#21991: make headerregistry params property MappingProxyType.

It is unlikely anyone is using the fact that the dictionary returned
by the 'params' attribute was previously writable, but even if someone
is the API is provisional so this kind of change is acceptable (and
needed, to get the API "right" before it becomes official).

Patch by Stéphane Wirtel.

Lib/email/headerregistry.py

@@ -7,6 +7,7 @@ Eventually HeaderRegistry will be a public API, but it isn't yet,
 and will probably change some before that happens.
 
 """
+from types import MappingProxyType
 
 from email import utils
 from email import errors
@@ -454,7 +455,7 @@ class ParameterizedMIMEHeader:
 
     @property
     def params(self):
-        return self._params.copy()
+        return MappingProxyType(self._params)
 
 
 class ContentTypeHeader(ParameterizedMIMEHeader):

Lib/test/test_email/test_headerregistry.py

@@ -1,6 +1,7 @@
 import datetime
 import textwrap
 import unittest
+import types
 from email import errors
 from email import policy
 from email.message import Message
@@ -235,6 +236,8 @@ class TestContentTypeHeader(TestHeaderBase):
         self.assertEqual(h.maintype, maintype)
         self.assertEqual(h.subtype, subtype)
         self.assertEqual(h.params, parmdict)
+        with self.assertRaises(TypeError):
+            h.params['abc'] = 'xyz'   # params is read-only.
         self.assertDefectsEqual(h.defects, defects)
         self.assertEqual(h, decoded)
         self.assertEqual(h.fold(policy=policy.default), folded)

Misc/NEWS

@@ -33,6 +33,10 @@ Core and Builtins
 Library
 -------
 
+- Issue #21991: Make email.headerregistry's header 'params' attributes
+  be read-only (MappingProxyType).  Previously the dictionary was modifiable
+  but a new one was created on each access of the attribute.
+
 - Issue #22641: In asyncio, the default SSL context for client connections
   is now created using ssl.create_default_context(), for stronger security.