Marko Rauhamaa <ma...@pacujo.net>: > This is a security risk. Here is a brief demonstration. Copy the example > HTTP server from: > > <URL: https://docs.python.org/3/library/http.server.html?highlight=h > ttp#http.server.SimpleHTTPRequestHandler> > > [...] > > 3. http://localhost:8000/te%00st.html > > => The server crashes with a ValueError and the TCP connection is > reset
An exercise for the reader: provide a fix for the example server so the request returns a 404 response just like any other nonexistent resource. Marko -- https://mail.python.org/mailman/listinfo/python-list