Opened 5 years ago
Last modified 5 years ago
#31459 closed Cleanup/optimization
URL path parameter regex too lenient. — at Version 2
Reported by: | Adam Johnson | Owned by: | Adam Johnson |
---|---|---|---|
Component: | Core (URLs) | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Ready for checkin | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description (last modified by )
A user on the Django forum tried to configure a URL like books/<int:book.id>/
. This was successfully parsed as a URL, but no converters applied.
This is because the left hand side of the regex for finding path parameter syntax looks for converter names with "anything not a colon or >". But the right hand side matches only word characters.
If we matched "anything not a >", then the attempted parameter would have been matched, and "book.id" would have hit the guard we have for invalid identifiers, with a message like:
"URL route 'books/<int:book.id>/' uses parameter name 'book.id' which isn't a valid Python identifier."
Change History (2)
comment:1 by , 5 years ago
Has patch: | set |
---|
comment:2 by , 5 years ago
Description: | modified (diff) |
---|---|
Owner: | changed from | to
Summary: | URL path parameter regex too lenient → URL path parameter regex too lenient. |
Triage Stage: | Unreviewed → Accepted |
PR