fnp
/
wolnelektury.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Using slug from identifier.url instead of generating it from title for newly imported...
[wolnelektury.git]
/
apps
/
catalogue
/
views.py
diff --git
a/apps/catalogue/views.py
b/apps/catalogue/views.py
index
ade37e5
..
d8a61e3
100644
(file)
--- a/
apps/catalogue/views.py
+++ b/
apps/catalogue/views.py
@@
-97,13
+97,17
@@
def book_list(request):
def tagged_object_list(request, tags=''):
def tagged_object_list(request, tags=''):
+ # Prevent DoS attacks on our database
+ if len(tags.split('/')) > 6:
+ raise Http404
+
try:
tags = models.Tag.get_tag_list(tags)
except models.Tag.DoesNotExist:
raise Http404
model = models.Book
try:
tags = models.Tag.get_tag_list(tags)
except models.Tag.DoesNotExist:
raise Http404
model = models.Book
- shelf_is_set =
any(tag.category == 'set' for tag in tags
)
+ shelf_is_set =
(len(tags) == 1 and tags[0].category == 'set'
)
theme_is_set = any(tag.category == 'theme' for tag in tags)
if theme_is_set:
model = models.Fragment
theme_is_set = any(tag.category == 'theme' for tag in tags)
if theme_is_set:
model = models.Fragment
fnp / wolnelektury.git / blobdiff