diff --git a/Pipfile b/Pipfile
index 6033f98de..df3f96b69 100644
--- a/Pipfile
+++ b/Pipfile
@@ -7,7 +7,7 @@ name = "pypi"
ago = "~=0.0.95"
blinker = "~=1.4"
fido2 = "==0.9.3"
-flask = "~=2.2.3"
+flask = "~=2.3"
flask-basicauth = "~=0.2"
flask-login = "~=0.6"
flask-wtf = "~=1.1"
@@ -30,7 +30,7 @@ pyproj = "==3.3.1"
python-dotenv = "==0.20.0"
pytz = "==2022.1"
rtreelib = "==0.2.0"
-werkzeug = "~=2.2.3"
+werkzeug = "~=2.3"
wtforms = "~=3.0"
newrelic = "*"
flask-talisman = "*"
diff --git a/Pipfile.lock b/Pipfile.lock
index 3ed049b33..06e72a206 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
- "sha256": "fe2119389dc4e092d307f259698f68af08717fd5bddf9388524de60fae631c1f"
+ "sha256": "59c6c377e8503bdfeb0c4b27fbc67107f14582213c191d6b3e5dec8d91be5784"
},
"pipfile-spec": 6,
"requires": {
@@ -50,19 +50,19 @@
},
"boto3": {
"hashes": [
- "sha256:38ca632be379963f2a2749b5f63a81fe1679913b954914f470ad282c77674bbc",
- "sha256:4d575c180312bec6108852bae12e6396b9d1bb404154d652c57ee849c62fbb83"
+ "sha256:4847855cfa4ff272eb66cf1fc9542068ada6d4816d56573cc9cafde51962d0ef",
+ "sha256:ec53175eaf818dfe1eec33f7e165eca957744c1d8a82047a9efbcce9547e5cc9"
],
"markers": "python_version >= '3.7'",
- "version": "==1.26.122"
+ "version": "==1.26.124"
},
"botocore": {
"hashes": [
- "sha256:9e4984a9e9777c6b949aa1e98323fa35480d9f99d447af7e179ae611f7ed5af9",
- "sha256:c3b41078d235761b9c5dc22f534a76952622ef96787b96bbd10242ec4d73f2a5"
+ "sha256:cbcbd5b084952d332d7b8170577f10509e3e7b3b6abbc2920b1c27e93ad2ab25",
+ "sha256:ebe8a83dd1db18180774ce45b1911959c60bb1843ea0db610231495527a3518a"
],
"markers": "python_version >= '3.7'",
- "version": "==1.29.122"
+ "version": "==1.29.124"
},
"cachetools": {
"hashes": [
@@ -248,60 +248,60 @@
},
"coverage": {
"hashes": [
- "sha256:00f8fd8a5fe1ffc3aef78ea2dbf553e5c0f4664324e878995e38d41f037eb2b3",
- "sha256:0b65a6a5484b7f2970393d6250553c05b2ede069e0e18abe907fdc7f3528252e",
- "sha256:12bc9127c8aca2f7c25c9acca53da3db6799b2999b40f28c2546237b7ea28459",
- "sha256:1a3e8697cb40f28e5bcfb6f4bda7852d96dbb6f6fd7cc306aba4ae690c9905ab",
- "sha256:1d2a9180beff1922b09bd7389e23454928e108449e646c26da5c62e29b0bf4e3",
- "sha256:1d3893f285fd76f56651f04d1efd3bdce251c32992a64c51e5d6ec3ba9e3f9c9",
- "sha256:2857894c22833d3da6e113623a9b7440159b2295280b4e0d954cadbfa724b85a",
- "sha256:29c7d88468f01a75231797173b52dc66d20a8d91b8bb75c88fc5861268578f52",
- "sha256:2d784177a7fb9d0f58d24d3e60638c8b729c3693963bf67fa919120f750db237",
- "sha256:39747afc854a7ee14e5e132da7db179d6281faf97dc51e6d7806651811c47538",
- "sha256:3d6f3c5b6738a494f17c73b4aa3aa899865cc33a74aa85e3b5695943b79ad3ce",
