Ticket #11198: django-ticket-11198.patch

File django-ticket-11198.patch, 1.7 KB (added by wam, 15 years ago)

patch to address catastrophic backtracking issue is django.forms.fields.url_re

  • django/forms/fields.py

     
    533533
    534534url_re = re.compile(
    535535    r'^https?://' # http:// or https://
    536     r'(?:(?:[A-Z0-9]+(?:-*[A-Z0-9]+)*\.)+[A-Z]{2,6}|' #domain...
     536    r'(?:(?:[A-Z0-9](?:[A-Z0-9-]{0,61}[A-Z0-9])?\.)+[A-Z]{2,6}\.?|' #domain...
    537537    r'localhost|' #localhost...
    538538    r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' # ...or ip
    539539    r'(?::\d+)?' # optional port

  • tests/regressiontests/forms/fields.py

     
    972972Traceback (most recent call last):
    973973...
    974974ValidationError: [u'Enter a valid URL.']
     975>>> f.clean('.')
     976Traceback (most recent call last):
     977...
     978ValidationError: [u'Enter a valid URL.']
     979>>> f.clean('com.')
     980Traceback (most recent call last):
     981...
     982ValidationError: [u'Enter a valid URL.']
     983>>> f.clean('http://example.com.')
     984u'http://example.com./'
     985>>> f.clean('example.com.')
     986u'http://example.com./'
     987
     988# hangs "forever" if catastrophic backtracking in ticket:#11198 not fixed
     989>>> f.clean('http://%s' % ("X"*200,))
     990Traceback (most recent call last):
     991...
     992ValidationError: [u'Enter a valid URL.']
     993
     994# a second test, to make sure the problem is really addressed, even on
     995# domains that don't fail the domain label length check in the regex
     996>>> f.clean('http://%s' % ("X"*60,))
     997Traceback (most recent call last):
     998...
     999ValidationError: [u'Enter a valid URL.']
     1000
    9751001>>> f.clean('http://.com')
    9761002Traceback (most recent call last):
    9771003...
Back to Top