Regression due to Python change in urllib #2377
Milestone
Comments
kamil-certat
added a commit
to kamil-certat/intelmq
that referenced
this issue
Jun 14, 2023
The gh-102153 change in CPython modified how urllib.pare handles URLs with the leading spaces. To ensure previous behaviour, additional check was added. Closes: certtools#2377
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Python security update changed how the
urlib.parsetreats the leading spaces in URLs. They are currently stripped, and the URL is successfully processed: https://github.com/python/cpython/pull/102508/files#This breaks our test cases if running on the system with patched Python, e.g. https://github.com/certtools/intelmq/actions/runs/5266316737/jobs/9520090889
Broken test's assert:
intelmq/intelmq/tests/lib/test_harmonization.py
Line 414 in 6d4d889
In addition, the official documentation now clearly says, that
parseis not intended to be used as validation.I think that we should keep the previous validation by rejecting URLs starting from empty chars as it may be important for some services.
The text was updated successfully, but these errors were encountered: