set " - u"`CORS_ORIGIN_ALLOW_ALL` to True in the settings." + "Domain '%s' is not on the cross domain whitelist. " + "Add the domain to `CORS_ORIGIN_WHITELIST` or set " + "`CORS_ORIGIN_ALLOW_ALL` to True in the settings." ), referer_hostname ) else: log.debug( ( - u"Domain '%s' is the same as the hostname in the request, " - u"so we are not going to treat it as a cross-domain request." + "Domain '%s' is the same as the hostname in the request, " + "so we are not going to treat it as a cross-domain request." ), referer_hostname ) return False diff --git a/openedx/core/djangoapps/cors_csrf/middleware.py b/openedx/core/djangoapps/cors_csrf/middleware.py index a1b4175879..072a333c45 100644 --- a/openedx/core/djangoapps/cors_csrf/middleware.py +++ b/openedx/core/djangoapps/cors_csrf/middleware.py @@ -65,7 +65,7 @@ class CorsCSRFMiddleware(CsrfViewMiddleware, MiddlewareMixin): """Disable the middleware if the feature flag is disabled. """ if not settings.FEATURES.get('ENABLE_CORS_HEADERS'): raise MiddlewareNotUsed() - super(CorsCSRFMiddleware, self).__init__(*args, **kwargs) # lint-amnesty, pylint: disable=super-with-arguments + super().__init__(*args, **kwargs) def process_view(self, request, callback, callback_args, callback_kwargs): """Skip the usual CSRF referer check if this is an allowed cross-domain request. """ @@ -74,7 +74,7 @@ class CorsCSRFMiddleware(CsrfViewMiddleware, MiddlewareMixin): return with skip_cross_domain_referer_check(request): - return super(CorsCSRFMiddleware, self).process_view(request, callback, callback_args, callback_kwargs) # lint-amnesty, pylint: disable=super-with-arguments + return super().process_view(request, callback, callback_args, callback_kwargs) class CsrfCrossDomainCookieMiddleware(MiddlewareMixin): @@ -110,7 +110,7 @@ class CsrfCrossDomainCookieMiddleware(MiddlewareMixin): "You must set `CROSS_DOMAIN_CSRF_COOKIE_DOMAIN` when " "`FEATURES['ENABLE_CROSS_DOMAIN_CSRF_COOKIE']` is True." ) - super(CsrfCrossDomainCookieMiddleware, self).__init__(*args, **kwargs) # lint-amnesty, pylint: disable=super-with-arguments + super().__init__(*args, **kwargs) def process_response(self, request, response): """Set the cross-domain CSRF cookie. """ @@ -144,7 +144,7 @@ class CsrfCrossDomainCookieMiddleware(MiddlewareMixin): secure=True ) log.debug( - u"Set cross-domain CSRF cookie '%s' for domain '%s'", + "Set cross-domain CSRF cookie '%s' for domain '%s'", settings.CROSS_DOMAIN_CSRF_COOKIE_NAME, settings.CROSS_DOMAIN_CSRF_COOKIE_DOMAIN ) diff --git a/openedx/core/djangoapps/cors_csrf/migrations/0001_initial.py b/openedx/core/djangoapps/cors_csrf/migrations/0001_initial.py index 0cb67d6057..46c0f759f5 100644 --- a/openedx/core/djangoapps/cors_csrf/migrations/0001_initial.py +++ b/openedx/core/djangoapps/cors_csrf/migrations/0001_initial.py @@ -1,6 +1,3 @@ -# -*- coding: utf-8 -*- - - from django.db import migrations, models import django.db.models.deletion from django.conf import settings diff --git a/openedx/core/djangoapps/cors_csrf/models.py b/openedx/core/djangoapps/cors_csrf/models.py index d4ca1306ee..a8e057e954 100644 --- a/openedx/core/djangoapps/cors_csrf/models.py +++ b/openedx/core/djangoapps/cors_csrf/models.py @@ -19,7 +19,7 @@ class XDomainProxyConfiguration(ConfigurationModel): whitelist = models.fields.TextField( help_text=_( - u"List of domains that are allowed to make cross-domain " + "List of domains that are allowed to make cross-domain " "requests to this site. Please list each domain on its own line." ) ) diff --git a/openedx/core/djangoapps/cors_csrf/tests/test_authentication.py b/openedx/core/djangoapps/cors_csrf/tests/test_authentication.py index f5fe33ff4b..1915165aa9 100644 --- a/openedx/core/djangoapps/cors_csrf/tests/test_authentication.py +++ b/openedx/core/djangoapps/cors_csrf/tests/test_authentication.py @@ -1,7 +1,7 @@ """Tests for the CORS CSRF version of Django Rest Framework's SessionAuthentication.""" -from mock import patch +from unittest.mock import patch from django.middleware.csrf import get_token from django.test import TestCase @@ -15,7 +15,7 @@ from ..authentication