odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

[FIX] ensure_db() werkzeug.BaseResponse.url usage leads to encoded hashes loss 

bzr revid: fme@openerp.com-20140311205220-kk0pal10lodurcst
This commit is contained in:
Fabien Meghazi 2014-03-11 21:52:20 +01:00
parent e4c3847eb7
commit 27405c0c83
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
addons/web/controllers/main.py
View File

@ -141,7 +141,12 @@ def ensure_db(redirect='/web/database/selector'):
# Thus, we redirect the user to the same page but with the session cookie set.
# This will force using the database route dispatcher...
r = request.httprequest
response = werkzeug.utils.redirect(r.url, 302)
url_redirect = r.base_url
if r.query_string:
# Can't use werkzeug.wrappers.BaseRequest.url with encoded hashes:
# https://github.com/amigrave/werkzeug/commit/b4a62433f2f7678c234cdcac6247a869f90a7eb7
url_redirect += '?' + r.query_string
response = werkzeug.utils.redirect(url_redirect, 302)
request.session.db = db
response = r.app.get_response(r, response, explicit_session=False)
werkzeug.exceptions.abort(response)