summaryrefslogtreecommitdiff
path: root/scripts/prepare_commit_msg.py
diff options
context:
space:
mode:
authorNatalia <124304+nessita@users.noreply.github.com>2026-06-02 21:38:35 -0300
committernessita <124304+nessita@users.noreply.github.com>2026-06-08 20:06:46 -0300
commit526b1b414d8e215bf627b5722df12a09346dbf6b (patch)
treebd1bbda69168233244ec57d7a49fa049f5e566e1 /scripts/prepare_commit_msg.py
parent7f2afdd0f6a872ccb48d7fbdaacce9b11216af52 (diff)
Refs CVE-2026-48587 -- Added helper to properly split header values.
Extracted the repeated `split(",")` + per-token `.strip()` pattern into a `split_header_value()` generator in django/utils/http.py. The previous `cc_delim_re` regex only stripped whitespace adjacent to the comma delimiter, leaving leading or trailing whitespace on the first and last tokens. Now, `split_header_value()` strips every token fully, matching RFC 9110's optional-whitespace rules. Thanks to Shai Berger, Jacob Walls, and Sarah Boyce for reviews.
Diffstat (limited to 'scripts/prepare_commit_msg.py')
0 files changed, 0 insertions, 0 deletions