Issue 22663: fix redirect vulnerability in urllib/urllib2.

author: guido@google.com <guido@google.com> 2011-03-24 08:07:45 -0700
committer: guido@google.com <guido@google.com> 2011-03-24 08:07:45 -0700
commit: 60a4a90c8dd2972eb4bb977e70835be9593cbbac (patch)
tree: d8bc2a9dac432760b9a5c7971fe903e8da102af5 /Lib/urllib.py
parent: ce5d0e22fc307a22bf8410dbdd6b4f0190f36fab (diff)
download: cpython-git-60a4a90c8dd2972eb4bb977e70835be9593cbbac.tar.gz
1 files changed, 11 insertions, 2 deletions
diff --git a/Lib/urllib.py b/Lib/urllib.py
index 963187cfb2..09ce8c57e8 100644
--- a/Lib/urllib.py
+++ b/Lib/urllib.py
@@ -638,10 +638,19 @@ class FancyURLopener(URLopener):
             newurl = headers['uri']
         else:
             return
-        void = fp.read()
-        fp.close()
+
         # In case the server sent a relative URL, join with original:
         newurl = basejoin(self.type + ":" + url, newurl)
+
+        # For security reasons we do not allow redirects to protocols
+        # other than HTTP or HTTPS.
+        newurl_lower = newurl.lower()
+        if not (newurl_lower.startswith('http://') or
+                newurl_lower.startswith('https://')):
+            return
+
+        void = fp.read()
+        fp.close()
         return self.open(newurl)
 
     def http_error_301(self, url, fp, errcode, errmsg, headers, data=None):
author	guido@google.com <guido@google.com>	2011-03-24 08:07:45 -0700
committer	guido@google.com <guido@google.com>	2011-03-24 08:07:45 -0700
commit	60a4a90c8dd2972eb4bb977e70835be9593cbbac (patch)
tree	d8bc2a9dac432760b9a5c7971fe903e8da102af5 /Lib/urllib.py
parent	ce5d0e22fc307a22bf8410dbdd6b4f0190f36fab (diff)
download	cpython-git-60a4a90c8dd2972eb4bb977e70835be9593cbbac.tar.gz