Unicode errors in host encoding are now trapped or converted. This fixes

#808
pallets · Nov 12, 2015 · d46360c · d46360c
1 parent e442660
commit d46360c
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 6 deletions.
diff --git a/CHANGES b/CHANGES
@@ -9,6 +9,8 @@ Version 0.11.2
 - Fixed SSL wrapping on platforms that supported opening sockets
   by file descriptor.
 - No longer log from the watchdog reloader.
+- Unicode errors in hosts are now better catched or converted into
+  bad request errors.
 
 Version 0.11.1
 --------------

diff --git a/werkzeug/exceptions.py b/werkzeug/exceptions.py
@@ -201,6 +201,14 @@ class SecurityError(BadRequest):
     """
 
 
+class BadHost(BadRequest):
+
+    """Raised if the submitted host is badly formatted.
+
+    .. versionadded:: 0.11.2
+    """
+
+
 class Unauthorized(HTTPException):
 
     """*401* `Unauthorized`

diff --git a/werkzeug/routing.py b/werkzeug/routing.py
@@ -105,7 +105,8 @@
 
 from werkzeug.urls import url_encode, url_quote, url_join
 from werkzeug.utils import redirect, format_string
-from werkzeug.exceptions import HTTPException, NotFound, MethodNotAllowed
+from werkzeug.exceptions import HTTPException, NotFound, MethodNotAllowed, \
+     BadHost
 from werkzeug._internal import _get_environ, _encode_idna
 from werkzeug._compat import itervalues, iteritems, to_unicode, to_bytes, \
     text_type, string_types, native_string_result, \
@@ -1232,7 +1233,10 @@ def bind(self, server_name, script_name=None, subdomain=None,
             subdomain = self.default_subdomain
         if script_name is None:
             script_name = '/'
-        server_name = _encode_idna(server_name)
+        try:
+            server_name = _encode_idna(server_name)
+        except UnicodeError:
+            raise BadHost()
         return MapAdapter(self, server_name, script_name, subdomain,
                           url_scheme, path_info, default_method, query_args)
 

diff --git a/werkzeug/urls.py b/werkzeug/urls.py
@@ -41,7 +41,7 @@
 
 
 _URLTuple = fix_tuple_repr(namedtuple('_URLTuple',
-                                      ['scheme', 'netloc', 'path', 'query', 'fragment']))
+    ['scheme', 'netloc', 'path', 'query', 'fragment']))
 
 
 class BaseURL(_URLTuple):
@@ -71,7 +71,10 @@ def ascii_host(self):
         """
         rv = self.host
         if rv is not None and isinstance(rv, text_type):
-            rv = _encode_idna(rv)
+            try:
+                rv = _encode_idna(rv)
+            except UnicodeError:
+                rv = rv.encode('ascii', 'ignore')
         return to_native(rv, 'ascii', 'ignore')
 
     @property

diff --git a/werkzeug/wsgi.py b/werkzeug/wsgi.py
@@ -113,14 +113,20 @@ def _normalize(hostname):
             hostname = hostname.rsplit(':', 1)[0]
         return _encode_idna(hostname)
 
-    hostname = _normalize(hostname)
+    try:
+        hostname = _normalize(hostname)
+    except UnicodeError:
+        return False
     for ref in trusted_list:
         if ref.startswith('.'):
             ref = ref[1:]
             suffix_match = True
         else:
             suffix_match = False
-        ref = _normalize(ref)
+        try:
+            ref = _normalize(ref)
+        except UnicodeError:
+            return False
         if ref == hostname:
             return True
         if suffix_match and hostname.endswith('.' + ref):