mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity

Fixed #35533 -- Prevented urlize creating broken links given a markdown link input.

Browse Source 
Signed-off-by: SaJH <wogur981208@gmail.com>
This commit is contained in:
SaJH
2025-08-27 23:25:43 +09:00
committed by Sarah Boyce
parent 05bac8c420
commit a9fe98d5bd
3 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
django/utils/html.py
View File

@@ -10,7 +10,7 @@ from urllib.parse import parse_qsl, quote, unquote, urlencode, urlsplit, urlunsp
from django.conf import settings
from django.core.exceptions import SuspiciousOperation, ValidationError
from django.core.validators import EmailValidator
from django.core.validators import DomainNameValidator, EmailValidator
from django.utils.deprecation import RemovedInDjango70Warning
from django.utils.functional import Promise, cached_property, keep_lazy, keep_lazy_text
from django.utils.http import MAX_URL_LENGTH, RFC3986_GENDELIMS, RFC3986_SUBDELIMS
@@ -296,7 +296,9 @@ class Urlizer:
simple_url_re = _lazy_re_compile(r"^https?://\[?\w", re.IGNORECASE)
simple_url_2_re = _lazy_re_compile(
r"^www\.|^(?!http)\w[^@]+\.(com|edu|gov|int|mil|net|org)($|/.*)$", re.IGNORECASE
rf"^www\.|^(?!http)(?:{DomainNameValidator.hostname_re})"
r"\.(com|edu|gov|int|mil|net|org)($|/.*)$",
re.IGNORECASE,
)
word_split_re = _lazy_re_compile(r"""([\s<>"']+)""")

5
tests/template_tests/filter_tests/test_urlize.py
View File

@@ -359,9 +359,8 @@ class FunctionTests(SimpleTestCase):
"www.example.com</a>]",
)
self.assertEqual(
urlize("see test[at[example.com"),
'see <a href="https://test[at[example.com" rel="nofollow">'
"test[at[example.com</a>",
urlize("see test[at[example.com"), # Invalid hostname.
"see test[at[example.com",
)
self.assertEqual(
urlize("[http://168.192.0.1](http://168.192.0.1)"),

1
tests/utils_tests/test_html.py
View File

@@ -489,6 +489,7 @@ class TestUtilsHtml(SimpleTestCase):
"foo@localhost.",
"test@example?;+!.com",
"email me@example.com,then I'll respond",
"[a link](https://www.djangoproject.com/)",
# trim_punctuation catastrophic tests
"(" * 100_000 + ":" + ")" * 100_000,
"(" * 100_000 + "&:" + ")" * 100_000,