[issue38216] Fix for issue30458 (HTTP Header Injection) prevents crafting invalid requests
Ned Deily
report at bugs.python.org
Sun Sep 22 16:35:03 EDT 2019
Ned Deily <nad at python.org> added the comment:
I am certainly not a domain expert but, at a high level, I think the approach in PR 16321 is a reasonable compromise and I would support merging it to 3.7 and 3.6 (I'll let Larry and Benjamin speak for 3.5 and 2.7) assuming there are no review objections. Since we seem to be getting close to a comprehensive solution here, I am going to hold off on tagging 3.7.5r1 for a few more days in the hopes we can reach agreement on this approach.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue38216>
_______________________________________
More information about the Python-bugs-list
mailing list