mirror of
https://github.com/openharmony/third_party_jinja2.git
synced 2026-07-01 10:05:25 -04:00
!20 CVE-2024-34064 modify
Merge pull request !20 from liangxinyan123/master
This commit is contained in:
+16
-5
@@ -248,7 +248,9 @@ def do_items(value: t.Union[t.Mapping[K, V], Undefined]) -> t.Iterator[t.Tuple[K
|
||||
yield from value.items()
|
||||
|
||||
|
||||
_space_re = re.compile(r"\s", flags=re.ASCII)
|
||||
# Check for characters that would move the parser state from key to value.
|
||||
# https://html.spec.whatwg.org/#attribute-name-state
|
||||
_attr_key_re = re.compile(r"[\s/>=]", flags=re.ASCII)
|
||||
|
||||
|
||||
@pass_eval_context
|
||||
@@ -257,9 +259,14 @@ def do_xmlattr(
|
||||
) -> str:
|
||||
"""Create an SGML/XML attribute string based on the items in a dict.
|
||||
|
||||
If any key contains a space, this fails with a ``ValueError``. Values that
|
||||
are neither ``none`` nor ``undefined`` are automatically escaped.
|
||||
**Values** that are neither ``none`` nor ``undefined`` are automatically
|
||||
escaped, safely allowing untrusted user input.
|
||||
|
||||
User input should not be used as **keys** to this filter. If any key
|
||||
contains a space, ``/`` solidus, ``>`` greater-than sign, or ``=`` equals
|
||||
sign, this fails with a ``ValueError``. Regardless of this, user input
|
||||
should never be used as keys to this filter, or must be separately validated
|
||||
first.
|
||||
.. sourcecode:: html+jinja
|
||||
|
||||
<ul{{ {'class': 'my_list', 'missing': none,
|
||||
@@ -278,6 +285,10 @@ def do_xmlattr(
|
||||
As you can see it automatically prepends a space in front of the item
|
||||
if the filter returned something unless the second parameter is false.
|
||||
|
||||
.. versionchanged:: 3.1.4
|
||||
Keys with ``/`` solidus, ``>`` greater-than sign, or ``=`` equals sign
|
||||
are not allowed.
|
||||
|
||||
.. versionchanged:: 3.1.3
|
||||
Keys with spaces are not allowed.
|
||||
"""
|
||||
@@ -287,8 +298,8 @@ def do_xmlattr(
|
||||
if value is None or isinstance(value, Undefined):
|
||||
continue
|
||||
|
||||
if _space_re.search(key) is not None:
|
||||
raise ValueError(f"Spaces are not allowed in attributes: '{key}'")
|
||||
if _attr_key_re.search(key) is not None:
|
||||
raise ValueError(f"Invalid character in attribute name: {key!r}")
|
||||
|
||||
items.append(f'{escape(key)}="{escape(value)}"')
|
||||
|
||||
|
||||
Reference in New Issue
Block a user