>
> This is a login button, present in the layout, so it's in every page:
>
> <a href="{{=URL('default', 'user', args='login',
> host=CONFIG.dominio_panel, vars={'_next': URL(args=request.args if 'l' in
> request.args else request.args + ['l'], vars=request.get_vars, host=True)
> or ''})}}">LOGIN</a>
>
> The url of the login button uses the vars argument to pass the "_next"
> key. The _next key contains the current url (with current request.args and
> request.get_vars).
>
Check out
https://www.reddit.com/r/learnjavascript/comments/5jegfe/jquery_library_is_loading_extra_code_what_does_it/
-- the code shown in that case is using the exact same query string
variables as you are seeing in your code. Could be a browser hijack that
results in Ajax requests to your server. Your login button code takes the
query string of the Ajax request (i.e., request.get_vars) and passes it as
the "vars" argument to the URL() function. Because the query string
includes some unicode characters, you get the error in question. If these
are rogue Ajax requests not being generated by your app, presumably it
doesn't matter that errors are being generated, but if you want to stop the
errors, you could either transform request.get_vars before passing it to
URL(), or do some validation of request.get_vars and only pass it to URL()
when it represents a query string that is valid for your application.
Anthony
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
