Antoine Pitrou pit...@free.fr added the comment:
Thanks for the patch. First, there's no need to use multiprocessing here.
Threading would be sufficient. Second, you shouldn't use an explicit port
number, but instead let the server bind itself to whatever port is available (I
think 0 using as
Ross Lagerwall rosslagerw...@gmail.com added the comment:
OK, here is an updated patch using threading 0 as a port number.
--
Added file: http://bugs.python.org/file20076/httpserver_py3k_v2.patch
___
Python tracker rep...@bugs.python.org
Antoine Pitrou pit...@free.fr added the comment:
It turns out the test could be simplified a lot by reusing the existing
infrastructure. I've committed the modified patch in r87317 (3.2), r87318 (3.1)
and r87320 (2.7). Thank you!
--
resolution: - fixed
stage: - committed/rejected
New submission from Ross Lagerwall rosslagerw...@gmail.com:
BaseHTTPRequestHandler in http.server does not limit the length of the request
line so a malicious client can cause the server to run out of memory with a
malicious request.
This patch limits the length to 64K (like Apache) and sends
Changes by Ross Lagerwall rosslagerw...@gmail.com:
--
nosy: +pitrou
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue10714
___
___
Python-bugs-list