]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 725cbce) | patch
bpo-38576: Disallow control characters in hostnames in http.client (GH-18995)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Sat, 14 Mar 2020 19:12:58 +0000 (12:12 -0700)
committerGitHub <noreply@github.com>
Sat, 14 Mar 2020 19:12:58 +0000 (12:12 -0700)
commit34f85af3229f86c004a954c3f261ceea1f5e9f95
tree12c9bd0a2c609ac2a84c129cb03a3a5a84cfd9actree | snapshot
parent725cbce25084a67ad7ff48b75cca3e240ef57606commit | diff
bpo-38576: Disallow control characters in hostnames in http.client (GH-18995)

Add host validation for control characters for more CVE-2019-18348 protection.
(cherry picked from commit 9165addc22d05e776a54319a8531ebd0b2fe01ef)

Co-authored-by: Ashwin Ramaswami <aramaswamis@gmail.com>
Lib/http/client.py diff | blob | blame | history
Lib/test/test_httplib.py diff | blob | blame | history
Lib/test/test_urllib.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2020-03-14-14-57-44.bpo-38576.OowwQn.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git