mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-09-02 06:57:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
cpython/Lib/email
History
R. David Murray 389af00371 Merged revisions 87873 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r87873 | r.david.murray | 2011-01-08 21:35:24 -0500 (Sat, 08 Jan 2011) | 12 lines

  #5871: protect against header injection attacks.

  This makes Header.encode throw a HeaderParseError if it winds up
  formatting a header such that a continuation line has no leading
  whitespace and looks like a header.  Since Header accepts values
  containing newlines and preserves them (and this is by design), without
  this fix any program that took user input (say, a subject in a web form)
  and passed it to the email package as a header was vulnerable to header
  injection attacks.  (As far as we know this has never been exploited.)

  Thanks to Jakub Wilk for reporting this vulnerability.
........
2011-01-09 02:48:04 +00:00
..
mime
test Merged revisions 87873 via svnmerge from 2011-01-09 02:48:04 +00:00
__init__.py
_parseaddr.py
base64mime.py
charset.py
encoders.py
errors.py
feedparser.py
generator.py Merged revisions 87415 via svnmerge from 2010-12-21 18:11:01 +00:00
header.py Merged revisions 87873 via svnmerge from 2011-01-09 02:48:04 +00:00
iterators.py
message.py Merged revisions 87217 via svnmerge from 2010-12-13 23:57:01 +00:00
parser.py
quoprimime.py
utils.py