Issue #22419: Limit the length of incoming HTTP request in wsgiref server to 65536 bytes.

author: Senthil Kumaran <senthil@uthcode.com> 2014-09-17 08:29:29 (GMT)
committer: Senthil Kumaran <senthil@uthcode.com> 2014-09-17 08:29:29 (GMT)
commit: e025b52db0651081eb08978efa850269c8282073 (patch)
tree: b7d3c25d7f1a48f0476a9f1465212007467f542f /Misc
parent: 2a42a0bff36129fc9aec06b20e67747cfcc85230 (diff)
download: cpython-e025b52db0651081eb08978efa850269c8282073.zip
cpython-e025b52db0651081eb08978efa850269c8282073.tar.gz
cpython-e025b52db0651081eb08978efa850269c8282073.tar.bz2
2 files changed, 5 insertions, 0 deletions
diff --git a/Misc/ACKS b/Misc/ACKS
index d1ebba7..cc194ab 100644
--- a/Misc/ACKS
+++ b/Misc/ACKS
@@ -251,6 +251,7 @@ Denver Coneybeare
 Phil Connell
 Juan José Conti
 Matt Conway
+Devin Cook
 David M. Cooke
 Jason R. Coombs
 Garrett Cooper
diff --git a/Misc/NEWS b/Misc/NEWS
index 1f389f8..b5eab85 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -13,6 +13,10 @@ Core and Builtins
 Library
 -------
 
+- Issue #22419: Limit the length of incoming HTTP request in wsgiref server to
+  65536 bytes and send a 414 error code for higher lengths. Patch contributed
+  by Devin Cook.
+
 - Lax cookie parsing in http.cookies could be a security issue when combined
   with non-standard cookie handling in some Web browsers.  Reported by
   Sergey Bobrov.
author	Senthil Kumaran <senthil@uthcode.com>	2014-09-17 08:29:29 (GMT)
committer	Senthil Kumaran <senthil@uthcode.com>	2014-09-17 08:29:29 (GMT)
commit	e025b52db0651081eb08978efa850269c8282073 (patch)
tree	b7d3c25d7f1a48f0476a9f1465212007467f542f /Misc
parent	2a42a0bff36129fc9aec06b20e67747cfcc85230 (diff)
download	cpython-e025b52db0651081eb08978efa850269c8282073.zip cpython-e025b52db0651081eb08978efa850269c8282073.tar.gz cpython-e025b52db0651081eb08978efa850269c8282073.tar.bz2