The exception is only raised once we try to access request.params - so the problem wouldn't be caught in the request factory stage unless there is some explicit code to try and read these values. I could have the factory explicitly look at .GET, I suppose. (By the way, the docs for using a Request factory are not very clear on what form the provided callable should take (ie. maybe a dict of environment options?), and if there are any expectations on what is returned.)
If I instead chose to write a custom exception view for UnicodeDecodeErrors, this would also get used if I accidentally introduced some Unicode-related errors into my code, when really I want to distinguish between bad user input and bad code. I'm not sure what the right approach is here, given that there seems to be no standard on what a valid URI has to look like, but I would -suggest- that it would be handy if Pyramid could be told what encoding to expect and bail out early before it hits the application-specific view code. Perhaps a URI encoding could be another parameter to view_config? On Tuesday, 10 July 2012 19:13:42 UTC+1, Michael Merickel wrote: > > Not everything will decode. Webob attempts to decode things with utf-8 > by default but you can change this if you wish with a custom request > factory. Anyway, you can't guess the encoding every time, and if it > fails then it'll raise an exception and return a 500 back to the > client. If you prefer something else you can create a custom exception > view for UnicodeDecodeErrors or try/excepts in the request factory to > handle the error in the way you wish. > > On Thu, Jul 5, 2012 at 8:38 AM, Ben Sizer <[email protected]> wrote: > > Sorry for not having a full test case, but here's the basic overview: > > > > - Create a view that accesses request.params > > - Form a URL that uses that view, and which contains some query > parameters > > that are not legal UTF-8 (eg. a random byte string) > > - Try to access that URL on the Pyramid server > > > > The result, for me, is a traceback like this: > > > > Traceback (most recent call last): > > File "/usr/lib/python2.7/wsgiref/handlers.py", line 85, in run > > self.result = application(self.environ, self.start_response) > > File "/usr/local/lib/python2.7/dist-packages/pyramid/router.py", line > 187, > > in __call__ > > response = self.handle_request(request) > > File "/usr/local/lib/python2.7/dist-packages/pyramid/tweens.py", line > 20, > > in excview_tween > > response = handler(request) > > File "/usr/local/lib/python2.7/dist-packages/pyramid/router.py", line > 164, > > in handle_request > > response = view_callable(context, request) > > File "/usr/local/lib/python2.7/dist-packages/pyramid/config/views.py", > > line 333, in rendered_view > > result = view(context, request) > > File "/usr/local/lib/python2.7/dist-packages/pyramid/config/views.py", > > line 471, in _requestonly_view > > response = view(request) > > File "accountserver.py", line 297, in verify_account > > if "admin_auth" not in request.params or > request.params["admin_auth"] != > > auth_val: > > File "/usr/local/lib/python2.7/dist-packages/webob/request.py", line > 831, > > in params > > params = NestedMultiDict(self.GET, self.POST) > > File "/usr/local/lib/python2.7/dist-packages/webob/request.py", line > 813, > > in GET > > vars = GetDict(data, env) > > File "/usr/local/lib/python2.7/dist-packages/webob/multidict.py", line > > 273, in __init__ > > MultiDict.__init__(self, data) > > File "/usr/local/lib/python2.7/dist-packages/webob/multidict.py", line > 37, > > in __init__ > > items = list(args[0]) > > File "/usr/local/lib/python2.7/dist-packages/webob/compat.py", line > 125, > > in parse_qsl_text > > yield (x.decode(encoding), y.decode(encoding)) > > File "/usr/lib/python2.7/encodings/utf_8.py", line 16, in decode > > return codecs.utf_8_decode(input, errors, True) > > UnicodeDecodeError: 'utf8' codec can't decode byte 0xa7 in position 0: > > invalid start byte > > > > It looks like maybe this is an error in WebOb rather than Pyramid as > such, > > but it leaks out into my view functions, and it lets an external user > raise > > exceptions on the server via malformed URLs, which -feels- like a > security > > or potential DoS issue, even if the server (in my case, at least) stays > up > > afterwards. > > > > Can anybody with more understanding of this comment on this issue? > > > > -- > > Ben Sizer > > > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "pylons-discuss" group. > > To view this discussion on the web visit > > https://groups.google.com/d/msg/pylons-discuss/-/qc-hV7Mq66oJ. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group at > > http://groups.google.com/group/pylons-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To view this discussion on the web visit https://groups.google.com/d/msg/pylons-discuss/-/JGiAA9vZTOEJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
