TonBERRY/microdot
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Validate redirect URLs

Browse Source
This commit is contained in:
Miguel Grinberg
2021-09-28 17:09:29 +01:00
parent 06015934b8
commit 8e5fb92ff1
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/microdot.py
View File

@@ -430,6 +430,8 @@ class Response():
:param status_code: The 3xx status code to use for the redirect. The
default is 302.
"""
if '\x0d' in location or '\x0a' in location:
raise ValueError('invalid redirect URL')
return cls(status_code=status_code, headers={'Location': location})
@classmethod