Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork33.7k
Closed
Assignees
Description
Problem: Thehttp.server module lets some control characters from the request thru which when emitted as is in a log message to a terminal can be used to control it or otherwise generate misleading output.python -m http.server is typically run within such a terminal.
Fix: Thehttp.server defaultlog_message() method needs to prevent printing of control characters.
Reported by David Leadbeater, G-Research on 2022-12-04
Linked PRs
- gh-100001: Omit control characters in http.server stderr logs. #100002
- [3.10] gh-100001: Omit control characters in http.server stderr logs. (GH-100002) #100031
- [3.9] gh-100001: Omit control characters in http.server stderr logs. (GH-100002) #100032
- [3.8] gh-100001: Omit control characters in http.server stderr logs. (GH-100002) #100033
- [3.7] gh-100001: Omit control characters in http.server stderr logs. (GH-100002) #100034
- [3.11] gh-100001: Omit control characters in http.server stderr logs. (GH-100002) #100035
- gh-100001: Also escape \s in http.server log messages. #100038
- [3.11] gh-100001: Also escape \s in http.server log messages. (GH-100038) #100040
- [3.10] gh-100001: Also escape \s in http.server log messages. (GH-100038) #100041
- gh-100001: Remove doc typo, add versionadded #100042
- [3.11] gh-100001: Remove doc typo, add versionadded (GH-100042) #100043
- [3.10] gh-100001: Remove doc typo, add versionadded (GH-100042) #100044
Metadata
Metadata
Assignees
Projects
Status
Done