Changeset View
Changeset View
Standalone View
Standalone View
swh/web/browse/views/utils/snapshot_context.py
# Copyright (C) 2018 The Software Heritage developers | # Copyright (C) 2018 The Software Heritage developers | ||||
# See the AUTHORS file at the top-level directory of this distribution | # See the AUTHORS file at the top-level directory of this distribution | ||||
# License: GNU Affero General Public License version 3, or any later version | # License: GNU Affero General Public License version 3, or any later version | ||||
# See top-level LICENSE file for more information | # See top-level LICENSE file for more information | ||||
# Utility module implementing Django views for browsing the archive | # Utility module implementing Django views for browsing the archive | ||||
# in a snapshot context. | # in a snapshot context. | ||||
# Its purpose is to factorize code for the views reachable from the | # Its purpose is to factorize code for the views reachable from the | ||||
# /origin/.* and /snapshot/.* endpoints. | # /origin/.* and /snapshot/.* endpoints. | ||||
from django.shortcuts import render | from django.shortcuts import render | ||||
from django.template.defaultfilters import filesizeformat | from django.template.defaultfilters import filesizeformat | ||||
from django.utils.html import escape | |||||
from swh.model.identifiers import snapshot_identifier | from swh.model.identifiers import snapshot_identifier | ||||
from swh.web.browse.utils import ( | from swh.web.browse.utils import ( | ||||
get_snapshot_context, get_directory_entries, gen_directory_link, | get_snapshot_context, get_directory_entries, gen_directory_link, | ||||
gen_revision_link, request_content, gen_content_link, | gen_revision_link, request_content, gen_content_link, | ||||
prepare_content_for_display, content_display_max_size, | prepare_content_for_display, content_display_max_size, | ||||
format_log_entries, gen_revision_log_link, gen_link, | format_log_entries, gen_revision_log_link, gen_link, | ||||
▲ Show 20 Lines • Show All 91 Lines • ▼ Show 20 Lines | elif len(branches) == 0: | ||||
' of %s!' % (origin_info['type'], origin_info['url'], | ' of %s!' % (origin_info['type'], origin_info['url'], | ||||
timestamp, branch_type_plural) | timestamp, branch_type_plural) | ||||
else: | else: | ||||
msg = '%s %s associated to visit with' \ | msg = '%s %s associated to visit with' \ | ||||
' timestamp %s for origin with type %s' \ | ' timestamp %s for origin with type %s' \ | ||||
' and url %s not found!' % (branch_type, branch, timestamp, | ' and url %s not found!' % (branch_type, branch, timestamp, | ||||
origin_info['type'], | origin_info['type'], | ||||
origin_info['url']) | origin_info['url']) | ||||
raise NotFoundExc(msg) | raise NotFoundExc(escape(msg)) | ||||
anlambert: Only the url should be escaped here, not the whole message | |||||
Done Inline ActionsSince we don't have any hyperlinks, we can escape the whole message. And shouldn't branch and branch_type also be escaped in that case? kalpitk: Since we don't have any hyperlinks, we can escape the whole message.
And shouldn't branch and… | |||||
Not Done Inline ActionsYou're right, I forgot these could be specified as url arguments too. anlambert: You're right, I forgot these could be specified as url arguments too.
Forget my last comment. | |||||
def _process_snapshot_request(request, snapshot_id=None, origin_type=None, | def _process_snapshot_request(request, snapshot_id=None, origin_type=None, | ||||
origin_url=None, timestamp=None, path=None, | origin_url=None, timestamp=None, path=None, | ||||
browse_context='directory'): | browse_context='directory'): | ||||
""" | """ | ||||
Utility function to perform common input request processing | Utility function to perform common input request processing | ||||
for snapshot context views. | for snapshot context views. | ||||
▲ Show 20 Lines • Show All 784 Lines • Show Last 20 Lines |
Only the url should be escaped here, not the whole message