Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
python-Django1.18326
CVE_2021_32052.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE_2021_32052.patch of Package python-Django1.18326
Index: Django-1.11.29/django/core/validators.py =================================================================== --- Django-1.11.29.orig/django/core/validators.py +++ Django-1.11.29/django/core/validators.py @@ -106,6 +106,7 @@ class URLValidator(RegexValidator): r'\Z', re.IGNORECASE) message = _('Enter a valid URL.') schemes = ['http', 'https', 'ftp', 'ftps'] + unsafe_chars = frozenset('\t\r\n') def __init__(self, schemes=None, **kwargs): super(URLValidator, self).__init__(**kwargs) @@ -114,6 +115,8 @@ class URLValidator(RegexValidator): def __call__(self, value): value = force_text(value) + if isinstance(value, str) and self.unsafe_chars.intersection(value): + raise ValidationError(self.message, code=self.code) # Check first if the scheme is valid scheme = value.split('://')[0].lower() if scheme not in self.schemes:
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor