automatic import of python-talisman

3 files changed, 164 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
index e69de29..50f09e2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/talisman-0.1.0.tar.gz
diff --git a/python-talisman.spec b/python-talisman.spec
new file mode 100644
index 0000000..a3dd12c
--- /dev/null
+++ b/python-talisman.spec
@@ -0,0 +1,162 @@
+%global _empty_manifest_terminate_build 0
+Name:		python-talisman
+Version:	0.1.0
+Release:	1
+Summary:	HTTP security headers for Flask.
+License:	Apache Software License
+URL:		https://github.com/GoogleCloudPlatform/flask-talisman
+Source0:	https://mirrors.nju.edu.cn/pypi/web/packages/28/36/9e956917b35eca994d24f5e1d53444369df8144d4e35bc69aceaa2aeb668/talisman-0.1.0.tar.gz
+BuildArch:	noarch
+
+
+%description
+|Build Status| |Coverage Status| |PyPI Version|
+Talisman is a small Flask extension that handles setting HTTP headers
+that can help protect against a few common web application security
+issues.
+The default configuration:
+-  Forces all connects to ``https``, unless running with debug enabled.
+-  Enables `HTTP Strict Transport
+   Security <https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security>`__.
+-  Enables HSTS preloading. If you register your application with
+   `Google's HSTS preload list <https://hstspreload.appspot.com/>`__,
+   Firefox and Chrome will never load your site over a non-secure
+   connection.
+-  Sets Flask's session cookie to ``secure``, so it will never be set if
+   you application is somehow accessed via a non-secure connection.
+-  Sets Flask's session cookie to ``httponly``, preventing JavaScript
+   from being able to access its content. CSRF via Ajax uses a separate
+   cookie and should be unaffected.
+-  Sets
+   `X-Frame-Options <https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options>`__
+   to ``SAMEORIGIN`` to avoid
+   `clickjacking <https://en.wikipedia.org/wiki/Clickjacking>`__.
+-  Sets a strict `Content Security
+   Policy <https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy>`__
+   of ``default-src: 'self'``. This is intended to almost completely
+   prevent Cross Site Scripting (XSS) attacks. This is probably the only
+   setting that you should reasonably change. See the `section
+   below <#content-security-policy>`__ on configuring this.
+In addition to Talisman, you **should always use a cross-site request
+forgery (CSRF) library**. I highly recommend
+`Flask-SeaSurf <https://flask-seasurf.readthedocs.org/en/latest/>`__,
+which is based on Django's excellent library.
+
+%package -n python3-talisman
+Summary:	HTTP security headers for Flask.
+Provides:	python-talisman
+BuildRequires:	python3-devel
+BuildRequires:	python3-setuptools
+BuildRequires:	python3-pip
+%description -n python3-talisman
+|Build Status| |Coverage Status| |PyPI Version|
+Talisman is a small Flask extension that handles setting HTTP headers
+that can help protect against a few common web application security
+issues.
+The default configuration:
+-  Forces all connects to ``https``, unless running with debug enabled.
+-  Enables `HTTP Strict Transport
+   Security <https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security>`__.
+-  Enables HSTS preloading. If you register your application with
+   `Google's HSTS preload list <https://hstspreload.appspot.com/>`__,
+   Firefox and Chrome will never load your site over a non-secure
+   connection.
+-  Sets Flask's session cookie to ``secure``, so it will never be set if
+   you application is somehow accessed via a non-secure connection.
+-  Sets Flask's session cookie to ``httponly``, preventing JavaScript
+   from being able to access its content. CSRF via Ajax uses a separate
+   cookie and should be unaffected.
+-  Sets
+   `X-Frame-Options <https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options>`__
+   to ``SAMEORIGIN`` to avoid
+   `clickjacking <https://en.wikipedia.org/wiki/Clickjacking>`__.
+-  Sets a strict `Content Security
+   Policy <https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy>`__
+   of ``default-src: 'self'``. This is intended to almost completely
+   prevent Cross Site Scripting (XSS) attacks. This is probably the only
+   setting that you should reasonably change. See the `section
+   below <#content-security-policy>`__ on configuring this.
+In addition to Talisman, you **should always use a cross-site request
+forgery (CSRF) library**. I highly recommend
+`Flask-SeaSurf <https://flask-seasurf.readthedocs.org/en/latest/>`__,
+which is based on Django's excellent library.
+
+%package help
+Summary:	Development documents and examples for talisman
+Provides:	python3-talisman-doc
+%description help
+|Build Status| |Coverage Status| |PyPI Version|
+Talisman is a small Flask extension that handles setting HTTP headers
+that can help protect against a few common web application security
+issues.
+The default configuration:
+-  Forces all connects to ``https``, unless running with debug enabled.
+-  Enables `HTTP Strict Transport
+   Security <https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security>`__.
+-  Enables HSTS preloading. If you register your application with
+   `Google's HSTS preload list <https://hstspreload.appspot.com/>`__,
+   Firefox and Chrome will never load your site over a non-secure
+   connection.
+-  Sets Flask's session cookie to ``secure``, so it will never be set if
+   you application is somehow accessed via a non-secure connection.
+-  Sets Flask's session cookie to ``httponly``, preventing JavaScript
+   from being able to access its content. CSRF via Ajax uses a separate
+   cookie and should be unaffected.
+-  Sets
+   `X-Frame-Options <https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options>`__
+   to ``SAMEORIGIN`` to avoid
+   `clickjacking <https://en.wikipedia.org/wiki/Clickjacking>`__.
+-  Sets a strict `Content Security
+   Policy <https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy>`__
+   of ``default-src: 'self'``. This is intended to almost completely
+   prevent Cross Site Scripting (XSS) attacks. This is probably the only
+   setting that you should reasonably change. See the `section
+   below <#content-security-policy>`__ on configuring this.
+In addition to Talisman, you **should always use a cross-site request
+forgery (CSRF) library**. I highly recommend
+`Flask-SeaSurf <https://flask-seasurf.readthedocs.org/en/latest/>`__,
+which is based on Django's excellent library.
+
+%prep
+%autosetup -n talisman-0.1.0
+
+%build
+%py3_build
+
+%install
+%py3_install
+install -d -m755 %{buildroot}/%{_pkgdocdir}
+if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
+if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
+if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
+if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
+pushd %{buildroot}
+if [ -d usr/lib ]; then
+	find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/lib64 ]; then
+	find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/bin ]; then
+	find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/sbin ]; then
+	find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+touch doclist.lst
+if [ -d usr/share/man ]; then
+	find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
+fi
+popd
+mv %{buildroot}/filelist.lst .
+mv %{buildroot}/doclist.lst .
+
+%files -n python3-talisman -f filelist.lst
+%dir %{python3_sitelib}/*
+
+%files help -f doclist.lst
+%{_docdir}/*
+
+%changelog
+* Thu May 18 2023 Python_Bot <Python_Bot@openeuler.org> - 0.1.0-1
+- Package Spec generated
diff --git a/sources b/sources
new file mode 100644
index 0000000..948cc83
--- /dev/null
+++ b/sources
@@ -0,0 +1 @@
+a6c0a401ee46d8fb603a9b7c3f571313  talisman-0.1.0.tar.gz