Message237096
>>> urlparse("//evil.com")
ParseResult(scheme='', netloc='evil.com', path='', params='', query='', fragment='')
I see evil.com in the netloc field, ok. But Firefox doesn't use Python to parse and url, and typing //evil.com in the address bar converts the address to file:////evil.com. Not a website, but a local file.
So I don't understand the redirection part. Could you maybe write a vulnerable CGI script to demonstrate the bug?
I wrote the following HTML file to try to understand the bug, but I was only able to show the content of my local file /etc/issue:
<head>
<META http-equiv="refresh" content="5;URL=////etc/issue">
</head>
<p><a href="////etc/issue">issue</a></p> |
|
Date |
User |
Action |
Args |
2015-03-03 00:11:47 | vstinner | set | recipients:
+ vstinner, orsenthil, pitrou, benjamin.peterson, python-dev, martin.panter, soilandreyes, yaaboukir |
2015-03-03 00:11:47 | vstinner | set | messageid: <1425341507.11.0.406157106116.issue23505@psf.upfronthosting.co.za> |
2015-03-03 00:11:47 | vstinner | link | issue23505 messages |
2015-03-03 00:11:47 | vstinner | create | |
|