cpython: f5247195238f (original) (raw)
Mercurial > cpython
changeset 100836:f5247195238f 3.5
Issue #26586: Handle excessive header fields in http.server, by Xiang Zhang [#26586]
| Martin Panter vadmium+py@gmail.com | |
|---|---|
| date | Sun, 03 Apr 2016 00:45:46 +0000 |
| parents | f41d3321007f |
| children | e8edddb4f74b b29edd0108ee |
| files | Lib/http/server.py Lib/test/test_httpservers.py Misc/NEWS |
| diffstat | 3 files changed, 18 insertions(+), 0 deletions(-)[+] [-] Lib/http/server.py 7 Lib/test/test_httpservers.py 7 Misc/NEWS 4 |
line wrap: on
line diff
--- a/Lib/http/server.py +++ b/Lib/http/server.py @@ -337,6 +337,13 @@ class BaseHTTPRequestHandler(socketserve HTTPStatus.BAD_REQUEST, "Line too long") return False
except http.client.HTTPException as err:[](#l1.7)self.send_error([](#l1.8)HTTPStatus.REQUEST_HEADER_FIELDS_TOO_LARGE,[](#l1.9)"Too many headers",[](#l1.10)str(err)[](#l1.11))[](#l1.12)return False[](#l1.13)
conntype = self.headers.get('Connection', "") if conntype.lower() == 'close':
--- a/Lib/test/test_httpservers.py +++ b/Lib/test/test_httpservers.py @@ -858,6 +858,13 @@ class BaseHTTPRequestHandlerTestCase(uni self.assertFalse(self.handler.get_called) self.assertEqual(self.handler.requestline, 'GET / HTTP/1.1')
- def test_too_many_headers(self):
result = self.send_typical_request([](#l2.8)b'GET / HTTP/1.1\r\n' + b'X-Foo: bar\r\n' * 101 + b'\r\n')[](#l2.9)self.assertEqual(result[0], b'HTTP/1.1 431 Too many headers\r\n')[](#l2.10)self.assertFalse(self.handler.get_called)[](#l2.11)self.assertEqual(self.handler.requestline, 'GET / HTTP/1.1')[](#l2.12)
+ def test_close_connection(self): # handle_one_request() should be repeatedly called until # it sets close_connection
--- a/Misc/NEWS +++ b/Misc/NEWS @@ -99,6 +99,10 @@ Core and Builtins Library ------- +- Issue #26586: In http.server, respond with "413 Request header fields too