backup/warcprox
1
0
Fork 0
mirror of https://github.com/internetarchive/warcprox.git synced 2025-01-18 13:22:09 +01:00
Code Issues Projects Releases Activity

Improve target url validation

Browse Source 
In addition to checking for scheme='http', we should also check that
netloc has a value. There are many meaningless URLs that pass the
current check. For instance:

```
In [5]: urlparse("http://")
Out[5]: ParseResult(scheme='http', netloc='', path='', params='',
query='', fragment='')

In [6]: urlparse("http:///")
Out[6]: ParseResult(scheme='http', netloc='', path='/', params='',
query='', fragment='')
```

netloc should always have a value.
This commit is contained in:
Vangelis Banos 2019-05-06 21:23:10 +00:00
parent 38d6e4337d
commit 16489b99d9
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
warcprox/mitmproxy.py
View File

@ -233,7 +233,7 @@ class MitmProxyHandler(http_server.BaseHTTPRequestHandler):
else: else:
self.url = self.path self.url = self.path
u = urllib_parse.urlparse(self.url) u = urllib_parse.urlparse(self.url)
if u.scheme != 'http': if u.scheme != 'http' or u.netloc == '':
raise Exception( raise Exception(
'unable to parse request %r as a proxy request' % ( 'unable to parse request %r as a proxy request' % (
self.requestline)) self.requestline))