darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 02:42:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

Added abort 400 in case of recipients param being missing.

Browse Source
This commit is contained in:
Adam Shimali
2016-01-14 10:26:18 +00:00
parent 2f802e3183
commit a0e5ae59ea
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/main/views/sms.py
View File

@@ -11,7 +11,8 @@ from flask import (
url_for, url_for,
session, session,
flash, flash,
current_app current_app,
abort
) )
from flask_login import login_required from flask_login import login_required
@@ -75,6 +76,8 @@ def sendsms(service_id):
def checksms(service_id): def checksms(service_id):
if request.method == 'GET': if request.method == 'GET':
filename = request.args.get('recipients') filename = request.args.get('recipients')
if not filename:
abort(400)
filepath = os.path.join(current_app.config['UPLOAD_FOLDER'], filepath = os.path.join(current_app.config['UPLOAD_FOLDER'],
filename) filename)
upload_result = _build_upload_result(filepath) upload_result = _build_upload_result(filepath)