diff options
| author | Florian Apolloner <florian@apolloner.eu> | 2012-11-27 22:26:29 +0100 |
|---|---|---|
| committer | Florian Apolloner <florian@apolloner.eu> | 2012-12-10 22:14:16 +0100 |
| commit | 319627c184e71ae267d6b7f000e293168c7b6e09 (patch) | |
| tree | 0e48a2084e8ea17b422e6cf3611a49bccfe9517e /tests/regressiontests/requests/tests.py | |
| parent | b2ae0a63aeec741f1e51bac9a95a27fd635f9652 (diff) | |
[1.4.X] Fixed a security issue in get_host.
Full disclosure and new release forthcoming.
Diffstat (limited to 'tests/regressiontests/requests/tests.py')
| -rw-r--r-- | tests/regressiontests/requests/tests.py | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/tests/regressiontests/requests/tests.py b/tests/regressiontests/requests/tests.py index cf8fed0253..caa25aea21 100644 --- a/tests/regressiontests/requests/tests.py +++ b/tests/regressiontests/requests/tests.py @@ -1,3 +1,4 @@ +# -*- coding: utf-8 -*- from __future__ import with_statement import time @@ -154,13 +155,15 @@ class RequestsTests(unittest.TestCase): '12.34.56.78:443', '[2001:19f0:feee::dead:beef:cafe]', '[2001:19f0:feee::dead:beef:cafe]:8080', + 'xn--4ca9at.com', # Punnycode for öäü.com ] poisoned_hosts = [ 'example.com@evil.tld', 'example.com:dr.frankenstein@evil.tld', - 'example.com:someone@somestie.com:80', - 'example.com:80/badpath' + 'example.com:dr.frankenstein@evil.tld:80', + 'example.com:80/badpath', + 'example.com: recovermypassword.com', ] for host in legit_hosts: @@ -230,13 +233,15 @@ class RequestsTests(unittest.TestCase): '12.34.56.78:443', '[2001:19f0:feee::dead:beef:cafe]', '[2001:19f0:feee::dead:beef:cafe]:8080', + 'xn--4ca9at.com', # Punnycode for öäü.com ] poisoned_hosts = [ 'example.com@evil.tld', 'example.com:dr.frankenstein@evil.tld', 'example.com:dr.frankenstein@evil.tld:80', - 'example.com:80/badpath' + 'example.com:80/badpath', + 'example.com: recovermypassword.com', ] for host in legit_hosts: |