Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Request state leaks into other requests #2

Closed
defnull opened this issue Jan 30, 2025 · 2 comments
Closed

Request state leaks into other requests #2

defnull opened this issue Jan 30, 2025 · 2 comments

Comments

@defnull
Copy link

defnull commented Jan 30, 2025

Request state (headers, cookies, query parameters and so on) are stored as MicroPie.Server() instances variables but the same instance is used to handle multiple requests concurrently. New requests will overwrite the state of older requests, even if there is still a coroutine handling the old request and trying to access this data. This can lead to crashes, privilege escalation, data leaks and other serious issues.
@patx
Copy link
Owner

patx commented Jan 31, 2025

Thank alot for pointing this out. Obviously this is a huuuge issue. Worked as fast as I could to come up with that I believe should fix this or at least start to. See 239c4a4

@patx
Copy link
Owner

patx commented Feb 2, 2025

Thank alot for pointing this out. Obviously this is a huuuge issue. Worked as fast as I could to come up with that I believe should fix this or at least start to. See 239c4a4

@patx patx closed this as completed Feb 2, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@defnull @patx