[issue42967] [security] urllib.parse.parse_qsl(): Web cache poisoning - `; ` as a query args separator
Senthil Kumaran
report at bugs.python.org
Mon Feb 15 13:03:42 EST 2021
Senthil Kumaran <senthil at uthcode.com> added the comment:
New changeset c9f07813ab8e664d8c34413c4fc2d4f86c061a92 by Senthil Kumaran in branch '3.9':
[3.9] bpo-42967: only use '&' as a query string separator (GH-24297) (#24528)
https://github.com/python/cpython/commit/c9f07813ab8e664d8c34413c4fc2d4f86c061a92
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue42967>
_______________________________________
More information about the Python-bugs-list
mailing list