summaryrefslogtreecommitdiffstats
path: root/Lib/test/test_httplib.py
Commit message (Collapse)AuthorAgeFilesLines
* [2.7] closes bpo-38576: Disallow control characters in hostnames in ↵Matěj Cepl2020-03-191-1/+12
| | | | | | | | | http.client. (GH-19052) Add host validation for control characters for more CVE-2019-18348 protection. (cherry picked from commit 83fc70159b24) Co-authored-by: Ashwin Ramaswami <aramaswamis@gmail.com>
* [2.7] bpo-38216, bpo-36274: Allow subclasses to separately override ↵Jason R. Coombs2019-10-081-0/+14
| | | | | | | | | | | | | validation and encoding behavior (GH-16476) Backporting this change, I observe a couple of things: 1. The _encode_request call is no longer meaningful because the request construction will implicitly encode the request using the default encoding when the format string is used (request = '%s %s %s'...). In order to keep the code as consistent as possible, I decided to include the call as a pass-through. I'd be just as happy to remove it entirely, but I'll leave that up to the reviewer to decide. It's okay that this functionality is disabled on Python 2 because this functionality was mainly around bpo-36274, which was mainly a concern with the transition to Python 3. 2. Because _encode_request is no longer meaningful, neither is the test for it, so I've removed that test. Therefore, the meaningful part of this test is that for bpo-38216, adding a (underscore-protected) hook to customize/disable validation. (cherry picked from commit 7774d7831e8809795c64ce27f7df52674581d298) Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>
* bpo-31518: Change TLS protocol for Debian (#3661)Christian Heimes2018-02-241-4/+4
| | | | | | | Debian Unstable has disabled TLS 1.0 and 1.1 for SSLv23_METHOD(). Change TLS/SSL protocol of some tests to PROTOCOL_TLS or PROTOCOL_TLSv1_2 to make them pass on Debian. Signed-off-by: Christian Heimes <christian@python.org>
* Issue #28394: Typo fixes in code comments and changelogMartin Panter2016-10-101-1/+1
| | | | Includes patch by Ville Skyttä.
* Issue #24363: Continue parsing HTTP header in spite of invalid linesMartin Panter2016-09-161-1/+115
|
* Issue #27125: Fix various errors like “will [be] inherited”Martin Panter2016-05-291-2/+2
|
* Issue #17849: Raise sensible exception for invalid HTTP tunnel responseMartin Panter2015-09-071-0/+10
| | | | Initial patch from Cory Benfield.
* Issue #22095: Fixed HTTPConnection.set_tunnel with default port. The portSerhiy Storchaka2015-05-281-3/+5
| | | | value in the host header was set to "None". Patch by Demian Brecht.
* Issue #15267: HTTPConnection.request() now is compatibile with old-styleSerhiy Storchaka2015-05-161-0/+17
| | | | classes (such as TemporaryFile). Original patch by Atsuo Ishimoto.
* #23539: Set Content-Length to 0 for PUT, POST, and PATCH if body is None.R David Murray2015-03-221-15/+54
| | | | | | | Some http servers will reject PUT, POST, and PATCH requests if they do not have a Content-Length header. Patch by James Rutherford.
* Issue #22928: Disabled HTTP header injections in httplib.Serhiy Storchaka2015-03-121-0/+56
| | | | Original patch by Demian Brecht.
* simply ignore headers with no name (#19996)Benjamin Peterson2015-01-261-0/+10
| | | | Patch by Cory Benfield.
* Fix Issue23300 : httplib.HTTP classe's connect method should use _get_hostportSenthil Kumaran2015-01-241-2/+27
| | | | | instead of (non-existing) _set_hostport. (Fix the regression introduced in 568041fd8090 )
* merge 2.7.9 release branchBenjamin Peterson2014-12-071-8/+5
|\
| * remove HTTPSConnection's check_hostname parameter (#22959)Benjamin Peterson2014-12-071-8/+5
| |
* | Issue #21032. Fixed socket leak if HTTPConnection.getresponse() fails.Serhiy Storchaka2014-12-011-1/+24
|/ | | | Original patch by Martin Panter.
