Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython2 / 75d7b615ba70fc5759d16dee95bbd8f0474d8a9c
commit75d7b615ba70fc5759d16dee95bbd8f0474d8a9c[log] [tgz]
authorSenthil Kumaran <senthil@uthcode.com>Sat Jul 30 05:49:53 2016 -0700
committerSenthil Kumaran <senthil@uthcode.com>Sat Jul 30 05:49:53 2016 -0700
tree6fedc2530db2160bf68039a3bf28b4fefbb39743
parenta850ef698e55d07173051747e96207496c6f1bdb [diff]
Prevent HTTPoxy attack (CVE-2016-1000110)

Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
indicates that the script is in CGI mode.

Issue reported and patch contributed by RĂ©mi Rampin.
7 files changed
tree: 6fedc2530db2160bf68039a3bf28b4fefbb39743
  1. Demo/
  2. Doc/
  3. Grammar/
  4. Include/
  5. Lib/
  6. Mac/
  7. Misc/
  8. Modules/
  9. Objects/
  10. Parser/
  11. PC/
  12. PCbuild/
  13. Python/
  14. RISCOS/
  15. Tools/
  16. .bzrignore
  17. .gitignore
  18. .hgeol
  19. .hgignore
  20. .hgtags
  21. aclocal.m4
  22. config.guess
  23. config.sub
  24. configure
  25. configure.ac
  26. install-sh
  27. LICENSE
  28. Makefile.pre.in
  29. pyconfig.h.in
  30. README
  31. setup.py