FIX: Ensure rejecting URLs starting with space

The gh-102153 change in CPython modified how urllib.pare handles URLs with the leading spaces. To ensure previous behaviour, additional check was added. Closes: certtools#2377
kamil-certat · Jun 14, 2023 · 1162fb6 · 1162fb6
1 parent 6d4d889
commit 1162fb6
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,7 +17,9 @@ CHANGELOG
 - `intelmq.lib.upgrages`: Fix a bug in the upgrade function for version 3.1.0 which caused an exception if a generic csv parser instance had no parameter `type` (PR#2319 by Filip Pokorný).
 - `intelmq.lib.datatypes`: Adds `TimeFormat` class to be used for the `time_format` bot parameter (PR#2329 by Filip Pokorný).
 - `intelmq.lib.exceptions`: Fixes a bug in `InvalidArgument` exception (PR#2329 by Filip Pokorný).
-- `intelmq.lib.harmonization`: Changes signature and names of `DateTime` conversion functions for consistency, backwards compatible (PR#2329 by Filip Pokorný).
+- `intelmq.lib.harmonization`:
+  - Changes signature and names of `DateTime` conversion functions for consistency, backwards compatible (PR#2329 by Filip Pokorný).
+  - Ensure rejecting URLs with leading whitespaces after changes in CPython (fixes [#2377](https://github.com/certtools/intelmq/issues/2377))
 
 ### Development
 

diff --git a/intelmq/lib/harmonization.py b/intelmq/lib/harmonization.py
@@ -34,6 +34,7 @@
 import json
 import re
 import socket
+import string
 import warnings
 import urllib.parse as parse
 from typing import Optional, Union
@@ -1090,6 +1091,9 @@ def is_valid(value: str, sanitize: bool = False) -> bool:
         if not GenericType.is_valid(value):
             return False
 
+        if value[0] in string.whitespace:
+            return False
+
         result = parse.urlsplit(value)
         if result.netloc == "":
             return False