mirror of
https://github.com/django/django.git
synced 2024-12-22 09:05:43 +00:00
Fixed #29528 -- Made URLValidator reject invalid characters in the username and password.
This commit is contained in:
parent
5a017eef4c
commit
cdcf4164be
@ -94,7 +94,7 @@ class URLValidator(RegexValidator):
|
||||
|
||||
regex = _lazy_re_compile(
|
||||
r'^(?:[a-z0-9\.\-\+]*)://' # scheme is validated separately
|
||||
r'(?:\S+(?::\S*)?@)?' # user:pass authentication
|
||||
r'(?:[^\s:@/]+(?::[^\s:@/]*)?@)?' # user:pass authentication
|
||||
r'(?:' + ipv4_re + '|' + ipv6_re + '|' + host_re + ')'
|
||||
r'(?::\d{2,5})?' # port
|
||||
r'(?:[/?#][^\s]*)?' # resource path
|
||||
|
@ -57,3 +57,9 @@ http://example.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.
|
||||
http://example.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
|
||||
http://aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.aaaaaaaaaaaaaaaaaaaaaaaaa
|
||||
https://test.[com
|
||||
http://foo@bar@example.com
|
||||
http://foo/bar@example.com
|
||||
http://foo:bar:baz@example.com
|
||||
http://foo:bar@baz@example.com
|
||||
http://foo:bar/baz@example.com
|
||||
http://invalid-.com/?m=foo@example.com
|
||||
|
@ -48,7 +48,7 @@ http://foo.bar/?q=Test%20URL-encoded%20stuff
|
||||
http://مثال.إختبار
|
||||
http://例子.测试
|
||||
http://उदाहरण.परीक्षा
|
||||
http://-.~_!$&'()*+,;=:%40:80%2f::::::@example.com
|
||||
http://-.~_!$&'()*+,;=%40:80%2f@example.com
|
||||
http://xn--7sbb4ac0ad0be6cf.xn--p1ai
|
||||
http://1337.net
|
||||
http://a.b-c.de
|
||||
|
Loading…
Reference in New Issue
Block a user