Mercurial > p > roundup > code
view roundup/cgi/exceptions.py @ 5218:44f7e6b958fe
Added tests for csrf with xmlrpc.
Fixed the code for xmlrpc csrf defense:
raise UsageError if X-REQUESTED-WITH header is required and missing.
if HTTP_AUTHORIZATION is used, properly seed the random number
generator using the password.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Mon, 27 Mar 2017 22:37:30 -0400 |
| parents | 65fef7858606 |
| children | 32f95ec6bd8e |
line wrap: on
line source
"""Exceptions for use in Roundup's web interface. """ __docformat__ = 'restructuredtext' from roundup.exceptions import LoginError, Unauthorised import cgi class HTTPException(Exception): pass class Redirect(HTTPException): pass class NotFound(HTTPException): pass class NotModified(HTTPException): pass class DetectorError(Exception): """Raised when a detector throws an exception. Contains details of the exception.""" def __init__(self, subject, html, txt): self.subject = subject self.html = html self.txt = txt class FormError(ValueError): """An 'expected' exception occurred during form parsing. That is, something we know can go wrong, and don't want to alarm the user with. We trap this at the user interface level and feed back a nice error to the user. """ pass class SendFile(Exception): """Send a file from the database.""" class SendStaticFile(Exception): """Send a static file from the instance html directory.""" class SeriousError(Exception): """Raised when we can't reasonably display an error message on a templated page. The exception value will be displayed in the error page, HTML escaped. """ def __str__(self): return """ <html><head><title>Roundup issue tracker: An error has occurred</title> <link rel="stylesheet" type="text/css" href="@@file/style.css"> </head> <body class="body" marginwidth="0" marginheight="0"> <p class="error-message">%s</p> </body></html> """%cgi.escape(self.args[0]) # vim: set filetype=python sts=4 sw=4 et si :