source/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2026-02-09 02:49:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
stable/5.1.x
django/tests/httpwrappers
History
varunkasyap f3542966c3 [5.1.x] Fixed #36743 -- Increased URL max length enforced in HttpResponseRedirectBase. 
Refs CVE-2025-64458.

The previous limit of 2048 characters reused the URLValidator constant
and proved too restrictive for legitimate redirects to some third-party
services. This change introduces a separate `MAX_URL_REDIRECT_LENGTH`
constant (defaulting to 16384) and uses it in HttpResponseRedirectBase.

Thanks Jacob Walls for report and review.

Backport of a8cf8c292c from main.
2025-11-26 17:28:45 -03:00
..
__init__.py
abc.txt
tests.py
[5.1.x] Fixed #36743 -- Increased URL max length enforced in HttpResponseRedirectBase.
2025-11-26 17:28:45 -03:00