import SessionAuthenticationCrossDomainCsrf # A class to pass into django.middleware.csrf.get_token() so we can easily get a valid CSRF token to use. -class FakeRequest(object): +class FakeRequest: META = {} @@ -26,7 +26,7 @@ class CrossDomainAuthTest(TestCase): REFERER = "https://www.edx.org" def setUp(self): - super(CrossDomainAuthTest, self).setUp() # lint-amnesty, pylint: disable=super-with-arguments + super().setUp() self.auth = SessionAuthenticationCrossDomainCsrf() self.csrf_token = get_token(FakeRequest()) diff --git a/openedx/core/djangoapps/cors_csrf/tests/test_decorators.py b/openedx/core/djangoapps/cors_csrf/tests/test_decorators.py index b37aa1be63..3a148de198 100644 --- a/openedx/core/djangoapps/cors_csrf/tests/test_decorators.py +++ b/openedx/core/djangoapps/cors_csrf/tests/test_decorators.py @@ -2,7 +2,7 @@ import json -import mock +from unittest import mock from django.http import HttpResponse from django.test import TestCase diff --git a/openedx/core/djangoapps/cors_csrf/tests/test_middleware.py b/openedx/core/djangoapps/cors_csrf/tests/test_middleware.py index 625fa02341..1c5a59035b 100644 --- a/openedx/core/djangoapps/cors_csrf/tests/test_middleware.py +++ b/openedx/core/djangoapps/cors_csrf/tests/test_middleware.py @@ -3,9 +3,8 @@ Tests for the CORS CSRF middleware """ -from mock import patch, Mock +from unittest.mock import patch, Mock import ddt -import six import pytest from django.test import TestCase from django.test.utils import override_settings @@ -34,7 +33,7 @@ class TestCorsMiddlewareProcessRequest(TestCase): @override_settings(FEATURES={'ENABLE_CORS_HEADERS': True}) def setUp(self): - super(TestCorsMiddlewareProcessRequest, self).setUp() # lint-amnesty, pylint: disable=super-with-arguments + super().setUp() self.middleware = CorsCSRFMiddleware() def check_not_enabled(self, request): @@ -114,7 +113,7 @@ class TestCsrfCrossDomainCookieMiddleware(TestCase): CROSS_DOMAIN_CSRF_COOKIE_DOMAIN=COOKIE_DOMAIN ) def setUp(self): - super(TestCsrfCrossDomainCookieMiddleware, self).setUp() # lint-amnesty, pylint: disable=super-with-arguments + super().setUp() self.middleware = CsrfCrossDomainCookieMiddleware() @override_settings(FEATURES={'ENABLE_CROSS_DOMAIN_CSRF_COOKIE': False}) @@ -263,9 +262,9 @@ class TestCsrfCrossDomainCookieMiddleware(TestCase): """Check that the cross-domain CSRF cookie was sent. """ if is_set: assert self.COOKIE_NAME in response.cookies - cookie_header = six.text_type(response.cookies[self.COOKIE_NAME]) + cookie_header = str(response.cookies[self.COOKIE_NAME]) # lint-amnesty, pylint: disable=bad-option-value, unicode-format-string - expected = six.u('Set-Cookie: {name}={value}; Domain={domain};').format( + expected = 'Set-Cookie: {name}={value}; Domain={domain};'.format( name=self.COOKIE_NAME, value=self.COOKIE_VALUE, domain=self.COOKIE_DOMAIN diff --git a/openedx/core/djangoapps/cors_csrf/tests/test_views.py b/openedx/core/djangoapps/cors_csrf/tests/test_views.py index 5f23bb9bff..4a43f348ef 100644 --- a/openedx/core/djangoapps/cors_csrf/tests/test_views.py +++ b/openedx/core/djangoapps/cors_csrf/tests/test_views.py @@ -23,7 +23,7 @@ class XDomainProxyTest(TestCase): def setUp(self): """Clear model-based config cache. """ - super(XDomainProxyTest, self).setUp() # lint-amnesty, pylint: disable=super-with-arguments + super().setUp() try: self.url = reverse('xdomain_proxy') except NoReverseMatch: diff --git a/openedx/core/djangoapps/cors_csrf/views.py b/openedx/core/djangoapps/cors_csrf/views.py index d0e5f05019..75729ce238 100644 --- a/openedx/core/djangoapps/cors_csrf/views.py +++ b/openedx/core/djangoapps/cors_csrf/views.py @@ -61,9 +61,9 @@ def xdomain_proxy(request): # pylint: disable=unused-argument if not allowed_domains: log.warning( - u"No whitelist configured for cross-domain proxy. " - u"You can configure the whitelist in Django Admin " - u"using the XDomainProxyConfiguration model." + "No whitelist configured for cross-domain proxy. " + "You can configure the whitelist in Django Admin " + "using the XDomainProxyConfiguration model." ) return HttpResponseNotFound()