Message413870
>>> import xmlrpc.client
>>> xmlrpc.client.ServerProxy('https://login:password@example.com')
<ServerProxy for login:password@example.com/RPC2>
Because this repr is included in error messages, this can lead to leaking the password:
>>> xmlrpc.client.ServerProxy('https://login:password@example.com').method()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.7/xmlrpc/client.py", line 1112, in __call__
return self.__send(self.__name, args)
File "/usr/lib/python3.7/xmlrpc/client.py", line 1452, in __request
verbose=self.__verbose
File "/usr/lib/python3.7/xmlrpc/client.py", line 1154, in request
return self.single_request(host, handler, request_body, verbose)
File "/usr/lib/python3.7/xmlrpc/client.py", line 1187, in single_request
dict(resp.getheaders())
xmlrpc.client.ProtocolError: <ProtocolError for login:password@example.com/RPC2: 404 Not Found> |
|
Date |
User |
Action |
Args |
2022-02-24 01:40:39 | perrinjerome | set | recipients:
+ perrinjerome |
2022-02-24 01:40:39 | perrinjerome | set | messageid: <1645666839.94.0.152253377842.issue46840@roundup.psfhosted.org> |
2022-02-24 01:40:39 | perrinjerome | link | issue46840 messages |
2022-02-24 01:40:39 | perrinjerome | create | |
|