dstandish commented on code in PR #26942:
URL: https://github.com/apache/airflow/pull/26942#discussion_r991579757
##########
airflow/www/views.py:
##########
@@ -3535,7 +3544,25 @@ def datasets_summary(self):
)
}, 400
- limit = 50 if limit > 50 else limit
+ updated_after = None
+ if untrusted_updated_after:
+ # Try to figure out how other functions in this module safely
parse datetimes submitted by users
+ # and do the same thing here
+ updated_after = _safe_parse_datetime(untrusted_updated_after)
+ updated_before = None
+ if untrusted_updated_before:
+ # Clean this data the same way you cleaned updated_after
+ updated_before = _safe_parse_datetime(untrusted_updated_before)
+
Review Comment:
It occurred to me you could remove this block by updating
`_safe_parse_datetime` to be something like this:
```
def _safe_parse_datetime(v: str, strict=True):
"""
Parse datetime and return error message for invalid dates
:param v: the string value to be parsed
:param strict:
"""
if strict is False:
if not v:
return None
try:
return timezone.parse(v)
except (TypeError, ParserError):
abort(400, f"Invalid datetime: {v!r}")
```
wdyt?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
