Fixed #20338 -- Stripped ending dot during host validation

Thanks manfre for the report and Timo Graham for the review.
2025-10-24 14:16:09 +00:00 · 2013-10-24 19:34:40 +02:00
parent 08c9ab5a0f
commit c052699be3
3 changed files with 14 additions and 6 deletions
--- a/tests/requests/tests.py
+++ b/tests/requests/tests.py
@@ -529,6 +529,8 @@ class HostValidationTests(SimpleTestCase):
            'anything.multitenant.com',
            'multitenant.com',
            'insensitive.com',
+            'example.com.',
+            'example.com.:80',
        ]

        for host in legit_hosts:
@@ -539,7 +541,7 @@ class HostValidationTests(SimpleTestCase):
            request.get_host()

        # Poisoned host headers are rejected as suspicious
-        for host in chain(self.poisoned_hosts, ['other.com']):
+        for host in chain(self.poisoned_hosts, ['other.com', 'example.com..']):
            with self.assertRaises(SuspiciousOperation):
                request = HttpRequest()
                request.META = {