Display standard http error instead of exception on path security error

2018-06-25 14:28:42 +02:00 · 2018-06-25 14:28:42 +02:00 · c7a8a3933e
parent e1fdb90da6
commit c7a8a3933e
1 changed files with 1 additions and 1 deletions
--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@ -85,7 +85,7 @@ class UiRequest(object):
        # Sanitize request url
        path = path.replace("\\", "/")
        if "../" in path or "./" in path:
-            raise SecurityError("Invalid path")
+            return self.error403("Invalid path: %s" % path)

        if self.env["REQUEST_METHOD"] == "OPTIONS":
            if "/" not in path.strip("/"):