From d9973c3f293d5a12c689b2e68b25d678a185c798 Mon Sep 17 00:00:00 2001
From: James W Thorne <jameswthorne@gmail.com>
Date: Wed, 11 Jan 2017 21:42:35 -0600
Subject: [PATCH 1/3] Don't allow zero length form submissions

---
 snappass/main.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/snappass/main.py b/snappass/main.py
index 30f6926..c72a52b 100644
--- a/snappass/main.py
+++ b/snappass/main.py
@@ -74,6 +74,9 @@ def clean_input():
     if 'password' not in request.form:
         abort(400)
 
+    if not len(request.form['password']) > 0:
+        abort(400)
+
     if 'ttl' not in request.form:
         abort(400)
 

From 21115979c46a0cdf2f93e25107472f04edd693d9 Mon Sep 17 00:00:00 2001
From: James W Thorne <jameswthorne@gmail.com>
Date: Tue, 17 Jan 2017 17:44:47 -0600
Subject: [PATCH 2/3] Combine checks

---
 snappass/main.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/snappass/main.py b/snappass/main.py
index c72a52b..b46a8bd 100644
--- a/snappass/main.py
+++ b/snappass/main.py
@@ -71,13 +71,10 @@ def clean_input():
     Make sure we're not getting bad data from the front end,
     format data to be machine readable
     """
-    if 'password' not in request.form:
+    if empty(request.form.get('password', '')):
         abort(400)
 
-    if not len(request.form['password']) > 0:
-        abort(400)
-
-    if 'ttl' not in request.form:
+    if empty(request.form.get('ttl', '')):
         abort(400)
 
     time_period = request.form['ttl'].lower()

From ef0cdf8e142ef0ed3b7fe9d0283d5783a0b4caf1 Mon Sep 17 00:00:00 2001
From: James W Thorne <jameswthorne@gmail.com>
Date: Tue, 17 Jan 2017 18:17:24 -0600
Subject: [PATCH 3/3] Forgot empty function

---
 snappass/main.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/snappass/main.py b/snappass/main.py
index b46a8bd..1df89d9 100644
--- a/snappass/main.py
+++ b/snappass/main.py
@@ -65,6 +65,9 @@ def get_password(key):
     redis_client.delete(key)
     return password
 
+def empty(value):
+    if not value:
+        return True
 
 def clean_input():
     """