##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

controller: Handle UnicodeDecodeError from webob decoding invalid URLs...
Valentin Kleibel -
r8790:aa51aca7 stable
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -3,6 +3,7 b' List of contributors to Kallithea projec'
3 Mads Kiilerich <mads@kiilerich.com> 2016-2024
3 Mads Kiilerich <mads@kiilerich.com> 2016-2024
4 Aristotelis Stageiritis <aristotelis79@gmail.com> 2024
4 Aristotelis Stageiritis <aristotelis79@gmail.com> 2024
5 Poesty Li <poesty7450@gmail.com> 2024
5 Poesty Li <poesty7450@gmail.com> 2024
6 Valentin Kleibel <valentin@vrvis.at> 2024
6 Manuel Jacob <me@manueljacob.de> 2019-2020 2022-2023
7 Manuel Jacob <me@manueljacob.de> 2019-2020 2022-2023
7 Mathias De Mare <mathias.de_mare@nokia.com> 2023
8 Mathias De Mare <mathias.de_mare@nokia.com> 2023
8 qy117121 <mixuan121@gmail.com> 2023
9 qy117121 <mixuan121@gmail.com> 2023
Show file before | Show file after | Hide comments
@@ -456,8 +456,16 b' class BaseController(TGController):'
456 if request.method not in ['GET', 'HEAD', 'POST']:
456 if request.method not in ['GET', 'HEAD', 'POST']:
457 raise webob.exc.HTTPMethodNotAllowed()
457 raise webob.exc.HTTPMethodNotAllowed()
458
458
459 try:
460 params = request.params
461 except UnicodeDecodeError as e:
462 # webobj will leak UnicodeDecodeError when decoding invalid
463 # URLencoded byte sequences in parameters
464 log.error('Error decoding request parameters: %s' % e)
465 raise webob.exc.HTTPBadRequest()
466
459 # Also verify the _method override - no longer allowed.
467 # Also verify the _method override - no longer allowed.
460 if request.params.get('_method') is None:
468 if params.get('_method') is None:
461 pass # no override, no problem
469 pass # no override, no problem
462 else:
470 else:
463 raise webob.exc.HTTPMethodNotAllowed()
471 raise webob.exc.HTTPMethodNotAllowed()
Show file before | Show file after | Hide comments
@@ -27,6 +27,7 b''
27 <li>Copyright &copy; 2012&ndash;2024, Mads Kiilerich</li>
27 <li>Copyright &copy; 2012&ndash;2024, Mads Kiilerich</li>
28 <li>Copyright &copy; 2024, Aristotelis Stageiritis</li>
28 <li>Copyright &copy; 2024, Aristotelis Stageiritis</li>
29 <li>Copyright &copy; 2024, Poesty Li</li>
29 <li>Copyright &copy; 2024, Poesty Li</li>
30 <li>Copyright &copy; 2024, Valentin Kleibel</li>
30 <li>Copyright &copy; 2019&ndash;2020, 2022&ndash;2023, Manuel Jacob</li>
31 <li>Copyright &copy; 2019&ndash;2020, 2022&ndash;2023, Manuel Jacob</li>
31 <li>Copyright &copy; 2023, Mathias De Mare</li>
32 <li>Copyright &copy; 2023, Mathias De Mare</li>
32 <li>Copyright &copy; 2023, qy117121</li>
33 <li>Copyright &copy; 2023, qy117121</li>
General Comments 0
You need to be logged in to leave comments. Login now