# HG changeset patch
# User Goffi <goffi@goffi.org>
# Date 1555070810 -7200
# Node ID ea0caa7b1bcc1161a3c4fba453fa2e0e4f2f9533
# Parent  7d2e098ea3f46c951ee3f8e2faf71d4995aac7be
pages (i18n): check presence of u"/" in locale:

if u"/" is present in local, a warning message is logged, and locale is ignored.
This is done because in some cases locale can be used with a path (e.g. if several localised version of a document are used).

diff -r 7d2e098ea3f4 -r ea0caa7b1bcc libervia/server/pages.py
--- a/libervia/server/pages.py	Fri Apr 12 13:58:02 2019 +0200
+++ b/libervia/server/pages.py	Fri Apr 12 14:06:50 2019 +0200
@@ -1478,11 +1478,20 @@
                 # we don't differenciate URLs finishing with '/' or not
                 del request.postpath[-1]
 
+            # i18n
             if C.KEY_LANG in request.args:
                 try:
-                    session_data.locale = request.args.pop(C.KEY_LANG)[0]
+                    locale = request.args.pop(C.KEY_LANG)[0]
                 except IndexError:
                     log.warning(u"empty lang received")
+                else:
+                    if u"/" in locale:
+                        # "/" is refused because locale may sometime be used to access
+                        # path, if localised documents are available for instance
+                        log.warning(_(u'illegal char found in locale ("/"), hack '
+                                      u'attempt? locale={locale}').format(locale=locale))
+                        locale = None
+                    session_data.locale = locale
 
 
         d = defer.Deferred()