RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://github.com/python/cpython/commit/217077440a6938a0b428f67cfef6e053c4f8673c below:

Dont parse domains containing @ (GH-13079) · python/cpython@2170774 · GitHub

File tree Expand file treeCollapse file tree 5 files changed

+37

-1

lines changed

Filter options

Misc/NEWS.d/next/Security

Expand file treeCollapse file tree 5 files changed

+37

-1

lines changed Original file line number Diff line number Diff line change


 @@ -1566,6 +1566,8 @@ def get_domain(value):

1566 1566


 token, value = get_dot_atom(value)

1567 1567


 except errors.HeaderParseError:

1568 1568


 token, value = get_atom(value)

1569

+
 if value and value[0] == '@':

1570

+
 raise errors.HeaderParseError('Invalid Domain')

1569 1571


 if leader is not None:

1570 1572


 token[:0] = [leader]

1571 1573


 domain.append(token)

Original file line number Diff line number Diff line change


 @@ -379,7 +379,12 @@ def getaddrspec(self):

379 379


 aslist.append('@')

380 380


 self.pos += 1

381 381


 self.gotonext()

382

-
 return EMPTYSTRING.join(aslist) + self.getdomain()

382

+
 domain = self.getdomain()

383

+
 if not domain:

384

+
 # Invalid domain, return an empty address instead of returning a

385

+
 # local part to denote failed parsing.

386

+
 return EMPTYSTRING

387

+
 return EMPTYSTRING.join(aslist) + domain

383 388 384 389


 def getdomain(self):

385 390


 """Get the complete domain name from an address."""


 @@ -394,6 +399,10 @@ def getdomain(self):

394 399


 elif self.field[self.pos] == '.':

395 400


 self.pos += 1

396 401


 sdlist.append('.')

402

+
 elif self.field[self.pos] == '@':

403

+
 # bpo-34155: Don't parse domains with two `@` like

404

+
 # `a@malicious.org@important.com`.

405

+
 return EMPTYSTRING

397 406


 elif self.field[self.pos] in self.atomends:

398 407


 break

399 408


 else:

Original file line number Diff line number Diff line change


 @@ -1428,6 +1428,16 @@ def test_get_addr_spec_dot_atom(self):

1428 1428


 self.assertEqual(addr_spec.domain, 'example.com')

1429 1429


 self.assertEqual(addr_spec.addr_spec, 'star.a.star@example.com')

1430 1430 1431

+
 def test_get_addr_spec_multiple_domains(self):

1432

+
 with self.assertRaises(errors.HeaderParseError):

1433

+
 parser.get_addr_spec('star@a.star@example.com')

1434 + 1435

+
 with self.assertRaises(errors.HeaderParseError):

1436

+
 parser.get_addr_spec('star@a@example.com')

1437 + 1438

+
 with self.assertRaises(errors.HeaderParseError):

1439

+
 parser.get_addr_spec('star@172.17.0.1@example.com')

1440 + 1431 1441


 # get_obs_route

1432 1442 1433 1443


 def test_get_obs_route_simple(self):

Original file line number Diff line number Diff line change


 @@ -3041,6 +3041,20 @@ def test_parseaddr_empty(self):

3041 3041


 self.assertEqual(utils.parseaddr('<>'), ('', ''))

3042 3042


 self.assertEqual(utils.formataddr(utils.parseaddr('<>')), '')

3043 3043 3044

+
 def test_parseaddr_multiple_domains(self):

3045

+
 self.assertEqual(

3046

+
 utils.parseaddr('a@b@c'),

3047

+
 ('', '')

3048

+
 )

3049

+
 self.assertEqual(

3050

+
 utils.parseaddr('a@b.c@c'),

3051

+
 ('', '')

3052

+
 )

3053

+
 self.assertEqual(

3054

+
 utils.parseaddr('a@172.17.0.1@c'),

3055

+
 ('', '')

3056

+
 )

3057 + 3044 3058


 def test_noquote_dump(self):

3045 3059


 self.assertEqual(

3046 3060


 utils.formataddr(('A Silly Person', 'person@dom.ain')),

Original file line number Diff line number Diff line change


 @@ -0,0 +1 @@

1

+
 Fix parsing of invalid email addresses with more than one ``@`` (e.g. a@b@c.com.) to not return the part before 2nd ``@`` as valid email address. Patch by maxking & jpic.

You can’t perform that action at this time.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4