summaryrefslogtreecommitdiffstats
path: root/Lib/http
Commit message (Collapse)AuthorAgeFilesLines
* Issue #22928: Disabled HTTP header injections in http.client.Serhiy Storchaka2015-03-121-0/+37
|\ | | | | | | Original patch by Demian Brecht.
| * Issue #22928: Disabled HTTP header injections in http.client.Serhiy Storchaka2015-03-121-0/+37
| | | | | | | | Original patch by Demian Brecht.
* | Issue #21793: BaseHTTPRequestHandler again logs response code as numeric,Serhiy Storchaka2015-03-071-1/+2
| | | | | | | | not as stringified enum. Patch by Demian Brecht.
* | Issue #23442: Rename two member names to stay backward compatibleBerker Peksag2015-02-201-4/+4
| | | | | | | | | | | | with the constants in http.client. Initial patch by Demian Brecht.
* | Issue #23439: Add missing entries to http.client.__all__.Berker Peksag2015-02-201-1/+3
|\ \ | |/ | | | | | | | | | | Also, document the LineTooLong exception since it can be raised by the members of public API (e.g. http.client.HTTPResponse). Patch by Martin Panter.
| * Issue #23439: Add missing entries to http.client.__all__.Berker Peksag2015-02-201-1/+3
| | | | | | | | | | | | | | Also, document the LineTooLong exception since it can be raised by the members of public API (e.g. http.client.HTTPResponse). Patch by Martin Panter.
* | merge 3.4 (#23410)Benjamin Peterson2015-02-181-10/+10
|\ \ | |/
| * document the requestline and close_connection attributes, use real booleans, ↵Benjamin Peterson2015-02-181-10/+10
| | | | | | | | | | | | and add tests (closes #23410) Patch by Martin Panter.
* | Issue #23418: Add missing entries to http.server.__all__.Berker Peksag2015-02-131-1/+4
|\ \ | |/ | | | | Patch by Martin Panter.
| * Issue #23418: Add missing entries to http.server.__all__.Berker Peksag2015-02-131-1/+4
| | | | | | | | Patch by Martin Panter.
* | Issue #13128: Print response headers for CONNECT requests when debuglevel > 0.Berker Peksag2015-02-031-0/+3
| | | | | | | | Patch by Demian Brecht.
* | http.client: disable Nagle's algorithm (closes #23302)Benjamin Peterson2015-01-231-21/+4
| | | | | | | | Patch by Demian Brecht.
* | Issue #20898: Add a "HTTP status codes" section to avoid duplication in HTTP ↵Berker Peksag2015-01-201-30/+0
| | | | | | | | | | | | | | | | | | docs. This commit also removes a couple of non-standard status codes. They were added as part of edf669b13482, so there is no backwards compatibility issue. Patch by Demian Brecht.
* | merge 3.4 (#22986)Benjamin Peterson2015-01-171-2/+2
|\ \ | |/
| * capitialize "HttpOnly" and "Secure" as they appear in the standard and other ↵Benjamin Peterson2015-01-171-2/+2
| | | | | | | | | | | | impls (closes #23250) Patch by Jon Dufresne.
* | merge 3.4 (#23221)Benjamin Peterson2015-01-131-1/+1
|\ \ | |/
| * fix instances of consecutive articles (closes #23221)Benjamin Peterson2015-01-131-1/+1
| | | | | | | | Patch by Karan Goel.
* | merge 3.4 (#23112)Benjamin Peterson2014-12-261-2/+6
|\ \ | |/
| * fix behavior of trailing slash redirection when a query string is involved ↵Benjamin Peterson2014-12-261-2/+6
| | | | | | | | (closes #23112)
* | Issue #21793: Added http.HTTPStatus enums (i.e. HTTPStatus.OK,Serhiy Storchaka2014-12-233-215/+225
| | | | | | | | HTTPStatus.NOT_FOUND). Patch by Demian Brecht.
* | Issue #22095: Fixed HTTPConnection.set_tunnel with default port. The portSerhiy Storchaka2014-12-121-5/+3
|\ \ | |/ | | | | value in the host header was set to "None". Patch by Demian Brecht.
| * Issue #22095: Fixed HTTPConnection.set_tunnel with default port. The portSerhiy Storchaka2014-12-121-5/+3
| | | | | | | | value in the host header was set to "None". Patch by Demian Brecht.
