summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlejandro Sirgo Rica <asirgo@soleta.eu>2024-06-13 15:53:52 +0200
committerAlejandro Sirgo Rica <asirgo@soleta.eu>2024-06-14 09:25:36 +0200
commit509d0e8dcf8df1627428c9e3431431d28b5b817d (patch)
tree1e7c6b24c8df5a920be0e4a8553f831d6fcffa67
parent5d9780e8d80df941000230a7ba3e2d9e96f44756 (diff)
views: fix folder/update validation
Validate request parameters before accessing the dictionary values. Prevent web backtrace.
-rw-r--r--ogcp/views.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/ogcp/views.py b/ogcp/views.py
index b7552e2..ede1ed0 100644
--- a/ogcp/views.py
+++ b/ogcp/views.py
@@ -1427,12 +1427,12 @@ def action_folder_update():
return redirect(url_for("scopes"))
else:
params = request.args.to_dict()
- folder_id = int(params.get('folder'))
- if not folder_id:
+ if not 'folder' in params:
flash(_('Please, select a folder to modify'), category='error')
return redirect(url_for('scopes'))
+ folder_id = int(params.get('folder'))
scopes, clients = get_scopes()
folder = find_element_scope(folder_id, 'folder', scopes)
form.server.data = params['scope-server']