diff --git a/rowers/plannedsessions.py b/rowers/plannedsessions.py index c8ca0ab2..d9e6add5 100644 --- a/rowers/plannedsessions.py +++ b/rowers/plannedsessions.py @@ -888,6 +888,10 @@ def get_dates_timeperiod(request, startdatestring='', enddatestring='', startdate = timezone.now()-timezone.timedelta(days=5) startdate = startdate.date() enddate = timezone.now().date() + except parser.ParserError: + startdate = timezone.now()-timezone.timedelta(days=5) + startdate = startdate.date() + enddate = timezone.now().date() if startdate > enddate: e = startdate diff --git a/rowers/tests/testdata/testdata.tcx.gz b/rowers/tests/testdata/testdata.tcx.gz index 81d458fd..a12f9e93 100644 Binary files a/rowers/tests/testdata/testdata.tcx.gz and b/rowers/tests/testdata/testdata.tcx.gz differ diff --git a/rowers/views/apiviews.py b/rowers/views/apiviews.py index 8c214655..d383b3c5 100644 --- a/rowers/views/apiviews.py +++ b/rowers/views/apiviews.py @@ -2,7 +2,8 @@ from rowers.views.statements import * from rowers.tasks import handle_calctrimp from rowers.opaque import encoder from rowers.courses import coursetokml, coursestokml -from xml.etree import ElementTree as ET +#from xml.etree import ElementTree as ET +from defusedxml import ElementTree as ET import arrow import pendulum @@ -28,6 +29,8 @@ class XMLParser(BaseParser): dologging("apilog.log", "XML Parser") try: s = ET.parse(stream).getroot() + except ET.XMLSyntaxError: + return HttpResponse(status=400) except Exception as e: # pragma: no cover dologging("apilog.log",e) return HttpResponse(status=500) diff --git a/rowers/weather.py b/rowers/weather.py index c6533127..e7f2e0eb 100644 --- a/rowers/weather.py +++ b/rowers/weather.py @@ -2,7 +2,8 @@ import requests from requests.exceptions import ConnectionError import json from lxml import objectify, etree -import xml.etree.ElementTree as ET +#import xml.etree.ElementTree as ET +from defusedxml import ElementTree as ET import time from datetime import datetime from rowingdata import rowingdata, geo_distance