Very long accept-language headers break parser
|Reported by:||russellm||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
The parse_accept_language_header() function in utils/translation/trans_real.py uses a regular expression to parse accept-language headers.
This works well with RFC2616 compliant data, but breaks if bad data is passed in -- in particular, a string that exceeds 16 characters in length. This can result in pages not returning from the server.
A particular culprit here appears to be Weave; for some reason, on some configurations, it seems to put path names into the accept-language header. A path will often exceed 16 characters, triggering the problem.
To reproduce: set your accept-language header to: en-nz,en,de,chrome://global/locale/intl.properties
Change History (9)
comment:1 Changed 6 years ago by russellm
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
- Triage Stage changed from Unreviewed to Accepted
Changed 6 years ago by ramiro
comment:6 Changed 6 years ago by russellm
- Component changed from Internationalization to Django Web site