* | merge 3.4 (#22959)Benjamin Peterson2014-12-071-2/+2
|\ \ | |/
| * HTTPSConnection: prefer the context's check_hostname attribute over the ↵Benjamin Peterson2014-12-071-2/+2
| | | | | | | | constructor parameter (#22959)
* | Issue #21032. Fixed socket leak if HTTPConnection.getresponse() fails.Serhiy Storchaka2014-12-011-10/+14
|\ \ | |/ | | | | Original patch by Martin Panter.
| * Issue #21032. Fixed socket leak if HTTPConnection.getresponse() fails.Serhiy Storchaka2014-12-011-10/+14
| | | | | | | | Original patch by Martin Panter.
* | merge 3.4 (#22921)Benjamin Peterson2014-11-231-2/+1
|\ \ | |/
| * don't require OpenSSL SNI to pass hostname to ssl functions (#22921)Benjamin Peterson2014-11-231-2/+1
| | | | | | | | Patch by Donald Stufft.
* | Issue #22796: HTTP cookie parsing is now stricter, in order to protect ↵Antoine Pitrou2014-11-211-15/+41
| | | | | | | | against potential injection attacks.
* | merge 3.4 (#22417)Benjamin Peterson2014-11-031-1/+1
|\ \ | |/
| * PEP 476: enable HTTPS certificate verification by default (#22417)Benjamin Peterson2014-11-031-1/+1
| | | | | | | | Patch by Alex Gaynor with some modifications by me.
* | Issue #22775: Fixed unpickling of http.cookies.SimpleCookie with protocol 2Serhiy Storchaka2014-11-021-2/+6
|\ \ | |/ | | | | and above. Patch by Tim Graham.
| * Issue #22775: Fixed unpickling of http.cookies.SimpleCookie with protocol 2Serhiy Storchaka2014-11-021-2/+6
| | | | | | | | and above. Patch by Tim Graham.
* | Issue #11957: Explicit parameter name when calling re.split() and re.sub()Victor Stinner2014-10-291-1/+1
| |
* | Lax cookie parsing in http.cookies could be a security issue when combinedAntoine Pitrou2014-09-161-1/+2
|\ \ | |/ | | | | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.
| * Lax cookie parsing in http.cookies could be a security issue when combinedAntoine Pitrou2014-09-161-1/+2
| |\ | | | | | | | | | | | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.
| | * Lax cookie parsing in http.cookies could be a security issue when combinedAntoine Pitrou2014-09-161-1/+2
| | | | | | | | | | | | | | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.
* | | Issue #22165: SimpleHTTPRequestHandler now supports undecodable file names.Serhiy Storchaka2014-08-171-4/+15
|\ \ \ | |/ /
| * | Issue #22165: SimpleHTTPRequestHandler now supports undecodable file names.Serhiy Storchaka2014-08-171-4/+15
| | |
* | | Issue #22033: Reprs of most Python implemened classes now contain actualSerhiy Storchaka2014-07-252-2/+3
| | | | | | | | | | | | class name instead of hardcoded one.
* | | Fixed bugs in reprs of CookieJar and multiprocessing.dummy.Value.Serhiy Storchaka2014-07-221-2/+2
|\ \ \ | |/ /
| * | Fixed bugs in reprs of CookieJar and multiprocessing.dummy.Value.Serhiy Storchaka2014-07-221-2/+2
| | |
* | | Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,Ned Deily2014-07-131-5/+5
|\ \ \ | |/ / | | | | | | broken by the fix for security issue #19435. Patch by Zach Byrne.
| * | Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,Ned Deily2014-07-131-5/+5
| |\ \ | | |/ | | | | | | broken by the fix for security issue #19435. Patch by Zach Byrne.
| | * Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,Ned Deily2014-07-131-5/+5
| | |\ | | | | | | | | | | | | broken by the fix for security issue #19435. Patch by Zach Byrne.
| | | * Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,Ned Deily2014-07-131-5/+5
| | | | | | | | | | | | | | | | broken by the fix for security issue #19435. Patch by Zach Byrne.
* | | | merge 3.4 (#21766)Benjamin Peterson2014-06-151-1/+1
|\ \ \ \ | |/ / /
| * | | merge 3.3 (#21766)Benjamin Peterson2014-06-151-1/+1
| |\ \ \ | | |/ /
| | * | merge 3.2 (#21766)Benjamin Peterson2014-06-151-1/+1
| | |\ \ | | | |/
| | | * url unquote the path before checking if it refers to a CGI script (closes ↵Benjamin Peterson2014-06-151-1/+1
| | | | | | | | | | | | | | | | #21766)
generated by cgit v0.12 at 2025-02-20 06:39:45 (GMT)