Skip to content

Commit a5b0f06

Browse files
donbarbosdonbarbos
committed
Detect TLS handshake attempt in HTTP server
1 parent 3cf68cd commit a5b0f06

File tree

1 file changed

+9
-0
lines changed

1 file changed

+9
-0
lines changed

Lib/http/server.py

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -287,6 +287,15 @@ def parse_request(self):
287287
requestline = str(self.raw_requestline, 'iso-8859-1')
288288
requestline = requestline.rstrip('\r\n')
289289
self.requestline = requestline
290+
291+
# Detect TLS handshake attempt (common when browser forces HTTPS)
292+
if self.raw_requestline[0] == 0x16: # First TLS handshake bytes
293+
self.requestline = "[TLS handshake bytes]"
294+
self.send_error(
295+
HTTPStatus.BAD_REQUEST,
296+
"Unsupported protocol: HTTPS is not available")
297+
return False
298+
290299
words = requestline.split()
291300
if len(words) == 0:
292301
return False

0 commit comments

Comments
 (0)