[Python-checkins] cpython (2.7): Fix Issue6631 - Disallow relative files paths in urllib*.open()
senthil.kumaran
python-checkins at python.org
Sat Jan 21 04:43:25 CET 2012
http://hg.python.org/cpython/rev/f6008e936fbc
changeset: 74546:f6008e936fbc
branch: 2.7
user: Senthil Kumaran <senthil at uthcode.com>
date: Sat Jan 21 11:43:02 2012 +0800
summary:
Fix Issue6631 - Disallow relative files paths in urllib*.open()
files:
Lib/test/test_urllib.py | 3 +++
Lib/test/test_urllib2net.py | 2 ++
Lib/urllib.py | 2 ++
3 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py
--- a/Lib/test/test_urllib.py
+++ b/Lib/test/test_urllib.py
@@ -134,6 +134,9 @@
for line in self.returned_obj.__iter__():
self.assertEqual(line, self.text)
+ def test_relativelocalfile(self):
+ self.assertRaises(ValueError,urllib.urlopen,'./' + self.pathname)
+
class ProxyTests(unittest.TestCase):
def setUp(self):
diff --git a/Lib/test/test_urllib2net.py b/Lib/test/test_urllib2net.py
--- a/Lib/test/test_urllib2net.py
+++ b/Lib/test/test_urllib2net.py
@@ -126,6 +126,8 @@
finally:
os.remove(TESTFN)
+ self.assertRaises(ValueError, urllib2.urlopen,'./relative_path/to/file')
+
# XXX Following test depends on machine configurations that are internal
# to CNRI. Need to set up a public server with the right authentication
# configuration for test purposes.
diff --git a/Lib/urllib.py b/Lib/urllib.py
--- a/Lib/urllib.py
+++ b/Lib/urllib.py
@@ -484,6 +484,8 @@
urlfile = file
if file[:1] == '/':
urlfile = 'file://' + file
+ elif file[:2] == './':
+ raise ValueError("local file url may start with / or file:. Unknown url of type: %s" % url)
return addinfourl(open(localname, 'rb'),
headers, urlfile)
host, port = splitport(host)
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list