You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Before requests 2.30 it was possible to just pass a Python-string with umlauts (äöü...) to a requests.post call. Since urllib3 2.x this causes the body of the request to be truncated. It seems that the Content-Length is calculated based on the length of the string and the string itself is handed over to the call as a multibyte representation causing the string to be truncated in the request because with multibyte characters there are more bytes than characters.
Expected Result
All characters of the input string should have been sent to the target.
Actual Result
Input string is truncated. See output of code below:
data:application/octet-stream;base64,RGFzIHNpbmQgUG9zdC1EYXRlbiBtaXQgVW1sYXV0ZW46IMOkww==
data:application/octet-stream;base64,RGFzIHNpbmQgUG9zdC1EYXRlbiBtaXQgVW1sYXV0ZW46IOT89g==
Das sind Post-Daten mit Umlauten: äüö
POST /post HTTP/2
Host: httpbin.org
User-Agent: python-requests/2.31.0
Accept-Encoding: gzip, deflate, br
Accept: */*
Connection: close
Content-Type: text/plain
Content-Length: 37
Das sind Post-Daten mit Umlauten: äÃ
Before requests 2.30 it was possible to just pass a Python-string with umlauts (äöü...) to a
requests.post
call. Since urllib3 2.x this causes the body of the request to be truncated. It seems that the Content-Length is calculated based on the length of the string and the string itself is handed over to the call as a multibyte representation causing the string to be truncated in the request because with multibyte characters there are more bytes than characters.Expected Result
All characters of the input string should have been sent to the target.
Actual Result
Input string is truncated. See output of code below:
Reproduction Steps
The behaviour was also verified using Portswigger Burp Suite:
First Request:
Second Request:
Third Request:
System Information
The text was updated successfully, but these errors were encountered: