Drop back to ASCII after all. :-( (#80)

Got bit by an Aspen bug. :-/ https://github.com/whit537/aspen/issues/102
gratipay · Sep 13, 2012 · 4baf6b7 · 4baf6b7
1 parent 05b185a
commit 4baf6b7
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 4 deletions.
diff --git a/www/%participant_id/index.html b/www/%participant_id/index.html
@@ -281,7 +281,7 @@
 
  function success(d)
  {
- window.location.href = "/" + encodeURI(d.participant_id) + "/";
+ window.location.href = "/" + encodeURIComponent(d.participant_id) + "/";
  }
  function error(e)
  {
@@ -297,8 +297,9 @@
  }
  else
  {
- alert( "Sorry, something went wrong. :-( Try again "
- + "later?");
+ alert( "Sorry, something went wrong. Either you used "
+ + "disallowed characters or something broke on "
+ + "our end.");
  }
  }
  jQuery.ajax(

diff --git a/www/%participant_id/participant_id.json b/www/%participant_id/participant_id.json
@@ -2,6 +2,12 @@ from aspen import Response
 from gittip import db
 from psycopg2 import IntegrityError
 
+ALLOWED_ASCII = set("0123456789"
+ "abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ ".,-_;:@ ")
+
+
 # ========================================================================== ^L
 
 if user.ANON:
@@ -18,8 +24,11 @@ new_participant_id = request.body['participant_id']
 for i, c in enumerate(new_participant_id):
  if i == 32:
  raise Response(413) # Request Entity Too Large (more or less)
- if ord(c) < 32:
+ elif ord(c) < 128 and c not in ALLOWED_ASCII:
  raise Response(400) # Yeah, no.
+ elif c not in ALLOWED_ASCII:
+ raise Response(400) # XXX Burned by an Aspen bug. :`-(
+ # https://github.com/whit537/aspen/issues/102
 
 
 # Persist