From 4caf0a79d004b539529d6db53c8082a9dd6f76e2 Mon Sep 17 00:00:00 2001 From: NewUserHa <32261870+NewUserHa@users.noreply.github.com> Date: Mon, 9 Dec 2024 23:56:39 +0800 Subject: [PATCH 1/6] Update request.py --- Lib/urllib/request.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py index f5f17f223a45853..2daeac917af43d8 100644 --- a/Lib/urllib/request.py +++ b/Lib/urllib/request.py @@ -2126,7 +2126,7 @@ def getproxies(): """ return getproxies_environment() or getproxies_registry() - def proxy_bypass_registry(host): + def getproxy_bypass_registry(): try: import winreg except ImportError: @@ -2144,7 +2144,15 @@ def proxy_bypass_registry(host): return False if not proxyEnable or not proxyOverride: return False - return _proxy_bypass_winreg_override(host, proxyOverride) + + return proxyOverride + + def proxy_bypass_registry(host, proxyOverride=None): + if proxyOverride is None: + proxyOverride = getproxy_bypass_registry() + + if proxyOverride: + return _proxy_bypass_winreg_override(host, proxyOverride) def proxy_bypass(host): """Return True, if host should be bypassed. From 33f52f9834a825f27746d839ad0471efbf4c4170 Mon Sep 17 00:00:00 2001 From: NewUserHa <32261870+NewUserHa@users.noreply.github.com> Date: Tue, 10 Dec 2024 00:15:40 +0800 Subject: [PATCH 2/6] Update request.py --- Lib/urllib/request.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py index 2daeac917af43d8..941d64612058c0a 100644 --- a/Lib/urllib/request.py +++ b/Lib/urllib/request.py @@ -1895,8 +1895,8 @@ def getproxies_environment(): proxies[proxy_name] = value # CVE-2016-1000110 - If we are running as CGI script, forget HTTP_PROXY # (non-all-lowercase) as it may be set from the web server by a "Proxy:" - # header from the client - # If "proxy" is lowercase, it will still be used thanks to the next block + # header from the client. + # The below check it and only accepts the lowercase "_proxy" if 'REQUEST_METHOD' in os.environ: proxies.pop('http', None) for name, value, proxy_name in environment: From d758141262c4871943cd32371fc6a73aafa25bc3 Mon Sep 17 00:00:00 2001 From: NewUserHa <32261870+NewUserHa@users.noreply.github.com> Date: Tue, 10 Dec 2024 00:26:22 +0800 Subject: [PATCH 3/6] Update request.py --- Lib/urllib/request.py | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py index 941d64612058c0a..16987d5a393ce89 100644 --- a/Lib/urllib/request.py +++ b/Lib/urllib/request.py @@ -2148,24 +2148,22 @@ def getproxy_bypass_registry(): return proxyOverride def proxy_bypass_registry(host, proxyOverride=None): - if proxyOverride is None: - proxyOverride = getproxy_bypass_registry() - - if proxyOverride: + if proxyOverride:= proxyOverride or getproxy_bypass_registry(): return _proxy_bypass_winreg_override(host, proxyOverride) + return False - def proxy_bypass(host): + def proxy_bypass(host, env_proxies=None, proxyOverride=None): """Return True, if host should be bypassed. Checks proxy settings gathered from the environment, if specified, or the registry. """ - proxies = getproxies_environment() - if proxies: + if proxies:= env_proxies or getproxies_environment(): return proxy_bypass_environment(host, proxies) else: - return proxy_bypass_registry(host) + proxyOverride = proxyOverride or getproxy_bypass_registry() + return proxy_bypass_registry(host, proxyOverride) else: # By default use environment variables From ed7667656ddbdf88b44c97c9b3fbb576d943f051 Mon Sep 17 00:00:00 2001 From: NewUserHa <32261870+NewUserHa@users.noreply.github.com> Date: Wed, 11 Dec 2024 01:59:37 +0800 Subject: [PATCH 4/6] Update request.py --- Lib/urllib/request.