test_add_or_replace_parameter fails on Python 3.6.13, 3.7.10, 3.8.8, 3.9.2 due to CVE-2021-23336 fix #164
Description
In Python 3.6.13, 3.7.10, 3.8.8, and 3.9.2, urllib.parse.parse_qsl no longer treats ; as a separator by default.
Python 3.8.8 (default, Feb 19 2021, 11:04:50)
[GCC 10.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import urllib.parse
>>> urllib.parse.parse_qsl('arg1=v1;arg2=v2')
[('arg1', 'v1;arg2=v2')]This causes UrlTests.test_add_or_replace_parameter to fail.
__________________________________________________________ UrlTests.test_add_or_replace_parameter ___________________________________________________________
self = <tests.test_url.UrlTests testMethod=test_add_or_replace_parameter>
def test_add_or_replace_parameter(self):
url = 'http://domain/test'
self.assertEqual(add_or_replace_parameter(url, 'arg', 'v'),
'http://domain/test?arg=v')
url = 'http://domain/test?arg1=v1&arg2=v2&arg3=v3'
self.assertEqual(add_or_replace_parameter(url, 'arg4', 'v4'),
'http://domain/test?arg1=v1&arg2=v2&arg3=v3&arg4=v4')
self.assertEqual(add_or_replace_parameter(url, 'arg3', 'nv3'),
'http://domain/test?arg1=v1&arg2=v2&arg3=nv3')
url = 'http://domain/test?arg1=v1;arg2=v2'
> self.assertEqual(add_or_replace_parameter(url, 'arg1', 'v3'),
'http://domain/test?arg1=v3&arg2=v2')
E AssertionError: 'http://domain/test?arg1=v3' != 'http://domain/test?arg1=v3&arg2=v2'
E - http://domain/test?arg1=v3
E + http://domain/test?arg1=v3&arg2=v2
E ? ++++++++
tests/test_url.py:303: AssertionError