Validate ASCII host values #954
Conversation
|
@mjpieters do you want me to reject the release build, wait and include this PR? |
|
Not sure why the changelog bot is failing to notice the towncrier fragment... Not sure why but it's safe to ignore for now. |
This comment was marked as outdated.
This comment was marked as outdated.
@mjpieters this can be fixed by adding "hostnames" to |
|
While implementing my PR I noticed that if you used a non-ASCII hostname with I'm not sure why the encoder uses I can hoist the validation to apply to non-ASCII hostnames too but that means I need to explicitly test for all disallowed ASCII codepoint (instead of the negative character classes I use now). I'll go search through the commit history to see if I cannot find out more here. |
:-D I already have that change staged locally :-P |
|
@mjpieters so do you think it's worth putting into a separate release? The automation is there so it wouldn't take as long to make new releases from now on... |
mjpieters
force-pushed
the
validate_host
branch
2 times, most recently
from
3f8f6a8
to
874b429
Compare
It is looking for the files in the wrong location, |
I think it's fine to put this in a next release. I don't see this as urgent. |
Okay, will proceed with releasing, then. The build is half-way ready: https://github.com/aio-libs/yarl/actions/runs/6931722870. |
|
I'll raise a separate issue for IDNA host encoding. I can see why the This PR can focus on ASCII hostnames only, as a first step. |
What a glorious deployment pipeline we have! 😁 |
Oh, that makes sense — this is because I moved the config to a dedicated file and haven't updates the bot to account for that. Thanks for pointing it out! |
Host values must match the unreserved, sub-delims or pct-encoded grammar rules. The IDNA encoder already checks for this, but for ASCII values we skip IDNA encoding. If the invalid character is `@`, or `:` followed by `@` further in the host value, tack on advice about using `authority` instead of `host`.
mjpieters
force-pushed
the
validate_host
branch
from
874b429
to
7f21ff2
Compare
Hopefully, I'll make it scalable and reuse for other projects. I have similar things in many other repos but they all have tiny differences which makes them hard to reuse as is. |
It took a few reattempts to get the last bit right... But now we have v1.9.3: |
Fixed it. The coverage metrics are back up! |
I checked the coverage reported before I broke it temporarily, and turns out that the line you're talking about is the only one uncovered in the entire project: https://app.codecov.io/gh/aio-libs/yarl/commit/65333fab5f5b2bcce9fbb6aa810e9618fa10c6f0/blob/yarl/_url.py#L1176. So I guess this might also need some extra extensive testing... |
Host values must match the unreserved, sub-delims or pct-encoded grammar
rules. The IDNA encoder already checks for this, but for ASCII values we
skip IDNA encoding.
If the invalid character is
@, or:followed by@further in thehost value, tack on advice about using
authorityinstead ofhost.Fixes #880
Checklist
CHANGESfolder<issue_id>.<type>(e.g.588.bugfix)issue_idchange it to the pr id after creating the PR.feature: Signifying a new feature..bugfix: Signifying a bug fix..doc: Signifying a documentation improvement..removal: Signifying a deprecation or removal of public API..misc: A ticket has been closed, but it is not of interest to users.Fix issue with non-ascii contents in doctest text files.