Fixed #32578 -- Fixed crash in CsrfViewMiddleware when a request with Origin header has an invalid host.
This commit is contained in:
parent
5b618f239c
commit
ff514309e1
|
@ -226,12 +226,17 @@ class CsrfViewMiddleware(MiddlewareMixin):
|
||||||
|
|
||||||
def _origin_verified(self, request):
|
def _origin_verified(self, request):
|
||||||
request_origin = request.META['HTTP_ORIGIN']
|
request_origin = request.META['HTTP_ORIGIN']
|
||||||
good_origin = '%s://%s' % (
|
try:
|
||||||
'https' if request.is_secure() else 'http',
|
good_host = request.get_host()
|
||||||
request.get_host(),
|
except DisallowedHost:
|
||||||
)
|
pass
|
||||||
if request_origin == good_origin:
|
else:
|
||||||
return True
|
good_origin = '%s://%s' % (
|
||||||
|
'https' if request.is_secure() else 'http',
|
||||||
|
good_host,
|
||||||
|
)
|
||||||
|
if request_origin == good_origin:
|
||||||
|
return True
|
||||||
if request_origin in self.allowed_origins_exact:
|
if request_origin in self.allowed_origins_exact:
|
||||||
return True
|
return True
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -319,6 +319,15 @@ class CsrfViewMiddlewareTestMixin:
|
||||||
response = mw.process_view(req, token_view, (), {})
|
response = mw.process_view(req, token_view, (), {})
|
||||||
self.assertEqual(response.status_code, 403)
|
self.assertEqual(response.status_code, 403)
|
||||||
|
|
||||||
|
def test_origin_malformed_host(self):
|
||||||
|
req = self._get_POST_no_csrf_cookie_request()
|
||||||
|
req._is_secure_override = True
|
||||||
|
req.META['HTTP_HOST'] = '@malformed'
|
||||||
|
req.META['HTTP_ORIGIN'] = 'https://www.evil.org'
|
||||||
|
mw = CsrfViewMiddleware(token_view)
|
||||||
|
response = mw.process_view(req, token_view, (), {})
|
||||||
|
self.assertEqual(response.status_code, 403)
|
||||||
|
|
||||||
@override_settings(DEBUG=True)
|
@override_settings(DEBUG=True)
|
||||||
def test_https_malformed_referer(self):
|
def test_https_malformed_referer(self):
|
||||||
"""
|
"""
|
||||||
|
|
Loading…
Reference in New Issue