diff options
Diffstat (limited to 'Misc')
-rw-r--r-- | Misc/ACKS | 1 | ||||
-rw-r--r-- | Misc/NEWS | 4 |
2 files changed, 5 insertions, 0 deletions
@@ -251,6 +251,7 @@ Denver Coneybeare Phil Connell Juan José Conti Matt Conway +Devin Cook David M. Cooke Jason R. Coombs Garrett Cooper @@ -13,6 +13,10 @@ Core and Builtins Library ------- +- Issue #22419: Limit the length of incoming HTTP request in wsgiref server to + 65536 bytes and send a 414 error code for higher lengths. Patch contributed + by Devin Cook. + - Lax cookie parsing in http.cookies could be a security issue when combined with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov. |