encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-11-22 09:36:49 +03:00
Code Issues Packages Projects Releases Wiki Activity

Escape hyperlink URLs on lookup (#7059)

Browse Source 
* Escape hyperlink URLs on lookup

* Rename duplicate test
This commit is contained in:
Tom Christie 2019-11-21 11:38:40 +00:00 committed by GitHub
parent 39876e6607
commit fe840a34ff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rest_framework/relations.py
View File

@ -344,7 +344,7 @@ class HyperlinkedRelatedField(RelatedField):
if data.startswith(prefix): if data.startswith(prefix):
data = '/' + data[len(prefix):] data = '/' + data[len(prefix):]
data = uri_to_iri(data) data = uri_to_iri(parse.unquote(data))
try: try:
match = resolve(data) match = resolve(data)

5
tests/test_relations.py
View File

@ -153,6 +153,7 @@ class TestHyperlinkedRelatedField(APISimpleTestCase):
self.queryset = MockQueryset([ self.queryset = MockQueryset([
MockObject(pk=1, name='foobar'), MockObject(pk=1, name='foobar'),
MockObject(pk=2, name='bazABCqux'), MockObject(pk=2, name='bazABCqux'),
MockObject(pk=2, name='bazABC qux'),
]) ])
self.field = serializers.HyperlinkedRelatedField( self.field = serializers.HyperlinkedRelatedField(
view_name='example', view_name='example',
@ -191,6 +192,10 @@ class TestHyperlinkedRelatedField(APISimpleTestCase):
instance = self.field.to_internal_value('http://example.org/example/baz%41%42%43qux/') instance = self.field.to_internal_value('http://example.org/example/baz%41%42%43qux/')
assert instance is self.queryset.items[1] assert instance is self.queryset.items[1]
def test_hyperlinked_related_lookup_url_space_encoded_exists(self):
instance = self.field.to_internal_value('http://example.org/example/bazABC%20qux/')
assert instance is self.queryset.items[2]
def test_hyperlinked_related_lookup_does_not_exist(self): def test_hyperlinked_related_lookup_does_not_exist(self):
with pytest.raises(serializers.ValidationError) as excinfo: with pytest.raises(serializers.ValidationError) as excinfo:
self.field.to_internal_value('http://example.org/example/doesnotexist/') self.field.to_internal_value('http://example.org/example/doesnotexist/')