From ccc3c4ef325a39cbada8b70436384259b4ccdb87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gina=20H=C3=A4u=C3=9Fge?= Date: Tue, 9 May 2017 14:36:45 +0200 Subject: [PATCH] Detect invalid settings data to persist (not a dict), send 400 --- src/octoprint/server/api/settings.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/octoprint/server/api/settings.py b/src/octoprint/server/api/settings.py index 1be88db7..d5255cd3 100644 --- a/src/octoprint/server/api/settings.py +++ b/src/octoprint/server/api/settings.py @@ -256,6 +256,10 @@ def setSettings(): except BadRequest: return make_response("Malformed JSON body in request", 400) + if not isinstance(data, dict): + return make_response("Malformed request, need settings dictionary, " + "got a {} instead: {!r}".format(type(data).__name__, data), 400) + _saveSettings(data) return getSettings()