- "sha256:3fc9cde48de956bfbacea026936fbd4974ff1dc2f83397c6f1968f0142c9d50b",
- "sha256:4078939c4b7053e14e87c65aa68dbed7867e326e450f94038bfe1a1b22078ff9",
- "sha256:437da7d2fcc35bf45e04b7e9cfecb7c459ec6f6dc17a8558ed52e8d666c2d9ab",
- "sha256:4522dd9aeb9cc2c4c54ce23933beb37a4e106ec2ba94f69138c159024c8a906a",
- "sha256:50fda3d33b705b9c01e3b772cfa7d14de8aec2ec2870e4320992c26d057fde12",
- "sha256:56a674ad18d6b04008283ca03c012be913bf89d91c0803c54c24600b300d9e51",
- "sha256:56d74d6fbd5a98a5629e8467b719b0abea9ca01a6b13555d125c84f8bf4ea23d",
- "sha256:5c122d120c11a236558c339a59b4b60947b38ac9e3ad30a0e0e02540b37bf536",
- "sha256:5c6c6e3b8fb6411a2035da78d86516bfcfd450571d167304911814407697fb7a",
- "sha256:603a2b172126e3b08c11ca34200143089a088cd0297d4cfc4922d2c1c3a892f9",
- "sha256:60feb703abc8d78e9427d873bcf924c9e30cf540a21971ef5a17154da763b60f",
- "sha256:6a17bf32e9e3333d78606ac1073dd20655dc0752d5b923fa76afd3bc91674ab4",
- "sha256:700bc9fb1074e0c67c09fe96a803de66663830420781df8dc9fb90d7421d4ccb",
- "sha256:72751d117ceaad3b1ea3bcb9e85f5409bbe9fb8a40086e17333b994dbccc0718",
- "sha256:7283f78d07a201ac7d9dc2ac2e4faaea99c4d302f243ee5b4e359f3e170dc008",
- "sha256:856bcb837e96adede31018a0854ce7711a5d6174db1a84e629134970676c54fa",
- "sha256:864e36947289be05abd83267c4bade35e772526d3e9653444a9dc891faf0d698",
- "sha256:8769a67e8816c7e94d5bf446fc0501641fde78fdff362feb28c2c64d45d0e9b1",
- "sha256:876e4ef3eff00b50787867c5bae84857a9af4c369a9d5b266cd9b19f61e48ef7",
- "sha256:89e63b38c7b888e00fd42ce458f838dccb66de06baea2da71801b0fc9070bfa0",
- "sha256:92b565c51732ea2e7e541709ccce76391b39f4254260e5922e08e00971e88e33",
- "sha256:9e5eedde6e6e241ec3816f05767cc77e7456bf5ec6b373fb29917f0990e2078f",
- "sha256:a5c4f2e44a2ae15fa6883898e756552db5105ca4bd918634cbd5b7c00e19e8a1",
- "sha256:ab08af91cf4d847a6e15d7d5eeae5fead1487caf16ff3a2056dbe64d058fd246",
- "sha256:ab08e03add2cf5793e66ac1bbbb24acfa90c125476f5724f5d44c56eeec1d635",
- "sha256:ac4861241e693e21b280f07844ae0e0707665e1dfcbf9466b793584984ae45c4",
- "sha256:b3023ce23e41a6f006c09f7e6d62b6c069c36bdc9f7de16a5ef823acc02e6c63",
- "sha256:bc47015fc0455753e8aba1f38b81b731aaf7f004a0c390b404e0fcf1d6c1d72f",
- "sha256:c2becddfcbf3d994a8f4f9dd2b6015cae3a3eff50dedc6e4a17c3cccbe8f93d4",
- "sha256:cdee9a77fd0ce000781680b6a1f4b721c567f66f2f73a49be1843ff439d634f3",
- "sha256:cdfb53bef4b2739ff747ebbd76d6ac5384371fd3c7a8af08899074eba034d483",
- "sha256:d4db4e6c115d869cd5397d3d21fd99e4c7053205c33a4ae725c90d19dcd178af",
- "sha256:d9f770c6052d9b5c9b0e824fd8c003fe33276473b65b4f10ece9565ceb62438e",
- "sha256:e41a7f44e73b37c6f0132ecfdc1c8b67722f42a3d9b979e6ebc150c8e80cf13a",
- "sha256:ea534200efbf600e60130c48552f99f351cae2906898a9cd924c1c7f2fb02853",
