[issue25228] Regression in cookie parsing with brackets and quotes
Martin Panter
report at bugs.python.org
Wed Feb 10 16:04:56 EST 2016
Martin Panter added the comment:
To move forward on this, I would like someone else (hopefully Antoine? :) to confirm my theory about the cookie injection attack, or otherwise explain why the patch won’t (re)open any security holes. Also, I would like to add some more test cases based on Sergey Bobrov’s post (especially the from the heading Особенности обработки Cookie #3).
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue25228>
_______________________________________
More information about the Python-bugs-list
mailing list