mirror of
https://github.com/encode/django-rest-framework.git
synced 2025-01-24 08:14:16 +03:00
let the XML parser fail gracefully on malformed XML
This commit is contained in:
parent
66eabe8bd1
commit
44b56ed059
|
@ -465,3 +465,9 @@ except:
|
|||
from django.core.urlresolvers import reverse
|
||||
from django.utils.functional import lazy
|
||||
reverse_lazy = lazy(reverse, str)
|
||||
|
||||
# xml.etree.parse only throws ParseError for python >= 2.7
|
||||
try:
|
||||
from xml.etree import ParseError as ETParseError
|
||||
except ImportError: # python < 2.7
|
||||
ETParseError = None
|
||||
|
|
|
@ -20,6 +20,8 @@ from djangorestframework.compat import yaml
|
|||
from djangorestframework.response import ErrorResponse
|
||||
from djangorestframework.utils.mediatypes import media_type_matches
|
||||
from xml.etree import ElementTree as ET
|
||||
from djangorestframework.compat import ETParseError
|
||||
from xml.parsers.expat import ExpatError
|
||||
import datetime
|
||||
import decimal
|
||||
|
||||
|
@ -185,7 +187,11 @@ class XMLParser(BaseParser):
|
|||
`data` will simply be a string representing the body of the request.
|
||||
`files` will always be `None`.
|
||||
"""
|
||||
tree = ET.parse(stream)
|
||||
try:
|
||||
tree = ET.parse(stream)
|
||||
except (ExpatError, ETParseError, ValueError), exc:
|
||||
content = {'detail': 'XML parse error - %s' % unicode(exc)}
|
||||
raise ErrorResponse(status.HTTP_400_BAD_REQUEST, content)
|
||||
data = self._xml_convert(tree.getroot())
|
||||
|
||||
return (data, None)
|
||||
|
|
Loading…
Reference in New Issue
Block a user