Closed
Bug 655307
Opened 13 years ago
Closed 13 years ago
Non-ASCII query strings make input sites sad (UnicodeDecodeError)
Categories
(Input :: General, defect)
Input
General
Tracking
(Not tracked)
VERIFIED
FIXED
3.5
People
(Reporter: michaelk, Assigned: michaelk)
Details
We got lots of failmail today from an automated XSS attempt. Traceback (most recent call last): ... File ".../reporter/apps/website_issues/views.py", line 131, in single_site request.META['QUERY_STRING']) UnicodeDecodeError: 'ascii' codec can't decode byte 0xbc in position 14: ordinal not in range(128) <WSGIRequest GET:<QueryDict: {u'show_one_offs': [u'\ufffdscript\ufffdalert(\ufffdXSS\ufffd)\ufffd/script\ufffdTrue']}>, ... 'QUERY_STRING': 'show_one_offs=\xbcscript\xbealert(\xa2XSS\xa2)\xbc/script\xbeTrue', ... Same for ... File ".../reporter/apps/website_issues/views.py", line 98, in website_issues request.META['QUERY_STRING'] ...
Assignee | ||
Updated•13 years ago
|
Assignee: nobody → michael
Updated•13 years ago
|
Target Milestone: --- → 3.5
Assignee | ||
Comment 1•13 years ago
|
||
Resolved fixed https://github.com/fwenzel/reporter/commit/fcf855
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Comment 2•13 years ago
|
||
QA verified. Thx for fixing this ... fewer fail mail for all :)
Status: RESOLVED → VERIFIED
Updated•13 years ago
|
Component: Input → General
Product: Webtools → Input
You need to log in
before you can comment on or make changes to this bug.
Description
•