Mercurial > p > roundup > code

view roundup/exceptions.py @ 5924:b40059d7036f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2550925 strip HTTP_PROXY environment variable if deployed as CGI and client sends an http PROXY header, the tainted HTTP_PROXY environment variable is created. It can affect calls using requests package or curl. A roundup admin would have to write detectors/extensions that use these mechanisms. Not exploitable in default config. See: https://httpoxy.org/
author John Rouillard <rouilj@ieee.org>
date Sun, 13 Oct 2019 17:45:06 -0400
parents 32f95ec6bd8e
children 292c9dfd06bd
line wrap: on
line source

"""Exceptions for use across all Roundup components.
"""

__docformat__ = 'restructuredtext'

class LoginError(BaseException):
    pass

class Unauthorised(BaseException):
    pass

class Reject(BaseException):
    """An auditor may raise this exception when the current create or set
    operation should be stopped.

    It is up to the specific interface invoking the create or set to
    handle this exception sanely. For example:

    - mailgw will trap and ignore Reject for file attachments and messages
    - cgi will trap and present the exception in a nice format
    """
    pass


class RejectRaw(Reject):
    """
    Performs the same function as Reject, except HTML in the message is not
    escaped when displayed to the user.
    """
    pass


class UsageError(ValueError):
    pass

# vim: set filetype=python ts=4 sw=4 et si
Roundup Issue Tracker: http://roundup-tracker.org/