Mercurial > p > roundup > code
annotate roundup/anypy/__init__.py @ 5924:b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
if deployed as CGI and client sends an http PROXY
header, the tainted HTTP_PROXY environment variable is created. It
can affect calls using requests package or curl. A roundup admin
would have to write detectors/extensions that use these mechanisms.
Not exploitable in default config.
See: https://httpoxy.org/
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 13 Oct 2019 17:45:06 -0400 |
| parents | 868db43b302a |
| children |
| rev | line source |
|---|---|
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
1 """ |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2 roundup.anypy - compatibility layer for any Python 2.3+ |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
3 """ |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
4 VERSION = '.'.join(map(str, |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
5 (0, |
| 4994 | 6 3, |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
7 ))) |