Message335805
The webbrowser module uses WindowsDefault which calls os.startfile() and so can be abused to run arbitrary commands.
WindowsDefault should do log a warning or raise an error if the URL is unsafe. I'm not sure how to build a list of safe URL schemes. At least, we can explicitly exclude "C:\WINDOWS\system32\calc.exe" which doesn't contain "://".
The union of all "uses_*" constants of urllib.parser give me this sorted list of URL schemes:
['', 'file', 'ftp', 'git', 'git+ssh', 'gopher', 'hdl', 'http', 'https', 'imap', 'mailto', 'mms', 'news', 'nfs', 'nntp', 'prospero', 'rsync', 'rtsp', 'rtspu', 'sftp', 'shttp', 'sip', 'sips', 'snews', 'svn', 'svn+ssh', 'tel', 'telnet', 'wais', 'ws', 'wss']
Would it make sense to ensure that urllib.parser can parse an email to check if the URL looks valid? |
|
Date |
User |
Action |
Args |
2019-02-18 11:00:53 | vstinner | set | recipients:
+ vstinner |
2019-02-18 11:00:53 | vstinner | set | messageid: <1550487653.15.0.496398912417.issue36021@roundup.psfhosted.org> |
2019-02-18 11:00:53 | vstinner | link | issue36021 messages |
2019-02-18 11:00:52 | vstinner | create | |
|