CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Improve URL parameter validation

Browse Source
This commit is contained in:
Raphael Michel
2016-12-08 12:22:04 +01:00
parent 8cb977e4d6
commit d27fefe4da
3 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/pretix/base/views/cachedfiles.py
View File

@@ -1,6 +1,6 @@
import os
from django.http import FileResponse, HttpRequest, HttpResponse
from django.http import FileResponse, Http404, HttpRequest, HttpResponse
from django.shortcuts import get_object_or_404
from django.utils.functional import cached_property
from django.views.generic import TemplateView
@@ -13,7 +13,10 @@ class DownloadView(TemplateView):
@cached_property
def object(self) -> CachedFile:
return get_object_or_404(CachedFile, id=self.kwargs['id'])
try:
return get_object_or_404(CachedFile, id=self.kwargs['id'])
except ValueError: # Invalid URLs
raise Http404()
def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
if 'ajax' in request.GET: