cpython.git - https://github.com/python/cpython.git

diff options

author	Gregory P. Smith <greg@krypto.org>	2022-06-21 20:16:57 (GMT)
committer	GitHub <noreply@github.com>	2022-06-21 20:16:57 (GMT)
commit	4abab6b603dd38bec1168e9a37c40a48ec89508e (patch)
tree	e606aa6a39146ea80b6c6e7e3f55aec22d08c7b4 /Lib/test/test_configparser.py
parent	0709586744ec58dd60492e16b08fff6dc1149a0a (diff)
download	cpython-4abab6b603dd38bec1168e9a37c40a48ec89508e.zip cpython-4abab6b603dd38bec1168e9a37c40a48ec89508e.tar.gz cpython-4abab6b603dd38bec1168e9a37c40a48ec89508e.tar.bz2

gh-87389: Fix an open redirection vulnerability in http.server. (#93879)

Fix an open redirection vulnerability in the `http.server` module when an URI path starts with `//` that could produce a 301 Location header with a misleading target. Vulnerability discovered, and logic fix proposed, by Hamza Avvan (@hamzaavvan). Test and comments authored by Gregory P. Smith [Google].

Diffstat (limited to 'Lib/test/test_configparser.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: