Stop stripping \xa0 and \x85 from the beginning and end of header values

Pylons / waitress

Waitress - A WSGI server for Python 3

https://docs.pylonsproject.org/projects/waitress/en/latest/

Other

1.44k stars 164 forks source link

Stop stripping \xa0 and \x85 from the beginning and end of header values #433

Closed kenballus closed 7 months ago

kenballus commented 7 months ago

Previously, Waitress stripped \xa0 and \x85 from the sides of header values before inserting them into the environ dict. Since those bytes are allowed within header values, this could potentially cause data corruption. This patch removes the offending call to str.strip.

kenballus commented 7 months ago

Addresses #432

digitalresistor commented 7 months ago

We don't need the .strip() here, the values in the header are already normalized. Stripping here is redundant. I fixed this in #434