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py index 16987d5a393ce89..fd9aac53c8207fc 100644 --- a/Lib/urllib/request.py +++ b/Lib/urllib/request.py @@ -2147,23 +2147,23 @@ def getproxy_bypass_registry(): return proxyOverride - def proxy_bypass_registry(host, proxyOverride=None): - if proxyOverride:= proxyOverride or getproxy_bypass_registry(): - return _proxy_bypass_winreg_override(host, proxyOverride) + def proxy_bypass_registry(host, proxy_override=None): + if proxy_override := proxy_override or getproxy_bypass_registry(): + return _proxy_bypass_winreg_override(host, proxy_override) return False - def proxy_bypass(host, env_proxies=None, proxyOverride=None): + def proxy_bypass(host, env_proxies=None, proxy_override=None): """Return True, if host should be bypassed. Checks proxy settings gathered from the environment, if specified, or the registry. """ - if proxies:= env_proxies or getproxies_environment(): + if proxies := env_proxies or getproxies_environment(): return proxy_bypass_environment(host, proxies) else: - proxyOverride = proxyOverride or getproxy_bypass_registry() - return proxy_bypass_registry(host, proxyOverride) + proxy_override = proxy_override or getproxy_bypass_registry() + return proxy_bypass_registry(host, proxy_override) else: # By default use environment variables From 1e7603a8f9f69f67c851e44f0297e1da92515eac Mon Sep 17 00:00:00 2001 From: NewUserHa <32261870+NewUserHa@users.noreply.github.com> Date: Fri, 12 Jun 2026 21:11:37 +0800 Subject: [PATCH 5/6] Update request.py --- Lib/urllib/request.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py index fd9aac53c8207fc..e4e4f88e2a8af91 100644 --- a/Lib/urllib/request.py +++ b/Lib/urllib/request.py @@ -1893,12 +1893,14 @@ def getproxies_environment(): environment.append((name, value, proxy_name)) if value: proxies[proxy_name] = value - # CVE-2016-1000110 - If we are running as CGI script, forget HTTP_PROXY - # (non-all-lowercase) as it may be set from the web server by a "Proxy:" - # header from the client. - # The below check it and only accepts the lowercase "_proxy" + + # CVE-2016-1000110 - If we are running as CGI script (i.e. when "REQUEST_METHOD" + # environment varable is set), forget HTTP_PROXY (non-all-lowercase) + # as it may be set from the web server by a "Proxy:" header from the atacker client. + # The below code check and drop it before the second pass matches lowercase. if 'REQUEST_METHOD' in os.environ: proxies.pop('http', None) + for name, value, proxy_name in environment: # not case-folded, checking here for lower-case env vars only if name[-6:] == '_proxy': From 5e50127cc4ac6656a107d6d8f70c0d90d3938845 Mon Sep 17 00:00:00 2001 From: NewUserHa <32261870+NewUserHa@users.noreply.github.com> Date: Fri, 12 Jun 2026 22:33:52 +0800 Subject: [PATCH 6/6] Create 2026-06-12-02-00-00.gh-issue-127753.abcdef.rst --- .../next/Library/2026-06-12-02-00-00.gh-issue-127753.abcdef.rst | 1 + 1 file changed, 1 insertion(+) create mode 100644 Misc/NEWS.d/next/Library/2026-06-12-02-00-00.gh-issue-127753.abcdef.rst diff --git a/Misc/NEWS.d/next/Library/2026-06-12-02-00-00.gh-issue-127753.abcdef.rst b/Misc/NEWS.d/next/Library/2026-06-12-02-00-00.gh-issue-127753.abcdef.rst new file mode 100644 index 000000000000000..792d6005489ebee --- /dev/null +++ b/Misc/NEWS.d/next/Library/2026-06-12-02-00-00.gh-issue-127753.abcdef.rst @@ -0,0 +1 @@ +#