mirror of
https://github.com/frappe/gunicorn.git
synced 2026-07-02 18:51:31 +08:00
Pass only the header name to InvalidHeader exception
Per @pajod review: the invalid header value may carry sensitive content, and raising it through the exception could leak it across security boundaries (browsers/proxies handling response splitting errors). Pass just the name instead.
This commit is contained in:
parent
7ae6503dea
commit
38ea12629f
@ -170,7 +170,11 @@ def _make_early_hints_callback(req, sock, resp):
|
|||||||
if not TOKEN_RE.fullmatch(name):
|
if not TOKEN_RE.fullmatch(name):
|
||||||
raise InvalidHeaderName('%r' % name)
|
raise InvalidHeaderName('%r' % name)
|
||||||
if not HEADER_VALUE_RE.fullmatch(value):
|
if not HEADER_VALUE_RE.fullmatch(value):
|
||||||
raise InvalidHeader('%r' % value)
|
# Pass only the name — the invalid value may contain
|
||||||
|
# sensitive data that shouldn't cross security boundaries
|
||||||
|
# via exception propagation (browsers/proxies may forward
|
||||||
|
# it to untrusted parties).
|
||||||
|
raise InvalidHeader('%r' % name)
|
||||||
|
|
||||||
value = value.strip(" \t")
|
value = value.strip(" \t")
|
||||||
response += f"{name}: {value}\r\n".encode('latin-1')
|
response += f"{name}: {value}\r\n".encode('latin-1')
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user