allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kentontay...@apache.org
Subject allura git commit: Santize more in paging_sanitizer() to avoid errors on invalid URL params
Date Wed, 26 Sep 2018 19:06:49 GMT
Repository: allura
Updated Branches:
  refs/heads/master 0f77ad5b8 -> 64d5a1024


Santize more in paging_sanitizer() to avoid errors on invalid URL params


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/64d5a102
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/64d5a102
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/64d5a102

Branch: refs/heads/master
Commit: 64d5a102481c54f82b0a1bb5316b3625b747b4c9
Parents: 0f77ad5
Author: Dave Brondsema <dave@brondsema.net>
Authored: Tue Sep 25 11:22:04 2018 -0400
Committer: Dave Brondsema <dave@brondsema.net>
Committed: Tue Sep 25 11:22:04 2018 -0400

----------------------------------------------------------------------
 Allura/allura/lib/helpers.py        | 13 +++++++++++--
 Allura/allura/tests/test_helpers.py |  1 +
 2 files changed, 12 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/64d5a102/Allura/allura/lib/helpers.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py
index 32a57e5..7e13e57 100644
--- a/Allura/allura/lib/helpers.py
+++ b/Allura/allura/lib/helpers.py
@@ -721,12 +721,21 @@ def paging_sanitizer(limit, page, total_count=sys.maxint, zero_based_pages=True)
     valid ranges based on total_count.
 
     Useful for sanitizing limit and page query params.
+
+    See also g.handle_paging which also checks prefs
     """
-    limit = max(int(limit), 1)
+    try:
+        limit = max(int(limit), 1)
+    except ValueError:
+        limit = 25
     limit = min(limit, asint(tg.config.get('limit_param_max', 500)))
     max_page = (total_count / limit) + (1 if total_count % limit else 0)
     max_page = max(0, max_page - (1 if zero_based_pages else 0))
-    page = min(max(int(page or 0), (0 if zero_based_pages else 1)), max_page)
+    try:
+        page = int(page or 0)
+    except ValueError:
+        page = 0
+    page = min(max(page, (0 if zero_based_pages else 1)), max_page)
     return limit, page
 
 

http://git-wip-us.apache.org/repos/asf/allura/blob/64d5a102/Allura/allura/tests/test_helpers.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/test_helpers.py b/Allura/allura/tests/test_helpers.py
index d228c8c..65c44ac 100644
--- a/Allura/allura/tests/test_helpers.py
+++ b/Allura/allura/tests/test_helpers.py
@@ -234,6 +234,7 @@ def test_paging_sanitizer():
         (9999999, 0, 0): (500, 0),
         (10, None, 0): (10, 0),
         (10, 0): (10, 0),
+        ('junk', 'more junk'): (25, 0),
     }
     for input, output in test_data.iteritems():
         assert (h.paging_sanitizer(*input)) == output


Mime
View raw message