- "sha256:f19ba9301e6fb0b94ba71fda9a1b02d11f0aab7f8e2455122a4e2921b6703c2f",
- "sha256:f37ae1804596f13d811e0247ffc8219f5261b3565bdf45fcbb4fc091b8e9ff35",
- "sha256:f7668a621afc52db29f6867e0e9c72a1eec9f02c94a7c36599119d557cf6e471",
- "sha256:f7ffdb3af2a01ce91577f84fc0faa056029fe457f3183007cffe7b11ea78b23c",
- "sha256:fabd1f4d12dfd6b4f309208c2f31b116dc5900e0b42dbafe4ee1bc7c998ffbb0"
+ "sha256:0342a28617e63ad15d96dca0f7ae9479a37b7d8a295f749c14f3436ea59fdcb3",
+ "sha256:066b44897c493e0dcbc9e6a6d9f8bbb6607ef82367cf6810d387c09f0cd4fe9a",
+ "sha256:10b15394c13544fce02382360cab54e51a9e0fd1bd61ae9ce012c0d1e103c813",
+ "sha256:12580845917b1e59f8a1c2ffa6af6d0908cb39220f3019e36c110c943dc875b0",
+ "sha256:156192e5fd3dbbcb11cd777cc469cf010a294f4c736a2b2c891c77618cb1379a",
+ "sha256:1637253b11a18f453e34013c665d8bf15904c9e3c44fbda34c643fbdc9d452cd",
+ "sha256:292300f76440651529b8ceec283a9370532f4ecba9ad67d120617021bb5ef139",
+ "sha256:30dcaf05adfa69c2a7b9f7dfd9f60bc8e36b282d7ed25c308ef9e114de7fc23b",
+ "sha256:338aa9d9883aaaad53695cb14ccdeb36d4060485bb9388446330bef9c361c252",
+ "sha256:373ea34dca98f2fdb3e5cb33d83b6d801007a8074f992b80311fc589d3e6b790",
+ "sha256:38c0a497a000d50491055805313ed83ddba069353d102ece8aef5d11b5faf045",
+ "sha256:40cc0f91c6cde033da493227797be2826cbf8f388eaa36a0271a97a332bfd7ce",
+ "sha256:4436cc9ba5414c2c998eaedee5343f49c02ca93b21769c5fdfa4f9d799e84200",
+ "sha256:509ecd8334c380000d259dc66feb191dd0a93b21f2453faa75f7f9cdcefc0718",
+ "sha256:5c587f52c81211d4530fa6857884d37f514bcf9453bdeee0ff93eaaf906a5c1b",
+ "sha256:5f3671662dc4b422b15776cdca89c041a6349b4864a43aa2350b6b0b03bbcc7f",
+ "sha256:6599bf92f33ab041e36e06d25890afbdf12078aacfe1f1d08c713906e49a3fe5",
+ "sha256:6e8a95f243d01ba572341c52f89f3acb98a3b6d1d5d830efba86033dd3687ade",
+ "sha256:706ec567267c96717ab9363904d846ec009a48d5f832140b6ad08aad3791b1f5",
+ "sha256:780551e47d62095e088f251f5db428473c26db7829884323e56d9c0c3118791a",
+ "sha256:7ff8f3fb38233035028dbc93715551d81eadc110199e14bbbfa01c5c4a43f8d8",
+ "sha256:828189fcdda99aae0d6bf718ea766b2e715eabc1868670a0a07bf8404bf58c33",
+ "sha256:857abe2fa6a4973f8663e039ead8d22215d31db613ace76e4a98f52ec919068e",
+ "sha256:883123d0bbe1c136f76b56276074b0c79b5817dd4238097ffa64ac67257f4b6c",
+ "sha256:8877d9b437b35a85c18e3c6499b23674684bf690f5d96c1006a1ef61f9fdf0f3",
+ "sha256:8e575a59315a91ccd00c7757127f6b2488c2f914096077c745c2f1ba5b8c0969",
+ "sha256:97072cc90f1009386c8a5b7de9d4fc1a9f91ba5ef2146c55c1f005e7b5c5e068",
+ "sha256:9a22cbb5ede6fade0482111fa7f01115ff04039795d7092ed0db43522431b4f2",
+ "sha256:a063aad9f7b4c9f9da7b2550eae0a582ffc7623dca1c925e50c3fbde7a579771",
