Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-15-SP2:GA
python-urllib3
CVE-2023-43804.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2023-43804.patch of Package python-urllib3
Index: urllib3-1.25.10/src/urllib3/util/retry.py =================================================================== --- urllib3-1.25.10.orig/src/urllib3/util/retry.py +++ urllib3-1.25.10/src/urllib3/util/retry.py @@ -154,7 +154,7 @@ class Retry(object): RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503]) - DEFAULT_REDIRECT_HEADERS_BLACKLIST = frozenset(["Authorization"]) + DEFAULT_REDIRECT_HEADERS_BLACKLIST = frozenset(["Cookie", "Authorization"]) #: Maximum backoff time. BACKOFF_MAX = 120 Index: urllib3-1.25.10/test/test_retry.py =================================================================== --- urllib3-1.25.10.orig/test/test_retry.py +++ urllib3-1.25.10/test/test_retry.py @@ -270,7 +270,7 @@ class TestRetry(object): def test_retry_default_remove_headers_on_redirect(self): retry = Retry() - assert list(retry.remove_headers_on_redirect) == ["authorization"] + assert sorted(list(retry.remove_headers_on_redirect)) == sorted(["authorization", "cookie"]) def test_retry_set_remove_headers_on_redirect(self): retry = Retry(remove_headers_on_redirect=["X-API-Secret"])
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
