ada/cpython
0
0
Fork 0
mirror of https://github.com/AdaCore/cpython.git synced 2026-02-12 12:57:15 -08:00
Code Issues Packages Projects Releases Wiki Activity
78,545 Commits 66 Branches 323 Tags
3.3
Commit Graph

194 Commits

Author SHA1 Message Date
Benjamin Peterson
d504f20e1c merge 3.2 (#22931) 2015-05-23 10:38:48 -05:00
Benjamin Peterson
9bd476ea57 allow square brackets in cookie values (closes #22931) 2015-05-23 10:36:48 -05:00
Antoine Pitrou
7d0b8f95e7 Lax cookie parsing in http.cookies could be a security issue when combined 
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
 2014-09-17 00:23:55 +02:00
Ned Deily
217f4cd7ee Issue #21323: Fix http.server to again handle scripts in CGI subdirectories, 
broken by the fix for security issue #19435.  Patch by Zach Byrne.
 2014-07-12 22:12:39 -07:00
Ned Deily
915a30fb0d Issue #21323: Fix http.server to again handle scripts in CGI subdirectories, 
broken by the fix for security issue #19435.  Patch by Zach Byrne.
 2014-07-12 22:06:26 -07:00
Benjamin Peterson
6cd1954c5c merge 3.2 (#21766) 2014-06-14 18:40:10 -07:00
Benjamin Peterson
73b8b1cdb8 url unquote the path before checking if it refers to a CGI script (closes #21766) 2014-06-14 18:36:29 -07:00
Antoine Pitrou
dad182c16e Lax cookie parsing in http.cookies could be a security issue when combined 
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
 2014-09-17 00:23:55 +02:00
Serhiy Storchaka
91b0bc237c Issue #20331: Fixed possible FD leaks in various modules: 
http.server, imghdr, mailcap, mimetypes, xml.etree.
 2014-01-25 19:43:02 +02:00
Benjamin Peterson
044242360d fix handling of 100-continue status code (closes #18574) 2014-01-18 21:50:18 -05:00
Serhiy Storchaka
b992a0e102 Issue #19936: Added executable bits or shebang lines to Python scripts which 
requires them.  Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface.  Fixed
shebang line to use python3 executable in the unittestgui script.
 2014-01-16 17:15:49 +02:00
Benjamin Peterson
ccedc22769 update url to spec (closes #20018) 2013-12-18 15:35:18 -06:00
Serhiy Storchaka
1c84ac1f55 Issue #20007: HTTPResponse.read(0) no more prematurely closes connection. 
Original patch by Simon Sapin.
 2013-12-17 21:50:02 +02:00
Benjamin Peterson
35aca89617 merge 3.1 (#19435) 2013-10-30 12:48:59 -04:00
Benjamin Peterson
04e9de40f3 use the collapsed path in the run_cgi method (closes #19435) 2013-10-30 12:43:09 -04:00
Georg Brandl
f0746ca463 Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than 
100 headers are read.  Adapted from patch by Jyrki Pulliainen.
 2014-09-30 14:08:04 +02:00
Benjamin Peterson
a50f89954d merge 3.2 (#19435) 2013-10-30 12:50:18 -04:00
Georg Brandl
bf3f8eb960 Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than 
100 headers are read.  Adapted from patch by Jyrki Pulliainen.
 2013-10-27 07:34:48 +01:00
Senthil Kumaran
600b735062 Minor code improvement. Review comment by Eric V. Smith 2013-09-29 18:59:04 -07:00
Senthil Kumaran
72c238e21a Fix http.server's request handling case on trailing '/'. 
Patch contributed by Vajrasky Kok. Addresses Issue #17324
 2013-09-13 00:21:18 -07:00
R David Murray
cd0f74b1e0 #16611: BaseCookie now parses 'secure' and 'httponly' flags. 
Previously it generated them if they were given a value, but completely
ignored them if they were present in the string passed in to be parsed.  Now
if the flag appears on a cookie, the corresponding Morsel key will reference a
True value.  Other pre-existing behavior is retained in this maintenance
patch: if the source contains something like 'secure=foo', morsel['secure']
will return 'foo'.  Since such a value doesn't round trip and never did (and
would be a surprising occurrence) a subsequent non-bug-fix patch may change
this behavior.

Inspired by a patch from Julien Phalip, who reviewed this one.
 2013-08-25 11:09:02 -04:00
Andrew Svetlov
7b2c8bb833 Issue #16658: add missing return to HTTPConnection.send(). 
Patch by Jeff Knupp
 2013-04-12 22:49:19 +03:00
Senthil Kumaran
d9fbf36bbd #17678: Fix DeprecationWarning in the http/cookiejar.py by changing the usage 
of get_origin_req_host() to origin_req_host.

Patch by Wei-Cheng Pan
 2013-04-09 07:07:59 -07:00
Senthil Kumaran
884f0585a4 Reverting the changeset 5d76a4746d9d made for Issue #12921 2013-03-05 02:26:50 -08:00
Senthil Kumaran
1e7551dc87 Reverting the changeset 5126e62c60af made for Issue #12921 2013-03-05 02:25:58 -08:00