+ "sha256:a08c7401d0b24e8c2982f4e307124b671c6736d40d1c39e09d7a8687bddf83ed",
+ "sha256:a0b273fe6dc655b110e8dc89b8ec7f1a778d78c9fd9b4bda7c384c8906072212",
+ "sha256:a2b3b05e22a77bb0ae1a3125126a4e08535961c946b62f30985535ed40e26614",
+ "sha256:a66e055254a26c82aead7ff420d9fa8dc2da10c82679ea850d8feebf11074d88",
+ "sha256:aa387bd7489f3e1787ff82068b295bcaafbf6f79c3dad3cbc82ef88ce3f48ad3",
+ "sha256:ae453f655640157d76209f42c62c64c4d4f2c7f97256d3567e3b439bd5c9b06c",
+ "sha256:b5016e331b75310610c2cf955d9f58a9749943ed5f7b8cfc0bb89c6134ab0a84",
+ "sha256:b9a4ee55174b04f6af539218f9f8083140f61a46eabcaa4234f3c2a452c4ed11",
+ "sha256:bd3b4b8175c1db502adf209d06136c000df4d245105c8839e9d0be71c94aefe1",
+ "sha256:bebea5f5ed41f618797ce3ffb4606c64a5de92e9c3f26d26c2e0aae292f015c1",
+ "sha256:c10fbc8a64aa0f3ed136b0b086b6b577bc64d67d5581acd7cc129af52654384e",
+ "sha256:c2c41c1b1866b670573657d584de413df701f482574bad7e28214a2362cb1fd1",
+ "sha256:cf97ed82ca986e5c637ea286ba2793c85325b30f869bf64d3009ccc1a31ae3fd",
+ "sha256:d1f25ee9de21a39b3a8516f2c5feb8de248f17da7eead089c2e04aa097936b47",
+ "sha256:d2fbc2a127e857d2f8898aaabcc34c37771bf78a4d5e17d3e1f5c30cd0cbc62a",
+ "sha256:dc945064a8783b86fcce9a0a705abd7db2117d95e340df8a4333f00be5efb64c",
+ "sha256:ddc5a54edb653e9e215f75de377354e2455376f416c4378e1d43b08ec50acc31",
+ "sha256:e8834e5f17d89e05697c3c043d3e58a8b19682bf365048837383abfe39adaed5",
+ "sha256:ef9659d1cda9ce9ac9585c045aaa1e59223b143f2407db0eaee0b61a4f266fb6",
+ "sha256:f6f5cab2d7f0c12f8187a376cc6582c477d2df91d63f75341307fcdcb5d60303",
+ "sha256:f81c9b4bd8aa747d417407a7f6f0b1469a43b36a85748145e144ac4e8d303cb5",
+ "sha256:f99ef080288f09ffc687423b8d60978cf3a465d3f404a18d1a05474bd8575a47"
],
"index": "pypi",
- "version": "==7.2.4"
+ "version": "==7.2.5"
},
"cryptography": {
"hashes": [
@@ -366,11 +366,11 @@
},
"flask": {
"hashes": [
- "sha256:13f6329ddbfff11340939cd11919daf150a01358ded4b7e81c03c055dfecb559",
- "sha256:77504c4c097f56ac5f29b00f9009213010cf9d2923a288c0e0564a5db2bb53d6"
+ "sha256:77fd4e1249d8c9923de34907236b747ced06e5467ecac1a7bb7115ae0e9670b0",
+ "sha256:8c2f9abd47a9e8df7f0c3f091ce9497d011dc3b31effcf4c85a6e2b50f4114ef"
],
"index": "pypi",
- "version": "==2.2.4"
+ "version": "==2.3.2"
},
"flask-basicauth": {
"hashes": [
@@ -1117,11 +1117,11 @@
},
"werkzeug": {
"hashes": [
- "sha256:2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe",
- "sha256:56433961bc1f12533306c624f3be5e744389ac61d722175d543e1751285da612"
+ "sha256:4866679a0722de00796a74086238bb3b98d90f423f05de039abb09315487254a",
+ "sha256:a987caf1092edc7523edb139edb20c70571c4a8d5eed02e0b547b4739174d091"
],
"index": "pypi",
