mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-24 22:26:08 +00:00
Code Issues 32 Releases Wiki Activity

[3.2.x] Fixed CVE-2021-23336 -- Fixed web cache poisoning via django.utils.http.parse_qsl().

Browse Source
This commit is contained in:
Nick Pope
2021-02-16 10:14:17 +00:00
committed by Carlton Gibson
parent 0debc6ba5b
commit be8237c7cc
9 changed files with 94 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/handlers/test_exception.py
View File

@@ -6,7 +6,7 @@ from django.test.client import FakePayload
class ExceptionHandlerTests(SimpleTestCase):
def get_suspicious_environ(self):
payload = FakePayload('a=1&a=2;a=3\r\n')
payload = FakePayload('a=1&a=2&a=3\r\n')
return {
'REQUEST_METHOD': 'POST',
'CONTENT_TYPE': 'application/x-www-form-urlencoded',