0

I currently have an app that uses flask like so:

app.add_url_rule('/', view_func=dashboard.render)
app.add_url_rule('/callback', view_func=bot.callback, methods=['POST'])

Basically, dashboard.render will display a webpage while bot.callback is a special url for a bot that I made.

If a user access / then then it would trigger dashboard.render, while if he/she accesses /callback with a POST method, then it would trigger bot.callback. However, try to access any other site, for example /123 or /asd then it would trigger a 404 Not Found.

Is there any way to let users that access unavailable urls (in my case, other than / and /callback) to trigger dashboard.render? Also, as /callback is only available through POST, can I also redirect 405 Method not allowed errors to just display a webpage using dashboard.render?

Oh and if perhaps this is insecure or not a good thing to do, please let me know.

Thank you.

strivn
  • 309
  • 2
  • 8
  • https://stackoverflow.com/questions/5870188/does-flask-support-regular-expressions-in-its-url-routing – Vishal Singh Jun 24 '20 at 16:13
  • 1
    Already answered, for example: https://stackoverflow.com/questions/13678397/python-flask-default-route-possible – bubak Jun 25 '20 at 08:48

1 Answers1

0

i think it's not user friendly to redirect users accessing 404 Not Found or 405 method not allowed pages (by error or even exploiting your site) without warning or some useful messages.

for your case you need redirect function in errorhandler like so

@app.errorhandler(404)
def handle_bad_request(e):
    return redirect(url_for('dashboard'))

@app.errorhandler(405)
def handle_methodnotallowed_request(e):
    return redirect(url_for('dashboard'))

a better approach would be redirecting users after delay (5 sec for e.g) so users don't get lost and don't think your app has bugs or even bad they never trust you as they may think your app is suspicious, have a look at this thread

cizario
  • 3,995
  • 3
  • 13
  • 27