[issue46870] Improper Input Validation in urlparse

2022-03-02 Thread Pocas 


Pocas  added the comment:

Nice Check. So what do you think about this issue? I want to hear your opinions.

--

___
Python tracker 
<https://bugs.python.org/issue46870>
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue46870] Improper Input Validation in urlparse

2022-02-26 Thread Pocas 


Pocas  added the comment:

>>> print(urlparse('https:\\google.com'))
ParseResult(scheme='https', netloc='', path='\\google.com', params='', 
query='', fragment='')
>>> print(urlparse('https://google.com@localhost'))
ParseResult(scheme='https', netloc='google.com@localhost', path='', params='', 
query='', fragment='')
>>>

Perhaps this parser is not able to parse the URL normally.

--

___
Python tracker 
<https://bugs.python.org/issue46870>
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue46870] Improper Input Validation in urlparse

2022-02-26 Thread Pocas 


Change by Pocas :


--
type: performance -> security

___
Python tracker 
<https://bugs.python.org/issue46870>
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue46870] Improper Input Validation in urlparse

2022-02-26 Thread Pocas 


New submission from Pocas :

If http:@localhost url is entered as an argument value of the urlpasre() 
function, the parser cannot parse it properly. Since http:@localhost is a valid 
URL, the character after the @ character must be parsed as a hostname.

Python 3.9.10 (main, Jan 15 2022, 11:48:04)
[Clang 13.0.0 (clang-1300.0.29.3)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from urllib.parse import urlparse
>>> print(urlparse('http:@localhost'))
ParseResult(scheme='http', netloc='', path='@localhost', params='', query='', 
fragment='')
>>>

--
messages: 414132
nosy: P0cas
priority: normal
severity: normal
status: open
title: Improper Input Validation in urlparse
type: performance
versions: Python 3.9

___
Python tracker 
<https://bugs.python.org/issue46870>
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com