diff options
author | Miguel Jacq <mig@mig5.net> | 2021-05-10 11:23:44 +1000 |
---|---|---|
committer | Miguel Jacq <mig@mig5.net> | 2021-05-10 11:23:44 +1000 |
commit | 2618e89eda600184fb6f640d00528d7fc642bf60 (patch) | |
tree | 12d098596f96b2e021bd353a3f7868f82554c0da /cli/onionshare_cli/web/receive_mode.py | |
parent | e067fc2963fb86afb4e51d816dea13f701cff70d (diff) | |
download | onionshare-2618e89eda600184fb6f640d00528d7fc642bf60.tar.gz onionshare-2618e89eda600184fb6f640d00528d7fc642bf60.zip |
Register the 405 error handler properly. Enforce the appropriate methods for each route (GET or POST only, with OPTIONS disabled). Add tests for invalid methods. Add a friendlier 500 internal server error handler
Diffstat (limited to 'cli/onionshare_cli/web/receive_mode.py')
-rw-r--r-- | cli/onionshare_cli/web/receive_mode.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/cli/onionshare_cli/web/receive_mode.py b/cli/onionshare_cli/web/receive_mode.py index f5aae296..b3a146e3 100644 --- a/cli/onionshare_cli/web/receive_mode.py +++ b/cli/onionshare_cli/web/receive_mode.py @@ -71,7 +71,7 @@ class ReceiveModeWeb: The web app routes for receiving files """ - @self.web.app.route("/") + @self.web.app.route("/", methods=["GET"], provide_automatic_options=False) def index(): history_id = self.cur_history_id self.cur_history_id += 1 @@ -93,7 +93,7 @@ class ReceiveModeWeb: ) return self.web.add_security_headers(r) - @self.web.app.route("/upload", methods=["POST"]) + @self.web.app.route("/upload", methods=["POST"], provide_automatic_options=False) def upload(ajax=False): """ Handle the upload files POST request, though at this point, the files have @@ -225,7 +225,7 @@ class ReceiveModeWeb: ) return self.web.add_security_headers(r) - @self.web.app.route("/upload-ajax", methods=["POST"]) + @self.web.app.route("/upload-ajax", methods=["POST"], provide_automatic_options=False) def upload_ajax_public(): if not self.can_upload: return self.web.error403() |