You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thank you for the thorough, detailed Issue and bringing this bug to my
attention, Vincent. Don't hesitate to let me know if there's anything else I can
do for you.
The
host
property can be assigned an evil value that breaks the URL parsing and leads to furl outputting invalid URLs.Steps to replicate
Values assigned to the host property don't get escaped correctly:
Trying to parse this value with furl again leads to an error now:
Expected result
Either escape the value for the
host
property, or throw an error if this is impossible (i.e. even escaped chars are not allowed).Actual result
A URL that's broken and ends up not being a valid URL.
The text was updated successfully, but these errors were encountered: