Closed
Bug 584954
Opened 14 years ago
Closed 14 years ago
[k] 'NoneType' object has no attribute 'get'
Categories
(support.mozilla.org :: Questions, task)
support.mozilla.org
Questions
Tracking
(Not tracked)
VERIFIED
FIXED
2.2.1
People
(Reporter: stephend, Assigned: rrosario)
References
()
Details
(Whiteboard: [infrasec-qa:input])
Props to Acunetix, which found this :-) STR: Load http://support-stage.mozilla.com/en-US/questions/new?product=desktop&category=1ACUstart42423\%27ACUendACUstart42423%22ACUendACUstart42423;ACUend Traceback: Traceback (most recent call last): File "/data/virtualenvs/kitsune/src/django/django/core/handlers/base.py", line 100, in get_response response = callback(request, *callback_args, **callback_kwargs) File "/data/www/support-stage-new.mozilla.com/kitsune/apps/questions/views.py", line 119, in new_question deadend = category.get('deadend', False) AttributeError: 'NoneType' object has no attribute 'get'
Reporter | ||
Comment 1•14 years ago
|
||
Happens on production too (of course, since we *just* pushed): https://support.mozilla.com/en-US/questions/new?product=desktop&category=1ACUstart42423\%2527ACUendACUstart42423%2522ACUendACUstart42423%3bACUend
Comment 2•14 years ago
|
||
For the record, I don't think this is a security issue, we just need a better error message (or to ignore) invalid categories.
Comment 3•14 years ago
|
||
Since I got > 900 stack traces from an automated scan hitting this => 2.2.1.
Target Milestone: --- → 2.2.1
Assignee | ||
Updated•14 years ago
|
Assignee: nobody → rrosario
Assignee | ||
Comment 4•14 years ago
|
||
http://github.com/jsocol/kitsune/commit/7fe7228c3d9f449f302b88c2b4e99fe2e37eb014
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 5•14 years ago
|
||
Verified FIXED; now getting a 404. Michael: please remove [infrasec-qa:input] if I shouldn't have added it; thanks!
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•