[2.1.x] Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.

author: Andreas Hug <andreas.hug@moccu.com> 2018-07-24 16:18:17 -0400
committer: Tim Graham <timograham@gmail.com> 2018-08-01 09:35:09 -0400
commit: c4e5ff7fdb5fce447675e90291fd33fddd052b3c (patch)
tree: b1c98d1ece0565e0cdb66907d9d9e9e5e2e17cad /tests/middleware/urls.py
parent: b3234256616b0a6c8195715cbd8c850cee2cc064 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/tests/middleware/urls.py b/tests/middleware/urls.py
index 8c6621d059..d623e7d6af 100644
--- a/tests/middleware/urls.py
+++ b/tests/middleware/urls.py
@@ -6,4 +6,6 @@ urlpatterns = [
     url(r'^noslash$', views.empty_view),
     url(r'^slash/$', views.empty_view),
     url(r'^needsquoting#/$', views.empty_view),
+    # Accepts paths with two leading slashes.
+    url(r'^(.+)/security/$', views.empty_view),
 ]
author	Andreas Hug <andreas.hug@moccu.com>	2018-07-24 16:18:17 -0400
committer	Tim Graham <timograham@gmail.com>	2018-08-01 09:35:09 -0400
commit	c4e5ff7fdb5fce447675e90291fd33fddd052b3c (patch)
tree	b1c98d1ece0565e0cdb66907d9d9e9e5e2e17cad /tests/middleware/urls.py
parent	b3234256616b0a6c8195715cbd8c850cee2cc064 (diff)