[issue11671] Security hole in wsgiref.headers.Headers
STINNER Victor
report at bugs.python.org
Mon Feb 25 19:37:35 CET 2013
STINNER Victor added the comment:
+ if bad_header_value_re.search(_value):
+ error_str = "Bad header value: {0!r} (bad char: {1!r})"
+ raise AssertionError(error_str.format(
+ _value, bad_header_value_re.search(_value).group(0)))
Why do you search the character twice? You can do something like:
match = bad_header_value_re.search(_value)
if match is not None:
... match..group(0) ...
Why do you only check value? You should also check _params:
parts = "; ".join(parts)
match = bad_header_value_re.search(parts)
...
And you should also check the name.
Should we do the same checks in httplib?
----------
nosy: +haypo
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue11671>
_______________________________________
More information about the Python-bugs-list
mailing list