Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Example code to trigger Content-Type response header corruption in versions of mod_wsgi up to and including version 3.3.
import functools
import threading
import time
import random
def run(*args):
while True:
items = []
for i in range(1000):
thread = threading.Thread(target=run)
def headers():
return [('Content-Type', 'text/plain'.upper().lower())]
def response():
yield 'Hello World!\n'
_content_type_cache = {}
def intern_content_type(application):
def _wrapper(environ, start_response):
def _start_response(status, headers, *args):
_headers = []
for header, value in headers:
if header.lower() == 'content-type':
value = _content_type_cache.setdefault(value, value)
_headers.append((header, value))
return start_response(status, _headers, *args)
return application(environ, _start_response)
return _wrapper
def application(environ, start_response):
status = '200 OK'
start_response(status, headers())
return response()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment