Merge urllib/urllib2 security fix from 2.5 branch.

2025-12-01 23:32:16 +00:00 · 2011-03-29 10:48:23 -07:00 · 2011-03-29 10:48:23 -07:00 · 9a9fdfad59
commit 9a9fdfad59
parent f23c515e5b 92ecb8737b
5 changed files with 61 additions and 0 deletions
--- a/Lib/urllib.py
+++ b/Lib/urllib.py
@ -652,6 +652,18 @@ class FancyURLopener(URLopener):
        fp.close()
        # In case the server sent a relative URL, join with original:
        newurl = basejoin(self.type + ":" + url, newurl)
+
+        # For security reasons we do not allow redirects to protocols
+        # other than HTTP, HTTPS or FTP.
+        newurl_lower = newurl.lower()
+        if not (newurl_lower.startswith('http://') or
+                newurl_lower.startswith('https://') or
+                newurl_lower.startswith('ftp://')):
+            raise IOError('redirect error', errcode,
+                          errmsg + " - Redirection to url '%s' is not allowed" %
+                          newurl,
+                          headers)
+
        return self.open(newurl)

    def http_error_301(self, url, fp, errcode, errmsg, headers, data=None):