Skip to content

[3.9] bpo-39603: Prevent header injection in http methods (GH-18485)#21536

Merged
miss-islington merged 1 commit intopython:3.9from
miss-islington:backport-8ca8a2e-3.9
Jul 18, 2020
Merged

[3.9] bpo-39603: Prevent header injection in http methods (GH-18485)#21536
miss-islington merged 1 commit intopython:3.9from
miss-islington:backport-8ca8a2e-3.9

Conversation

@miss-islington
Copy link
Contributor

@miss-islington miss-islington commented Jul 18, 2020
edited by bedevere-bot
Loading

reject control chars in http method in http.client.putrequest to prevent http header injection
(cherry picked from commit 8ca8a2e)

Co-authored-by: AMIR 31338382+amiremohamadi@users.noreply.github.com

https://bugs.python.org/issue39603

@amiremohamadi @miss-islington
bpo-39603: Prevent header injection in http methods (pythonGH-18485)
8153332 
reject control chars in http method in http.client.putrequest to prevent http header injection
(cherry picked from commit 8ca8a2e)

Co-authored-by: AMIR <31338382+amiremohamadi@users.noreply.github.com>
@bedevere-bot bedevere-bot mentioned this pull request Jul 18, 2020
Merged
@miss-islington
Copy link
Contributor Author

miss-islington commented Jul 18, 2020

@amiremohamadi: Status check is done, and it's a success ✅ .

@miss-islington miss-islington merged commit 27b8110 into python:3.9 Jul 18, 2020
@miss-islington miss-islington deleted the backport-8ca8a2e-3.9 branch July 18, 2020 20:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gvanrossum gvanrossum gvanrossum approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@miss-islington @gvanrossum @the-knights-who-say-ni @bedevere-bot @amiremohamadi