You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some parts of the Requests library are very heavy on string manipulations. There are parts of the code that calculate string lengths, use substrings, etc...
We need to do a full audit of the string-handling in Requests to ensure it handles multi-byte characters gracefully and appropriately. In some instances, this means properly discarding multi-byte characters upfront, because whatever RFC/standard/protocol disallowing their use.
In some instances, we need to have them properly pass through the string handling without causing invalid characters and random mismatches because of bad truncation of MB characters.
And for subsystems like the domain matching, we need to ensure that internationalization works properly across the combination of IDNA encoding and string manipulations.
The text was updated successfully, but these errors were encountered:
Some parts of the
Requests
library are very heavy on string manipulations. There are parts of the code that calculate string lengths, use substrings, etc...We need to do a full audit of the string-handling in Requests to ensure it handles multi-byte characters gracefully and appropriately. In some instances, this means properly discarding multi-byte characters upfront, because whatever RFC/standard/protocol disallowing their use.
In some instances, we need to have them properly pass through the string handling without causing invalid characters and random mismatches because of bad truncation of MB characters.
And for subsystems like the domain matching, we need to ensure that internationalization works properly across the combination of IDNA encoding and string manipulations.
The text was updated successfully, but these errors were encountered: