~tribaal/txaws/xss-hardening

« back to all changes in this revision

Viewing changes to txaws/server/resource.py

  • Committer: Christopher Glass
  • Date: 2013-08-20 07:46:01 UTC
  • Revision ID: christopher.glass@canonical.com-20130820074601-sot1v11nkzwmp1th
UseĀ asserIn/assertNotIn

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
from cgi import escape
 
2
 
1
3
from datetime import datetime, timedelta
2
4
from uuid import uuid4
3
5
from dateutil.tz import tzutc
109
111
                    log.msg("status: %s message: %s" % (
110
112
                        status, safe_str(failure.value)))
111
113
 
112
 
                bytes = failure.value.response
113
 
                if bytes is None:
114
 
                    bytes = self.dump_error(failure.value, request)
 
114
                body = failure.value.response
 
115
                if body is None:
 
116
                    body = self.dump_error(failure.value, request)
115
117
            else:
116
118
                log.err(failure)
117
 
                bytes = safe_str(failure.value)
 
119
                body = safe_str(failure.value)
118
120
                status = 500
119
121
            request.setResponseCode(status)
120
 
            request.write(bytes)
121
 
            request.finish()
 
122
            write_response(escape(body, True))
122
123
 
123
124
        deferred.addCallback(write_response)
124
125
        deferred.addErrback(write_error)