manager: add validation of redirect url template syntax (#55363)
This commit is contained in:
parent
75a0f2dab7
commit
88f0138995
|
@ -20,6 +20,7 @@ from django import forms
|
|||
from django.conf import settings
|
||||
from django.contrib.auth.models import Group
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.template import Template, TemplateSyntaxError
|
||||
from django.template.loader import TemplateDoesNotExist, get_template
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
|
@ -175,6 +176,15 @@ class PageEditRedirectionForm(forms.ModelForm):
|
|||
model = Page
|
||||
fields = ('redirect_url',)
|
||||
|
||||
def clean_redirect_url(self):
|
||||
value = self.cleaned_data.get('redirect_url')
|
||||
if value:
|
||||
try:
|
||||
Template(value)
|
||||
except TemplateSyntaxError as e:
|
||||
raise ValidationError(_('syntax error: %s') % e)
|
||||
return value
|
||||
|
||||
def save(self, *args, **kwargs):
|
||||
page = super(PageEditRedirectionForm, self).save(*args, **kwargs)
|
||||
page.redirect_url = page.redirect_url.strip()
|
||||
|
|
|
@ -278,6 +278,12 @@ def test_edit_page(app, admin_user):
|
|||
resp = resp.follow()
|
||||
assert 'http://www.example.net' in resp.text
|
||||
assert Page.objects.all()[0].redirect_url == 'http://www.example.net'
|
||||
# redirection (error handling)
|
||||
resp = resp.click(href='.*/redirection')
|
||||
resp.form['redirect_url'].value = '{{ foo bar }}'
|
||||
resp = resp.form.submit()
|
||||
assert 'syntax error:' in resp.text
|
||||
resp = resp.click('Cancel')
|
||||
# exclude from nav
|
||||
resp = resp.click(href='.*/include-in-navigation')
|
||||
resp.form['include_in_navigation'].checked = False
|
||||
|
|
Loading…
Reference in New Issue