From d7f858647996612271f419fa26fd0454491fa7b2 Mon Sep 17 00:00:00 2001
From: Dain Nilsson <dain@yubico.com>
Date: Tue, 30 Apr 2013 15:52:22 +0200
Subject: [PATCH] Handle invalid URLs better.

---
 yubiadmin/apps/val.py | 2 +-
 yubiadmin/server.py   | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/yubiadmin/apps/val.py b/yubiadmin/apps/val.py
index 56c5b2b..91df64a 100644
--- a/yubiadmin/apps/val.py
+++ b/yubiadmin/apps/val.py
@@ -266,7 +266,7 @@ class YubikeyVal(App):
         else:
             restart_daemon()
 
-        return self.redirect('/%s/syncpool' % self.name)
+        return self.redirect('/%s/synchronization' % self.name)
 
     def ksms(self, request):
         """
diff --git a/yubiadmin/server.py b/yubiadmin/server.py
index 62cef2f..bfab430 100644
--- a/yubiadmin/server.py
+++ b/yubiadmin/server.py
@@ -25,6 +25,7 @@
 # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 # POSSIBILITY OF SUCH DAMAGE.
 
+from webob import exc
 from webob.dec import wsgify
 from yubiadmin.util.app import render
 from yubiadmin.apps import apps
@@ -66,10 +67,16 @@ class YubiAdmin(object):
         if not module_name:
             return render('index', modules=self.modules)
 
+        if not module_name in self.apps:
+            raise exc.HTTPNotFound
+
         app, module = self.apps[module_name]
         if not section_name:
             section_name = module['sections'][0]['name']
 
+        if not hasattr(app, section_name):
+            raise exc.HTTPNotFound
+
         section = next((section for section in module['sections']
                        if section['name'] == section_name), None)