Make sure HTTP header only contains ASCII

master
Dimitri Huisman 3 years ago
parent ecb39fed04
commit 4f5cb0974e

@ -50,7 +50,7 @@ def user_authentication():
if (not flask_login.current_user.is_anonymous
and flask_login.current_user.enabled):
response = flask.Response()
response.headers["X-User"] = flask_login.current_user.get_id()
response.headers["X-User"] = models.IdnaEmail.process_bind_param(flask_login, flask_login.current_user.get_id(), "")
response.headers["X-User-Token"] = models.User.get_temp_token(flask_login.current_user.get_id())
return response
return flask.abort(403)

Loading…
Cancel
Save