[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[snapshot/master] Unicode related argument fixes

python's urllib does not want to encode non-ASCII strings.  While we
do not really care how they are encoded, we very much would prefer
it not to throw an exception.

So we encode it somehow so we can do a sane redirect from
/package/?src=foobar to /package/foobar/.

Also, handle non-ASCII package names in /package/foobar/
before passing it on to the DB layer which likewise will
complain that it cannot handle such strings.  Non-ASCII
named packages do not exist anyway, so we can bail out with
404 error early.
---
 web/app/snapshot/controllers/package.py |   14 +++++++++++++-
 web/app/snapshot/lib/control_helpers.py |    5 +++++
 2 files changed, 18 insertions(+), 1 deletions(-)

diff --git a/web/app/snapshot/controllers/package.py b/web/app/snapshot/controllers/package.py
index 166b180..7bb664f 100644
--- a/web/app/snapshot/controllers/package.py
+++ b/web/app/snapshot/controllers/package.py
@@ -55,7 +55,8 @@ class PackageController(BaseController):
 
     def root(self):
         if 'src' in request.params:
-            return redirect_to(urllib.quote(request.params['src'] + "/"))
+            url = url_quote(request.params['src'] + "/")
+            return redirect_to(url)
         elif 'cat' in request.params:
             try:
                 #etag_cache( g.shm.packages_get_etag(self._db()) )
@@ -77,6 +78,17 @@ class PackageController(BaseController):
 
     def source(self, source):
         try:
+            # Package names are ascii.
+            # Check that before passing it on to postgres since the DB
+            # will just whine about not being able to convert the string
+            # anyway.
+            # If the passed string is not ascii, then the package name
+            # simply does not exist.
+            try:
+                source.encode('ascii')
+            except UnicodeEncodeError:
+                abort(404, 'No such source package')
+
             #etag_cache( g.shm.packages_get_etag(self._db()) )
             set_expires(int(config['app_conf']['expires.package.source']))
 
diff --git a/web/app/snapshot/lib/control_helpers.py b/web/app/snapshot/lib/control_helpers.py
index 630778a..ff80c4c 100644
--- a/web/app/snapshot/lib/control_helpers.py
+++ b/web/app/snapshot/lib/control_helpers.py
@@ -40,6 +40,11 @@ def build_url_archive_ym_list(archive, year, month):
     url += "?year=%d&month=%d"%ym
     return url
 
+def url_quote(s):
+    if isinstance(s, unicode):
+        s = s.encode('utf-8')
+    return urllib.quote(s)
+
 def set_expires(max_age):
     response.expires = datetime.datetime.now() + datetime.timedelta(seconds = max_age);
     response.cache_control = 'public, max-age=%d'%max_age
-- 
1.5.6.5
Reply to: