0001-manager-add-validation-of-redirect-url-template-synt.patch
combo/manager/forms.py | ||
---|---|---|
20 | 20 |
from django.conf import settings |
21 | 21 |
from django.contrib.auth.models import Group |
22 | 22 |
from django.core.exceptions import ValidationError |
23 |
from django.template import Template, TemplateSyntaxError |
|
23 | 24 |
from django.template.loader import TemplateDoesNotExist, get_template |
24 | 25 |
from django.utils.translation import ugettext_lazy as _ |
25 | 26 | |
... | ... | |
175 | 176 |
model = Page |
176 | 177 |
fields = ('redirect_url',) |
177 | 178 | |
179 |
def clean_redirect_url(self): |
|
180 |
value = self.cleaned_data.get('redirect_url') |
|
181 |
if value: |
|
182 |
try: |
|
183 |
Template(value) |
|
184 |
except TemplateSyntaxError as e: |
|
185 |
raise ValidationError(_('syntax error: %s') % e) |
|
186 |
return value |
|
187 | ||
178 | 188 |
def save(self, *args, **kwargs): |
179 | 189 |
page = super(PageEditRedirectionForm, self).save(*args, **kwargs) |
180 | 190 |
page.redirect_url = page.redirect_url.strip() |
tests/test_manager.py | ||
---|---|---|
278 | 278 |
resp = resp.follow() |
279 | 279 |
assert 'http://www.example.net' in resp.text |
280 | 280 |
assert Page.objects.all()[0].redirect_url == 'http://www.example.net' |
281 |
# redirection (error handling) |
|
282 |
resp = resp.click(href='.*/redirection') |
|
283 |
resp.form['redirect_url'].value = '{{ foo bar }}' |
|
284 |
resp = resp.form.submit() |
|
285 |
assert 'syntax error:' in resp.text |
|
286 |
resp = resp.click('Cancel') |
|
281 | 287 |
# exclude from nav |
282 | 288 |
resp = resp.click(href='.*/include-in-navigation') |
283 | 289 |
resp.form['include_in_navigation'].checked = False |
284 |
- |