diff options
author | Jelle van der Waa <jelle@archlinux.org> | 2019-08-13 22:03:33 +0200 |
---|---|---|
committer | Jelle van der Waa <jelle@archlinux.org> | 2019-08-13 22:03:33 +0200 |
commit | 01f0f69c2b72d5eecce9d6962d9c691797f04332 (patch) | |
tree | 30e373c2544035e2d492043a9f6dcda69cdaceb8 | |
parent | 4b93ee3d2edc238608c7979c5336ea47b78c2899 (diff) | |
download | archweb-01f0f69c2b72d5eecce9d6962d9c691797f04332.tar.gz archweb-01f0f69c2b72d5eecce9d6962d9c691797f04332.zip |
packages: fix negative and invalid limit in search API
Resolve 500 issues when limit=wji or limit=-1 by setting a min_value of
0 and changing the field to a IntegerField.
-rw-r--r-- | packages/views/search.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/packages/views/search.py b/packages/views/search.py index c0289856..be60e890 100644 --- a/packages/views/search.py +++ b/packages/views/search.py @@ -17,7 +17,7 @@ from ..utils import attach_maintainers, PackageJSONEncoder class PackageSearchForm(forms.Form): - limit = forms.CharField(required=False) + limit = forms.IntegerField(required=False, min_value=0) page = forms.CharField(required=False) repo = forms.MultipleChoiceField(required=False) arch = forms.MultipleChoiceField(required=False) @@ -163,8 +163,8 @@ def search_json(request): form = PackageSearchForm(data=request.GET, show_staging=request.user.is_authenticated) if form.is_valid(): - form_limit = form.cleaned_data['limit'] - limit = min(limit, int(form_limit)) if form_limit else limit + form_limit = form.cleaned_data.get('limit', limit) + limit = min(limit, form_limit) if form_limit else limit container['limit'] = limit packages = Package.objects.select_related('arch', 'repo', |