Skip to content

Commit

Permalink
Merge pull request #846 from spaceone/patch-1
Browse files Browse the repository at this point in the history 
Fix remote code execution vulnerability
  • Loading branch information
@keesbos
keesbos committed Sep 22, 2015
2 parents 349249f + 09ac05f commit 6c4a3d3
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pyjs/jsonrpc/cgihandler/__init__.py
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ def set_cookies(self, c):
self._cookies = c self._cookies = c


def __call__(self): def __call__(self):
self._cookies = Cookie.SmartCookie() self._cookies = Cookie.SimpleCookie()
self._cookies.load(os.environ.get('HTTP_COOKIE', '')) self._cookies.load(os.environ.get('HTTP_COOKIE', ''))
d = read_data() # TODO: handle partial data d = read_data() # TODO: handle partial data
write_data(self.process(d), self._cookies.output()) write_data(self.process(d), self._cookies.output())
Expand Down

0 comments on commit 6c4a3d3

Please sign in to comment.