Wednesday, January 30, 2013

Re: Long url parameter in GET request locks python

Indeed it was.  As Alisdair posted, simplify the regex and validate elsewhere.  Thanks.

On Wednesday, January 30, 2013 11:26:51 AM UTC-6, fgallina wrote:
2013/1/30 Shawn H <shawn....@gmail.com>:
> I posted this question yesterdat at stack overflow, but I'm wondering if
> this is a bug.  I have a url that accepts one text parameter, allows spaces,
> and calls a very simple view that checks if there are objects with a project
> name that matches the text parameter value. The view returns a simple json
> string indicating whether there's a project with that name already in the
> database.  It works great, repeatedly, with short parameter values.  It
> locks up python on certain long string values.  I've tested up to 50
> characters, and just length doesn't trigger it.  What does seem to
> repeatedly trigger it are long strings with multiple spaces.  I've tested my
> url regex matching and those long strings match just fine; my concern is
> that for some reason inside the view that long string is causing problems.
> I'm using Django 1.4 with the built in webserver for testing.  Any help that
> can be provided will be greatly appreciated.
>

I have a strong feeling it is related on how your regexp matches the
passed string, I don't know why in the world you would sanitize the
project's name directly in the url and not the view, in any case if
the user happen to enter garbage then filter will not find anything,
right? Also this seems a job for a GET parameter rather than a view
param, but YMMV.


Regards,
--
Fabián E. Gallina
http://www.from-the-cloud.com

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

No comments:

Post a Comment