* don't fail tests when www.python.org can't be validated by the systemBenjamin Peterson2014-11-251-3/+1
|
* debugging: print ca certs loaded into default ctxBenjamin Peterson2014-11-251-0/+3
|
* pep 476: verify certificates by default (#22417)Benjamin Peterson2014-11-241-2/+1
|
* allow passing cert/ssl information to urllib2.urlopen and ↵Benjamin Peterson2014-11-231-22/+136
| | | | | | httplib.HTTPSConnection This is basically a backport of issues #9003 and #22366.
* Issue #16037: HTTPMessage.readheaders() raises an HTTPException when moreBerker Peksag2014-08-051-0/+7
| | | | | | than 100 headers are read. Patch by Jyrki Pulliainen and Daniel Eriksson.
* Backport Fix for Issue #7776: Fix ``Host:'' header and reconnection when ↵Senthil Kumaran2014-05-171-2/+46
| | | | | | using http.client.HTTPConnection.set_tunnel(). Patch by Nikolaus Rath.
* Issue #20555: Use specific asserts in urllib, httplib, ftplib, cgi, wsgiref ↵Serhiy Storchaka2014-02-081-3/+3
| | | | tests.
* Issue #20007: HTTPResponse.read(0) no more prematurely closes connection.Serhiy Storchaka2013-12-171-0/+2
| | | | Original patch by Simon Sapin.
* Issue #15633: httplib.HTTPResponse is now mark closed when the server sends ↵Antoine Pitrou2013-02-021-3/+15
| | | | less than the advertised Content-Length.
* Issue #16298: In HTTPResponse.read(), close the socket when there is no ↵Antoine Pitrou2012-12-151-1/+14
| | | | | | Content-Length and the incoming stream is finished. Patch by Eran Rundstein.
* Fix Issue14721: Send Content-length: 0 for empty body () in the http.requestSenthil Kumaran2012-05-191-0/+28
|
* httplib test for early eof response. related to Issue13684Senthil Kumaran2012-04-291-0/+8
|
* Issue #10860: Skip the new test if HTTPS is not availablePetri Lehtinen2011-10-261-0/+1
|
* Fixes #10860: Handle empty port after port delimiter in httplibŁukasz Langa2011-10-181-1/+24
| | | | | | Thanks, Shawn Ligocki! 3.x version will come as a separate patch.
* Merged revisions 87373,87381 via svnmerge fromAntoine Pitrou2010-12-181-0/+29
| | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k BaseHTTPServer isn't fixed, this would require too much refactoring. ........ r87373 | senthil.kumaran | 2010-12-18 17:55:23 +0100 (sam., 18 déc. 2010) | 3 lines Fix Issue6791 - Limit the HTTP header readline with _MAXLENGTH. Patch by Antoine Pitrou ........ r87381 | antoine.pitrou | 2010-12-18 18:59:18 +0100 (sam., 18 déc. 2010) | 3 lines NEWS entry for r87373 ........
* Merged revisions 86596 via svnmerge fromEzio Melotti2010-11-211-12/+12
| | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r86596 | ezio.melotti | 2010-11-20 21:04:17 +0200 (Sat, 20 Nov 2010) | 1 line #9424: Replace deprecated assert* methods in the Python test suite. ........
* Merged revisions 86450 via svnmerge fromSenthil Kumaran2010-11-141-0/+20
| | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r86450 | senthil.kumaran | 2010-11-13 20:27:49 +0800 (Sat, 13 Nov 2010) | 3 lines Fix Issue5111 - Wrap the Ipv6 host with [] in the Host header ........
* Merged revisions 85205 via svnmerge fromSenthil Kumaran2010-10-031-2/+8
| | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r85205 | senthil.kumaran | 2010-10-03 23:52:42 +0530 (Sun, 03 Oct 2010) | 3 lines Fix Issue10012 - httplib headers, which are (sometimes mistakenly) int are explicitly cast to str (bytes - in py3k). ........
