diff options
author | Helmut Grohne <helmut@subdivi.de> | 2011-01-12 21:20:21 +0100 |
---|---|---|
committer | Helmut Grohne <helmut@subdivi.de> | 2011-01-12 21:20:21 +0100 |
commit | 8f0c538410f94e18146a3514ba2284af89cbcf59 (patch) | |
tree | 9fa8a778f2241041fa73cc95e6bd7fd11aa10579 /wsgitools/authentication.py | |
parent | 5743d081855fb71db736e6319b1deb6363994c0c (diff) | |
download | wsgitools-8f0c538410f94e18146a3514ba2284af89cbcf59.tar.gz |
bug fix for StaticContent and CachingMiddleware
PEP333 says that the headers list passed to start_response may be modified by
servers or middlewares. In fact this happens in DigestAuthMiddleware. The
StaticContent and CachingMiddleware classes did not take this into account and
returned the same headers list multiple times which is wrong and can lead to
denial of service.
Diffstat (limited to 'wsgitools/authentication.py')
0 files changed, 0 insertions, 0 deletions