Re: Discuss ticket 20264: URLValidator should allow underscores in local hostname

Thu, 16 Apr 2020 14:38:21 -0700 

>
> Folks wanting this can subclass URLValidator.
>

For anyone who does want this, the subclass is not so much work. You can
inherit the regex pieces from URLValidator and edit them to insert _ as a
valid character:

In [18]: import re
    ...:
    ...: from django.core.validators import URLValidator
    ...:
    ...:
    ...: class LenientURLValidator(URLValidator):
    ...:     hostname_re = URLValidator.hostname_re.replace('0-9]',
'0-9_]').replace('0-9-]', '0-9-_]')
    ...:     domain_re = URLValidator.domain_re.replace('0-9-]', '0-9-_]')
    ...:     host_re = '(' + hostname_re + domain_re + URLValidator.tld_re
+ '|localhost)'
    ...:
    ...:     regex = re.compile(
    ...:         r'^(?:[a-z0-9.+-]*)://'  # scheme is validated separately
    ...:         r'(?:[^\s:@/]+(?::[^\s:@/]*)?@)?'  # user:pass
authentication
    ...:         r'(?:' + URLValidator.ipv4_re + '|' + URLValidator.ipv6_re
+ '|' + host_re + ')'
    ...:         r'(?::\d{2,5})?'  # port
    ...:         r'(?:[/?#][^\s]*)?'  # resource path
    ...:         r'\Z', re.IGNORECASE)
    ...:

In [19]: LenientURLValidator()('
http://online_casino_news.hundredpercentgambling.com/')  # no
ValidationError

It's a little tricky in the re.compile step that's copied form the
superclass, but it works.

On Thu, 26 Mar 2020 at 17:28, James Bennett <ubernost...@gmail.com> wrote:

> I'm also in the "I don't think this should be allowed" camp. People
> who really need it can set up their own validator easily enough, and I
> worry about the security implications of supporting non-standard
> behavior in something as crucial as hostname validation -- Django's
> been bitten by that sort of thing several times in the past.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django developers  (Contributions to Django itself)" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-developers+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-developers/CAL13Cg-k6CGLZo9o%3DRG4LpGj5CbP57ayeGyBrKYXa7SPx07%2BWg%40mail.gmail.com
> .
>


-- 
Adam

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/CAMyDDM0J_x7ieZSgPBE8%2BJGmHFk8yvvwzprB2fv7PpJvuGE9_g%40mail.gmail.com.
  • ... Pavel Savchenko
    • ... Adam Johnson
      • ... Pavel Savchenko
        • ... Adam Johnson
          • ... Florian Apolloner
            • ... Carlton Gibson
              • ... James Bennett
                • ... Adam Johnson
                • ... Pavel Savchenko
    • ... '1337 Shadow Hacker' via Django developers (Contributions to Django itself)

Reply via email to