Issue 11662: Fix vulnerability in urllib/urllib2.

(This version is a cleaned-up backport of a fix by Senthil Kumaran.)
author: guido@google.com <guido@google.com> 2011-03-29 18:41:02 (GMT)
committer: guido@google.com <guido@google.com> 2011-03-29 18:41:02 (GMT)
commit: a119df91f33724f64e6bc1ecb484eeaa30ace014 (patch)
tree: be27f880b0ed6fdf79367fddc1c58019f07ca4ac /Doc
parent: b938c8c25316b69f1d5df2c7880a9f6b87e7c2fa (diff)
download: cpython-a119df91f33724f64e6bc1ecb484eeaa30ace014.zip
cpython-a119df91f33724f64e6bc1ecb484eeaa30ace014.tar.gz
cpython-a119df91f33724f64e6bc1ecb484eeaa30ace014.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/Doc/library/urllib.request.rst b/Doc/library/urllib.request.rst
index fe61030..b4a7f28 100644
--- a/Doc/library/urllib.request.rst
+++ b/Doc/library/urllib.request.rst
@@ -783,6 +783,10 @@ HTTPRedirectHandler Objects
    is the case, :exc:`HTTPError` is raised.  See :rfc:`2616` for details of the
    precise meanings of the various redirection codes.
 
+   An :class:`HTTPError` exception raised as a security consideration if the
+   HTTPRedirectHandler is presented with a redirected url which is not an HTTP,
+   HTTPS or FTP url.
+
 
 .. method:: HTTPRedirectHandler.redirect_request(req, fp, code, msg, hdrs, newurl)
author	guido@google.com <guido@google.com>	2011-03-29 18:41:02 (GMT)
committer	guido@google.com <guido@google.com>	2011-03-29 18:41:02 (GMT)
commit	a119df91f33724f64e6bc1ecb484eeaa30ace014 (patch)
tree	be27f880b0ed6fdf79367fddc1c58019f07ca4ac /Doc
parent	b938c8c25316b69f1d5df2c7880a9f6b87e7c2fa (diff)
download	cpython-a119df91f33724f64e6bc1ecb484eeaa30ace014.zip cpython-a119df91f33724f64e6bc1ecb484eeaa30ace014.tar.gz cpython-a119df91f33724f64e6bc1ecb484eeaa30ace014.tar.bz2