#36940: Improve ASGI script prefix path_info handling
-------------------------------------+-------------------------------------
Reporter: KhadyotTakale | Type: Bug
Status: new | Component: HTTP
| handling
Version: 6.0 | Severity: Normal
Keywords: asgi script-prefix | Triage Stage:
path-info | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------------+-------------------------------------
The current ASGIRequest.__init__ uses str.removeprefix() to strip the
script name from the request path to compute path_info. This is fragile
because removeprefix is a pure string operation — it doesn't verify that
the prefix is a proper path segment boundary.
For example, if script_name is /myapp and the path is /myapplication/page,
removeprefix would incorrectly produce lication/page.
This patch replaces removeprefix with a check that ensures the script name
is followed by / or is the exact path, before stripping it. This addresses
the inline TODO comment.
--
Ticket URL: <https://code.djangoproject.com/ticket/36940>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/0107019c848bcc9f-518fb4ce-2eab-4e9d-8003-bc13cb0c6403-000000%40eu-central-1.amazonses.com.
