Ubuntu
python-django package

overly agressive URLField validation causes failures

Bug #1528710 reported by LaMont Jones
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Django
Unknown
Unknown
python-django (Debian)
Fix Released
Unknown
python-django (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

If the django site lives somewhere that the admins have declared a bogus top-level domain, and chosen to use an rfc1035-conforming name (with a hyphen in the middle of it), then django URLField validation considers the domain to be invalid. (I suspect that IANA hasn't released any TLDs with hyphens yet - making them the ideal choice right now for "something that won't be real".)

That is to say: http://ubuntu-mirror.my-tld/ubuntu is flagged as an invalid URL, even though the DNS has an IP for it, and apt happily upgrades from the archive mirror that is there.

Please fix the validator to allow hyphens in the tld_re.

lamont

Revision history for this message
Luke Faraone (lfaraone) wrote :

This does appear to be a regression.

This is a change that only took effect in Django 1.8, if I understand correctly.

There's a related ticket <https://code.djangoproject.com/ticket/25452#comment:2> and I had a brief discussion about this on #django-dev; please do feel free to file a ticket against upstream and a patch can probably be backported. I'd prefer to see it fixed in Django upstream first, though.

Changed in python-django (Ubuntu):
importance: Undecided → Medium
status: New → Confirmed
Revision history for this message
LaMont Jones (lamont) wrote :

Without creating yet-another-login that I will generally never use, how should I go about creating a ticket upstream? Generally, if the bug is to be forwarded upstream, that is done by the package maintainer...

See https://www.debian.org/Bugs/Reporting

I guess I'll go file the bug with Debian and let the Debian maintainer forward it to the django project.

Bug Watch Updater (bug-watch-updater)
Changed in python-django (Debian):
status: Unknown → Confirmed
Revision history for this message
LaMont Jones (lamont) wrote :

Any progress on getting this into xenial, or shall I just do an upload so that I quit hitting it and wait for the eventual merge?

LaMont Jones (lamont)
Changed in python-django (Ubuntu):
status: Confirmed → In Progress
assignee: nobody → LaMont Jones (lamont)
Revision history for this message
LaMont Jones (lamont) wrote :

Fixed in python-django_1.8.7-1ubuntu5:
   * Backport b1afebf882db5296cd9dcea26ee66d5250922e53 for ticket 26204 from
     upstream (1.8.10) to allow dashes in TLDs again (in the URL validator.)
     LP: #1528710

Changed in python-django (Ubuntu):
assignee: LaMont Jones (lamont) → nobody
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package python-django - 1.8.7-1ubuntu5

---------------
python-django (1.8.7-1ubuntu5) xenial; urgency=medium

  * Backport b1afebf882db5296cd9dcea26ee66d5250922e53 for ticket 26204 from
    upstream (1.8.10) to allow dashes in TLDs again (in the URL validator.)
    LP: #1528710

 -- LaMont Jones <email address hidden> Mon, 11 Apr 2016 17:30:48 -0600

Changed in python-django (Ubuntu):
status: Fix Committed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in python-django (Debian):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.