#37100: Prevent header injection through malformed response reason phrase
-------------------------------------+-------------------------------------
Reporter: Jake Howard | Owner: Varun
| Kasyap Pentamaraju
Type: Bug | Status: closed
Component: HTTP handling | Version: dev
Severity: Normal | Resolution: fixed
Keywords: | Triage Stage: Ready for
| checkin
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Jacob Walls <jacobtylerwalls@…>):
In [changeset:"d7b3fed6a1f8204a120929d44f78b7538e3f0703" d7b3fed]:
{{{#!CommitTicketReference repository=""
revision="d7b3fed6a1f8204a120929d44f78b7538e3f0703"
[6.1.x] Fixed #37100 -- Prevented control characters in HttpResponse
reason_phrase.
Backport of 53645750412efa1e9013004040db328bd515e0f1 from main.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/37100#comment:10>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/0107019e5031c441-55499072-100d-452f-82b6-2484c3a273a9-000000%40eu-central-1.amazonses.com.
