diff options
Diffstat (limited to 'lazybones.lisp')
| -rw-r--r-- | lazybones.lisp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/lazybones.lisp b/lazybones.lisp index 0fe323b..e9adc03 100644 --- a/lazybones.lisp +++ b/lazybones.lisp @@ -34,6 +34,11 @@ "Dynamic variable holding the an APP instance. Dynamically bound by RUN-ENDPOINT so that it is available if needed in request handlers.") +(defvar *allowed-keywords* nil + "Dynamic variable. Can be bound by handler functions to control which +keywords are read in while parsing request bodies. Should be used +when keyword bombing is a concern.") + (defvar *debugging* nil) ;;; HTTP-ERROR CONDITION @@ -340,7 +345,7 @@ applying HANDLER-FUNCTION slot of ENDPOINT to the ARGS list." (*response* response) (*app* app)) (setf (response-code) 200) - (if (request-authorized-p endpoint) + (if (request-authorized-p endpoint) (http-respond (apply (endpoint-request-handler endpoint) args)) (http-err 403)))) |