* Fix Issue1327971: HTTPResponse should expose a proper fileno attributeSenthil Kumaran2010-09-211-0/+7
|
* Forward port r70643 (#5542) + part of r83120 (just remove the comment)Victor Stinner2010-07-241-0/+31
| | | | | | | | Remove special logic that closes HTTPConnection socket on EPIPE. If the socket is closed, the client has no chance to read the response from the server. EPIPE means that it isn't possible to write more data from the socket, but not that it is impossible to read.
* test verifying the resp object is closed for HEAD response.Senthil Kumaran2010-06-041-1/+1
|
* Fixed Issue6312 - httplib fails with HEAD requests to pages with ↵Senthil Kumaran2010-04-281-0/+17
| | | | "transfer-encoding: chunked"
* Issue #7427: improve the representation of httplib.BadStatusLine exceptions.Dirkjan Ochtman2010-02-241-0/+4
|
* issue3972: HTTPConnection and HTTPSConnection now support aGregory P. Smith2010-01-031-2/+35
| | | | | | source_address parameter. Also cleans up an annotation in the socket documentation.
* Issue #6790: Make it possible again to pass an `array.array` toAntoine Pitrou2009-09-291-1/+16
| | | | `httplib.HTTPConnection.send`. Patch by Kirk McDonald.
* convert usage of fail* to assert*Benjamin Peterson2009-06-301-2/+2
|
* give httplib.IncompleteRead a more sane repr #4308Benjamin Peterson2009-03-021-0/+19
|
* Reflow long lines.Jeremy Hylton2008-11-291-5/+10
|
* Fixed the semantic of timeout for socket.create_connection andFacundo Batista2008-05-291-12/+17
| | | | | | all the upper level libraries that use it, including urllib2. Added and fixed some tests, and changed docs correspondingly. Thanks to John J Lee for the patch and the pusing, :)
* Fix typo with regards to self.PORT shadowing class variables with the same name.Trent Nelson2008-04-091-4/+5
|
* - Issue #2550: The approach used by client/server code for obtaining portsTrent Nelson2008-04-081-11/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to listen on in network-oriented tests has been refined in an effort to facilitate running multiple instances of the entire regression test suite in parallel without issue. test_support.bind_port() has been fixed such that it will always return a unique port -- which wasn't always the case with the previous implementation, especially if socket options had been set that affected address reuse (i.e. SO_REUSEADDR, SO_REUSEPORT). The new implementation of bind_port() will actually raise an exception if it is passed an AF_INET/SOCK_STREAM socket with either the SO_REUSEADDR or SO_REUSEPORT socket option set. Furthermore, if available, bind_port() will set the SO_EXCLUSIVEADDRUSE option on the socket it's been passed. This currently only applies to Windows. This option prevents any other sockets from binding to the host/port we've bound to, thus removing the possibility of the 'non-deterministic' behaviour, as Microsoft puts it, that occurs when a second SOCK_STREAM socket binds and accepts to a host/port that's already been bound by another socket. The optional preferred port parameter to bind_port() has been removed. Under no circumstances should tests be hard coding ports! test_support.find_unused_port() has also been introduced, which will pass a temporary socket object to bind_port() in order to obtain an unused port. The temporary socket object is then closed and deleted, and the port is returned. This method should only be used for obtaining an unused port in order to pass to an external program (i.e. the -accept [port] argument to openssl's s_server mode) or as a parameter to a server-oriented class that doesn't give you direct access to the underlying socket used. Finally, test_support.HOST has been introduced, which should be used for the host argument of any relevant socket calls (i.e. bind and connect). The following tests were updated to following the new conventions: test_socket, test_smtplib, test_asyncore, test_ssl, test_httplib, test_poplib, test_ftplib, test_telnetlib, test_socketserver, test_asynchat and test_socket_ssl. It is now possible for multiple instances of the regression test suite to run in parallel without issue.
* #1627: httplib now ignores negative Content-Length headers.Georg Brandl2008-02-241-0/+7
|
* #900744: If an invalid chunked-encoding header is sent by a server,Georg Brandl2008-02-241-0/+29
| | | | | httplib will now raise IncompleteRead and close the connection instead of raising ValueError.
* Patch #2167 from calvin: Remove unused importsChristian Heimes2008-02-231-1/+0
|
generated by cgit v0.12 at 2025-08-28 20:06:07 (GMT)