Mercurial > kallithea

changeset 4077:0e1023147334

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Use safe_str on flash messages.
author Marcin Kuzminski <marcin@python-works.com>
date Tue, 02 Jul 2013 12:04:34 +0200
parents c7e656e96c5d
children e8065d36e8d0
files rhodecode/controllers/changelog.py rhodecode/controllers/changeset.py rhodecode/controllers/compare.py rhodecode/controllers/files.py
diffstat 4 files changed, 13 insertions(+), 14 deletions(-) [+]
line wrap: on
line diff
--- a/rhodecode/controllers/changelog.py	Tue Jul 02 00:10:52 2013 +0200
+++ b/rhodecode/controllers/changelog.py	Tue Jul 02 12:04:34 2013 +0200
@@ -39,7 +39,7 @@
 from rhodecode.lib.graphmod import _colored, _dagwalker
 from rhodecode.lib.vcs.exceptions import RepositoryError, ChangesetDoesNotExistError,\
     ChangesetError, NodeDoesNotExistError, EmptyRepositoryError
-from rhodecode.lib.utils2 import safe_int
+from rhodecode.lib.utils2 import safe_int, safe_str
 
 
 log = logging.getLogger(__name__)
@@ -91,7 +91,7 @@
 
         except RepositoryError, e:
             log.error(traceback.format_exc())
-            h.flash(str(e), category='warning')
+            h.flash(safe_str(e), category='warning')
             if not partial:
                 redirect(h.url('changelog_home', repo_name=repo.repo_name))
             raise HTTPBadRequest()
@@ -158,7 +158,7 @@
                         cs = self.__get_cs_or_redirect(revision, repo_name)
                         collection = cs.get_file_history(f_path)
                     except RepositoryError, e:
-                        h.flash(str(e), category='warning')
+                        h.flash(safe_str(e), category='warning')
                         redirect(h.url('changelog_home', repo_name=repo_name))
                 collection = list(reversed(collection))
             else:
@@ -173,11 +173,11 @@
             c.comments = c.rhodecode_db_repo.get_comments(page_revisions)
             c.statuses = c.rhodecode_db_repo.statuses(page_revisions)
         except (EmptyRepositoryError), e:
-            h.flash(str(e), category='warning')
+            h.flash(safe_str(e), category='warning')
             return redirect(url('summary_home', repo_name=c.repo_name))
         except (RepositoryError, ChangesetDoesNotExistError, Exception), e:
             log.error(traceback.format_exc())
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             return redirect(url('changelog_home', repo_name=c.repo_name))
 
         c.branch_name = branch_name
--- a/rhodecode/controllers/changeset.py	Tue Jul 02 00:10:52 2013 +0200
+++ b/rhodecode/controllers/changeset.py	Tue Jul 02 12:04:34 2013 +0200
@@ -51,7 +51,7 @@
 from rhodecode.lib.diffs import LimitedDiffContainer
 from rhodecode.lib.exceptions import StatusChangeOnClosedPullRequestError
 from rhodecode.lib.vcs.backends.base import EmptyChangeset
-from rhodecode.lib.utils2 import safe_unicode
+from rhodecode.lib.utils2 import safe_unicode, safe_str
 
 log = logging.getLogger(__name__)
 
@@ -201,7 +201,7 @@
 
         except (RepositoryError, ChangesetDoesNotExistError, Exception), e:
             log.error(traceback.format_exc())
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             raise HTTPNotFound()
 
         c.changes = OrderedDict()
--- a/rhodecode/controllers/compare.py	Tue Jul 02 00:10:52 2013 +0200
+++ b/rhodecode/controllers/compare.py	Tue Jul 02 12:04:34 2013 +0200
@@ -28,7 +28,7 @@
 import traceback
 import re
 
-from webob.exc import HTTPNotFound
+from webob.exc import HTTPNotFound, HTTPBadRequest
 from pylons import request, response, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
@@ -40,9 +40,8 @@
 from rhodecode.lib.base import BaseRepoController, render
 from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
 from rhodecode.lib import diffs
-
+from rhodecode.lib.utils2 import safe_str
 from rhodecode.model.db import Repository
-from webob.exc import HTTPBadRequest
 from rhodecode.lib.diffs import LimitedDiffContainer
 
 
@@ -91,7 +90,7 @@
 
         except RepositoryError, e:
             log.error(traceback.format_exc())
-            h.flash(str(e), category='warning')
+            h.flash(safe_str(e), category='warning')
             if not partial:
                 redirect(h.url('summary_home', repo_name=repo.repo_name))
             raise HTTPBadRequest()
--- a/rhodecode/controllers/files.py	Tue Jul 02 00:10:52 2013 +0200
+++ b/rhodecode/controllers/files.py	Tue Jul 02 12:04:34 2013 +0200
@@ -92,7 +92,7 @@
             redirect(h.url('summary_home', repo_name=repo_name))
 
         except RepositoryError, e:  # including ChangesetDoesNotExistError
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             raise HTTPNotFound()
 
     def __get_filenode_or_redirect(self, repo_name, cs, path):
@@ -110,7 +110,7 @@
             if file_node.is_dir():
                 raise RepositoryError('given path is a directory')
         except RepositoryError, e:
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             raise HTTPNotFound()
 
         return file_node
@@ -175,7 +175,7 @@
             else:
                 c.authors = c.file_history = []
         except RepositoryError, e:
-            h.flash(str(e), category='error')
+            h.flash(safe_str(e), category='error')
             raise HTTPNotFound()
 
         if request.environ.get('HTTP_X_PARTIAL_XHR'):