From 10813b130ca1cd6d9c7f0c4fd66cd10e3274d1f3 Mon Sep 17 00:00:00 2001 From: dgtlmoon Date: Sun, 27 Nov 2022 15:52:32 +0100 Subject: [PATCH] Extra validation for URLs with jinja2 template --- changedetectionio/forms.py | 9 +++++++++ changedetectionio/model/Watch.py | 15 +++++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/changedetectionio/forms.py b/changedetectionio/forms.py index 57dd7c77..5a42251d 100644 --- a/changedetectionio/forms.py +++ b/changedetectionio/forms.py @@ -400,6 +400,15 @@ class watchForm(commonSettingsForm): self.body.errors.append('Body must be empty when Request Method is set to GET') result = False + # Attempt to validate jinja2 templates in the URL + from jinja2 import Environment + # Jinja2 available in URLs along with https://pypi.org/project/jinja2-time/ + jinja2_env = Environment(extensions=['jinja2_time.TimeExtension']) + try: + ready_url = str(jinja2_env.from_string(self.url.data).render()) + except Exception as e: + self.url.errors.append('Invalid template syntax') + result = False return result diff --git a/changedetectionio/model/Watch.py b/changedetectionio/model/Watch.py index 0b94aa65..5dc5d0fc 100644 --- a/changedetectionio/model/Watch.py +++ b/changedetectionio/model/Watch.py @@ -93,12 +93,23 @@ class model(dict): @property def link(self): url = self.get('url', '') + ready_url = '' if '{%' in url or '{{' in url: from jinja2 import Environment # Jinja2 available in URLs along with https://pypi.org/project/jinja2-time/ jinja2_env = Environment(extensions=['jinja2_time.TimeExtension']) - return str(jinja2_env.from_string(url).render()) - return url + try: + ready_url = str(jinja2_env.from_string(url).render()) + except Exception as e: + from flask import ( + flash, Markup, url_for + ) + message = Markup('The URL {} is invalid and cannot be used, click to edit'.format( + url_for('edit_page', uuid=self.get('uuid')), self.get('url', ''))) + flash(message, 'error') + return '' + + return ready_url @property def label(self):