| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
| |
bpo-42967: [security] Address a web cache-poisoning issue reported in urllib.parse.parse_qsl().
urllib.parse will only us "&" as query string separator by default instead of both ";" and "&" as allowed in earlier versions. An optional argument seperator with default value "&" is added to specify the separator.
Co-authored-by: Éric Araujo <merwok@netwok.org>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com>
Co-authored-by: Éric Araujo <merwok@netwok.org>
|
|
|
| |
The quoted sentence can be found from the last paragraph of RFC 2046, Section 5.1, while the content of RFC 2026 is unrelated to this module.
|
|
|
|
|
|
|
|
|
| |
In Python 3.7 the behavior of parse_multipart changed requiring CONTENT-LENGTH
header, this fix remove this header as required and fix FieldStorage
read_lines_to_outerboundary, by not using limit when it's negative,
since by default it's -1 if not content-length and keeps substracting what
was read from the file object.
Also added a test case for this problem.
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#10638)
* bpo-20504 : in cgi.py, fix bug when a multipart/form-data request has no content-length header
* Add Misc/NEWS.d/next file.
* Add rst formatting for NEWS.d/next file
* Reaplce assert by self.assertEqual
|
|
|
| |
https://bugs.python.org/issue35028
|
|
|
|
| |
Adding `max_num_fields` to `cgi.FieldStorage` to make DOS attacks harder by
limiting the number of `MiniFieldStorage` objects created by `FieldStorage`.
|
| |
|
|
|
|
| |
FieldStorage use the given errors (GH-6804)
|
|
|
|
| |
FieldStorage (#991)
|
|
|
|
| |
collections. (#1263)
|
| |
|
|
|
|
| |
Most fixes to Doc/ and Lib/ directories by Ville Skyttä.
|
|\
| |
| |
| |
| |
| | |
Issue #24764: cgi.FieldStorage.read_multi() now ignores the Content-Length
header in part headers. Patch written by Peter Landry and reviewed by Pierre
Quentel.
|
| |
| |
| |
| |
| |
| | |
Issue #24764: cgi.FieldStorage.read_multi() now ignores the Content-Length
header in part headers. Patch written by Peter Landry and reviewed by Pierre
Quentel.
|
|\ \
| |/ |
|
| | |
|
|/ |
|
| |
|
|\
| |
| |
| |
| |
| | |
Issue #19092 - Raise a correct exception when cgi.FieldStorage is given an
invalid file-obj. Also use __bool__ to determine the bool of the FieldStorage
object.
|
| |
| |
| |
| |
| | |
invalid file-obj. Also use __bool__ to determine the bool of the FieldStorage
object.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| | |
caches.
Eliminates the ResoureWarning raised during testing.
Patch also independently written by Vajrasky Kok.
|
|\ \
| |/ |
|
| | |
|
|\ \
| |/
| |
| | |
when \r\n appears at end of 65535 bytes without other newlines.
|
| |
| |
| |
| | |
when \r\n appears at end of 65535 bytes without other newlines.
|
|\ \
| |/
| |
| |
| | |
Issue #12411: Fix to cgi.parse_multipart to correctly use bytes boundaries and
bytes data. Patch by Jonas Wagner.
|
| |\
| | |
| | |
| | |
| | | |
Issue #12411: Fix to cgi.parse_multipart to correctly use bytes boundaries and
bytes data. Patch by Jonas Wagner.
|
| | |
| | |
| | |
| | | |
bytes data. Patch by Jonas Wagner.
|
| | | |
|
| | |
| | |
| | |
| | | |
Patch by Serhiy Storchaka.
|
|/ / |
|
| |
| |
| |
| | |
DeprecationWarning (cgi, importlib, nntplib, smtpd).
|
|\ \
| |/
| |
| | |
semicolons. Patch by Ben Darnell and Petri Lehtinen.
|
| |
| |
| |
| | |
semicolons. Patch by Ben Darnell and Petri Lehtinen.
|
|/ |
|
| |
|
|
|
|
|
| |
as unicode, and accept binary files. Add encoding and errors attributes to
cgi.FieldStorage.
|
|
|
|
| |
library to it. It defaults to quote=True and also escapes single quotes, which makes casual use safer. The cgi.escape() interface is not touched, but emits a (silent) PendingDeprecationWarning.
|
|
|
|
| |
variations. Changes in Modules.
|
|
|
|
|
|
|
|
|
|
| |
svn+ssh://pythondev@svn.python.org/python/trunk
........
r78844 | benjamin.peterson | 2010-03-11 16:03:45 -0600 (Thu, 11 Mar 2010) | 1 line
revert r78842 cgi.py change
........
