cpython.git - https://github.com/python/cpython.git

diff options

author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>	2022-03-02 13:50:32 (GMT)
committer	GitHub <noreply@github.com>	2022-03-02 13:50:32 (GMT)
commit	1c9701a3de0566c085e03dddc14a8508aaae349e (patch)
tree	5c193ab56d3e54be17b494088101df6bb99da02e /Modules/expat/xmlparse.c
parent	eb6c840a2414dc057ffcfbb5ad68d6253c8dd57c (diff)
download	cpython-1c9701a3de0566c085e03dddc14a8508aaae349e.zip cpython-1c9701a3de0566c085e03dddc14a8508aaae349e.tar.gz cpython-1c9701a3de0566c085e03dddc14a8508aaae349e.tar.bz2

bpo-46756: Fix authorization check in urllib.request (GH-31353) (GH-31572)

Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI "example.org/foobar" was allowed if the user was authorized for URI "example.org/foo". (cherry picked from commit e2e72567a1c94c548868f6ee5329363e6036057a) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

Diffstat (limited to 'Modules/expat/xmlparse.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: