Skip to content
Permalink
Browse files Browse the repository at this point in the history
Added bleach to requirements.txt to clean input data from HTML forms
  • Loading branch information
echel0n committed Mar 11, 2021
1 parent 07c0210 commit 9f42426
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 1 deletion.
1 change: 1 addition & 0 deletions requirements.txt
Expand Up @@ -11,6 +11,7 @@ attrs==19.3.0
babelfish==0.5.5
beautifulsoup4==4.9.1
bencode3==0.1.0
bleach==3.3.0
CacheControl==0.12.6
certifi==2020.6.20
cffi==1.14.1
Expand Down
12 changes: 11 additions & 1 deletion sickrage/core/webserver/handlers/base.py
Expand Up @@ -19,17 +19,19 @@
# along with SiCKRAGE. If not, see <http://www.gnu.org/licenses/>.
# ##############################################################################
import functools
import html
import time
import traceback
import types
from concurrent.futures.thread import ThreadPoolExecutor
from typing import Optional, Awaitable
from urllib.parse import urlparse, urljoin

import bleach
from jose import ExpiredSignatureError
from keycloak.exceptions import KeycloakClientError
from mako.exceptions import RichTraceback
from tornado import locale
from tornado import locale, escape
from tornado.web import RequestHandler

import sickrage
Expand Down Expand Up @@ -196,3 +198,11 @@ def prepare(self):
def options(self, *args, **kwargs):
self.set_status(204)
self.finish()

def get_argument(self, *args, **kwargs):
value = super(BaseHandler, self).get_argument(*args, **kwargs)

try:
return bleach.clean(value)
except TypeError:
return value

0 comments on commit 9f42426

Please sign in to comment.