Issue 1100201: Cross-site scripting on BaseHTTPServer (original) (raw)

Hi,

There is a minor XSS flaw in BaseHTTPServer, in the default error message, if you try connecting with a bad method name, e.g.:

pugsley:/srv/www/htdocs # telnet risk 8000 Trying 192.168.3.52... Connected to risk. Escape character is '^]'. / HTTP/1.0

HTTP/1.0 501 Unsupported method ("") Server: SimpleHTTP/0.6 Python/2.3.4 Date: Tue, 11 Jan 2005 15:02:48 GMT Content-Type: text/html Connection: close

Error response

Error code 501.

Message: Unsupported method ("").

Error code explanation: 501 = Server does not support this operation.

This is not likely to be a major security risk, but ideally it should be fixed. In addition it may be that other error messages exhibit this flaw, I haven't done a code audit.

Credit for discovery: Richard Moore

Best wishes,

Paul