Limit the amount of whitespace to search/backtrack. Fixes #3659.

pypa · Nov 4, 2022 · 43a9c9b · 43a9c9b
1 parent 5791343
commit 43a9c9b
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 2 deletions.
diff --git a/setuptools/package_index.py b/setuptools/package_index.py
@@ -217,7 +217,7 @@ def wrapper(*args, **kwargs):
     return wrapper
 
 
-REL = re.compile(r"""<([^>]*\srel\s*=\s*['"]?([^'">]+)[^>]*)>""", re.I)
+REL = re.compile(r"""<([^>]*\srel\s{0,10}=\s{0,10}['"]?([^'" >]+)[^>]*)>""", re.I)
 """
 Regex for an HTML tag with 'rel="val"' attributes.
 """

diff --git a/setuptools/tests/test_packageindex.py b/setuptools/tests/test_packageindex.py
@@ -307,7 +307,6 @@ def test_percent_in_password(self, temp_home):
         assert cred.password == 'pity%'
 
 
-@pytest.mark.xfail(reason="#3659")
 @pytest.mark.timeout(1)
 def test_REL_DoS():
     """