mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-27 15:46:10 +00:00
Code Issues 32 Releases Wiki Activity

[1.6.x] Fixed a remote code execution vulnerabilty in URL reversing.

Browse Source 
Thanks Benjamin Bach for the report and initial patch.

This is a security fix; disclosure to follow shortly.

Backport of 8b93b31487 from master
This commit is contained in:
Tim Graham
2014-04-20 13:31:53 -04:00
parent 25adac9b42
commit 4352a50871
5 changed files with 50 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/urlpatterns_reverse/views.py
View File

@@ -16,6 +16,10 @@ def absolute_kwargs_view(request, arg1=1, arg2=2):
def defaults_view(request, arg1, arg2):
pass
def nested_view(request):
pass
def erroneous_view(request):
import non_existent