[2.0.x] Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.

author: Andreas Hug <andreas.hug@moccu.com> 2018-07-24 16:18:17 -0400
committer: Tim Graham <timograham@gmail.com> 2018-07-31 10:37:29 -0400
commit: 6fffc3c6d420e44f4029d5643f38d00a39b08525 (patch)
tree: 31633bc12b5f6705f19e8e998773fceba820ab78 /tests/middleware/urls.py
parent: af344691114e4a68334c30543bfb838996328212 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/tests/middleware/urls.py b/tests/middleware/urls.py
index 8c6621d059..d623e7d6af 100644
--- a/tests/middleware/urls.py
+++ b/tests/middleware/urls.py
@@ -6,4 +6,6 @@ urlpatterns = [
     url(r'^noslash$', views.empty_view),
     url(r'^slash/$', views.empty_view),
     url(r'^needsquoting#/$', views.empty_view),
+    # Accepts paths with two leading slashes.
+    url(r'^(.+)/security/$', views.empty_view),
 ]
author	Andreas Hug <andreas.hug@moccu.com>	2018-07-24 16:18:17 -0400
committer	Tim Graham <timograham@gmail.com>	2018-07-31 10:37:29 -0400
commit	6fffc3c6d420e44f4029d5643f38d00a39b08525 (patch)
tree	31633bc12b5f6705f19e8e998773fceba820ab78 /tests/middleware/urls.py
parent	af344691114e4a68334c30543bfb838996328212 (diff)