Flask update (#2700)

* Flask security update The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656. Signed-off-by: David Dashyan <mail@davie.li> * Make send_naughty_tx error regex more robust Signed-off-by: David Dashyan <mail@davie.li>
2024-10-13 13:34:05 +00:00 · 2020-06-02 07:36:56 +00:00
parent 4a008e51e3
commit d9dfa98819
2 changed files with 4 additions and 3 deletions
--- a/acceptance/python/src/test_naughty_strings.py
+++ b/acceptance/python/src/test_naughty_strings.py
@@ -68,8 +68,9 @@ def send_naughty_tx(asset, metadata):
        error = sent_transaction.error
        regex = (
            r'\{\s*\n*'
-            r'\s*"message": "Invalid transaction \(ValidationError\): Invalid key name.*The key name cannot contain characters.*\n*' # noqa
-            r'\s*"status": 400\n*'
+            r'\s*"message":\s*"Invalid transaction \(ValidationError\):\s*'
+            r'Invalid key name.*The key name cannot contain characters.*\n*'
+            r'\s*"status":\s*400\n*'
            r'\s*\}\n*')
        assert status_code == 400
        assert re.fullmatch(regex, error), sent_transaction