Permalink
Browse files

Merge pull request #846 from spaceone/patch-1

Fix remote code execution vulnerability
  • Loading branch information...
2 parents 349249f + 09ac05f commit 6c4a3d3a67300cd5df7f95a67ca9dcdc06950523 @keesbos keesbos committed Sep 22, 2015
Showing with 1 addition and 1 deletion.
  1. +1 −1 pyjs/jsonrpc/cgihandler/__init__.py
@@ -55,7 +55,7 @@ def set_cookies(self, c):
self._cookies = c
def __call__(self):
- self._cookies = Cookie.SmartCookie()
+ self._cookies = Cookie.SimpleCookie()
self._cookies.load(os.environ.get('HTTP_COOKIE', ''))
d = read_data() # TODO: handle partial data
write_data(self.process(d), self._cookies.output())

0 comments on commit 6c4a3d3

Please sign in to comment.