granicus.if.org Git - python/commit

]> granicus.if.org Git - python/commit

author	Senthil Kumaran <senthil@uthcode.com>
	Sun, 31 Jul 2016 06:39:06 +0000 (23:39 -0700)
committer	Senthil Kumaran <senthil@uthcode.com>
	Sun, 31 Jul 2016 06:39:06 +0000 (23:39 -0700)
commit	17742f2d45c9dd7ca777e33601a26e80576fdbf6
tree	f83a9638dd08398dd1c93e4941a794a836b67f8c	tree \| snapshot
parent	3a32bdfaa7494bfc172b04bdb1c8159978af8d42	commit \| diff
parent	436fe5a447abb69e5e5a4f453325c422af02dcaa	commit \| diff

[merge from 3.4] - Prevent HTTPoxy attack (CVE-2016-1000110)

Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.

Issue #27568 Reported and patch contributed by Rémi Rampin.

Doc/howto/urllib2.rst	diff1 \|	diff2 \|	blob \| history
Doc/library/urllib.request.rst	diff1 \|	diff2 \|	blob \| history
Lib/test/test_urllib.py	diff1 \|	diff2 \|	blob \| history
Lib/urllib/request.py	diff1 \|	diff2 \|	blob \| history
Misc/NEWS	diff1 \|	diff2 \|	blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom

Doc/howto/urllib2.rst	diff1 \|	diff2 \|	blob \| history
Doc/library/urllib.request.rst	diff1 \|	diff2 \|	blob \| history
Lib/test/test_urllib.py	diff1 \|	diff2 \|	blob \| history
Lib/urllib/request.py	diff1 \|	diff2 \|	blob \| history
Misc/NEWS	diff1 \|	diff2 \|	blob \| history