From 473fe9a331f5b8521df5c789845ea4d2f899fcbb Mon Sep 17 00:00:00 2001 From: Christophe Simonis Date: Thu, 20 Nov 2014 16:06:55 +0100 Subject: [PATCH] [FIX] http.py: invalid request must return a status code 400 --- openerp/http.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/openerp/http.py b/openerp/http.py index b3018232f11..b1874a01280 100644 --- a/openerp/http.py +++ b/openerp/http.py @@ -261,8 +261,8 @@ class WebRequest(object): def _call_function(self, *args, **kwargs): request = self if self.endpoint.routing['type'] != self._request_type: - raise Exception("%s, %s: Function declared as capable of handling request of type '%s' but called with a request of type '%s'" \ - % (self.endpoint.original, self.httprequest.path, self.endpoint.routing['type'], self._request_type)) + raise werkzeug.exceptions.BadRequest("%s, %s: Function declared as capable of handling request of type '%s' but called with a request of type '%s'" % + (self.endpoint.original, self.httprequest.path, self.endpoint.routing['type'], self._request_type)) kwargs.update(self.endpoint.arguments) @@ -463,7 +463,11 @@ class JsonRequest(WebRequest): request = self.httprequest.stream.read() # Read POST content or POST Form Data named "request" - self.jsonrequest = simplejson.loads(request) + try: + self.jsonrequest = simplejson.loads(request) + except simplejson.JSONDecodeError: + raise werkzeug.exceptions.BadRequest('Invalid JSON data') + self.params = dict(self.jsonrequest.get("params", {})) self.context = self.params.pop('context', dict(self.session.context))