1
0
mirror of https://github.com/django/django.git synced 2024-12-22 17:16:24 +00:00

Refs #27795 -- Removed an unnecessary force_bytes() call in uri_to_iri().

The value returned from urllib.parse.quote() is always a string, so can
safely call .encode().
This commit is contained in:
Jon Dufresne 2019-08-28 00:20:46 -07:00 committed by Carlton Gibson
parent 29adcd215f
commit 1e6b9e29e6

View File

@ -236,7 +236,7 @@ def repercent_broken_unicode(path):
# CVE-2019-14235: A recursion shouldn't be used since the exception
# handling uses massive amounts of memory
repercent = quote(path[e.start:e.end], safe=b"/#%[]=:;$&()+,!?*@'~")
path = path[:e.start] + force_bytes(repercent) + path[e.end:]
path = path[:e.start] + repercent.encode() + path[e.end:]
else:
return path