[Hardening] Make sure content is always a sring on plain content types

GeoNode · Jun 10, 2020 · 5c01978 · 5c01978
1 parent cf07a41
commit 5c01978
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/geonode/proxy/views.py b/geonode/proxy/views.py
@@ -21,6 +21,7 @@
 import io
 import os
 import re
+import six
 import gzip
 import json
 import shutil
@@ -199,6 +200,19 @@ def proxy(request, url=None, response_callback=None,
         f = gzip.GzipFile(fileobj=buf)
         content = f.read()
 
+    PLAIN_CONTENT_TYPES = [
+        'text',
+        'plain',
+        'html',
+        'json',
+        'xml',
+        'gml'
+    ]
+    for _ct in PLAIN_CONTENT_TYPES:
+        if _ct in content_type and not isinstance(content, six.string_types):
+            content = content.decode()
+            break
+
     if response and response_callback:
         kwargs = {} if not kwargs else kwargs
         kwargs.update({