[Python-checkins] r88815 - python/branches/release25-maint/Lib/SimpleHTTPServer.py
martin.v.loewis
python-checkins at python.org
Sun Apr 17 22:31:34 CEST 2011
Author: martin.v.loewis
Date: Sun Apr 17 22:31:34 2011
New Revision: 88815
Log:
Copy of e9724d7abbc2 by Senthil Kumaran:
Fix issue11442 - Add a charset parameter to the Content-type to avoid
XSS attacks.
Patch by Tom N. (Backported from py3k codeline).
Modified:
python/branches/release25-maint/Lib/SimpleHTTPServer.py
Modified: python/branches/release25-maint/Lib/SimpleHTTPServer.py
==============================================================================
--- python/branches/release25-maint/Lib/SimpleHTTPServer.py (original)
+++ python/branches/release25-maint/Lib/SimpleHTTPServer.py Sun Apr 17 22:31:34 2011
@@ -16,6 +16,7 @@
import urllib
import urlparse
import cgi
+import sys
import shutil
import mimetypes
try:
@@ -132,7 +133,8 @@
length = f.tell()
f.seek(0)
self.send_response(200)
- self.send_header("Content-type", "text/html")
+ encoding = sys.getfilesystemencoding()
+ self.send_header("Content-type", "text/html; charset=%s" % encoding)
self.send_header("Content-Length", str(length))
self.end_headers()
return f
More information about the Python-checkins
mailing list