diff options
-rw-r--r-- | bitbake/lib/toaster/toastergui/tests.py | 2 | ||||
-rwxr-xr-x | bitbake/lib/toaster/toastergui/views.py | 7 |
2 files changed, 6 insertions, 3 deletions
diff --git a/bitbake/lib/toaster/toastergui/tests.py b/bitbake/lib/toaster/toastergui/tests.py index 1b6e78d517c..4e420ea2699 100644 --- a/bitbake/lib/toaster/toastergui/tests.py +++ b/bitbake/lib/toaster/toastergui/tests.py @@ -155,7 +155,7 @@ class ViewTests(TestCase): response = self.client.post(reverse('xhr_importlayer'), args) data = json.loads(response.content) self.assertEqual(response.status_code, 200) - self.assertNotEqual(data["error"], "ok") + self.assertEqual(data["error"], "ok") #Test to verify import of a layer successful args['name'] = "meta-oe" diff --git a/bitbake/lib/toaster/toastergui/views.py b/bitbake/lib/toaster/toastergui/views.py index dfa256e8eaf..13489af6fda 100755 --- a/bitbake/lib/toaster/toastergui/views.py +++ b/bitbake/lib/toaster/toastergui/views.py @@ -2185,8 +2185,11 @@ if True: layers_added = []; # Rudimentary check for any possible html tags - if "<" in request.POST: - return HttpResponse(jsonfilter({"error": "Invalid character <"}), content_type = "application/json") + for val in request.POST.values(): + if "<" in val: + return HttpResponse(jsonfilter( + {"error": "Invalid character <"}), + content_type="application/json") prj = Project.objects.get(pk=request.POST['project_id']) |