- "version": "==2.2.3"
+ "version": "==2.3.3"
},
"wtforms": {
"hashes": [
@@ -1182,19 +1182,19 @@
},
"boto3": {
"hashes": [
- "sha256:38ca632be379963f2a2749b5f63a81fe1679913b954914f470ad282c77674bbc",
- "sha256:4d575c180312bec6108852bae12e6396b9d1bb404154d652c57ee849c62fbb83"
+ "sha256:4847855cfa4ff272eb66cf1fc9542068ada6d4816d56573cc9cafde51962d0ef",
+ "sha256:ec53175eaf818dfe1eec33f7e165eca957744c1d8a82047a9efbcce9547e5cc9"
],
"markers": "python_version >= '3.7'",
- "version": "==1.26.122"
+ "version": "==1.26.124"
},
"botocore": {
"hashes": [
- "sha256:9e4984a9e9777c6b949aa1e98323fa35480d9f99d447af7e179ae611f7ed5af9",
- "sha256:c3b41078d235761b9c5dc22f534a76952622ef96787b96bbd10242ec4d73f2a5"
+ "sha256:cbcbd5b084952d332d7b8170577f10509e3e7b3b6abbc2920b1c27e93ad2ab25",
+ "sha256:ebe8a83dd1db18180774ce45b1911959c60bb1843ea0db610231495527a3518a"
],
"markers": "python_version >= '3.7'",
- "version": "==1.29.122"
+ "version": "==1.29.124"
},
"cachecontrol": {
"extras": [
@@ -2014,11 +2014,11 @@
},
"werkzeug": {
"hashes": [
- "sha256:2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe",
- "sha256:56433961bc1f12533306c624f3be5e744389ac61d722175d543e1751285da612"
+ "sha256:4866679a0722de00796a74086238bb3b98d90f423f05de039abb09315487254a",
+ "sha256:a987caf1092edc7523edb139edb20c70571c4a8d5eed02e0b547b4739174d091"
],
"index": "pypi",
- "version": "==2.2.3"
+ "version": "==2.3.3"
},
"xmltodict": {
"hashes": [
diff --git a/app/__init__.py b/app/__init__.py
index d2232343a..590f0f595 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -269,7 +269,12 @@ def create_app(application):
# make sure we handle unicode correctly
redis_client.redis_store.decode_responses = True
- setup_blueprints(application)
+ from app.main import main as main_blueprint
+ from app.status import status as status_blueprint
+
+ application.register_blueprint(main_blueprint)
+
+ application.register_blueprint(status_blueprint)
add_template_filters(application)
@@ -282,6 +287,8 @@ def init_app(application):
application.before_request(load_service_before_request)
application.before_request(load_organisation_before_request)
application.before_request(request_helper.check_proxy_header_before_request)
+ application.before_request(make_session_permanent)
+ application.after_request(save_service_or_org_after_request)
font_paths = [
str(item)[len(asset_fingerprinter._filesystem_path):]
@@ -500,36 +507,6 @@ def register_errorhandlers(application): # noqa (C901 too complex)
return _error_response(500)
-def setup_blueprints(application):
- """
- There are three blueprints: status_blueprint, no_cookie_blueprint, and main_blueprint.
