]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3a7c897) | patch
[3.14] gh-144370: Disallow usage of control characters in status in wsgiref.handlers...
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Fri, 6 Mar 2026 12:48:44 +0000 (13:48 +0100)
committerGitHub <noreply@github.com>
Fri, 6 Mar 2026 12:48:44 +0000 (12:48 +0000)
commit89b69db17adef0a4026dafc29d461ef88d93d29a
treea0ec25a95f63938b5a1b46603dcf9ed1e5be09f2tree | snapshot
parent3a7c897518c043124a101ebf59f371b44331bef4commit | diff
[3.14] gh-144370: Disallow usage of control characters in status in wsgiref.handlers for security (GH-144371) (#145586)

gh-144370: Disallow usage of control characters in status in wsgiref.handlers for security (GH-144371)

Disallow usage of control characters in status in wsgiref.handlers
to prevent HTTP header injections.
(cherry picked from commit d931725bc850cd096f6703bc285e885f1e015f05)

Co-authored-by: Benedikt Johannes <benedikt.johannes.hofer@gmail.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
Lib/test/test_wsgiref.py diff | blob | blame | history
Lib/wsgiref/handlers.py diff | blob | blame | history
Misc/ACKS diff | blob | blame | history
Misc/NEWS.d/next/Security/2026-01-31-21-56-54.gh-issue-144370.fp9m8t.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git