mirror of
https://github.com/django/django.git
synced 2025-10-24 14:16:09 +00:00
[5.1.x] Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters.
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
This commit is contained in:
@@ -375,6 +375,7 @@ class TestUtilsHtml(SimpleTestCase):
|
||||
"&:" + ";" * 100_000,
|
||||
"&.;" * 100_000,
|
||||
".;" * 100_000,
|
||||
"&" + ";:" * 100_000,
|
||||
)
|
||||
for value in tests:
|
||||
with self.subTest(value=value):
|
||||
|
Reference in New Issue
Block a user