-
- main_blueprint is the default for everything.
-
- status_blueprint is only for the status page - unauthenticated, unstyled, no cookies, etc.
-
- no_cookie_blueprint is for subresources (things loaded asynchronously) that we might be concerned are setting
- cookies unnecessarily and potentially getting in to strange race conditions and overwriting other cookies, as we've
- seen in the send message flow. Currently, this includes the iframe from the platform admin email branding
- preview pages.
-
- This notably doesn't include the *.json ajax endpoints. If we included them in this, the cookies wouldn't be
- updated, including the expiration date. If you have a dashboard open and in focus it'll refresh the expiration timer
- every two seconds, and you will never log out, which is behaviour we want to preserve.
- """
- from app.main import main as main_blueprint
- from app.main import no_cookie as no_cookie_blueprint
- from app.status import status as status_blueprint
-
- main_blueprint.before_request(make_session_permanent)
- main_blueprint.after_request(save_service_or_org_after_request)
-
- application.register_blueprint(main_blueprint)
- # no_cookie_blueprint specifically doesn't have `make_session_permanent` or `save_service_or_org_after_request`
- application.register_blueprint(no_cookie_blueprint)
- application.register_blueprint(status_blueprint)
-
-
def setup_event_handlers():
from flask_login import user_logged_in
diff --git a/app/main/__init__.py b/app/main/__init__.py
index 26162357e..c0a5adeb1 100644
--- a/app/main/__init__.py
+++ b/app/main/__init__.py
@@ -1,7 +1,6 @@
from flask import Blueprint
main = Blueprint('main', __name__)
-no_cookie = Blueprint('no_cookie', __name__)
from app.main.views import ( # noqa isort:skip
add_service,
diff --git a/app/templates/admin_template.html b/app/templates/admin_template.html
index 47153b9cf..70b3f0d21 100644
--- a/app/templates/admin_template.html
+++ b/app/templates/admin_template.html
@@ -15,7 +15,7 @@
{%- for font in font_paths %}
{%- endfor %}
-
+
{% block extra_stylesheets %}
diff --git a/tests/app/main/views/test_index.py b/tests/app/main/views/test_index.py
index c67fa2f6e..621542261 100644
--- a/tests/app/main/views/test_index.py
+++ b/tests/app/main/views/test_index.py
@@ -233,7 +233,7 @@ def test_css_is_served_from_correct_path(client_request):
page.select('link[rel=stylesheet]')
):
assert link['href'].startswith([
- 'https://static.example.com/css/styles.css?',
+ # 'https://static.example.com/css/styles.css?',
'https://static.example.com/stylesheets/main.css?',
'https://static.example.com/stylesheets/print.css?',
][index])
diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py
index 01ca5020c..8f9284d3e 100644
--- a/tests/app/main/views/test_two_factor.py
+++ b/tests/app/main/views/test_two_factor.py
@@ -367,7 +367,7 @@ def test_two_factor_sms_should_activate_pending_user(
@pytest.mark.parametrize('extra_args, expected_encoded_next_arg', (
({}, ''),
- ({'next': 'https://example.com'}, '?next=https%3A%2F%2Fexample.com')
+ ({'next': 'https://example.com'}, '?next=https://example.com')
))
def test_valid_two_factor_email_link_shows_interstitial(
client_request,