Commit Graph

459 Commits

Author SHA1 Message Date
Vitor Pereira 52ad72dd0a bpo-30553: Add status code 421 to http.HTTPStatus (GH-2589) 2017-10-26 21:49:19 +03:00
Serhiy Storchaka 13ad3b7a82 bpo-31462: Remove trailing whitespaces. (#3564) 2017-09-14 09:38:36 +03:00
Antoine Pitrou a6a4dc816d bpo-31370: Remove support for threads-less builds (#3385)
* Remove Setup.config
* Always define WITH_THREAD for compatibility.
2017-09-07 18:56:24 +02:00
Stéphane Wirtel a17a2f52c4 bpo-28707: Add the directory parameter to http.server.SimpleHTTPRequestHandler and http.server module (#1776)
* bpo-28707: call the constructor of SimpleHTTPRequestHandler in the test with a mock object

* bpo-28707: Add the directory parameter to http.server.SimpleHTTPRequestHandler and http.server module
2017-05-24 00:29:06 -07:00
remitamine a632d00a1c Remove duplicate line in Lib/http/client.py (#1665) 2017-05-19 15:28:35 +03:00
Serhiy Storchaka 7e4db2f253 bpo-30166: Import command-line parsing modules only when needed. (#1293) 2017-05-04 08:17:47 +03:00
Serhiy Storchaka 2e576f5aec bpo-30144: Import collections ABC from collections.abc rather than collections. (#1263) 2017-04-24 09:05:00 +03:00
Pierre Quentel 351adda54b bpo-29654 : Support If-Modified-Since HTTP header (browser cache) (#298)
Return 304 response if file was not modified.
2017-04-02 13:26:12 +03:00
Serhiy Storchaka cc283378d6 Issue #29192: Removed deprecated features in the http.cookies module. 2017-01-13 09:23:15 +02:00
Serhiy Storchaka 70d28a184c Remove unused imports. 2016-12-16 20:00:15 +02:00
Martin Panter e82338ddab Issue #28548: Parse HTTP request version even if too many words received 2016-11-19 01:06:37 +00:00
Martin Panter 741d4940fe Issue #23214: Remove BufferedReader.read1(-1) workaround 2016-10-21 00:52:04 +00:00
Serhiy Storchaka bd48d27944 Issue #22493: Inline flags now should be used only at the start of the
regular expression.  Deprecation warning is emitted if uses them in the
middle of the regular expression.
2016-09-11 12:50:02 +03:00
Christian Heimes d04863771b Issue #28022: Deprecate ssl-related arguments in favor of SSLContext.
The deprecation include manual creation of SSLSocket and certfile/keyfile
(or similar) in ftplib, httplib, imaplib, smtplib, poplib and urllib.

ssl.wrap_socket() is not marked as deprecated yet.
2016-09-10 23:23:33 +02:00
Eric V. Smith 451d0e38fc Issue 27948: Allow backslashes in the literal string portion of f-strings, but not in the expressions. Also, require expressions to begin and end with literal curly braces. 2016-09-09 21:56:20 -04:00
Senthil Kumaran 10427f4485 [merge from 3.5] - Issue28010 - Make http.client.HTTPConnection.putrequest
documentation consistent with the code.
2016-09-08 14:29:23 -07:00
Senthil Kumaran 5dc504c3c9 Issue28010 - Make http.client.HTTPConnection.putrequest documentation consistent with the code. 2016-09-08 14:28:01 -07:00
Martin Panter 0be894b2f6 Issue #27895: Spelling fixes (Contributed by Ville Skyttä). 2016-09-07 12:03:06 +00:00
R David Murray 44b548dda8 #27364: fix "incorrect" uses of escape character in the stdlib.
And most of the tools.

Patch by Emanual Barry, reviewed by me, Serhiy Storchaka, and
Martin Panter.
2016-09-08 13:59:53 -04:00
Eric V. Smith 6e025608a2 Issue 27921: Remove backslash from another f-string. 2016-09-03 10:43:20 -04:00
Raymond Hettinger 15f44ab043 Issue #27895: Spelling fixes (Contributed by Ville Skyttä). 2016-08-30 10:47:49 -07:00
Martin Panter ef91bb2660 Issue #12319: Always send file request bodies using chunked encoding
The previous attempt to determine the file’s Content-Length gave a false
positive for pipes on Windows.

