Also catch InvalidURL in ajax-proxy

fix #1119
This commit is contained in:
Yohan Boniface 2023-06-02 22:45:13 +02:00
parent 39a887a6f6
commit 1b791347d8
2 changed files with 14 additions and 0 deletions

View file

@ -112,6 +112,17 @@ def test_valid_proxy_request_with_invalid_ttl(client):
assert "X-Accel-Expires" not in response
def test_invalid_proxy_url_should_return_400(client):
url = reverse("ajax-proxy")
params = {"url": "http://example.org/a space is invalid"}
headers = {
"HTTP_X_REQUESTED_WITH": "XMLHttpRequest",
"HTTP_REFERER": settings.SITE_URL,
}
response = client.get(url, params, **headers)
assert response.status_code == 400
@pytest.mark.django_db
def test_login_does_not_contain_form_if_not_enabled(client, settings):
settings.ENABLE_ACCOUNT_LOGIN = False

View file

@ -4,6 +4,7 @@ import os
import re
import socket
from datetime import date, timedelta
from http.client import InvalidURL
from pathlib import Path
from urllib.error import URLError
@ -306,6 +307,8 @@ class AjaxProxy(View):
return HttpResponse(e.msg, status=e.code, content_type="text/plain")
except URLError:
return HttpResponseBadRequest("URL error")
except InvalidURL:
return HttpResponseBadRequest("Invalid URL")
else:
status_code = proxied_request.code
mimetype = proxied_request.headers.get(