Mercurial > p > roundup > code

annotate roundup/cgi/__init__.py @ 5924:b40059d7036f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2550925 strip HTTP_PROXY environment variable if deployed as CGI and client sends an http PROXY header, the tainted HTTP_PROXY environment variable is created. It can affect calls using requests package or curl. A roundup admin would have to write detectors/extensions that use these mechanisms. Not exploitable in default config. See: https://httpoxy.org/
author John Rouillard <rouilj@ieee.org>
date Sun, 13 Oct 2019 17:45:06 -0400
parents fc52d57c6c3e
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1301
diff changeset
1 ''' CGI interface modules '''
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1301
diff changeset
2 __docformat__ = 'restructuredtext'
Roundup Issue Tracker: http://roundup-tracker.org/