-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Require full version and method regex matches #7701
Conversation
Instead of adding new tests, I just updated the existing tests for bad methods and versions to have valid prefixes. I can add additional tests if that's preferable. |
Codecov Report
@@ Coverage Diff @@
## master #7701 +/- ##
=======================================
Coverage 97.36% 97.36%
=======================================
Files 106 106
Lines 31665 31665
Branches 3624 3624
=======================================
Hits 30830 30830
Misses 632 632
Partials 203 203
Flags with carried forward coverage won't be shown. Click here to find out more.
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
Backport to 3.9: 💚 backport PR created✅ Backport PR branch: Backported as #7703 🤖 @patchback |
## What do these changes do? These changes ensure that HTTP versions and methods fully match the regular expressions for those constructs. AIOHTTP currently only applies prefix-matching, which I assume was unintentional. ## Are there changes in behavior for the user? There should be no observable changes to the user, unless they use HTTP servers/clients that generate very malformed request lines. Such clients/servers are unlikely to exist because most other web servers reject these malformed messages. ## Related issue number Fixes #7700 (cherry picked from commit 312f747)
…ex matches (#7703) **This is a backport of PR #7701 as merged into master (312f747).** ## What do these changes do? These changes ensure that HTTP versions and methods fully match the regular expressions for those constructs. AIOHTTP currently only applies prefix-matching, which I assume was unintentional. ## Are there changes in behavior for the user? There should be no observable changes to the user, unless they use HTTP servers/clients that generate very malformed request lines. Such clients/servers are unlikely to exist because most other web servers reject these malformed messages. ## Related issue number Fixes #7700 Co-authored-by: Ben Kallus <49924171+kenballus@users.noreply.github.com>
…thod regex matches (aio-libs#7703) **This is a backport of PR aio-libs#7701 as merged into master (312f747).** These changes ensure that HTTP versions and methods fully match the regular expressions for those constructs. AIOHTTP currently only applies prefix-matching, which I assume was unintentional. There should be no observable changes to the user, unless they use HTTP servers/clients that generate very malformed request lines. Such clients/servers are unlikely to exist because most other web servers reject these malformed messages. Fixes aio-libs#7700 Co-authored-by: Ben Kallus <49924171+kenballus@users.noreply.github.com>
What do these changes do?
These changes ensure that HTTP versions and methods fully match the regular expressions for those constructs. AIOHTTP currently only applies prefix-matching, which I assume was unintentional.
Are there changes in behavior for the user?
There should be no observable changes to the user, unless they use HTTP servers/clients that generate very malformed request lines. Such clients/servers are unlikely to exist because most other web servers reject these malformed messages.
Related issue number
Fixes #7700