# HG changeset patch
# User dellsystem <ilostwaldo@gmail.com>
# Date 1348331977 14400
# Node ID f299232c82e8a22fcc6a18f27dfc4e51da6cae35
# Parent  3a850f49eea6eff2656526113e2e6721ff8fa3dc
Perform basic validation on snippet file uploads

To prevent users from uploading binary files. This is not a complete fix.

diff -r 3a850f49eea6 -r f299232c82e8 apps/snippet/forms.py
--- a/apps/snippet/forms.py	Sat Sep 22 12:38:44 2012 -0400
+++ b/apps/snippet/forms.py	Sat Sep 22 12:39:37 2012 -0400
@@ -61,7 +61,15 @@
 
         if file_data:
             file_data.open()
-            cleaned_data['content'] = file_data.read()
+            content_type = file_data.content_type
+
+            # Do some very basic checking of types. NOT SECURE.
+            if (content_type.startswith('text/') or
+                content_type.startswith('application')):
+                cleaned_data['content'] = file_data.read()
+            else:
+                raise forms.ValidationError(_("Please ensure that you upload \
+                    a text file."))
         elif not content:
             # No snippet data specified
             raise forms.ValidationError(_("Please specify some content for \