mirror of
https://github.com/django/django.git
synced 2025-10-31 09:41:08 +00:00
Fixed typo in path to is_safe_url()
This commit is contained in:
Tim Graham
@@ -39,7 +39,7 @@ Django relies on user input in some cases (e.g.
|
||||
:func:`django.contrib.auth.views.login`, ``django.contrib.comments``, and
|
||||
:doc:`i18n </topics/i18n/index>`) to redirect the user to an "on success" URL.
|
||||
The security checks for these redirects (namely
|
||||
``django.util.http.is_safe_url()``) did not correctly validate some malformed
|
||||
``django.utils.http.is_safe_url()``) did not correctly validate some malformed
|
||||
URLs, such as `http:\\\\\\djangoproject.com`, which are accepted by some browsers
|
||||
with more liberal URL parsing.
|
||||
|
||||
|
||||
@@ -37,7 +37,7 @@ Mitigated possible XSS attack via user-supplied redirect URLs
|
||||
Django relies on user input in some cases (e.g.
|
||||
:func:`django.contrib.auth.views.login` and :doc:`i18n </topics/i18n/index>`)
|
||||
to redirect the user to an "on success" URL. The security checks for these
|
||||
redirects (namely ``django.util.http.is_safe_url()``) didn't strip leading
|
||||
redirects (namely ``django.utils.http.is_safe_url()``) didn't strip leading
|
||||
whitespace on the tested URL and as such considered URLs like
|
||||
``\njavascript:...`` safe. If a developer relied on ``is_safe_url()`` to
|
||||
provide safe redirect targets and put such a URL into a link, they could suffer
|
||||
|
||||
@@ -16,7 +16,7 @@ Django relies on user input in some cases (e.g.
|
||||
:func:`django.contrib.auth.views.login`, ``django.contrib.comments``, and
|
||||
:doc:`i18n </topics/i18n/index>`) to redirect the user to an "on success" URL.
|
||||
The security checks for these redirects (namely
|
||||
``django.util.http.is_safe_url()``) didn't check if the scheme is ``http(s)``
|
||||
``django.utils.http.is_safe_url()``) didn't check if the scheme is ``http(s)``
|
||||
and as such allowed ``javascript:...`` URLs to be entered. If a developer
|
||||
relied on ``is_safe_url()`` to provide safe redirect targets and put such a
|
||||
URL into a link, they could suffer from a XSS attack. This bug doesn't affect
|
||||
|
||||
@@ -13,7 +13,7 @@ Django relies on user input in some cases (e.g.
|
||||
:func:`django.contrib.auth.views.login`, ``django.contrib.comments``, and
|
||||
:doc:`i18n </topics/i18n/index>`) to redirect the user to an "on success" URL.
|
||||
The security checks for these redirects (namely
|
||||
``django.util.http.is_safe_url()``) didn't check if the scheme is ``http(s)``
|
||||
``django.utils.http.is_safe_url()``) didn't check if the scheme is ``http(s)``
|
||||
and as such allowed ``javascript:...`` URLs to be entered. If a developer
|
||||
relied on ``is_safe_url()`` to provide safe redirect targets and put such a
|
||||
URL into a link, they could suffer from a XSS attack. This bug doesn't affect
|
||||
|
||||
@@ -39,7 +39,7 @@ Django relies on user input in some cases (e.g.
|
||||
:func:`django.contrib.auth.views.login`, ``django.contrib.comments``, and
|
||||
:doc:`i18n </topics/i18n/index>`) to redirect the user to an "on success" URL.
|
||||
The security checks for these redirects (namely
|
||||
``django.util.http.is_safe_url()``) did not correctly validate some malformed
|
||||
``django.utils.http.is_safe_url()``) did not correctly validate some malformed
|
||||
URLs, such as `http:\\\\\\djangoproject.com`, which are accepted by some browsers
|
||||
with more liberal URL parsing.
|
||||
|
||||
|
||||
@@ -36,7 +36,7 @@ Mitigated possible XSS attack via user-supplied redirect URLs
|
||||
Django relies on user input in some cases (e.g.
|
||||
:func:`django.contrib.auth.views.login` and :doc:`i18n </topics/i18n/index>`)
|
||||
to redirect the user to an "on success" URL. The security checks for these
|
||||
redirects (namely ``django.util.http.is_safe_url()``) didn't strip leading
|
||||
redirects (namely ``django.utils.http.is_safe_url()``) didn't strip leading
|
||||
whitespace on the tested URL and as such considered URLs like
|
||||
``\njavascript:...`` safe. If a developer relied on ``is_safe_url()`` to
|
||||
provide safe redirect targets and put such a URL into a link, they could suffer
|
||||
|
||||
@@ -39,7 +39,7 @@ Django relies on user input in some cases (e.g.
|
||||
:func:`django.contrib.auth.views.login`, ``django.contrib.comments``, and
|
||||
:doc:`i18n </topics/i18n/index>`) to redirect the user to an "on success" URL.
|
||||
The security checks for these redirects (namely
|
||||
``django.util.http.is_safe_url()``) did not correctly validate some malformed
|
||||
``django.utils.http.is_safe_url()``) did not correctly validate some malformed
|
||||
URLs, such as `http:\\\\\\djangoproject.com`, which are accepted by some browsers
|
||||
with more liberal URL parsing.
|
||||
|
||||
|
||||
@@ -36,7 +36,7 @@ Mitigated possible XSS attack via user-supplied redirect URLs
|
||||
Django relies on user input in some cases (e.g.
|
||||
:func:`django.contrib.auth.views.login` and :doc:`i18n </topics/i18n/index>`)
|
||||
to redirect the user to an "on success" URL. The security checks for these
|
||||
redirects (namely ``django.util.http.is_safe_url()``) didn't strip leading
|
||||
redirects (namely ``django.utils.http.is_safe_url()``) didn't strip leading
|
||||
whitespace on the tested URL and as such considered URLs like
|
||||
``\njavascript:...`` safe. If a developer relied on ``is_safe_url()`` to
|
||||
provide safe redirect targets and put such a URL into a link, they could suffer
|
||||
|
||||
Reference in New Issue
Block a user