Rev4188, Allow only white listed values for open_browser

src/Config.py

@@ -13,7 +13,7 @@ class Config(object):
 
     def __init__(self, argv):
         self.version = "0.7.0"
-        self.rev = 4187
+        self.rev = 4188
         self.argv = argv
         self.action = None
         self.pending_changes = {}

src/Ui/UiWebsocket.py

@@ -1137,7 +1137,12 @@ class UiWebsocket(object):
     def actionConfigSet(self, to, key, value):
         import main
         if key not in config.keys_api_change_allowed:
-            self.response(to, {"error": "Forbidden you cannot set this config key"})
+            self.response(to, {"error": "Forbidden: You cannot set this config key"})
+            return
+
+        if key == "open_browser":
+            if value not in ["default_browser", "False"]:
+                self.response(to, {"error": "Forbidden: Invalid value"})
                 return
 
         # Remove empty lines from lists