diff options
| author | Florian Apolloner <florian@apolloner.eu> | 2012-11-27 22:19:37 +0100 |
|---|---|---|
| committer | Florian Apolloner <florian@apolloner.eu> | 2012-12-10 22:11:40 +0100 |
| commit | 27560924ec1e567be4727ef8d7dfc4d3879c048c (patch) | |
| tree | 9351c083e25719527e9620f958949bfe970d44dd /tests/regressiontests | |
| parent | a2f2a399566dd68ce7e312fff5a5ba857066797d (diff) | |
Fixed a security issue in get_host.
Full disclosure and new release forthcoming.
Diffstat (limited to 'tests/regressiontests')
| -rw-r--r-- | tests/regressiontests/requests/tests.py | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/tests/regressiontests/requests/tests.py b/tests/regressiontests/requests/tests.py index 164c1082fe..adf824dff7 100644 --- a/tests/regressiontests/requests/tests.py +++ b/tests/regressiontests/requests/tests.py @@ -116,13 +116,15 @@ class RequestsTests(unittest.TestCase): '12.34.56.78:443', '[2001:19f0:feee::dead:beef:cafe]', '[2001:19f0:feee::dead:beef:cafe]:8080', + 'xn--4ca9at.com', # Punnycode for öäü.com ] poisoned_hosts = [ 'example.com@evil.tld', 'example.com:dr.frankenstein@evil.tld', - 'example.com:someone@somestie.com:80', - 'example.com:80/badpath' + 'example.com:dr.frankenstein@evil.tld:80', + 'example.com:80/badpath', + 'example.com: recovermypassword.com', ] for host in legit_hosts: @@ -186,13 +188,15 @@ class RequestsTests(unittest.TestCase): '12.34.56.78:443', '[2001:19f0:feee::dead:beef:cafe]', '[2001:19f0:feee::dead:beef:cafe]:8080', + 'xn--4ca9at.com', # Punnycode for öäü.com ] poisoned_hosts = [ 'example.com@evil.tld', 'example.com:dr.frankenstein@evil.tld', 'example.com:dr.frankenstein@evil.tld:80', - 'example.com:80/badpath' + 'example.com:80/badpath', + 'example.com: recovermypassword.com', ] for host in legit_hosts: |