diff --git a/changelog.d/17741.misc b/changelog.d/17741.misc
new file mode 100644
index 0000000000000000000000000000000000000000..119c81edab3c842591e0132f2ba3ae2e72410c00
--- /dev/null
+++ b/changelog.d/17741.misc
@@ -0,0 +1 @@
+Remove usage of the deprecated cgi module.
\ No newline at end of file
diff --git a/contrib/graph/graph.py b/contrib/graph/graph.py
index 779590768fe7f308d9862aaf509ad0a3922e4308..1d74fee822c783d6172ab7b36c9ac75a582e589a 100644
--- a/contrib/graph/graph.py
+++ b/contrib/graph/graph.py
@@ -20,8 +20,8 @@
#
import argparse
-import cgi
import datetime
+import html
import json
import urllib.request
from typing import List
@@ -85,7 +85,7 @@ def make_graph(pdus: List[dict], filename_prefix: str) -> None:
"name": name,
"type": pdu.get("pdu_type"),
"state_key": pdu.get("state_key"),
- "content": cgi.escape(json.dumps(pdu.get("content")), quote=True),
+ "content": html.escape(json.dumps(pdu.get("content")), quote=True),
"time": t,
"depth": pdu.get("depth"),
}
diff --git a/synapse/http/matrixfederationclient.py b/synapse/http/matrixfederationclient.py
index ecbbb6cfc49f4d4fc2a115d92cf958bda8478c55..b9ecdc27336dab324f2b2c27d20f6969434d1a0d 100644
--- a/synapse/http/matrixfederationclient.py
+++ b/synapse/http/matrixfederationclient.py
@@ -19,7 +19,6 @@
#
#
import abc
-import cgi
import codecs
import logging
import random
@@ -1813,8 +1812,9 @@ def check_content_type_is(headers: Headers, expected_content_type: str) -> None:
)
c_type = content_type_headers[0].decode("ascii") # only the first header
- val, options = cgi.parse_header(c_type)
- if val != expected_content_type:
+ # Extract the 'essence' of the mimetype, removing any parameter
+ c_type_parsed = c_type.split(";", 1)[0].strip()
+ if c_type_parsed != expected_content_type:
raise RequestSendFailed(
RuntimeError(
f"Remote server sent Content-Type header of '{c_type}', not '{expected_content_type}'",