Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
bpo-36274: Encode request lines with surrogate escapes #12315
While this is out of spec according to RFC 7230 (which limits
Don't use Latin-1 (though that would be in keeping with how we
This is the second fix proposed in the bug report; the first was submitted as #12314 so reviewers can decide between fixes.
After reviewing this request with @ericsnowcurrently, we've decided that this approach is dangerous in that it has the potential to expose users unexpectedly to non-compliant behavior, where as currently they are assured compliance. In particular, if a user had input from a source where it was surrogate-escaped non-ascii unicode, the request would currently be rejected but now will be accepted. Instead, we would like to see a more explicit opt-in, such as through a separate method or through a setting on the call and/or client object.
As a result, I'll be closing this PR ad the alternate and will follow up in the bug.