Message 338171 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	sanebow
Recipients	sanebow
Date	2019-03-18.08:06:11
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1552896371.92.0.122580708995.issue36338@roundup.psfhosted.org>
In-reply-to

Content
The urlparse function in Python urllib returns the wrong hostname when parsing URL crafted by the malicious user. This may be caused by incorrect handling of IPv6 addresses. The bug could lead to open redirect in web applications which rely on urlparse to extract and validate the domain of redirection URL. The test case is as follows: >>> from urllib.parse import urlparse >>> urlparse(urlparse('http://benign.com\[attacker.com]').hostname >>> 'attacker.com' The correct behavior should be raising an invalid URL exception.

The urlparse function in Python urllib returns the wrong hostname when parsing URL crafted by the malicious user. This may be caused by incorrect handling of IPv6 addresses. The bug could lead to open redirect in web applications which rely on urlparse to extract and validate the domain of redirection URL.

The test case is as follows:

>>> from urllib.parse import urlparse
>>> urlparse(urlparse('http://benign.com\[attacker.com]').hostname
>>> 'attacker.com'

The correct behavior should be raising an invalid URL exception.

History
Date	User	Action	Args
2019-03-18 08:06:11	sanebow	set	recipients: + sanebow
2019-03-18 08:06:11	sanebow	set	messageid: <1552896371.92.0.122580708995.issue36338@roundup.psfhosted.org>
2019-03-18 08:06:11	sanebow	link	issue36338 messages
2019-03-18 08:06:11	sanebow	create