Updating SQL views to return HttpResponseBadRequest on tamper detection.

author: Rob Hudson 2008-10-07 12:37:04 -0700
committer: Rob Hudson 2008-10-07 12:37:04 -0700
commit: 03400c2c6b00ca8310cad7f30ac215d2b80d94b2 (patch)
tree: aafdc8200d6f2ca231963b7ebc53105ff31ea9db /debug_toolbar/views.py
parent: 822988142666fccb216a17ef3abbee7b6bbcf76b (diff)
download: django-debug-toolbar-03400c2c6b00ca8310cad7f30ac215d2b80d94b2.tar.bz2
1 files changed, 3 insertions, 3 deletions
diff --git a/debug_toolbar/views.py b/debug_toolbar/views.py
index b75397b..e3bb5b1 100644
--- a/debug_toolbar/views.py
+++ b/debug_toolbar/views.py
@@ -35,7 +35,7 @@ def sql_select(request):
     params = request.GET.get('params', '')
     hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest()
     if hash != request.GET.get('hash', ''):
-        return HttpResponse('<h3>Tamper alert</h3>') # SQL Tampering alert
+        return HttpResponseBadRequest('Tamper alert') # SQL Tampering alert
     if sql.lower().startswith('select'):
         params = simplejson.loads(params)
         cursor = connection.cursor()
@@ -66,7 +66,7 @@ def sql_explain(request):
     params = request.GET.get('params', '')
     hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest()
     if hash != request.GET.get('hash', ''):
-        return HttpResponse('<h3>Tamper alert</h3>') # SQL Tampering alert
+        return HttpResponseBadRequest('Tamper alert') # SQL Tampering alert
     if sql.lower().startswith('select'):
         params = simplejson.loads(params)
         cursor = connection.cursor()
@@ -97,7 +97,7 @@ def sql_profile(request):
     params = request.GET.get('params', '')
     hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest()
     if hash != request.GET.get('hash', ''):
-        return HttpResponse('<h3>Tamper alert</h3>') # SQL Tampering alert
+        return HttpResponseBadRequest('Tamper alert') # SQL Tampering alert
     if sql.lower().startswith('select'):
         params = simplejson.loads(params)
         cursor = connection.cursor()
author	Rob Hudson	2008-10-07 12:37:04 -0700
committer	Rob Hudson	2008-10-07 12:37:04 -0700
commit	03400c2c6b00ca8310cad7f30ac215d2b80d94b2 (patch)
tree	aafdc8200d6f2ca231963b7ebc53105ff31ea9db /debug_toolbar/views.py
parent	822988142666fccb216a17ef3abbee7b6bbcf76b (diff)
download	django-debug-toolbar-03400c2c6b00ca8310cad7f30ac215d2b80d94b2.tar.bz2