0001-misc-return-400-on-invalid-context-signature-31666.patch
combo/public/views.py | ||
---|---|---|
27 | 27 |
from django.core.exceptions import ObjectDoesNotExist, PermissionDenied |
28 | 28 |
from django.db import transaction |
29 | 29 |
from django.http import (Http404, HttpResponse, HttpResponseRedirect, |
30 |
HttpResponsePermanentRedirect) |
|
30 |
HttpResponsePermanentRedirect, HttpResponseBadRequest)
|
|
31 | 31 |
from django.shortcuts import render, resolve_url |
32 | 32 |
from django.template import engines |
33 | 33 |
from django.template.loader import get_template, TemplateDoesNotExist |
... | ... | |
142 | 142 |
'absolute_uri': request.build_absolute_uri |
143 | 143 |
} |
144 | 144 |
if request.GET.get('ctx'): |
145 |
context.update(signing.loads(request.GET['ctx'])) |
|
145 |
try: |
|
146 |
context.update(signing.loads(request.GET['ctx'])) |
|
147 |
except signing.BadSignature: |
|
148 |
return HttpResponseBadRequest('bad signature') |
|
146 | 149 |
modify_global_context(request, context) |
147 | 150 | |
148 | 151 |
if cell.page_id: |
149 |
- |