diff --git a/app/app/utils.py b/app/app/utils.py index 4e0016bf99d..0964a5ceaaa 100644 --- a/app/app/utils.py +++ b/app/app/utils.py @@ -1,6 +1,7 @@ import email import imaplib import logging +import re import time from django.conf import settings @@ -278,3 +279,8 @@ def get_country_from_ip(ip_address, db=None): logger.warning(f'Encountered ({e}) while attempting to retrieve a user\'s geolocation') return country + + +def clean_str(string): + """Clean the provided string of all non-alpha numeric characters.""" + return re.sub(r'\W+', '', string) diff --git a/app/dashboard/views.py b/app/dashboard/views.py index 915f43f29a3..32d784d7c47 100644 --- a/app/dashboard/views.py +++ b/app/dashboard/views.py @@ -37,7 +37,7 @@ from django.views.decorators.csrf import csrf_exempt from django.views.decorators.http import require_GET, require_POST -from app.utils import ellipses, sync_profile +from app.utils import clean_str, ellipses, sync_profile from avatar.utils import get_avatar_context from economy.utils import convert_amount from gas.utils import conf_time_spread, gas_advisories, gas_history, recommend_min_gas_price_to_confirm_in_time @@ -928,7 +928,8 @@ def bounty_details(request, ghuser='', ghrepo='', ghissue=0, stdbounties_id=None if issue_url: try: bounties = Bounty.objects.current().filter(github_url=issue_url) - if stdbounties_id: + stdbounties_id = clean_str(stdbounties_id) + if stdbounties_id and stdbounties_id.isdigit(): bounties = bounties.filter(standard_bounties_id=stdbounties_id) if bounties: bounty = bounties.order_by('-pk').first()