Honglin Wu
Honglin Wu
### Describe the bug Aiohttp does not strictly validate the `Host` header in the HTTP request, rejects redundant `Host` headers but does not reject missing `Host` header. ### To Reproduce...
### Describe the bug Hello, I may have found a bug in aiohttp's parsing of HTTP requests with duplicate chunked `Transfer-Encoding`. RFC 9112 says these: > A sender MUST NOT...
### Describe the bug Aiohttp does not properly handle chunked transfer encoding when the chunk-size does not match the actual data size. Instead of rejecting the request with a `400...
**Version** 5842197 **Platform** Ubuntu 11.4.0-1ubuntu1~22.04 **Description** Hello, I may have found a bug in twisted's parsing of HTTP requests with duplicate `Content-Type` header. RFC 9110 says this: > Although `Content-Type`...
**Version** 5842197 **Platform** Ubuntu 11.4.0-1ubuntu1~22.04 **Description** Hello, I may have found a bug in twisted's parsing of `CONNECT` requests. RFC 9112 says this: > A server MUST reject a `CONNECT`...
Hello, I may find some bugs with the `Host` header where twisted parses HTTP requests. RFC 9112 says this: > A server MUST respond with a `400 (Bad Request)` status...
Hello, I may find some bugs with the `Host` header where gunicorn parses HTTP requests. RFC 9112 says this: > A server MUST respond with a 400 (Bad Request) status...
**Version** bacbf8a **Platform** Ubuntu 11.4.0-1ubuntu1~22.04 **Description** Hello, I may have found a bug in gunicorn's parsing of absolute-form request-target authority. RFC 9112 says this: > When an origin server receives...
**Version** bacbf8a **Platform** Ubuntu 11.4.0-1ubuntu1~22.04 **Description** Hello, I may have found a bug in gunicorn's parsing of `CONNECT` requests. RFC 9110 says this: > A server MUST reject a `CONNECT`...
**Version** bacbf8a **Platform** Ubuntu 11.4.0-1ubuntu1~22.04 **Description** Hello, I may have found a bug in gunicorn's parsing of HTTP requests with duplicate `Content-Type` header. RFC 9110 says this: > Although `Content-Type`...