diff --git a/requirements.txt b/requirements.txt index 79e980c04..957a416bf 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,7 +8,7 @@ # ############################################################################### -Flask==2.* +Flask==2.1.* Flask-Gravatar==0.* Flask-Login==0.* Flask-Mail==0.* @@ -50,7 +50,7 @@ boto3==1.20.* botocore==1.23.* urllib3==1.26.* Werkzeug==2.0.3; python_version <= '3.6' -Werkzeug==2.1.1; python_version >= '3.7' +Werkzeug==2.1.2; python_version >= '3.7' azure-mgmt-rdbms==10.1.0 azure-mgmt-resource==21.0.0 azure-mgmt-subscription==3.0.0 diff --git a/web/pgadmin/authenticate/kerberos.py b/web/pgadmin/authenticate/kerberos.py index 642a73905..d679b912e 100644 --- a/web/pgadmin/authenticate/kerberos.py +++ b/web/pgadmin/authenticate/kerberos.py @@ -178,9 +178,10 @@ class KerberosAuthentication(BaseAuthentication): headers = Headers() authorization = request.headers.get("Authorization", None) form_class = _security.login_form + req_json = request.get_json(force=True) - if request.json: - form = form_class(MultiDict(request.json)) + if req_json: + form = form_class(MultiDict(req_json)) else: form = form_class() diff --git a/web/pgadmin/browser/__init__.py b/web/pgadmin/browser/__init__.py index c8433acb0..7f50cc7dc 100644 --- a/web/pgadmin/browser/__init__.py +++ b/web/pgadmin/browser/__init__.py @@ -931,9 +931,10 @@ if hasattr(config, 'SECURITY_CHANGEABLE') and config.SECURITY_CHANGEABLE: has_error = False form_class = _security.change_password_form + req_json = request.get_json(force=True) - if request.json: - form = form_class(MultiDict(request.json)) + if req_json: + form = form_class(MultiDict(req_json)) else: form = form_class() @@ -965,7 +966,7 @@ if hasattr(config, 'SECURITY_CHANGEABLE') and config.SECURITY_CHANGEABLE: ) has_error = True - if request.json is None and not has_error: + if request.get_json(force=True) is None and not has_error: after_this_request(view_commit) do_flash(*get_message('PASSWORD_CHANGE')) @@ -980,7 +981,7 @@ if hasattr(config, 'SECURITY_CHANGEABLE') and config.SECURITY_CHANGEABLE: return redirect(get_url(_security.post_change_view) or get_url(_security.post_login_view)) - if request.json and not has_error: + if request.get_json(force=True) and not has_error: form.user = current_user return default_render_json(form) @@ -1017,9 +1018,10 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE: """View function that handles a forgotten password request.""" has_error = False form_class = _security.forgot_password_form + req_json = request.get_json(force=True) - if request.json: - form = form_class(MultiDict(request.json)) + if req_json: + form = form_class(MultiDict(req_json)) else: form = form_class() @@ -1066,11 +1068,11 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE: 'danger') has_error = True - if request.json is None and not has_error: + if request.get_json(force=True) is None and not has_error: do_flash(*get_message('PASSWORD_RESET_REQUEST', email=form.user.email)) - if request.json and not has_error: + if request.get_json(force=True) and not has_error: return default_render_json(form, include_user=False) return _security.render_template( diff --git a/web/pgadmin/tools/sqleditor/__init__.py b/web/pgadmin/tools/sqleditor/__init__.py index 424bbab67..61634311b 100644 --- a/web/pgadmin/tools/sqleditor/__init__.py +++ b/web/pgadmin/tools/sqleditor/__init__.py @@ -1896,7 +1896,7 @@ def start_query_download_tool(trans_id): errormsg=TRANSACTION_STATUS_CHECK_FAILED ) - data = request.values if request.values else request.json + data = request.values if request.values else request.get_json(force=True) if data is None: return make_json_response( status=410, @@ -2435,7 +2435,7 @@ def clear_query_history(trans_id): status, error_msg, conn, trans_obj, session_ob = \ check_transaction_status(trans_id) - filter = request.json + filter = request.get_json(force=True) return QueryHistory.clear(current_user.id, trans_obj.sid, conn.db, filter)