-
-
Notifications
You must be signed in to change notification settings - Fork 30.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[3.8] gh-104049: do not expose on-disk location from SimpleHTTPReques…
…tHandler (GH-104067) (#104121) Do not expose the local server's on-disk location from `SimpleHTTPRequestHandler` when generating a directory index. (unnecessary information disclosure) (cherry picked from commit c7c3a60) Co-authored-by: Ethan Furman <[email protected]> Co-authored-by: Gregory P. Smith <[email protected]> Co-authored-by: Jelle Zijlstra <[email protected]>
- Loading branch information
1 parent
47ec96a
commit 2062fce
Showing
3 changed files
with
11 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 2 additions & 0 deletions
2
Misc/NEWS.d/next/Security/2023-05-01-15-03-25.gh-issue-104049.b01Y3g.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
Do not expose the local on-disk location in directory indexes | ||
produced by :class:`http.client.SimpleHTTPRequestHandler`. |