Mercurial > hg

changeset 20092:77acd8ce01ce stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: ignore non numeric "revcount" parameter values (issue4091)
author Isaac Jurado <diptongo@gmail.com>
date Fri, 08 Nov 2013 09:48:01 +0100
parents faa4b3fc4197
children 1dee888b22f7
files mercurial/hgweb/webcommands.py
diffstat 1 files changed, 24 insertions(+), 12 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/hgweb/webcommands.py	Thu Nov 21 11:30:52 2013 -0600
+++ b/mercurial/hgweb/webcommands.py	Fri Nov 08 09:48:01 2013 +0100
@@ -228,9 +228,12 @@
     query = req.form['rev'][0]
     revcount = web.maxchanges
     if 'revcount' in req.form:
-        revcount = int(req.form.get('revcount', [revcount])[0])
-        revcount = max(revcount, 1)
-        tmpl.defaults['sessionvars']['revcount'] = revcount
+        try:
+            revcount = int(req.form.get('revcount', [revcount])[0])
+            revcount = max(revcount, 1)
+            tmpl.defaults['sessionvars']['revcount'] = revcount
+        except ValueError:
+            pass
 
     lessvars = copy.copy(tmpl.defaults['sessionvars'])
     lessvars['revcount'] = max(revcount / 2, 1)
@@ -307,9 +310,12 @@
 
     revcount = shortlog and web.maxshortchanges or web.maxchanges
     if 'revcount' in req.form:
-        revcount = int(req.form.get('revcount', [revcount])[0])
-        revcount = max(revcount, 1)
-        tmpl.defaults['sessionvars']['revcount'] = revcount
+        try:
+            revcount = int(req.form.get('revcount', [revcount])[0])
+            revcount = max(revcount, 1)
+            tmpl.defaults['sessionvars']['revcount'] = revcount
+        except ValueError:
+            pass
 
     lessvars = copy.copy(tmpl.defaults['sessionvars'])
     lessvars['revcount'] = max(revcount / 2, 1)
@@ -822,9 +828,12 @@
 
     revcount = web.maxshortchanges
     if 'revcount' in req.form:
-        revcount = int(req.form.get('revcount', [revcount])[0])
-        revcount = max(revcount, 1)
-        tmpl.defaults['sessionvars']['revcount'] = revcount
+        try:
+            revcount = int(req.form.get('revcount', [revcount])[0])
+            revcount = max(revcount, 1)
+            tmpl.defaults['sessionvars']['revcount'] = revcount
+        except ValueError:
+            pass
 
     lessvars = copy.copy(tmpl.defaults['sessionvars'])
     lessvars['revcount'] = max(revcount / 2, 1)
@@ -945,9 +954,12 @@
     bg_height = 39
     revcount = web.maxshortchanges
     if 'revcount' in req.form:
-        revcount = int(req.form.get('revcount', [revcount])[0])
-        revcount = max(revcount, 1)
-        tmpl.defaults['sessionvars']['revcount'] = revcount
+        try:
+            revcount = int(req.form.get('revcount', [revcount])[0])
+            revcount = max(revcount, 1)
+            tmpl.defaults['sessionvars']['revcount'] = revcount
+        except ValueError:
+            pass
 
     lessvars = copy.copy(tmpl.defaults['sessionvars'])
     lessvars['revcount'] = max(revcount / 2, 1)