Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

[1.0.X] Fixed #9224 -- Prevent a crash when certain query strings are…

… sent using

modpython.

Backport of r9189 from trunk.


git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@9190 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 3963a01697f301629f336fb88a96ca326f6697e6 1 parent fb4f82f
@malcolmt malcolmt authored
Showing with 4 additions and 2 deletions.
  1. +4 −2 django/core/handlers/modpython.py
View
6 django/core/handlers/modpython.py
@@ -6,7 +6,7 @@
from django.core.handlers.base import BaseHandler
from django.core.urlresolvers import set_script_prefix
from django.utils import datastructures
-from django.utils.encoding import force_unicode, smart_str
+from django.utils.encoding import force_unicode, smart_str, iri_to_uri
# NOTE: do *not* import settings (or any module which eventually imports
# settings) until after ModPythonHandler has been called; otherwise os.environ
@@ -64,7 +64,9 @@ def __repr__(self):
unicode(cookies), unicode(meta)))
def get_full_path(self):
- return '%s%s' % (self.path, self._req.args and ('?' + self._req.args) or '')
+ # RFC 3986 requires self._req.args to be in the ASCII range, but this
+ # doesn't always happen, so rather than crash, we defensively encode it.
+ return '%s%s' % (self.path, self._req.args and ('?' + iri_to_uri(self._req.args)) or '')
def is_secure(self):
try:
Please sign in to comment.
Something went wrong with that request. Please try again.