#16395: urlize works with malformed URLs -------------------------------------+------------------------------------- Reporter: | Owner: nobody BernhardEssl | Status: new Type: Bug | Component: Template system Milestone: | Severity: Normal Version: SVN | Keywords: Resolution: | Has patch: 1 Triage Stage: Design | Needs tests: 0 decision needed | Easy pickings: 0 Needs documentation: 0 | Patch needs improvement: 1 | UI/UX: 0 | -------------------------------------+------------------------------------- Changes (by aaugustin):
* needs_docs: => 0 * stage: Unreviewed => Design decision needed * needs_tests: => 0 * needs_better_patch: => 1 Comment: Your patch is basically checking that `http://` is followed by a word character; could you explain why this is the right thing to do? IMO, validation must be implemented correctly or not at all. Regarding the patch, I think it would be much clearer to structure the code like this: {{{ if middle.startswith('http://') or middle.startswith('https://'): # do additional checks, and set url only if the checks pass elif ... # unchanged }}} It's more readable than adding `not middle.startswith('http')` to every subsequent condition — since you only added it to the first one, I think http:////@foo.com will be misinterpreted as an email. (By the way, Trac happily turns that into an HTTP link). -- Ticket URL: <https://code.djangoproject.com/ticket/16395#comment:1> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.