I believe this issue is more recent and widespread than I originally thought. I realized today that CherryPy is affected by this issue and [disabled nightly tests](https://github.com/cherrypy/cherrypy/issues/1781#issuecomment-507836873) as a result. It looks like the changed behavior was introduced in Python 3.7.4, so I expect stable releases to start failing also now. In that case, the web framework wishes to test that a null byte transmitted by the client is handled properly in the server, and without a patch, it's not possible for a project like cherrypy to transmit the invalid request to ensure a proper invalid response.
I see now that the previously proposed solution wouldn't even address this use-case, as the null byte would still have been excluded. |