-
-
Notifications
You must be signed in to change notification settings - Fork 32k
urllib.parse.urlparse doesn't check port #88037
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Comments
It is possible to get valid ParseResult from the urlparse function even for a non-numeric port value. Only by requesting the port it fails[1]. // code snippet
Python 3.8.5 (default, Jan 27 2021, 15:41:15)
[GCC 9.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from urllib.parse import urlparse
>>> uri = 'xx://foo:bar'
>>> uri_parts = urlparse(uri)
>>> uri_parts.netloc
'foo:bar'
>>> uri_parts.port
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.8/urllib/parse.py", line 174, in port
raise ValueError(message) from None
ValueError: Port could not be cast to integer value as 'bar'
// code snippet [1] Line 172 in e1903e1
[2] Line 416 in e1903e1
|
I guess moving port validation logic to parsing time is done as part of #16780 |
Treating this as bug in itself might be a better idea than waiting for a ipv6 scope introduction, which had few caveats.
Yes, we could check if it is an int. That should be sufficient. |
Thank you for your swift response and your willingness to add port validation to _checknetloc. I think the validation itself should compound both exceptional branches implemented in port[3]
[3] Lines 173 to 178 in e1903e1
|
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: