1. Alexander Schremmer
  2. dtg

Commits

Alexander Schremmer  committed 2bf06f3

Sanitize workspace names correctly when creating and renaming workspaces.

  • Participants
  • Parent commits fd94854
  • Branches default

Comments (0)

Files changed (1)

File dtg/webapp.py

View file
  • Ignore whitespace
     return request.user.locale
 
 
+def sanitize_workspacename(name):
+    name = name.replace("/", "|")
+    if name in ("_flashes", "login", "logout", "_workspaces", "preferences", ""):
+        name += "_"
+    return name
+
+
 def flash(message):
     try:
         workspace = request.workspace
 def _workspace():
     action = request.form.get("action")
     if action == "create":
-        w = Workspace(request.form.get("name"), request.user)
+        w = Workspace(sanitize_workspacename(request.form.get("name")), request.user)
         c = Context(unicode(_("Unsorted")))
         w.contexts.append(c)
         db.session.add(w)
 def workspace_rename(workspace):
     name = request.form.get("name")
     if name is not None:
-        name = name.replace("/", "")
-        if name in ("_flashes", "login", "logout", "_workspaces", "preferences", ""):
-            name += "_"
+        name = sanitize_workspacename(name)
         workspace.name = name
         db.session.commit()
     return jsonify({"name": name})