Disallow non-GET requests in wmako.

author Fredrik Tolf <fredrik@dolda2000.com>

Sun, 23 Dec 2012 05:45:45 +0000 (06:45 +0100)

committer Fredrik Tolf <fredrik@dolda2000.com>

Sun, 23 Dec 2012 05:45:45 +0000 (06:45 +0100)
author Fredrik Tolf <fredrik@dolda2000.com>
Sun, 23 Dec 2012 05:45:45 +0000 (06:45 +0100)
committer Fredrik Tolf <fredrik@dolda2000.com>
Sun, 23 Dec 2012 05:45:45 +0000 (06:45 +0100)
diff --git a/wrw/wmako.py b/wrw/wmako.py

index 491d8b3..13ce342 100644 (file)
--- a/wrw/wmako.py
+++ b/wrw/wmako.py
@@ -1,6 +1,6 @@
  import os, threading
  from mako import template, lookup, filters
-import util, form, session, env
+import util, form, session, env, resp
  
  # It seems Mako isn't thread-safe.
  makolock = threading.Lock()
@@ -43,6 +43,8 @@ def handle(req, filename, **kw):
  
  @util.wsgiwrap
  def application(req):
+    if req.method not in ["GET", "HEAD"]:
+        raise resp.httperror(405)
      return handle(req, req.filename,
                    form = form.formdata(req),
                    session = session.get(req))
author	Fredrik Tolf <fredrik@dolda2000.com>
	Sun, 23 Dec 2012 05:45:45 +0000 (06:45 +0100)
committer	Fredrik Tolf <fredrik@dolda2000.com>
	Sun, 23 Dec 2012 05:45:45 +0000 (06:45 +0100)