commit aefea29299e7fcd13f6515f82a8e24173bf96fd0
parent 373f6f29d35a6bae6b38f489057e0f49570df6d8
Author: Florian Dold <florian.dold@gmail.com>
Date: Mon, 7 Sep 2020 18:21:43 +0530
formatting, urlquote cookie path
Diffstat:
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/talermerchantdemos/blog/blog.py b/talermerchantdemos/blog/blog.py
@@ -33,12 +33,18 @@ from talermerchantdemos.httpcommon import backend_get, backend_post
if not sys.version_info.major == 3 and sys.version_info.minor >= 6:
print("Python 3.6 or higher is required.")
- print("You are using Python {}.{}.".format(sys.version_info.major, sys.version_info.minor))
+ print(
+ "You are using Python {}.{}.".format(
+ sys.version_info.major, sys.version_info.minor
+ )
+ )
sys.exit(1)
BASE_DIR = os.path.dirname(os.path.abspath(__file__))
-app = flask.Flask(__name__, template_folder=BASE_DIR, static_folder=BASE_DIR + '/../static/')
+app = flask.Flask(
+ __name__, template_folder=BASE_DIR, static_folder=BASE_DIR + "/../static/"
+)
app.secret_key = base64.b64encode(os.urandom(64)).decode("utf-8")
LOGGER = logging.getLogger(__name__)
@@ -254,11 +260,15 @@ def article(article_name, data=None):
au = pay_status.get("already_paid_fulfillment_url")
if ai is not None and au is not None:
response = flask.redirect(au)
- response.set_cookie("order_id", ai, path=f"/essay/{article_name}")
+ response.set_cookie(
+ "order_id", ai, path=urllib.parse.quote(f"/essay/{article_name}")
+ )
return response
# Redirect the browser to a page where the wallet can
# run the payment protocol.
response = flask.redirect(pay_status["order_status_url"])
- response.set_cookie("order_id", order_id, path=f"/essay/{article_name}")
+ response.set_cookie(
+ "order_id", order_id, path=urllib.parse.quote(f"/essay/{article_name}")
+ )
return response
