Message254048
Just noticed the whitespace scenario is mentioned at <https://tools.ietf.org/html/rfc7230#section-3.2.4>:
'''
No whitespace is allowed between the header field-name and colon. In the past, differences in the handling of such whitespace have led to security vulnerabilities in . . . response handling. . . . A proxy must remove any such whitespace from a response message before forwarding the message downstream.
'''
It would not be possible build a proxy that does that using Python 3’s current HTTP client. |
|
Date |
User |
Action |
Args |
2015-11-04 10:48:01 | martin.panter | set | recipients:
+ martin.panter, vstinner, 신동원 |
2015-11-04 10:48:01 | martin.panter | set | messageid: <1446634081.79.0.817549166795.issue25539@psf.upfronthosting.co.za> |
2015-11-04 10:48:01 | martin.panter | link | issue25539 messages |
2015-11-04 10:48:01 | martin.panter | create | |
|