service: http: routes: Default to setting no-cache on all respones

Signed-off-by: John Andersen <[email protected]>

Author: pdxjohnny

service/http/dffml_service_http/cli.py

@@ -233,6 +233,9 @@ class ServerConfig(TLSCMDConfig, MultiCommCMDConfig):
         "Domains to allow CORS for (see keys in defaults dict for aiohttp_cors.setup)",
         default_factory=lambda: [],
     )
+    allow_caching: bool = field(
+        "Allow caching of HTTP responses", action="store_true", default=False,
+    )
     models: Model = field(
         "Models configured on start",
         default_factory=lambda: AsyncContextManagerList(),

service/http/dffml_service_http/routes.py

@@ -44,6 +44,12 @@
 SECRETS_TOKEN_BITS = 384
 SECRETS_TOKEN_BYTES = int(SECRETS_TOKEN_BITS / 8)
 
+# Headers required to set no-cache for confidential web pages
+DISALLOW_CACHING = {
+    "Pragma": "no-cache",
+    "Cache-Control": "no-cache, no-store, max-age=0, must-revalidate",
+    "Expires": "-1",
+}
 
 OK = {"error": None}
 SOURCE_NOT_LOADED = {"error": "Source not loaded"}
@@ -448,22 +454,31 @@ async def error_middleware(self, request, handler):
                 new_handler = await self.get_registered_handler(request)
                 if new_handler is not None:
                     handler = new_handler
-            return await handler(request)
+            response = await handler(request)
         except web.HTTPException as error:
             response = {"error": error.reason}
             if error.text is not None:
                 response["error"] = error.text
-            return web.json_response(response, status=error.status)
+            response = web.json_response(response, status=error.status)
         except Exception as error:  #  pragma: no cov
             self.logger.error(
                 "ERROR handling %s: %s",
                 request,
                 traceback.format_exc().strip(),
             )
-            return web.json_response(
+            response = web.json_response(
                 {"error": "Internal Server Error"},
                 status=HTTPStatus.INTERNAL_SERVER_ERROR,
             )
+        # Disable request caching unless allowed explicitly
+        if not self.allow_caching:
+            self.set_no_cache(response)
+        return response
+
+    def set_no_cache(self, response):
+        # Set headers required to set no-cache for confidential web pages
+        for header, value in DISALLOW_CACHING.items():
+            response.headers[header] = value
 
     async def service_upload(self, request):
         if self.upload_dir is None:

service/http/dffml_service_http/util/testing.py

@@ -22,6 +22,7 @@
 from dffml.source.memory import MemorySource, MemorySourceConfig
 
 from dffml_service_http.cli import Server
+from dffml_service_http.routes import DISALLOW_CACHING
 
 
 @config
@@ -123,16 +124,27 @@ async def tearDown(self):
     def url(self):
         return f"http://{self.cli.addr}:{self.cli.port}"
 
+    def check_allow_caching(self, r):
+        for header, should_be in DISALLOW_CACHING.items():
+            if not header in r.headers:
+                raise Exception(f"No cache header {header} not in {r.headers}")
+            if r.headers[header] != should_be:
+                raise Exception(
+                    f"No cache header {header} should have been {should_be!r} but was {r.headers[header]!r}"
+                )
+
     @contextlib.asynccontextmanager
     async def get(self, path):
         async with self.session.get(self.url + path) as r:
+            self.check_allow_caching(r)
             if r.status != HTTPStatus.OK:
                 raise ServerException((await r.json())["error"])
             yield r
 
     @contextlib.asynccontextmanager
     async def post(self, path, *args, **kwargs):
         async with self.session.post(self.url + path, *args, **kwargs) as r:
+            self.check_allow_caching(r)
             if r.status != HTTPStatus.OK:
                 raise ServerException((await r.json())["error"])
             yield r

service/http/tests/test_routes.py

@@ -30,6 +30,7 @@
     MODEL_NOT_LOADED,
     MODEL_NO_SOURCES,
     HTTPChannelConfig,
+    DISALLOW_CACHING,
 )
 from dffml_service_http.util.testing import (
     ServerRunner,
@@ -59,6 +60,27 @@ async def test_not_found_handler(self):
             async with self.get("/non-existant"):
                 pass  # pramga: no cov
 
+    def set_no_cache_do_not_set_any_headers(self, response):
+        pass
+
+    async def test_check_allow_caching_header_not_found(self):
+        self.cli.set_no_cache = self.set_no_cache_do_not_set_any_headers
+        with self.assertRaisesRegex(Exception, "No cache header .* not in"):
+            async with self.get("/non-existant"):
+                pass  # pramga: no cov
+
+    def set_no_cache_bad_values_for_headers(self, response):
+        for header, value in DISALLOW_CACHING.items():
+            response.headers[header] = "BAD!"
+
+    async def test_check_allow_caching_header_not_correct(self):
+        self.cli.set_no_cache = self.set_no_cache_bad_values_for_headers
+        with self.assertRaisesRegex(
+            Exception, "No cache header .* should have been .* but was"
+        ):
+            async with self.get("/non-existant"):
+                pass  # pramga: no cov
+
 
 class TestRoutesServiceUpload(TestRoutesRunning, AsyncTestCase):
     async def test_success(self):