mirror of
https://github.com/django/django.git
synced 2024-12-22 17:16:24 +00:00
Refs #27795 -- Removed an unnecessary force_bytes() call in uri_to_iri().
The value returned from urllib.parse.quote() is always a string, so can safely call .encode().
This commit is contained in:
parent
29adcd215f
commit
1e6b9e29e6
@ -236,7 +236,7 @@ def repercent_broken_unicode(path):
|
||||
# CVE-2019-14235: A recursion shouldn't be used since the exception
|
||||
# handling uses massive amounts of memory
|
||||
repercent = quote(path[e.start:e.end], safe=b"/#%[]=:;$&()+,!?*@'~")
|
||||
path = path[:e.start] + force_bytes(repercent) + path[e.end:]
|
||||
path = path[:e.start] + repercent.encode() + path[e.end:]
|
||||
else:
|
||||
return path
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user