Commit 6e40b4cb authored by stephen's avatar stephen
Browse files

fix: Prevent subscription-validation endpoint from throwing errors when mis-requested 

As per comments on this PR, and similar to how the ALTCHA challenge validation endpoint was hardened, it's important to prevent junk traffic to the subscription-validation endpoint from causing exceptions to bubble up to the user-visible surface.

This commit performs this work by:
- Rejecting traffic containing no message body with a 400 error
- Rejecting traffic contaning invalid, non-JSON content with a 400 error
parent 858a4b32

tordonate/civicrm/views.py

+12 −1
Original line number Diff line number Diff line
@@ -51,7 +51,18 @@ class SubscriptionView(FormView): 
        if request.method != "POST":

            return HttpResponseNotAllowed(["POST"])



        # Random data-free prods at this URL should be cleanly rejected.

        if getattr(request, "body") is None:

            logger.info("Subscription form validation request contained no data.")

            return JsonResponse({}, status=400)



        # Reject any request whose body isn't valid JSON.

        try:

            jsonData = json.loads(request.body)

        except json.JSONDecodeError:

            logger.error("Subscription form data to validate wasn't valid JSON.")

            return JsonResponse({}, status=400)



        data = QueryDict(jsonData["form"].encode("ASCII"))

        form = SubscriptionForm(data)