update (now URIs like www.site.com/id82 are automatically treated as possible URI injectable)

2025-12-06 20:51:31 +00:00 · 2011-01-31 20:36:01 +00:00
parent 777a19cfa9
commit fa58a9c86b
4 changed files with 12 additions and 2 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -217,3 +217,6 @@ UNICODE_ENCODING = "utf8"

 # Reference: http://www.w3.org/Protocols/HTTP/Object_Headers.html#uri
 URI_HTTP_HEADER = "URI"
+
+# Uri format which could be injectable (e.g. www.site.com/id82)
+URI_INJECTABLE_REGEX = r".*/([^\.*?]+)\Z"