Closed
Bug 801927
Opened 12 years ago
Closed 12 years ago
[socorro-crashstats] /daily and /query need form validation
Categories
(Socorro :: Webapp, task)
Socorro
Webapp
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: rhelmer, Assigned: peterbe)
References
Details
Many of the bugs that stephend's fuzzer and manual QA are turning up are due to inadequate server-side form validation.
The /daily and /query views in particular both use very similar custom form implementations, instead of something more standard like django forms.
I tried doing /daily with django forms but gave up for the initial release, since I think maintaining backwards compatibility will simply be too much work to do on such a short time frame, but I'll leave the fix here up to :peterbe :)
|
||
Comment 1•12 years ago
|
||
I have form validation for /query done in a branch. Will open a PR today, along with other things search-related.
|
Assignee | |
Comment 2•12 years ago
|
||
(In reply to Adrian Gaudebert [:adrian] from comment #1)
> I have form validation for /query done in a branch. Will open a PR today,
> along with other things search-related.
Looking forward to it! I almost got started and would have wasted my time. Great news!
|
||
Comment 3•12 years ago
|
||
For those of us playing at home, it's https://github.com/mozilla/socorro-crashstats/pull/160
|
|
Assignee | |
Comment 4•12 years ago
|
||
PR for the /daily is here:
https://github.com/mozilla/socorro-crashstats/pull/167
|
||
Comment 6•12 years ago
|
||
Commit pushed to master at https://github.com/mozilla/socorro-crashstats
https://github.com/mozilla/socorro-crashstats/commit/e9d9fc2774111412b36b6945042b389dda92afb5
bug 801927 - /daily report to use django forms api to validate, r=rhelmer
|
|
Assignee | |
Comment 7•12 years ago
|
||
Hurray! Stephen, bring it on!
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•