Project

General

Profile

Bug #33082

trace inutile sur fuzzing dans /login

Added by Thomas Noël 9 days ago. Updated 1 day ago.

Status:
Nouveau
Priority:
Normal
Assignee:
-
Start date:
14 May 2019
Due date:
% Done:

0%

Patch proposed:
No
Planning:
No

Description

Il faudrait planter "proprement" ici (sans trace) :

Internal Server Error: /login/

KeyError at /login/
u'\xe0'

Request Method: GET
Request URL:
https://departement06.test.entrouvert.org/login/?next=%e0%40%ae%e0%40%ae%e0%80%af%e0%40%ae%e0%40%ae%e0%80%af%e0%40%ae%e0%40%ae%e0%80%af%e0%40%ae%e0%40%ae%e0%80%af%e0%40%ae%e0%40%ae%e0%80%af%e0%40%ae%e0%40%ae%e0%80%af%e0%40%ae%e0%40%ae%e0%80%af%e0%40%ae%e0%40%ae%e0%80%afetc%e0%80%afpasswd
Django Version: 1.11.20
Python Executable: /usr/bin/uwsgi-core
Python Version: 2.7.13
Python Path: ['.', '', '/usr/lib/python2.7', '/usr/lib/python2.7/plat-x86_64-linux-gnu', '/usr/lib/python2.7/lib-tk', '/usr/lib/python2.7/lib-old', '/usr/lib/python2.7/lib-dynload', '/usr/local/lib/python2.7/dist-packages', '/usr/lib/python2.7/dist-packages']
Server time: mar, 14 Mai 2019 11:58:38 +0200
Installed Applications:
''
Installed Middleware:
''

Traceback:

File "/usr/lib/python2.7/dist-packages/django/core/handlers/exception.py" in inner
  41.             response = get_response(request)

File "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py" in _legacy_get_response
  249.             response = self._get_response(request)

File "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py" in _get_response
  187.                 response = self.process_exception_by_middleware(e, request)

File "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py" in _get_response
  185.                 response = wrapped_callback(request, *callback_args, **callback_kwargs)

File "/usr/lib/python2.7/dist-packages/combo/public/views.py" in login
  64.                                     + urllib.quote(request.GET.get('next')))

File "/usr/lib/python2.7/urllib.py" in quote
  1299.     return ''.join(map(quoter, s))

Exception Type: KeyError at /login/
Exception Value: u'\xe0'
Request information:
USER: AnonymousUser

History

#1 Updated by Benjamin Dauvergne 1 day ago

  • Project changed from Authentic 2 to Combo

Ticket combo, pas authentic.

Also available in: Atom PDF