Project

General

Profile

Actions

Bug #7782

open

Error when header contains newline

Added by Rajmund Hruška 23 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
09/13/2024
Due date:
% Done:

0%

Estimated time:
To be discussed:
No

Description


Message type: CRITICAL
Location:     /var/mentat/venv/lib/python3.11/site-packages/hawat/base.py:203
Module:       base
Function:     eh_internal_server_error
Time:         2024-09-13 15:43:37,553

Message:

INTERNAL SERVER ERROR

Request: /auth/login?next=%22%2B%22A%22.concat(70-3).concat(22*4).concat(120).concat(79).concat(119).concat(78)%2B(require%22socket%22%0ASocket.gethostbyname(%22hitng%22%2B%22nklavfuqcdee3.bxss.me.%22)[3].to_s)%2B%22
Traceback:
Traceback (most recent call last):
  File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 2529, in wsgi_app
    response = self.full_dispatch_request()
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1825, in full_dispatch_request
    rv = self.handle_user_exception(e)
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1823, in full_dispatch_request
    rv = self.dispatch_request()
         ^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1799, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/flask/views.py", line 107, in view
    return current_app.ensure_sync(self.dispatch_request)(**kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/__init__.py", line 556, in dispatch_request
    redirect = self.do_before_response()  # pylint: disable=assignment-from-no-return
               ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/hawat/blueprints/auth/__init__.py", line 57, in do_before_response
    return self.redirect(
           ^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/mixin.py", line 81, in redirect
    return flask.redirect(
           ^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/flask/helpers.py", line 285, in redirect
    return current_app.redirect(location, code=code)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 2054, in redirect
    return _wz_redirect(location, code=code, Response=self.response_class)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/utils.py", line 277, in redirect
    response.headers["Location"] = location
    ~~~~~~~~~~~~~~~~^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 408, in __setitem__
    self.set(key, value)
  File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 330, in set
    _value = _str_header_value(_value)
             ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 513, in _str_header_value
    raise ValueError("Header values must not contain newline characters.")
ValueError: Header values must not contain newline characters.

No data to display

Actions

Also available in: Atom PDF