allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brond...@apache.org
Subject [1/3] allura git commit: [#8225] Fix skip 404 by validatiing request.referer
Date Thu, 04 Oct 2018 16:46:28 GMT
Repository: allura
Updated Branches:
  refs/heads/master 1a10d0d14 -> b0dbd6685


[#8225] Fix skip 404 by validatiing request.referer


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/b0dbd668
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/b0dbd668
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/b0dbd668

Branch: refs/heads/master
Commit: b0dbd6685c08364d0cddfdf2fd55f14bfff4080e
Parents: f3f93906
Author: Shalitha <shalithasuranga@gmail.com>
Authored: Thu Oct 4 13:34:49 2018 +0530
Committer: Dave Brondsema <dbrondsema@slashdotmedia.com>
Committed: Thu Oct 4 15:46:17 2018 +0000

----------------------------------------------------------------------
 Allura/allura/ext/admin/admin_main.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/b0dbd668/Allura/allura/ext/admin/admin_main.py
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/admin_main.py b/Allura/allura/ext/admin/admin_main.py
index 7fa382d..468760f 100644
--- a/Allura/allura/ext/admin/admin_main.py
+++ b/Allura/allura/ext/admin/admin_main.py
@@ -703,7 +703,8 @@ class ProjectAdminController(BaseController):
         except forge_exc.ForgeError, exc:
             flash('%s: %s' % (exc.__class__.__name__, exc.args[0]),
                   'error')
-        if tool is not None and 'delete' in tool[0] and re.search(c.project.url() + tool[0]['mount_point']+
r'\/*', request.referer):
+        if request.referer is not None and tool is not None and 'delete' in tool[0] and \
+            re.search(c.project.url() + tool[0]['mount_point']+ r'\/*', request.referer):
             # Redirect to root when deleting currect module
             redirect('../')
         redirect(request.referer)


Mime
View raw message