results in a 500 Server error: UnicodeDecodeError. This is true for unicode values greater than and including 96 (%80).
Full Stack Trace:
Traceback (most recent call last):
File "/usr/lib/python2.7/wsgiref/handlers.py", line 85, in run
self.result = application(self.environ, self.start_response)
File "~/pyenv/geoq/local/lib/python2.7/site-packages/django/contrib/staticfiles/handlers.py", line 71, in __call__
if not self._should_handle(get_path_info(environ)):
File "~/pyenv/geoq/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 247, in get_path_info
return path_info.decode('utf-8')
File "~/pyenv/geoq/lib/python2.7/encodings/utf_8.py", line 16, in decode
return codecs.utf_8_decode(input, errors, True)
UnicodeDecodeError: 'utf8' codec can't decode byte 0xff in position 10: invalid start byte
[11/Jun/2015 20:26:34] "GET /accounts/%FF/ HTTP/1.1" 500 59
I do not believe this represents a security vulnerability.
Attempting to access a URL with an ID parameter, such as:
/accounts/%FF/ /geoq/api/job/%FF /geoq/projects/%FF /maps/layers/update/%FF /maps/feature-types/update/%FF (etc)
results in a 500 Server error: UnicodeDecodeError. This is true for unicode values greater than and including 96 (%80).
Full Stack Trace:
I do not believe this represents a security vulnerability.