blob: ed8027fb4d64202335a8fa0d80ebd848ed890d3e (
plain)
1
|
Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause an http.client.InvalidURL exception to be raised.
|