mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-24 14:16:09 +00:00
Code Issues 32 Releases Wiki Activity

[5.1.x] Fixed CVE-2024-41990 -- Mitigated potential DoS in urlize and urlizetrunc template filters.

Browse Source 
Thanks to MProgrammer for the report.
This commit is contained in:
Sarah Boyce
2024-07-18 13:19:34 +02:00
parent 0504af6429
commit 0c1a890916
4 changed files with 24 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/utils_tests/test_html.py
View File

@@ -359,6 +359,8 @@ class TestUtilsHtml(SimpleTestCase):
"[(" * 100_000 + ":" + ")]" * 100_000,
"([[" * 100_000 + ":" + "]])" * 100_000,
"&:" + ";" * 100_000,
"&.;" * 100_000,
".;" * 100_000,
)
for value in tests:
with self.subTest(value=value):