Issue 22663: fix redirect vulnerability in urllib/urllib2.

commit: 60a4a90c8dd2972eb4bb977e70835be9593cbbac [log] [tgz]
author: guido@google.com <guido@google.com> Thu Mar 24 08:07:45 2011 -0700
committer: guido@google.com <guido@google.com> Thu Mar 24 08:07:45 2011 -0700
tree: d8bc2a9dac432760b9a5c7971fe903e8da102af5
parent: ce5d0e22fc307a22bf8410dbdd6b4f0190f36fab [diff] [blame]
diff --git a/Lib/urllib2.py b/Lib/urllib2.py
index 50d7aaf..db7ce81 100644
--- a/Lib/urllib2.py
+++ b/Lib/urllib2.py

@@ -555,6 +555,13 @@
             return
         newurl = urlparse.urljoin(req.get_full_url(), newurl)
 
+        # For security reasons we do not allow redirects to protocols
+        # other than HTTP or HTTPS.
+        newurl_lower = newurl.lower()
+        if not (newurl_lower.startswith('http://') or
+                newurl_lower.startswith('https://')):
+            return
+
         # XXX Probably want to forget about the state of the current
         # request, although that might interact poorly with other
         # handlers that also use handler-specific request attributes
commit	60a4a90c8dd2972eb4bb977e70835be9593cbbac	[log] [tgz]
author	guido@google.com <guido@google.com>	Thu Mar 24 08:07:45 2011 -0700
committer	guido@google.com <guido@google.com>	Thu Mar 24 08:07:45 2011 -0700
tree	d8bc2a9dac432760b9a5c7971fe903e8da102af5
parent	ce5d0e22fc307a22bf8410dbdd6b4f0190f36fab [diff] [blame]