summaryrefslogtreecommitdiffstats
path: root/Doc
diff options
context:
space:
mode:
authorBarry Warsaw <barry@python.org>2001-11-16 22:28:17 (GMT)
committerBarry Warsaw <barry@python.org>2001-11-16 22:28:17 (GMT)
commit0c0565dd7f389abc5cdf056374073088dd3f8d46 (patch)
tree0547b96ae1f758292cb45d96a3f52bc9d9f61487 /Doc
parent5e17d20743c501efc93954359d3194e5af71878f (diff)
downloadcpython-0c0565dd7f389abc5cdf056374073088dd3f8d46.zip
cpython-0c0565dd7f389abc5cdf056374073088dd3f8d46.tar.gz
cpython-0c0565dd7f389abc5cdf056374073088dd3f8d46.tar.bz2
Toughen up the security warnings a bit.
Diffstat (limited to 'Doc')
-rw-r--r--Doc/lib/libcookie.tex21
1 files changed, 13 insertions, 8 deletions
diff --git a/Doc/lib/libcookie.tex b/Doc/lib/libcookie.tex
index 227add6..18468e7 100644
--- a/Doc/lib/libcookie.tex
+++ b/Doc/lib/libcookie.tex
@@ -42,11 +42,10 @@ This class derives from \class{BaseCookie} and overrides
\method{value_decode()} and \method{value_encode()} to be the
\function{pickle.loads()} and \function{pickle.dumps()}.
-Do not use this class. Reading pickled values from a cookie is a
-security hole, as arbitrary client-code can be run on
-\function{pickle.loads()}. It is supported for backwards
-compatibility.
-
+\strong{Do not use this class!} Reading pickled values from untrusted
+cookie data is a huge security hole, as pickle strings can be crafted
+to cause arbitrary code to execute on your server. It is supported
+for backwards compatibility only, and may eventually go away.
\end{classdesc}
\begin{classdesc}{SmartCookie}{\optional{input}}
@@ -56,9 +55,17 @@ valid pickle, and otherwise the value itself. It overrides
\method{value_encode()} to be \function{pickle.dumps()} unless it is a
string, in which case it returns the value itself.
-The same security warning from \class{SerialCookie} applies here.
+\strong{Note:} The same security warning from \class{SerialCookie}
+applies here.
\end{classdesc}
+A further security note is warranted. For backwards compatibility,
+the \module{Cookie} module exports a class named \class{Cookie} which
+is just an alias for \class{SmartCookie}. This is probably a mistake
+and will likely be removed in a future version. You should not use
+the \class{Cookie} class in your applications, for the same reason why
+you should not use the \class{SerialCookie} class.
+
\begin{seealso}
\seerfc{2109}{HTTP State Management Mechanism}{This is the state
@@ -181,8 +188,6 @@ The following example demonstrates how to use the \module{Cookie} module.
>>> C = Cookie.SimpleCookie()
>>> C = Cookie.SerialCookie()
>>> C = Cookie.SmartCookie()
->>> C = Cookie.Cookie() # backwards-compatible alias for SmartCookie
->>> C = Cookie.SmartCookie()
>>> C["fig"] = "newton"
>>> C["sugar"] = "wafer"
>>> print C # generate HTTP headers