Convert to utf-8 before JSON decoding

2019-08-19 15:10:56 -04:00
parent 5ba4152cb6
commit 9d8db8e4ca
7 changed files with 7 additions and 7 deletions
--- a/cms/djangoapps/contentstore/views/assets.py
+++ b/cms/djangoapps/contentstore/views/assets.py
@@ -538,7 +538,7 @@ def _update_asset(request, course_key, asset_key):

        # update existing asset
        try:
-            modified_asset = json.loads(request.body)
+            modified_asset = json.loads(request.body.decode('utf8'))
        except ValueError:
            return HttpResponseBadRequest()
        contentstore().set_attr(asset_key, 'locked', modified_asset['locked'])
--- a/cms/djangoapps/contentstore/views/certificates.py
+++ b/cms/djangoapps/contentstore/views/certificates.py
@@ -349,7 +349,7 @@ def certificate_activation_handler(request, course_key_string):
        msg = _(u'PermissionDenied: Failed in authenticating {user}').format(user=request.user)
        return JsonResponse({"error": msg}, status=403)

-    data = json.loads(request.body)
+    data = json.loads(request.body.decode('utf8'))
    is_active = data.get('is_active', False)
    certificates = CertificateManager.get_certificates(course)

--- a/common/djangoapps/util/json_request.py
+++ b/common/djangoapps/util/json_request.py
@@ -46,7 +46,7 @@ def expect_json(view_function):
        # e.g. 'charset', so we can't do a direct string compare
        if "application/json" in request.META.get('CONTENT_TYPE', '') and request.body:
            try:
-                request.json = json.loads(request.body)
+                request.json = json.loads(request.body.decode('utf8'))
            except ValueError:
                return JsonResponseBadRequest({"error": "Invalid JSON"})
        else:
--- a/lms/djangoapps/ccx/views.py
+++ b/lms/djangoapps/ccx/views.py
@@ -313,7 +313,7 @@ def save_ccx(request, course, ccx=None):
        return earliest, ccx_ids_to_delete

    graded = {}
-    earliest, ccx_ids_to_delete = override_fields(course, json.loads(request.body), graded, [])
+    earliest, ccx_ids_to_delete = override_fields(course, json.loads(request.body.decode('utf8')), graded, [])
    bulk_delete_ccx_override_fields(ccx, ccx_ids_to_delete)
    if earliest:
        override_field_for_ccx(ccx, course, 'start', earliest)
--- a/lms/djangoapps/courseware/views/views.py
+++ b/lms/djangoapps/courseware/views/views.py
@@ -1633,7 +1633,7 @@ def financial_assistance(_request):
 def financial_assistance_request(request):
    """Submit a request for financial assistance to Zendesk."""
    try:
-        data = json.loads(request.body)
+        data = json.loads(request.body.decode('utf8'))
        # Simple sanity check that the session belongs to the user
        # submitting an FA request
        username = data['username']
--- a/lms/djangoapps/edxnotes/views.py
+++ b/lms/djangoapps/edxnotes/views.py
@@ -205,7 +205,7 @@ def edxnotes_visibility(request, course_id):
        raise Http404

    try:
-        visibility = json.loads(request.body)["visibility"]
+        visibility = json.loads(request.body.decode('utf8'))["visibility"]
        course_module.edxnotes_visibility = visibility
        course_module.save()
        return JsonResponse(status=200)
--- a/openedx/core/djangoapps/lang_pref/views.py
+++ b/openedx/core/djangoapps/lang_pref/views.py
@@ -22,7 +22,7 @@ def update_session_language(request):
    """
    response = HttpResponse(200)
    if request.method == 'PATCH':
-        data = json.loads(request.body)
+        data = json.loads(request.body.decode('utf8'))
        language = data.get(LANGUAGE_KEY, settings.LANGUAGE_CODE)
        if request.session.get(LANGUAGE_SESSION_KEY, None) != language:
            request.session[LANGUAGE_SESSION_KEY] = six.text_type(language)