RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://github.com/django/django/commit/7268f8af86186518821d775c530d5558fd726930 below:

[1.2.X] Altered the behavior of URLField to avoid a potential DOS vec… · django/django@7268f8a · GitHub

File tree Expand file treeCollapse file tree 3 files changed

-10

lines changed

Filter options

tests/modeltests/validation

Expand file treeCollapse file tree 3 files changed

-10

lines changed Original file line number Diff line number Diff line change


 @@ -1119,7 +1119,7 @@ def formfield(self, **kwargs):

1119 1119


 class URLField(CharField):

1120 1120


 description = _("URL")

1121 1121 1122

-
 def __init__(self, verbose_name=None, name=None, verify_exists=True, **kwargs):

1122

+
 def __init__(self, verbose_name=None, name=None, verify_exists=False, **kwargs):

1123 1123


 kwargs['max_length'] = kwargs.get('max_length', 200)

1124 1124


 CharField.__init__(self, verbose_name, name, **kwargs)

1125 1125


 self.validators.append(validators.URLValidator(verify_exists=verify_exists))

Original file line number Diff line number Diff line change


 @@ -814,7 +814,7 @@ shortcuts.

814 814


 ``URLField``

815 815


 ------------

816 816 817

-
 .. class:: URLField([verify_exists=True, max_length=200, **options])

817

+
 .. class:: URLField([verify_exists=False, max_length=200, **options])

818 818 819 819


 A :class:`CharField` for a URL. Has one extra optional argument:

820 820


 @@ -827,6 +827,12 @@ A :class:`CharField` for a URL. Has one extra optional argument:

827 827


 validating a URL being served by the same server will hang. This should not

828 828


 be a problem for multithreaded servers.

829 829 830

+
 .. versionchanged:: 1.2

831 + 832

+
 The default value of ``verify_exists`` has been changed to

833

+
 ``False``. This argument should not be set to ``True`` because it

834

+
 has security and performance problems.

835 + 830 836


 The admin represents this as an ``<input type="text">`` (a single-line input).

831 837 832 838


 Like all :class:`CharField` subclasses, :class:`URLField` takes the optional

Original file line number Diff line number Diff line change


 @@ -52,14 +52,6 @@ def test_wrong_url_value_raises_error(self):

52 52


 mtv = ModelToValidate(number=10, name='Some Name', url='not a url')

53 53


 self.assertFieldFailsValidationWithMessage(mtv.full_clean, 'url', [u'Enter a valid value.'])

54 54 55

-
 def test_correct_url_but_nonexisting_gives_404(self):

56

-
 mtv = ModelToValidate(number=10, name='Some Name', url='http://google.com/we-love-microsoft.html')

57

-
 self.assertFieldFailsValidationWithMessage(mtv.full_clean, 'url', [u'This URL appears to be a broken link.'])

58 - 59

-
 def test_correct_url_value_passes(self):

60

-
 mtv = ModelToValidate(number=10, name='Some Name', url='http://www.djangoproject.com/')

61

-
 self.assertEqual(None, mtv.full_clean()) # This will fail if there's no Internet connection

62 - 63 55


 def test_text_greater_that_charfields_max_length_eaises_erros(self):

64 56


 mtv = ModelToValidate(number=10, name='Some Name'*100)

65 57


 self.assertFailsValidation(mtv.full_clean, ['name',])

You can’t perform that action at this time.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4