Fix bin/upload_symbols.py against current crashreport service

Regression since the Feb 13 2020 refactoring/upgrade of
https://crashreport.libreoffice.org by The Document Foundation's
infrastructure team.

Fix: Upgrade URLs to HTTPS and pass a Referer header along to avoid CSRF
verification errors from Django 1.11.

Change-Id: I19e7c1f11f49e736d32618f9aedea019344c5a78
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/91991
Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>

1 files changed, 6 insertions, 4 deletions

diff --git a/bin/upload_symbols.py b/bin/upload_symbols.py
index 72a03b6e56db..277508da712e 100755
--- a/bin/upload_symbols.py
+++ b/bin/upload_symbols.py
@@ -19,8 +19,9 @@ def main():
         print("Usage: upload-symbols.py symbols.zip config.ini \"long explanation\" [--system]")
         sys.exit(1)
 
-    upload_url = "http://crashreport.libreoffice.org/upload/"
-    login_url = "http://crashreport.libreoffice.org/accounts/login/"
+    base_url = "https://crashreport.libreoffice.org/"
+    upload_url = base_url + "upload/"
+    login_url = base_url + "accounts/login/"
 
     config = configparser.ConfigParser()
     config.read(sys.argv[2])
@@ -41,11 +42,12 @@ def main():
 
     login_data = { 'username': user,'password': password,
             'csrfmiddlewaretoken': csrftoken }
-    r1 = session.post(login_url,data=login_data)
+    headers = { "Referer": base_url }
+    r1 = session.post(login_url, headers=headers, data=login_data)
 
     data['csrfmiddlewaretoken'] = csrftoken
 
-    r = session.post(upload_url, files = files, data = data)
+    r = session.post(upload_url, headers=headers, files=files, data=data)
 
 if __name__ == "__main__":
     main()