mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-24 06:06:09 +00:00
Code Issues 32 Releases Wiki Activity

Fixed CVE-2024-41990 -- Mitigated potential DoS in urlize and urlizetrunc template filters.

Browse Source 
Thanks to MProgrammer for the report.
This commit is contained in:
Sarah Boyce
2024-07-18 13:19:34 +02:00
parent c19465ad87
commit ecf1f8fb90
4 changed files with 24 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/utils_tests/test_html.py
View File

@@ -359,6 +359,8 @@ class TestUtilsHtml(SimpleTestCase):
"[(" * 100_000 + ":" + ")]" * 100_000,
"([[" * 100_000 + ":" + "]])" * 100_000,
"&:" + ";" * 100_000,
"&.;" * 100_000,
".;" * 100_000,
)
for value in tests:
with self.subTest(value=value):