Handle unsafe expressions when using startswith/endswith/contains with unsafe expressions. Closes #58
This commit is contained in:
flosch
parent
2f991ac6f1
commit
7ab2e21c10
@ -66,6 +66,9 @@ class StringField(BaseField):
|
|||||||
regex = r'%s$'
|
regex = r'%s$'
|
||||||
elif op == 'exact':
|
elif op == 'exact':
|
||||||
regex = r'^%s$'
|
regex = r'^%s$'
|
||||||
|
|
||||||
|
# escape unsafe characters which could lead to a re.error
|
||||||
|
value = re.escape(value)
|
||||||
value = re.compile(regex % value, flags)
|
value = re.compile(regex % value, flags)
|
||||||
return value
|
return value
|
||||||
|
|
||||||
|
|||||||
@ -289,6 +289,13 @@ class QuerySetTest(unittest.TestCase):
|
|||||||
obj = self.Person.objects(Q(name__iexact='gUIDO VAN rOSSU')).first()
|
obj = self.Person.objects(Q(name__iexact='gUIDO VAN rOSSU')).first()
|
||||||
self.assertEqual(obj, None)
|
self.assertEqual(obj, None)
|
||||||
|
|
||||||
|
# Test unsafe expressions
|
||||||
|
person = self.Person(name='Guido van Rossum [.\'Geek\']')
|
||||||
|
person.save()
|
||||||
|
|
||||||
|
obj = self.Person.objects(Q(name__icontains='[.\'Geek')).first()
|
||||||
|
self.assertEqual(obj, person)
|
||||||
|
|
||||||
def test_filter_chaining(self):
|
def test_filter_chaining(self):
|
||||||
"""Ensure filters can be chained together.
|
"""Ensure filters can be chained together.
|
||||||
"""
|
"""
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user