mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-11-20 00:14:08 +00:00
Code Issues 24 Releases Wiki Activity
21,389 Commits 28 Branches 423 Tags 638 MiB
5d383549ee
Commit Graph

4 Commits

Author SHA1 Message Date
Shai Berger
17d3a6d804 Fixed catastrophic backtracking in URLValidator. 
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
 2015-07-08 15:23:03 -04:00
Alexey Sveshnikov
bc98bc56a5 Fixed #25059 -- Allowed Punycode TLDs in URLValidator 2015-07-06 15:08:43 -04:00
Danilo Bargen
2e65d56156 Fixed #20003 -- Improved and extended URLValidator 
This adds support for authentication data (`user:password`) in URLs,
IPv6 addresses, and unicode domains.

The test suite has been improved by adding test URLs from
http://mathiasbynens.be/demo/url-regex (with a few adjustments,
like allowing local and reserved IPs).

The previous URL validation regex failed this test suite on 13
occasions, the validator was updated based on
https://gist.github.com/dperini/729294.
 2015-01-06 14:04:25 -05:00
Danilo Bargen
8b77b64f1c Refactored URLValidator tests by moving URLs to text files. 2014-11-03 13:02:11 -05:00