Closed tmoerman closed 9 years ago
It is possible to crash the renderer by supplying parameters without values e.g.: http://localhost:8000/molecule/CN1CCC%5BC%40H%5D1c2cccnc2?render-image-width=300&render-image-height
Sanitize them (i.e. no nil values) before passing through as Indigo options.
Fixed in https://github.com/tmoerman/sourire/commit/05422925ca9fb703911c08b32d6176115c2f9989
tmoerman
commented
9 years ago tmoerman
commented
9 years ago
It is possible to crash the renderer by supplying parameters without values e.g.: http://localhost:8000/molecule/CN1CCC%5BC%40H%5D1c2cccnc2?render-image-width=300&render-image-height
Sanitize them (i.e. no nil values) before passing through as Indigo options.