From c61bae36599e22a2177ea496bcf7a87c12bae1e7 Mon Sep 17 00:00:00 2001
From: Rushabh Mehta <rmehta@gmail.com>
Date: Tue, 2 Aug 2016 11:57:06 +0530
Subject: [PATCH] [fix] test for unsubscribe

---
 frappe/utils/verified_command.py | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/frappe/utils/verified_command.py b/frappe/utils/verified_command.py
index 8cc58a73c2..57170295f8 100644
--- a/frappe/utils/verified_command.py
+++ b/frappe/utils/verified_command.py
@@ -25,19 +25,23 @@ def get_secret():
 
 def verify_request():
 	"""Verify if the incoming signed request if it is correct."""
-	query_string = frappe.request.query_string if hasattr(frappe.request, "query_string") \
-		else frappe.local.flags.signed_query_string
+	query_string = frappe.local.flags.signed_query_string or \
+		getattr(frappe.request, 'query_string', None) \
 
-	params, signature = query_string.split("&_signature=")
+	valid = False
 
-	given_signature = hmac.new(params.encode("utf-8"))
+	if '&_signature=' in query_string:
+		params, signature = query_string.split("&_signature=")
 
-	given_signature.update(get_secret())
-	valid = signature == given_signature.hexdigest()
+		given_signature = hmac.new(params.encode("utf-8"))
+
+		given_signature.update(get_secret())
+		valid = signature == given_signature.hexdigest()
 
 	if not valid:
 		frappe.respond_as_web_page(_("Invalid Link"),
 			_("This link is invalid or expired. Please make sure you have pasted correctly."))
+
 	return valid
 
 def get_url(cmd, params, nonce=None, secret=None):