summaryrefslogtreecommitdiff
path: root/cherrypy/test/test_request_obj.py
diff options
context:
space:
mode:
Diffstat (limited to 'cherrypy/test/test_request_obj.py')
-rw-r--r--cherrypy/test/test_request_obj.py10
1 files changed, 10 insertions, 0 deletions
diff --git a/cherrypy/test/test_request_obj.py b/cherrypy/test/test_request_obj.py
index 3aaa8e81..2478aabe 100644
--- a/cherrypy/test/test_request_obj.py
+++ b/cherrypy/test/test_request_obj.py
@@ -756,6 +756,16 @@ class RequestObjectTests(helper.CPWebCase):
headers=[('Content-type', 'application/json')])
self.assertBody('application/json')
+ def test_dangerous_host(self):
+ """
+ Dangerous characters like newlines should be elided.
+ Ref #1974.
+ """
+ # foo\nbar
+ encoded = '=?iso-8859-1?q?foo=0Abar?='
+ self.getPage('/headers/Host', headers=[('Host', encoded)])
+ self.assertBody('foobar')
+
def test_basic_HTTPMethods(self):
helper.webtest.methods_with_bodies = ('POST', 'PUT', 'PROPFIND',
'PATCH')
View Lorry Controller Status