From fd76cef11e2a01d3311f26fd83430e315a1f01dd Mon Sep 17 00:00:00 2001 From: Lex Brugman Date: Thu, 13 Apr 2017 15:20:05 +0200 Subject: [PATCH] Fix issue where data was not being sanitized for event data --- customerio/__init__.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/customerio/__init__.py b/customerio/__init__.py index 3ea09a1..e5b1ba0 100644 --- a/customerio/__init__.py +++ b/customerio/__init__.py @@ -70,7 +70,7 @@ def send_request(self, method, url, data): '''Dispatches the request and returns a response''' try: - response = self.http.request(method, url=url, json=self._sanitize(data), timeout=self.timeout) + response = self.http.request(method, url=url, json=data, timeout=self.timeout) except Exception as e: # Raise exception alerting user that the system might be # experiencing an outage and refer them to system status page. @@ -88,14 +88,14 @@ def send_request(self, method, url, data): def identify(self, id, **kwargs): '''Identify a single customer by their unique id, and optionally add attributes''' url = self.get_customer_query_string(id) - self.send_request('PUT', url, kwargs) + self.send_request('PUT', url, self._sanitize(kwargs)) def track(self, customer_id, name, **data): '''Track an event for a given customer_id''' url = self.get_event_query_string(customer_id) post_data = { 'name': name, - 'data': data, + 'data': self._sanitize(data), } self.send_request('POST', url, post_data) @@ -105,7 +105,7 @@ def pageview(self, customer_id, page, **data): post_data = { 'type': "page", 'name': page, - 'data': data, + 'data': self._sanitize(data), } self.send_request('POST', url, post_data) @@ -123,7 +123,7 @@ def backfill(self, customer_id, name, timestamp, **data): post_data = { 'name': name, - 'data': data, + 'data': self._sanitize(data), 'timestamp': timestamp }