Only allow http/https schemas for image download

Glance only supports http/https image urls, but default django URLField allows ftp/ftps images to be entered. This commit adds validator, that restricts schema to http/https Change-Id: I1e9ddbc82a0a6aaaf1322f7e8f89dfe5f79bf260 Related-Bug: #1467787
2015-09-04 03:14:21 +03:00 · 2015-09-04 03:14:21 +03:00 · 0f78517b60
commit 0f78517b60
parent d33b65aad2
1 changed files with 4 additions and 0 deletions
--- a/openstack_dashboard/dashboards/project/images/images/forms.py
+++ b/openstack_dashboard/dashboards/project/images/images/forms.py
@ -19,7 +19,9 @@
 """
 Views for managing images.
 """
+
 from django.conf import settings
+from django.core import validators
 from django.forms import ValidationError  # noqa
 from django.forms.widgets import HiddenInput  # noqa
 from django.template import defaultfilters
@ -102,6 +104,8 @@ class CreateImageForm(forms.SelfHandlingForm):
                                   'ng-model': 'copyFrom',
                                   'ng-change':
                                   'ctrl.selectImageFormat(copyFrom)'}),
+                               validators=[validators.URLValidator(
+                                   schemes=["http", "https"])],
                               required=False)
    image_file = forms.FileField(label=_("Image File"),
                                 help_text=_("A local image to upload."),