[issue30458] CRLF Injection in httplib

Martin Panter Sat, 25 Nov 2017 17:05:42 -0800

Martin Panter <vadmium...@gmail.com> added the comment:

Actually, the CRLF + space can be injected via percent encoding, so just 
dealing with literal CRLFs and spaces wouldn’t be enough. You would have to 
validate the hostname after it is decoded.


urlopen("http://127.0.0.1%0D%0A%20SLAVEOF . . . :6379/")

>>> pprint(conn.recv(300).splitlines(keepends=True))
[b'GET / HTTP/1.1\r\n',
 b'Accept-Encoding: identity\r\n',
 b'Host: 127.0.0.1\r\n',
 b' SLAVEOF . . . :6379\r\n',
 b'Connection: close\r\n',
 b'User-Agent: Python-urllib/2.7\r\n',
 b'\r\n']

----------

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue30458>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue30458] CRLF Injection in httplib

Reply via email to