Bug fix: some people were playing around with the AJAX interface - sending AJAX reque...

author richardbarran <richardbarran@8369a704-5b4a-11de-992f-fdd7e25b9163>

Thu, 8 Apr 2010 17:07:56 +0000 (17:07 +0000)

committer richardbarran <richardbarran@8369a704-5b4a-11de-992f-fdd7e25b9163>

Thu, 8 Apr 2010 17:07:56 +0000 (17:07 +0000)
author richardbarran <richardbarran@8369a704-5b4a-11de-992f-fdd7e25b9163>
Thu, 8 Apr 2010 17:07:56 +0000 (17:07 +0000)
committer richardbarran <richardbarran@8369a704-5b4a-11de-992f-fdd7e25b9163>
Thu, 8 Apr 2010 17:07:56 +0000 (17:07 +0000)
diff --git a/jqchat/tests.py b/jqchat/tests.py

index 812df52725dc547895c03558f4fdb9244f4a2dd2..479c8a36a330b9779209ab4c24707b965f90695a 100644 (file)
--- a/jqchat/tests.py
+++ b/jqchat/tests.py
@@ -124,6 +124,12 @@ class AJAXGetTest(TestCase):
          messages = payload['messages']
          self.assert_(len(messages) == 0)
  
+    def test_no_time(self):
+        """All requests should include the time."""
+
+        response = self.client.get('/jqchat/room/1/ajax/')
+        self.assert_(response.status_code == 400, response.status_code)
+
      def test_room_2(self):
          """Retrieve messages for room 2 - should be a different list to room 1.
          Additionally, set the time so as to retrieve only the latest 2 messages in that room -
@@ -188,6 +194,13 @@ class AJAXPostTest(TestCase):
                                                           'message': 'rhubarb'})
          self.assert_(response.status_code == 400, response.status_code)
  
+    def test_no_time(self):
+        """All requests should include the time."""
+
+        response = self.client.get('/jqchat/room/1/ajax/', {'action': 'postmsg',
+                                                         'message': 'rhubarb'})
+        self.assert_(response.status_code == 400, response.status_code)
+
      def test_empty_message(self):
          """Post an empty message to the server - it will be ignored."""
  
diff --git a/jqchat/views.py b/jqchat/views.py

index ea9a2b0bf6698514c673f9786e036deffcba4fd8..873297a076ac4663fdb248639d55655924873316 100644 (file)
--- a/jqchat/views.py
+++ b/jqchat/views.py
@@ -81,7 +81,10 @@ class Ajax(object):
      
          StatusCode = 0 # Default status code is 0 i.e. no new data.
          self.request = request
-        self.request_time = int(self.request.REQUEST['time'])
+        try:
+            self.request_time = int(self.request.REQUEST['time'])
+        except:
+            return HttpResponseBadRequest("What's the time?")
          self.ThisRoom = Room.objects.get(id=id)
          NewDescription = None
author	richardbarran <richardbarran@8369a704-5b4a-11de-992f-fdd7e25b9163>
	Thu, 8 Apr 2010 17:07:56 +0000 (17:07 +0000)
committer	richardbarran <richardbarran@8369a704-5b4a-11de-992f-fdd7e25b9163>
	Thu, 8 Apr 2010 17:07:56 +0000 (17:07 +0000)
jqchat/tests.py		patch \| blob \| history
jqchat/views.py		patch \| blob \| history