aboutsummaryrefslogtreecommitdiff
path: root/src/net/http/request.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/net/http/request.go')
-rw-r--r--src/net/http/request.go7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/net/http/request.go b/src/net/http/request.go
index c9642e55c2..29e066d244 100644
--- a/src/net/http/request.go
+++ b/src/net/http/request.go
@@ -528,7 +528,12 @@ func (r *Request) write(w io.Writer, usingProxy bool, extraHeaders Header, waitF
// CONNECT requests normally give just the host and port, not a full URL.
ruri = host
}
- // TODO(bradfitz): escape at least newlines in ruri?
+ if stringContainsCTLByte(ruri) {
+ return errors.New("net/http: can't write control character in Request.URL")
+ }
+ // TODO: validate r.Method too? At least it's less likely to
+ // come from an attacker (more likely to be a constant in
+ // code).
// Wrap the writer in a bufio Writer if it's not already buffered.
// Don't always call NewWriter, as that forces a bytes.Buffer
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion