innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Fixed #32578 -- Fixed crash in CsrfViewMiddleware when a request with Origin header has an invalid host.

This commit is contained in:
Chris Jerdonek 2021-03-25 00:35:49 -07:00 committed by Mariusz Felisiak
parent 5b618f239c
commit ff514309e1
2 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
django/middleware/csrf.py
View File

@ -226,9 +226,14 @@ class CsrfViewMiddleware(MiddlewareMixin):
def _origin_verified(self, request): def _origin_verified(self, request):
request_origin = request.META['HTTP_ORIGIN'] request_origin = request.META['HTTP_ORIGIN']
try:
good_host = request.get_host()
except DisallowedHost:
pass
else:
good_origin = '%s://%s' % ( good_origin = '%s://%s' % (
'https' if request.is_secure() else 'http', 'https' if request.is_secure() else 'http',
request.get_host(), good_host,
) )
if request_origin == good_origin: if request_origin == good_origin:
return True return True

9
tests/csrf_tests/tests.py
View File

@ -319,6 +319,15 @@ class CsrfViewMiddlewareTestMixin:
response = mw.process_view(req, token_view, (), {}) response = mw.process_view(req, token_view, (), {})
self.assertEqual(response.status_code, 403) self.assertEqual(response.status_code, 403)
def test_origin_malformed_host(self):
req = self._get_POST_no_csrf_cookie_request()
req._is_secure_override = True
req.META['HTTP_HOST'] = '@malformed'
req.META['HTTP_ORIGIN'] = 'https://www.evil.org'
mw = CsrfViewMiddleware(token_view)
response = mw.process_view(req, token_view, (), {})
self.assertEqual(response.status_code, 403)
@override_settings(DEBUG=True) @override_settings(DEBUG=True)
def test_https_malformed_referer(self): def test_https_malformed_referer(self):
""" """