mirror of
https://github.com/django/daphne.git
synced 2024-11-21 23:46:33 +03:00
Stop stomping on Twisted's header dict
This commit is contained in:
parent
b86c8a0164
commit
40ed9625c3
|
@ -41,12 +41,12 @@ class WebRequest(http.Request):
|
|||
if b"?" in self.uri:
|
||||
self.query_string = self.uri.split(b"?", 1)[1]
|
||||
# Sanitize headers
|
||||
self.headers = {}
|
||||
self.clean_headers = {}
|
||||
for name, value in self.requestHeaders.getAllRawHeaders():
|
||||
# Prevent CVE-2015-0219
|
||||
if b"_" in name:
|
||||
continue
|
||||
self.headers[name.lower().decode("latin1")] = value[0]
|
||||
self.clean_headers[name.lower().decode("latin1")] = value[0]
|
||||
# Is it WebSocket? IS IT?!
|
||||
if upgrade_header == "websocket":
|
||||
# Make WebSocket protocol to hand off to
|
||||
|
@ -88,7 +88,7 @@ class WebRequest(http.Request):
|
|||
"path": self.path,
|
||||
"scheme": "http",
|
||||
"query_string": self.query_string,
|
||||
"headers": self.headers,
|
||||
"headers": self.clean_headers,
|
||||
"body": self.content.read(),
|
||||
"client": [self.client.host, self.client.port],
|
||||
"server": [self.host.host, self.host.port],
|
||||
|
|
|
@ -21,7 +21,7 @@ class WebSocketProtocol(WebSocketServerProtocol):
|
|||
def onConnect(self, request):
|
||||
self.request_info = {
|
||||
"path": request.path,
|
||||
"headers": self.headers,
|
||||
"headers": self.clean_headers,
|
||||
"query_string": request.query_string,
|
||||
"client": [request.client.host, request.client.port],
|
||||
"server": [request.host.host, request.host.port],
|
||||
|
|
Loading…
Reference in New Issue
Block a user