Validate HTTP versions and methods

Pylons / waitress

Waitress - A WSGI server for Python 3

https://docs.pylonsproject.org/projects/waitress/en/latest/

Other

1.44k stars 164 forks source link

Validate HTTP versions and methods #423

Closed kenballus closed 7 months ago

kenballus commented 10 months ago

Currently waitress accepts certain malformed HTTP methods and versions. For example, waitress parses and accepts \x00 / HTTP/............0596.7407.\r\n\r\n

This patch changes waitress to accept only methods and versions that match the grammar in the RFCs.