mirror of https://github.com/python/cpython
4abab6b603
Fix an open redirection vulnerability in the `http.server` module when an URI path starts with `//` that could produce a 301 Location header with a misleading target. Vulnerability discovered, and logic fix proposed, by Hamza Avvan (@hamzaavvan). Test and comments authored by Gregory P. Smith [Google]. |
||
---|---|---|
.. | ||
2022-04-27-18-25-30.gh-issue-68966.gjS8zs.rst | ||
2022-05-19-08-53-07.gh-issue-92888.TLtR9W.rst | ||
2022-06-03-12-52-53.gh-issue-79096.YVoxgC.rst | ||
2022-06-15-20-09-23.gh-issue-87389.QVaC3f.rst | ||
README.rst |
README.rst
Put news entry `blurb`_ files for the *Security* section in this directory. .. _blurb: https://pypi.org/project/blurb/