Crash in bleach with <a>

VERIFIED FIXED in 5.11.8

Status

VERIFIED FIXED
8 years ago
3 years ago

People

(Reporter: jbalogh, Assigned: jbalogh)

Tracking

Details

(Whiteboard: [z])

(Assignee)

Description

8 years ago
I think this is fixed upstream, but we've been avoiding upstream since their treewalker shenanigans tend to crash.

POST:<QueryDict: {u'description': [u'\r\n<xml id="X"><a><b><script>document.vulnerable=true;</script>;</b></a></xml>\r\n'], u'listed': [u'True'], u'csrfmiddlewaretoken': [u'b4f7dbb32ce37ca074ed6145ba8da5c1'], u'icon': [u''], u'slug': [u'HISTEVEY'], u'name': [u'tags/']}>,

 File "/data/amo_python/www/preview/zamboni/vendor/src/bleach/bleach/__init__.py", line 121, in linkify_nodes
   linkify_nodes(node)

 File "/data/amo_python/www/preview/zamboni/vendor/src/bleach/bleach/__init__.py", line 118, in linkify_nodes
   href = self.filter_url(node.attributes['href'])

KeyError: 'href'
I would totally accept a patch to switch that from `try...except` to `if 'href' in...`
(Assignee)

Comment 3

8 years ago
We need to upgrade bleach, but we don't want more errors like bug 568317, so I asked jsocol to pull in http://github.com/jbalogh/bleach/commit/df924d79b0.

It uses logging to discover more error cases and to make clouserw beam.
Assignee: nobody → jbalogh
(Assignee)

Comment 4

8 years ago
http://github.com/jsocol/bleach/commit/d4bdcba5565d0b6071ad75fb5008bb835a0ff936
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
Jeff - is there a simplified testcase I can use?  Thanks.
(In reply to comment #5)
> Jeff - is there a simplified testcase I can use?  Thanks.

Verified FIXED using the string in comment 0.
Status: RESOLVED → VERIFIED
(Assignee)

Updated

8 years ago
Duplicate of this bug: 571709
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.