Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cherrypy.url fails to normalize path #1595

Closed
lbolla opened this issue May 16, 2017 · 0 comments
Closed

cherrypy.url fails to normalize path #1595

lbolla opened this issue May 16, 2017 · 0 comments
Labels
bug CherryPy code

Comments

@lbolla
Copy link
Contributor

lbolla commented May 16, 2017

This call to cherrypy.url fails with IndexError:

>>> cherrypy.url(qs='../../../../../../etc/passwd')
...
IndexError: pop from empty list

The culprit seems in this logic, which strips newurl of as many atoms as there are ..:
https://github.com/cherrypy/cherrypy/blob/master/cherrypy/_helper.py#L261,L271

There are various problems.

  • That logic should only applied to the "path" part of newurl, not to the full url.

  • As a consequence of the point above, .. in the query string qs should not be considered

  • To consider: redundant .. should be ignored, to mimic os.path.normpath:

>>> os.path.normpath('/etc/../../../usr')
'/usr'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug CherryPy code
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lbolla @webknjaz