Extra validation for URLs with template markup (#1166)

faster-browserstep-update-and-compress-reply
dgtlmoon 2 years ago committed by GitHub
parent 0988bef2cd
commit e3db324698
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -400,6 +400,15 @@ class watchForm(commonSettingsForm):
self.body.errors.append('Body must be empty when Request Method is set to GET')
result = False
# Attempt to validate jinja2 templates in the URL
from jinja2 import Environment
# Jinja2 available in URLs along with https://pypi.org/project/jinja2-time/
jinja2_env = Environment(extensions=['jinja2_time.TimeExtension'])
try:
ready_url = str(jinja2_env.from_string(self.url.data).render())
except Exception as e:
self.url.errors.append('Invalid template syntax')
result = False
return result

@ -93,12 +93,23 @@ class model(dict):
@property
def link(self):
url = self.get('url', '')
ready_url = url
if '{%' in url or '{{' in url:
from jinja2 import Environment
# Jinja2 available in URLs along with https://pypi.org/project/jinja2-time/
jinja2_env = Environment(extensions=['jinja2_time.TimeExtension'])
return str(jinja2_env.from_string(url).render())
return url
try:
ready_url = str(jinja2_env.from_string(url).render())
except Exception as e:
from flask import (
flash, Markup, url_for
)
message = Markup('<a href="{}#general">The URL {} is invalid and cannot be used, click to edit</a>'.format(
url_for('edit_page', uuid=self.get('uuid')), self.get('url', '')))
flash(message, 'error')
return ''
return ready_url
@property
def label(self):

Loading…
Cancel
Save