4 files changed, 13 insertions, 11 deletions

diff --git a/module/common/APIExerciser.py b/module/common/APIExerciser.py
index 96f5ce9cf..657e83c78 100644
--- a/module/common/APIExerciser.py
+++ b/module/common/APIExerciser.py
@@ -114,7 +114,7 @@ class APIExerciser(Thread):
         name = "".join(sample(string.ascii_letters, 10))
         urls = createURLs()
 
-        self.api.addPackage(name, urls, choice([Destination.Queue, Destination.Collector]))
+        self.api.addPackage(name, urls, choice([Destination.Queue, Destination.Collector]), "")
 
 
     def deleteFiles(self):
@@ -154,4 +154,4 @@ class APIExerciser(Thread):
         self.api.getAccounts(False)
 
     def getCaptchaTask(self):
-        self.api.getCaptchaTask(False)
\ No newline at end of file
+        self.api.getCaptchaTask(False)
diff --git a/module/network/HTTPRequest.py b/module/network/HTTPRequest.py
index 8d65b025f..4684397d9 100644
--- a/module/network/HTTPRequest.py
+++ b/module/network/HTTPRequest.py
@@ -39,7 +39,7 @@ bad_headers = range(400, 404) + range(405, 418) + range(500, 506)
 
 class BadHeader(Exception):
     def __init__(self, code, content=""):
-        Exception.__init__(self, "Bad server response: %s %s" % (code, responses[int(code)]))
+        Exception.__init__(self, "Bad server response: %s %s" % (code, responses.get(int(code), "Unknown Header")))
         self.code = code
         self.content = content
 
@@ -200,12 +200,13 @@ class HTTPRequest():
             else:
                 self.c.setopt(pycurl.CUSTOMREQUEST, "GET")
 
-            self.c.perform()
-            rep = self.header
-
-            self.c.setopt(pycurl.FOLLOWLOCATION, 1)
-            self.c.setopt(pycurl.NOBODY, 0)
-            self.c.setopt(pycurl.CUSTOMREQUEST, 0)
+            try:
+                self.c.perform()
+                rep = self.header
+            finally:
+                self.c.setopt(pycurl.FOLLOWLOCATION, 1)
+                self.c.setopt(pycurl.NOBODY, 0)
+                self.c.setopt(pycurl.CUSTOMREQUEST, 0)
 
         else:
             self.c.perform()
diff --git a/module/plugins/Hoster.py b/module/plugins/Hoster.py
index bef4b1949..7c43c6444 100644
--- a/module/plugins/Hoster.py
+++ b/module/plugins/Hoster.py
@@ -28,7 +28,6 @@ if os.name != "nt":
     from grp import getgrnam
 
 from Base import Base, Fail, Retry
-from module.utils import chunks  #legacy import
 from module.utils.fs import save_join, save_filename, fs_encode, fs_decode,\
     remove, makedirs, chmod, stat, exists, join
 
diff --git a/module/web/api_app.py b/module/web/api_app.py
index 1629c1677..160a984df 100644
--- a/module/web/api_app.py
+++ b/module/web/api_app.py
@@ -11,6 +11,7 @@ from utils import toDict, set_session
 from webinterface import PYLOAD
 
 from module.common.json_layer import json
+from module.utils import remove_chars
 from module.lib.SafeEval import const_eval as literal_eval
 from module.Api import BaseObject
 
@@ -33,7 +34,8 @@ def call_api(func, args=""):
 
     s = request.environ.get('beaker.session')
     if 'session' in request.POST:
-        s = s.get_by_id(request.POST['session'])
+    	# removes "' so it works on json strings
+        s = s.get_by_id(remove_chars(request.POST['session'], "'\""))
 
     if not s or not s.get("authenticated", False):
         return HTTPError(403, json.dumps("Forbidden"))