New submission from Daniel Stutzbach <dan...@stutzbachenterprises.com>:
If the CGI script crashes before finishing the headers, cgitb will emit invalid HTTP headers before showing the error message. Below are HTTP headers I received, captured with a packet sniffer. Note the "<--: spam". HTTP/1.1 200 OK Date: Thu, 13 May 2010 14:00:42 GMT Server: Apache/2.2.9 <!--: spam Vary: Accept-Encoding Cache-Control: max-age=0 Expires: Thu, 13 May 2010 14:00:42 GMT Set-Cookie: ref=; path=/; HttpOnly Transfer-Encoding: chunked Content-Type: text/html That string it emitted by cgitb.reset(), which is trying to reset the browser to a sane state so the error message will be shown. The problem can be easily fixed by having cgitb.reset() emit two CRLF pairs first, to ensure that we're done with the headers and emitting content: - return '''<!--: spam + return '''\r\n\r\n<!--: spam ---------- components: Library (Lib) messages: 105633 nosy: stutzbach priority: normal severity: normal status: open title: cgitb sends a bogus HTTP header if the app crashes before finishing headers type: behavior versions: Python 2.7, Python 3.2 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue8704> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
