Harden fetch_one() from malicious proxies that do not return HTTP 200 ok.

leonth · leonth · commit 1646abaea015 · 2015-01-25T22:09:30.000+08:00
diff --git a/elude/__init__.py b/elude/__init__.py
@@ -14,8 +14,11 @@
 @asyncio.coroutine
 def fetch_one(method, url, timeout, connector=None):
     try:
-        r = yield from asyncio.wait_for(aiohttp.request(method, url, connector=connector), timeout)
-        text = yield from r.text()
-        return r, text
+        r = yield from asyncio.wait_for(aiohttp.request(method, url, allow_redirects=True, connector=connector), timeout)
+        if r.status == 200:
+            text = yield from r.text()
+            return r, text
+        else:
+            return None, None
     except (aiohttp.ClientError, aiohttp.ProxyConnectionError, asyncio.TimeoutError, ValueError):
         return None, None  # TODO retry attempts
