Mercurial > kallithea

--- a/kallithea/controllers/compare.py	Thu Jul 28 16:28:34 2016 +0200
+++ b/kallithea/controllers/compare.py	Thu Jul 28 16:28:34 2016 +0200
@@ -34,7 +34,7 @@
 from pylons.i18n.translation import _
 from webob.exc import HTTPFound, HTTPBadRequest

-from kallithea.lib.utils2 import safe_str
+from kallithea.lib.utils2 import safe_str, safe_int
 from kallithea.lib.vcs.utils.hgcompat import unionrepo
 from kallithea.lib import helpers as h
 from kallithea.lib.base import BaseRepoController, render
@@ -201,7 +201,7 @@
         c.ignorews_url = _ignorews_url
         c.context_url = _context_url
         ignore_whitespace = request.GET.get('ignorews') == '1'
-        line_context = request.GET.get('context', 3)
+        line_context = safe_int(request.GET.get('context'), 3)

         org_repo = Repository.get_by_repo_name(org_repo)
         other_repo = Repository.get_by_repo_name(other_repo)
--- a/kallithea/controllers/files.py	Thu Jul 28 16:28:34 2016 +0200
+++ b/kallithea/controllers/files.py	Thu Jul 28 16:28:34 2016 +0200
@@ -42,7 +42,7 @@

 from kallithea.lib.compat import OrderedDict
 from kallithea.lib.utils2 import convert_line_endings, detect_mode, safe_str, \
-    str2bool
+    str2bool, safe_int
 from kallithea.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
 from kallithea.lib.base import BaseRepoController, render
 from kallithea.lib.vcs.backends.base import EmptyChangeset
@@ -598,7 +598,7 @@
                                    'repository.admin')
     def diff(self, repo_name, f_path):
         ignore_whitespace = request.GET.get('ignorews') == '1'
-        line_context = request.GET.get('context', 3)
+        line_context = safe_int(request.GET.get('context'), 3)
         diff2 = request.GET.get('diff2', '')
         diff1 = request.GET.get('diff1', '') or diff2
         c.action = request.GET.get('diff')
--- a/kallithea/controllers/pullrequests.py	Thu Jul 28 16:28:34 2016 +0200
+++ b/kallithea/controllers/pullrequests.py	Thu Jul 28 16:28:34 2016 +0200
@@ -659,7 +659,7 @@
         c.statuses = c.cs_repo.statuses(raw_ids)

         ignore_whitespace = request.GET.get('ignorews') == '1'
-        line_context = request.GET.get('context', 3)
+        line_context = safe_int(request.GET.get('context'), 3)
         c.ignorews_url = _ignorews_url
         c.context_url = _context_url
         c.fulldiff = request.GET.get('fulldiff')