Carl Friedrich Bolz-Tereick pushed to branch branch/default at PyPy / pypy
Commits: 9b377a08 by Carl Friedrich Bolz-Tereick at 2022-03-22T09:18:46+01:00 (Serhiy Storchaka, Michał Górny, cfbolz applying) bpo-46756: Fix authorization check in urllib.request (GH-31353) Fix a bug in urllib.request.HTTPPasswordMgr.find_user_password() and urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated() which allowed to bypass authorization. For example, access to URI "example.org/foobar" was allowed if the user was authorized for URI "example.org/foo". - - - - - 2 changed files: - lib-python/2.7/test/test_urllib2.py - lib-python/2.7/urllib2.py View it on Heptapod: https://foss.heptapod.net/pypy/pypy/-/commit/9b377a0834b6aa4109a39798331051020369e690 -- View it on Heptapod: https://foss.heptapod.net/pypy/pypy/-/commit/9b377a0834b6aa4109a39798331051020369e690 You're receiving this email because of your account on foss.heptapod.net.
_______________________________________________ pypy-commit mailing list -- pypy-commit@python.org To unsubscribe send an email to pypy-commit-le...@python.org https://mail.python.org/mailman3/lists/pypy-commit.python.org/ Member address: arch...@mail-archive.com
