escape user-provided strings used in regular expressions
[wolnelektury.git] / src / waiter / views.py
1 # -*- coding: utf-8 -*-
2 # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
3 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
4 #
5 from os.path import join
6 from waiter.models import WaitedFile
7 from waiter.settings import WAITER_URL
8 from django.shortcuts import render, get_object_or_404
9 from django.http import HttpResponse
10 from django.views.decorators.cache import never_cache
11
12
13 @never_cache
14 def wait(request, path):
15     if WaitedFile.exists(path):
16         file_url = join(WAITER_URL, path)
17         waiting = None
18     else:
19         file_url = None
20         waiting = get_object_or_404(WaitedFile, path=path)
21
22     if request.is_ajax():
23         return HttpResponse(file_url)
24     else:
25         return render(request, "waiter/wait.html", {
26             'waiting': waiting,
27             'file_url': file_url,
28         })