CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-05 15:14:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ensure to return a 404 if an appending slash is missing

Browse Source
This commit is contained in:
Raphael Michel
2020-10-30 14:40:55 +01:00
parent 2cf6a4a6ab
commit b841878dcb
2 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/pretix/base/middleware.py
View File

@@ -3,7 +3,8 @@ from urllib.parse import urlsplit
import pytz
from django.conf import settings
from django.http import HttpRequest, HttpResponse
from django.http import HttpRequest, HttpResponse, Http404
from django.middleware.common import CommonMiddleware
from django.urls import get_script_prefix
from django.utils import timezone, translation
from django.utils.cache import patch_vary_headers
@@ -252,3 +253,15 @@ class SecurityMiddleware(MiddlewareMixin):
del resp['Content-Security-Policy']
return resp
class CustomCommonMiddleware(CommonMiddleware):
def get_full_path_with_slash(self, request):
"""
Raise an error regardless of DEBUG mode when in POST, PUT, or PATCH.
"""
new_path = super().get_full_path_with_slash(request)
if request.method in ('POST', 'PUT', 'PATCH'):
raise Http404('Please append a / at the end of the URL')
return new_path