summaryrefslogtreecommitdiff
path: root/wsgitools/authentication.py
diff options
context:
space:
mode:
authorHelmut Grohne <helmut@subdivi.de>2011-01-12 21:20:21 +0100
committerHelmut Grohne <helmut@subdivi.de>2011-01-12 21:20:21 +0100
commit8f0c538410f94e18146a3514ba2284af89cbcf59 (patch)
tree9fa8a778f2241041fa73cc95e6bd7fd11aa10579 /wsgitools/authentication.py
parent5743d081855fb71db736e6319b1deb6363994c0c (diff)
downloadwsgitools-8f0c538410f94e18146a3514ba2284af89cbcf59.tar.gz
bug fix for StaticContent and CachingMiddleware
PEP333 says that the headers list passed to start_response may be modified by servers or middlewares. In fact this happens in DigestAuthMiddleware. The StaticContent and CachingMiddleware classes did not take this into account and returned the same headers list multiple times which is wrong and can lead to denial of service.
Diffstat (limited to 'wsgitools/authentication.py')
0 files changed, 0 insertions, 0 deletions