Changeset 9508


Ignore:
Timestamp:
2 Nov 2012, 10:50:58 (12 years ago)
Author:
Henrik Bettermann
Message:

Add more security.

Location:
main/waeup.aaue/trunk/src/waeup/aaue/etranzact
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.aaue/trunk/src/waeup/aaue/etranzact/browser.py

    r9327 r9508  
    4545
    4646    def update(self, PAYEE_ID=None):
     47        if PAYEE_ID == None:
     48            self.output = '-1'
     49            return
    4750        real_ip = self.request.get('HTTP_X_FORWARDED_FOR', None)
    4851        # We can forego the logging once eTranzact payments run smoothly
     
    6063        # RFC 2616 HTTP guidelines we may try to fetch the id from the QUERY_STRING
    6164        # value of the request.
    62 
    6365        #if PAYEE_ID is None:
    6466        #    try:
  • main/waeup.aaue/trunk/src/waeup/aaue/etranzact/tests.py

    r8754 r9508  
    8585            'FEE_AMOUNT=1234.0&'
    8686            'TRANSACTION_STATUS=unpaid' % self.p_id)
     87        self.browser.open('http://localhost/app/feerequest?NONSENSE=nonsense')
     88        self.assertEqual(self.browser.contents, '-1')
    8789
    8890    @external_test
Note: See TracChangeset for help on using the changeset viewer.