From c7a8a3933e2e5faea6a7ee8de1a7122302e4d5c4 Mon Sep 17 00:00:00 2001
From: shortcutme <tamas@zeronet.io>
Date: Mon, 25 Jun 2018 14:28:42 +0200
Subject: [PATCH] Display standard http error instead of exception on path
 security error

---
 src/Ui/UiRequest.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Ui/UiRequest.py b/src/Ui/UiRequest.py
index 32475ebd..ff1c4b4f 100644
--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@@ -85,7 +85,7 @@ class UiRequest(object):
         # Sanitize request url
         path = path.replace("\\", "/")
         if "../" in path or "./" in path:
-            raise SecurityError("Invalid path")
+            return self.error403("Invalid path: %s" % path)
 
         if self.env["REQUEST_METHOD"] == "OPTIONS":
             if "/" not in path.strip("/"):