Return URL-safe, hmac signed base64 compressed JSON string. If compress is True (not the default), check if compressing using zlib can save some space. Prepend a '.' to signify compression. This is included in the signature, to protect against zip bombs. Th
(self, obj, serializer=JSONSerializer, compress=False)
| 226 | raise BadSignature('Signature "%s" does not match' % sig) |
| 227 | |
| 228 | def sign_object(self, obj, serializer=JSONSerializer, compress=False): |
| 229 | """ |
| 230 | Return URL-safe, hmac signed base64 compressed JSON string. |
| 231 | |
| 232 | If compress is True (not the default), check if compressing using zlib |
| 233 | can save some space. Prepend a '.' to signify compression. This is |
| 234 | included in the signature, to protect against zip bombs. |
| 235 | |
| 236 | The serializer is expected to return a bytestring. |
| 237 | """ |
| 238 | data = serializer().dumps(obj) |
| 239 | # Flag for if it's been compressed or not. |
| 240 | is_compressed = False |
| 241 | |
| 242 | if compress: |
| 243 | # Avoid zlib dependency unless compress is being used. |
| 244 | compressed = zlib.compress(data) |
| 245 | if len(compressed) < (len(data) - 1): |
| 246 | data = compressed |
| 247 | is_compressed = True |
| 248 | base64d = b64_encode(data).decode() |
| 249 | if is_compressed: |
| 250 | base64d = "." + base64d |
| 251 | return self.sign(base64d) |
| 252 | |
| 253 | def unsign_object(self, signed_obj, serializer=JSONSerializer, **kwargs): |
| 254 | # Signer.unsign() returns str but base64 and zlib compression operate |