From 2148cb084a35b4f03996fb8fc08a37e372c4d277 Mon Sep 17 00:00:00 2001
From: Magnus Hagander <magnus@hagander.net>
Date: Thu, 10 Oct 2019 20:49:45 +0200
Subject: [PATCH] Raise a http 404 error on paths that are too long

We never have any paths this long, and it's nicer to raise a proper 404
than a 500 internal server error.
---
 pgweb/core/views.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pgweb/core/views.py b/pgweb/core/views.py
index c1d34d12..d9e871a9 100644
--- a/pgweb/core/views.py
+++ b/pgweb/core/views.py
@@ -112,6 +112,11 @@ def fallback(request, url):
     if not re_staticfilenames.match(url):
         raise Http404('Page not found.')
 
+    if len(url) > 250:
+        # Maximum length is really per-directory, but we shouldn't have any pages/fallback
+        # urls with anywhere *near* that, so let's just limit it on the whole
+        raise Http404('Page not found.')
+
     try:
         t = loader.get_template('pages/%s.html' % url)
     except TemplateDoesNotExist:
-- 
2.11.4.GIT