summaryrefslogtreecommitdiff
path: root/tests/forms_tests/field_tests/test_urlfield.py
AgeCommit message (Collapse)Author
2026-03-03Fixed #36923 -- Added tests for non-hierarchical URI schemes in ↵Natalia
URLField.to_python(). Follow up to 951ffb3832cd83ba672c1e3deae2bda128eb9cca.
2026-03-03Fixed CVE-2026-25673 -- Simplified URLField scheme detection.Natalia
This simplicaftion mitigates a potential DoS in URLField on Windows. The usage of `urlsplit()` in `URLField.to_python()` was replaced with `str.partition(":")` for URL scheme detection. On Windows, `urlsplit()` performs Unicode normalization which is slow for certain characters, making `URLField` vulnerable to DoS via specially crafted POST payloads. Thanks Seokchan Yoon for the report, and Jake Howard and Shai Berger for the review. Refs #36923. Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
2025-01-15Refs #34380 -- Changed the URLField default scheme to https and removed ↵Sarah Boyce
FORMS_URLFIELD_ASSUME_HTTPS per deprecation timeline.
2024-08-28Fixed #35666 -- Documented stacklevel usage and testing, and adjusted test ↵Simon Charette
suite accordingly. Over the years we've had multiple instances of hit and misses when emitting warnings: either setting the wrong stacklevel or not setting it at all. This work adds assertions for the existing warnings that were declaring the correct stacklevel, but were lacking tests for it.
2023-11-28Refs #34380 -- Added FORMS_URLFIELD_ASSUME_HTTPS transitional setting.Mariusz Felisiak
This allows early adoption of the new default "https".
2023-11-28Refs #34986 -- Fixed some test assertions for PyPy.Nick Pope
These failures were due to minor inconsistencies or implementation differences between CPython and PyPy.
2023-04-28Fixed #34380 -- Allowed specifying a default URL scheme in forms.URLField.Coen van der Kamp
This also deprecates "http" as the default scheme.
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2021-12-20Fixed #33367 -- Fixed URLValidator crash in some edge cases.mendespedro
2021-12-16Used subTest() in forms.URLField() tests.Mariusz Felisiak
2020-09-25Refs #28009 -- Added empty_value tests for CharField subclasses.David Smith
2020-04-28Changed django.forms.ValidationError imports to ↵François Freitag
django.core.exceptions.ValidationError. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2018-01-21Fixed #29038 -- Removed closing slash from HTML void tags.Jon Dufresne
2017-05-24Refs #27804 -- Used subTest() in several tests.Bruno Alla
2017-01-18Refs #23919 -- Removed encoding preambles and future importsClaude Paroz
2016-07-14Fixed #26821 -- Fixed forms.Email/URLField crash on None value.Priy
2016-04-21Fixed #22383 -- Added support for HTML5 required attribute on required form ↵Jon Dufresne
fields.
2016-04-19Fixed #26516 -- Added minlength attribute when forms.CharField.min_length is ↵Jon Dufresne
set.
2016-04-11Split form's test_fields.py into different files.Berker Peksag