Skip to content

/ go

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net/http: invalid headers are normalized, allowing request smuggling [1.13 backport] #34542

Closed
gopherbot opened this issue Sep 25, 2019 · 1 comment
Closed

net/http: invalid headers are normalized, allowing request smuggling [1.13 backport] #34542

gopherbot opened this issue Sep 25, 2019 · 1 comment
Labels
CherryPickApproved FrozenDueToAge
Milestone
Go1.13.1

Comments

@gopherbot
Copy link

@gopherbot gopherbot commented Sep 25, 2019

@FiloSottile requested issue #34540 to be considered for backport to the next 1.13 minor release.

@gopherbot Please open backport issues for this. This was a security problem.
@gopherbot gopherbot mentioned this issue Sep 25, 2019
Closed
@gopherbot gopherbot added this to the Go1.13.2 milestone Sep 25, 2019
@FiloSottile FiloSottile modified the milestones: Go1.13.2, Go1.13.1 Sep 25, 2019
@FiloSottile
Copy link
Member

@FiloSottile FiloSottile commented Sep 25, 2019

Fixed in 5a6ab1e.
@howardjohn howardjohn mentioned this issue Sep 27, 2019
Merged
@mholt mholt mentioned this issue Oct 31, 2019
Closed
4 of 4 tasks complete
@golang golang locked and limited conversation to collaborators Sep 25, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
CherryPickApproved FrozenDueToAge
Projects
None yet
Milestone
Go1.13.1
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
@FiloSottile @gopherbot