mirrors
/
cpython
mirror of https://github.com/python/cpython.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cpython/Lib/http
History
Miss Islington (bot) defaa2b19a
gh-87389: Fix an open redirection vulnerability in http.server. (GH-93879) (GH-94093) 
Fix an open redirection vulnerability in the `http.server` module when
an URI path starts with `//` that could produce a 301 Location header
with a misleading target.  Vulnerability discovered, and logic fix
proposed, by Hamza Avvan (@hamzaavvan).

Test and comments authored by Gregory P. Smith [Google].
(cherry picked from commit 4abab6b603)

Co-authored-by: Gregory P. Smith <greg@krypto.org>
 		2022-06-22 10:42:02 +02:00
..
__init__.py bpo-39507: Add HTTP status 418 "I'm a Teapot" (GH-18291) 2020-03-15 14:24:23 +02:00
client.py bpo-45328: Avoid failure in OSs without TCP_NODELAY support (GH-28646) (GH-28770) 2021-10-06 20:29:41 +02:00
cookiejar.py bpo-38804: Fix REDoS in http.cookiejar (GH-17157) 2019-11-22 15:22:11 +01:00
cookies.py bpo-39481: PEP 585 for a variety of modules (GH-19423) 2020-04-10 07:46:36 -07:00
server.py gh-87389: Fix an open redirection vulnerability in http.server. (GH-93879) (GH-94093) 2022-06-22 10:42:02 +02:00