[issue32993] urllib and webbrowser.open() can open w/ file: protocol
yao zhihua
report at bugs.python.org
Sat Mar 10 09:10:40 EST 2018
yao zhihua <hackyzh001 at gmail.com> added the comment:
Borrow what others have said from Issue11662.
--------------------
The Python urllib and urllib2 modules are typically used to fetch web
pages but by default also contains handlers for ftp:// and file:// URL
schemes.
Now unfortunately it appears that it is possible for a web server to
redirect (HTTP 302) a urllib request to any of the supported
schemes. Examples on how this could turn bad:
1) File disclosure: A web application, that normally fetches and
displays a web page, is redirected to file:///etc/passwd and
discloses it.
2) Denial of Service: An application is redirected to a system device
(e.g. file:///dev/zero) which will result in excessive CPU/memory/disk
usage.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue32993>
_______________________________________
More information about the Python-bugs-list
mailing list