The IDNA codec decoder used on DNS hostnames by socket
or asyncio
related name resolution functions no longer involves a quadratic algorithm. This prevents a potential CPU denial of service if an out-of-spec excessive length hostname involving bidirectional characters were decoded. Some protocols such as urllib
http 3xx
redirects potentially allow for an attacker to supply such a name.