import mimetypes
from django.conf import settings
from django.http import Http404
from django.http import FileResponse
from django.http import FileResponse, Http404, HttpResponseRedirect
from django.template.response import TemplateResponse
from .local_context_processors import fundgoal_lookup
@@ -35,7 +34,10 @@ def index(request, *args, **kwargs):
path += 'index.html'
full_path = (base_path / path).resolve()
safe_from_path_traversal = full_path.is_relative_to(base_path)
if not full_path.exists() or not safe_from_path_traversal:
if full_path.is_dir():
# Should have been accessed with a trailing slash.
return HttpResponseRedirect(request.path + '/')
elif not full_path.exists() or not safe_from_path_traversal:
raise Http404()
is_template = mimetypes.guess_type(full_path)[0] == 'text/html'
if not is_template: