Message 332571 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	kyoshidajp
Recipients	Ivan.Pozdeev, alex, artem.smotrakov, eamanu, jwilk, kyoshidajp, martin.panter, orsenthil, xtreak
Date	2018年12月27日.00:56:30
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1545872190.81.0.00550062009492.issue33661@roundup.psfhosted.org>

Content
Thanks. But I think the "add_unredirected_header" is not enough. These sensitive headers should be removed only when redirecting to cross-site automatically for security like HTTPBasicAuthHandler of urllib2. In order to fulfill this requirement, I think the operation should be in HTTPRedirectHandler.redirect_request.

Content

Thanks. But I think the "add_unredirected_header" is not enough.
These sensitive headers should be removed only when redirecting to cross-site automatically for security like HTTPBasicAuthHandler of urllib2. In order to fulfill this requirement, I think the operation should be in HTTPRedirectHandler.redirect_request.

History
Date	User	Action	Args
2018年12月27日 00:56:32	kyoshidajp	set	recipients: + kyoshidajp, orsenthil, jwilk, alex, martin.panter, Ivan.Pozdeev, artem.smotrakov, eamanu, xtreak
2018年12月27日 00:56:30	kyoshidajp	set	messageid: <1545872190.81.0.00550062009492.issue33661@roundup.psfhosted.org>
2018年12月27日 00:56:30	kyoshidajp	link	issue33661 messages
2018年12月27日 00:56:30	kyoshidajp	create

homepage