Mercurial > farol
changeset 68:33cdb9faed64
Improve deletion of revisions (input validation)
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Thu, 09 Oct 2014 10:10:48 +0200 |
| parents | 023080ffd995 |
| children | 42915aaa6888 |
| files | farol/document.py |
| diffstat | 1 files changed, 5 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/farol/document.py Thu Oct 09 09:50:57 2014 +0200 +++ b/farol/document.py Thu Oct 09 10:10:48 2014 +0200 @@ -146,7 +146,11 @@ @document_required def del_revision(): index = int(request.form['index']) - del get_current()._tracking._history[index] + history = get_current()._tracking._history + if not (0 <= index < len(history)): + flash('Revision not found', 'danger') + abort(404) + del history[index] return redirect(url_for('.view')) @document.route('/distribution/edit', methods=['GET', 'POST'])