mirror of https://github.com/django/django.git
Fixed #23638 -- Prevented crash while parsing invalid cookie content
Thanks Philip Gatt for the report and Tim Graham for the review.
This commit is contained in:
parent
8701b59007
commit
59d487e7fc
|
@ -263,4 +263,4 @@ def get_str_from_wsgi(environ, key, default):
|
|||
"""
|
||||
value = environ.get(str(key), str(default))
|
||||
# Same comment as above
|
||||
return value if six.PY2 else value.encode(ISO_8859_1).decode(UTF_8)
|
||||
return value if six.PY2 else value.encode(ISO_8859_1).decode(UTF_8, errors='replace')
|
||||
|
|
|
@ -117,3 +117,6 @@ Bugfixes
|
|||
* Fixed generic relations in ``ModelAdmin.list_filter`` (:ticket:`23616`).
|
||||
|
||||
* Restored RFC compliance for the SMTP backend on Python 3 (:ticket:`23063`).
|
||||
|
||||
* Fixed a crash while parsing cookies containing invalid content
|
||||
(:ticket:`23638`).
|
||||
|
|
|
@ -80,6 +80,16 @@ class HandlerTests(TestCase):
|
|||
# much more work than fixing #20557. Feel free to remove force_str()!
|
||||
self.assertEqual(request.COOKIES['want'], force_str("café"))
|
||||
|
||||
def test_invalid_unicode_cookie(self):
|
||||
"""
|
||||
Invalid cookie content should result in an absent cookie, but not in a
|
||||
crash while trying to decode it (#23638).
|
||||
"""
|
||||
environ = RequestFactory().get('/').environ
|
||||
environ['HTTP_COOKIE'] = 'x=W\x03c(h]\x8e'
|
||||
request = WSGIRequest(environ)
|
||||
self.assertEqual(request.COOKIES, {})
|
||||
|
||||
|
||||
@override_settings(ROOT_URLCONF='handlers.urls')
|
||||
class TransactionsPerRequestTests(TransactionTestCase):
|
||||
|
|
Loading…
Reference in New Issue