bpo-45874: Handle empty query string correctly in urllib.parse.parse_qsl (#29716)

sattlerc · web-flow · commit e6fe10d34096 · 2021-12-12T10:41:12.000+02:00
diff --git a/Lib/test/test_cgi.py b/Lib/test/test_cgi.py
@@ -51,7 +51,7 @@ def do_test(buf, method):
         return ComparableException(err)
 
 parse_strict_test_cases = [
-    ("", ValueError("bad query field: ''")),
+    ("", {}),
     ("&", ValueError("bad query field: ''")),
     ("&&", ValueError("bad query field: ''")),
     # Should the next few really be valid?
diff --git a/Lib/urllib/parse.py b/Lib/urllib/parse.py
@@ -740,12 +740,13 @@ def parse_qsl(qs, keep_blank_values=False, strict_parsing=False,
     # is less than max_num_fields. This prevents a memory exhaustion DOS
     # attack via post bodies with many fields.
     if max_num_fields is not None:
-        num_fields = 1 + qs.count(separator)
+        num_fields = 1 + qs.count(separator) if qs else 0
         if max_num_fields < num_fields:
             raise ValueError('Max number of fields exceeded')
 
     r = []
-    for name_value in qs.split(separator):
+    query_args = qs.split(separator) if qs else []
+    for name_value in query_args:
         if not name_value and not strict_parsing:
             continue
         nv = name_value.split('=', 1)
diff --git a/Misc/NEWS.d/next/Library/2021-12-02-11-55-45.bpo-45874.dtJIsN.rst b/Misc/NEWS.d/next/Library/2021-12-02-11-55-45.bpo-45874.dtJIsN.rst
@@ -0,0 +1,3 @@
+The empty query string, consisting of no query arguments, is now handled
+correctly in ``urllib.parse.parse_qsl``. This caused problems before when
+strict parsing was enabled.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+The empty query string, consisting of no query arguments, is now handled`
	`2`	+correctly in ``urllib.parse.parse_qsl``. This caused problems before when
	`3`	`+strict parsing was enabled.`