commit | author | age
|
f48dc6
|
1 |
from pyramid.compat import escape |
4083b3
|
2 |
|
c90471
|
3 |
from pyramid.httpexceptions import HTTPFound |
PE |
4 |
from pyramid.response import Response |
|
5 |
from pyramid.view import view_config |
|
6 |
|
|
7 |
|
|
8 |
# First view, available at http://localhost:6543/ |
|
9 |
@view_config(route_name='home') |
|
10 |
def home_view(request): |
|
11 |
return Response('<p>Visit <a href="/howdy?name=lisa">hello</a></p>') |
|
12 |
|
|
13 |
|
|
14 |
# /howdy?name=alice which links to the next view |
|
15 |
@view_config(route_name='hello') |
|
16 |
def hello_view(request): |
|
17 |
name = request.params.get('name', 'No Name') |
|
18 |
body = '<p>Hi %s, this <a href="/goto">redirects</a></p>' |
f48dc6
|
19 |
# pyramid.compat.escape to prevent Cross-Site Scripting (XSS) [CWE 79] |
SP |
20 |
return Response(body % escape(name)) |
c90471
|
21 |
|
PE |
22 |
|
|
23 |
# /goto which issues HTTP redirect to the last view |
|
24 |
@view_config(route_name='redirect') |
|
25 |
def redirect_view(request): |
|
26 |
return HTTPFound(location="/problem") |
|
27 |
|
|
28 |
|
4083b3
|
29 |
# /problem which causes a site error |
c90471
|
30 |
@view_config(route_name='exception') |
PE |
31 |
def exception_view(request): |
|
32 |
raise Exception() |