alex/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2026-02-21 01:40:39 +10:00
Code Issues Packages Projects Releases Wiki Activity

allow X-Forwarded-HTTP-Version;

Browse Source 
the request-header safeguard added in v1.20.5 was too strict
This commit is contained in:
ed
2026-01-31 19:11:16 +00:00
parent 95b827f1a5
commit 72224d29d6
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
copyparty/httpcli.py
View File

@@ -172,6 +172,7 @@ RE_HSAFE = re.compile(r"[\x00-\x1f<>\"'&]") # search always much faster
RE_HOST = re.compile(r"[^][0-9a-zA-Z.:_-]") # search faster <=17ch RE_HOST = re.compile(r"[^][0-9a-zA-Z.:_-]") # search faster <=17ch
RE_MHOST = re.compile(r"^[][0-9a-zA-Z.:_-]+$") # match faster >=18ch RE_MHOST = re.compile(r"^[][0-9a-zA-Z.:_-]+$") # match faster >=18ch
RE_K = re.compile(r"[^0-9a-zA-Z_-]") # search faster <=17ch RE_K = re.compile(r"[^0-9a-zA-Z_-]") # search faster <=17ch
RE_HTTP1 = re.compile(r"(GET|HEAD|POST|PUT) [^ ]+ HTTP/1.1$")
RE_HR = re.compile(r"[<>\"'&]") RE_HR = re.compile(r"[<>\"'&]")
RE_MDV = re.compile(r"(.*)\.([0-9]+\.[0-9]{3})(\.[Mm][Dd])$") RE_MDV = re.compile(r"(.*)\.([0-9]+\.[0-9]{3})(\.[Mm][Dd])$")
RE_RSS_KW = re.compile(r"(\{[^} ]+\})") RE_RSS_KW = re.compile(r"(\{[^} ]+\})")
@@ -350,7 +351,7 @@ class HttpCli(object):
for header_line in headerlines[1:]: for header_line in headerlines[1:]:
k, zs = header_line.split(":", 1) k, zs = header_line.split(":", 1)
self.headers[k.lower()] = zs.strip() self.headers[k.lower()] = zs.strip()
if zs.endswith(" HTTP/1.1"): if zs.endswith(" HTTP/1.1") and RE_HTTP1.search(zs):
raise Exception() raise Exception()
except: except:
headerlines = [repr(x) for x in headerlines] headerlines = [repr(x) for x in headerlines]