mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-28 20:56:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Issue #10714: Limit length of incoming request in http.server to 65536 bytes

Browse source 
for security reasons.  Initial patch by Ross Lagerwall.
This commit is contained in:
Antoine Pitrou 2010-12-16 16:48:36 +00:00
parent 12de8ac215
commit c492437922
4 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Lib/test/test_httpservers.py
View file

@ -566,6 +566,12 @@ class BaseHTTPRequestHandlerTestCase(unittest.TestCase):
self.assertEqual(sum(r == b'Connection: close\r\n' for r in result[1:-1]), 1)
self.handler = usual_handler # Restore to avoid breaking any subsequent tests.
def test_request_length(self):
# Issue #10714: huge request lines are discarded, to avoid Denial
# of Service attacks.
result = self.send_typical_request(b'GET ' + b'x' * 65537)
self.assertEqual(result[0], b'HTTP/1.1 414 Request-URI Too Long\r\n')
self.assertFalse(self.handler.get_called)
class SimpleHTTPRequestHandlerTestCase(unittest.TestCase):
""" Test url parsing """