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
svn+ssh://pythondev@svn.python.org/python/trunk
........
r78841 | benjamin.peterson | 2010-03-11 15:50:45 -0600 (Thu, 11 Mar 2010) | 1 line
remove executable property from doc files
........
r78842 | benjamin.peterson | 2010-03-11 15:53:25 -0600 (Thu, 11 Mar 2010) | 1 line
use proper shebang lines
........
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
svn+ssh://pythondev@svn.python.org/python/trunk
........
r67528 | fred.drake | 2008-12-04 13:25:17 -0500 (Thu, 04 Dec 2008) | 4 lines
Issue #1055234: cgi.parse_header(): Fixed parsing of header parameters to
support unusual filenames (such as those containing semi-colons) in
Content-Disposition headers.
........
|
|
|
|
| |
the tests. Also fixed the warning message in cgi.py
|
|
|
|
|
| |
to the urlparse one. Added a DeprecationWarning in the old module, it
will be deprecated in the future. Docs and tests updated.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
64434-64435,64440-64443,64445,64447-64448,64450,64452,64455,64461,64464,64466,64468 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r64434 | andrew.kuchling | 2008-06-20 18:13:58 -0500 (Fri, 20 Jun 2008) | 1 line
Remove request for e-mail; it's unlikely these classes will be saved
........
r64435 | andrew.kuchling | 2008-06-20 18:14:32 -0500 (Fri, 20 Jun 2008) | 1 line
Grammar fixes
........
r64440 | andrew.kuchling | 2008-06-21 08:29:12 -0500 (Sat, 21 Jun 2008) | 1 line
Docstring typo
........
r64441 | andrew.kuchling | 2008-06-21 08:47:20 -0500 (Sat, 21 Jun 2008) | 1 line
Use repr() for bad input strings; this makes the empty string or binary characters more visible
........
r64442 | andrew.kuchling | 2008-06-21 08:48:38 -0500 (Sat, 21 Jun 2008) | 1 line
Docstring correction
........
r64443 | georg.brandl | 2008-06-21 09:26:19 -0500 (Sat, 21 Jun 2008) | 2 lines
Documentation fix.
........
r64445 | facundo.batista | 2008-06-21 12:30:06 -0500 (Sat, 21 Jun 2008) | 3 lines
Reviewed and updated the documentation. Fixes #3017.
........
r64447 | facundo.batista | 2008-06-21 13:58:04 -0500 (Sat, 21 Jun 2008) | 6 lines
Now a from submitted via POST that also has a query string
will contain both FieldStorage and MiniFieldStorage items.
Fixes #1817.
........
r64448 | facundo.batista | 2008-06-21 14:48:19 -0500 (Sat, 21 Jun 2008) | 5 lines
In the deprecated functions I added an alert to review
specially a section of the subprocess documentation
that helps with the replacing of those functionss.
........
r64450 | georg.brandl | 2008-06-22 04:05:29 -0500 (Sun, 22 Jun 2008) | 2 lines
Turn section references into proper cross-references.
........
r64452 | facundo.batista | 2008-06-22 08:36:20 -0500 (Sun, 22 Jun 2008) | 5 lines
Issue #2722. Now the char buffer to support the path string has
not fixed length, it mallocs memory if needed. As a result, we
don't have a maximum for the getcwd() method.
........
r64455 | facundo.batista | 2008-06-22 10:27:10 -0500 (Sun, 22 Jun 2008) | 4 lines
Issue 3164. Small fix to don't repeat a comparation
without necessity.
........
r64461 | georg.brandl | 2008-06-22 13:11:52 -0500 (Sun, 22 Jun 2008) | 2 lines
#3085: Fix syntax error.
........
r64464 | georg.brandl | 2008-06-22 13:31:54 -0500 (Sun, 22 Jun 2008) | 2 lines
Expand docstrings of sqlite3 functions.
........
r64466 | georg.brandl | 2008-06-22 14:07:59 -0500 (Sun, 22 Jun 2008) | 2 lines
Write out "phi" consistently.
........
r64468 | facundo.batista | 2008-06-22 14:35:24 -0500 (Sun, 22 Jun 2008) | 4 lines
Just returning nothing instead of rising TestSkipped, because
it makes the test fail in the trunk.loewis-sun buildbot.
........
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It consists of code from urllib, urllib2, urlparse, and robotparser.
The old modules have all been removed. The new package has five
submodules: urllib.parse, urllib.request, urllib.response,
urllib.error, and urllib.robotparser. The urllib.request.urlopen()
function uses the url opener from urllib2.
Note that the unittests have not been renamed for the
beta, but they will be renamed in the future.
Joint work with Senthil Kumaran.
|
| |
|