]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d27a7c1) | patch
Prevent HTTPoxy attack (CVE-2016-1000110)
authorSenthil Kumaran <senthil@uthcode.com>
Sun, 31 Jul 2016 06:24:16 +0000 (23:24 -0700)
committerSenthil Kumaran <senthil@uthcode.com>
Sun, 31 Jul 2016 06:24:16 +0000 (23:24 -0700)
commit4cbb23f8f278fd1f71dcd5968aa0b3f0b4f3bd5d
tree6b9afcfb2dbbcaba109a7b00785f711af576c538tree | snapshot
parentd27a7c1f22b263a3eef5d380c7058c993bd3a451commit | diff
Prevent HTTPoxy attack (CVE-2016-1000110)

Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.

Issue #27568 Reported and patch contributed by RĂ©mi Rampin.
Doc/howto/urllib2.rst diff | blob | blame | history
Doc/library/urllib.request.rst diff | blob | blame | history
Lib/test/test_urllib.py diff | blob | blame | history
Lib/urllib/request.py diff | blob | blame | history
Misc/NEWS diff | blob | blame | history
Mirror of https://github.com/python/cpython.git