Also, drop the special case for sending zero-length iterable bodies.
2016-08-27 01:39:26 +00:00
Raymond Hettinger f74c33ad5c Merge 2016-08-25 21:12:16 -07:00
Raymond Hettinger 7ea386e56e Issue 19504: Change "customise" to "customize" American spelling. 2016-08-25 21:11:50 -07:00
Martin Panter 3c0d0baf2b Issue #12319: Support for chunked encoding of HTTP request bodies
When the body object is a file, its size is no longer determined with
fstat(), since that can report the wrong result (e.g. reading from a pipe).
Instead, determine the size using seek(), or fall back to chunked encoding
for unseekable files.

Also, change the logic for detecting text files to check for TextIOBase
inheritance, rather than inspecting the “mode” attribute, which may not
exist (e.g. BytesIO and StringIO).  The Content-Length for text files is no
longer determined ahead of time, because the original logic could have been
wrong depending on the codec and newline translation settings.

Patch by Demian Brecht and Rolf Krahl, with a few tweaks by me.
2016-08-24 06:33:33 +00:00
Senthil Kumaran 290b42de73 [merge from 3.5] - Issue #27466: Change time format returned by
http.cookie.time2netscape, confirming the netscape cookie format.
2016-07-10 06:49:49 -07:00
Senthil Kumaran d5b47fb8ce Issue #27466: Change time format returned by http.cookie.time2netscape,
confirming the netscape cookie format.
2016-07-10 06:45:38 -07:00
Martin Panter 40de69ac58 Issue #25738: Merge HTTP server from 3.5 2016-06-08 09:45:58 +00:00
Martin Panter e42e129ebe Issue #25738: Don’t send message body for 205 Reset Content
Patch by Susumu Koshiba.
2016-06-08 08:29:13 +00:00
Martin Panter 3e04d5b306 Issue #27076: Merge spelling from 3.5 2016-05-26 06:03:19 +00:00
Martin Panter 46f50726a0 Issue #27076: Doc, comment and tests spelling fixes
Most fixes to Doc/ and Lib/ directories by Ville Skyttä.
2016-05-26 05:35:26 +00:00
Martin Panter 1ce738e08f Merge typo fixes from 3.5 2016-05-08 14:02:35 +00:00
Martin Panter f0564164ba Fix typos in comments, documentation and test method names 2016-05-08 13:48:10 +00:00
Berker Peksag 3a31cca4ab Issue #24902: Print server URL on http.server startup
Initial patch by Felix Kaiser.
2016-04-29 16:48:11 +03:00
Martin Panter 791ac54a44 Issue #26657: Merge http.server fix from 3.5 2016-04-18 07:16:17 +00:00
Martin Panter d274b3f1f1 Issue #26657: Fix Windows directory traversal vulnerability with http.server
Based on patch by Philipp Hagemeister.  This fixes a regression caused by
revision f4377699fd47.
2016-04-18 03:45:18 +00:00
Martin Panter 0cab9c1eba Issue #26404: Add context manager to socketserver, by Aviv Palivoda 2016-04-13 00:36:52 +00:00
Martin Panter da3bb38452 Issue #26585: Eliminate _quote_html() and use html.escape(quote=False)
Patch by Xiang Zhang.
2016-04-11 00:40:08 +00:00
Martin Panter c86c91aab0 Merge typo fixes from 3.5 2016-04-05 06:20:32 +00:00
Martin Panter cc71a795df Fix typos in documentation and comments 2016-04-05 06:19:42 +00:00
Martin Panter 50badad807 Issue #26586: Simple enhancements to BaseHTTPRequestHandler by Xiang Zhang 2016-04-03 01:28:53 +00:00
Martin Panter b93e4b2480 Issue #26586: Merge excessive HTTP header handling from 3.5 2016-04-03 01:28:49 +00:00
Martin Panter acc03195b0 Issue #26586: Handle excessive header fields in http.server, by Xiang Zhang 2016-04-03 00:45:46 +00:00
Martin Panter ec195fba5b Issue #26499: Merge HTTPResponse fix from 3.5 2016-03-17 07:05:34 +00:00
Martin Panter ce911c3fed Issue #26499: Fixes to HTTPResponse.readline() and read1(), by Silent Ghost 2016-03-17 06:42:48 +00:00
Berker Peksag 04bc5b9e48 Issue #747320: Use email.utils.formatdate() to avoid code duplication
in BaseHTTPRequestHandler

Initial patch by karlcow.
2016-03-14 06:06:03 +02:00
Berker Peksag 0647ef05eb Issue #16181: cookiejar.http2time() now returns None if year is higher than datetime.MAXYEAR 2016-03-14 05:48:28 +02:00
Berker Peksag 20be53e5b5 Issue #16181: cookiejar.http2time() now returns None if year is higher than datetime.MAXYEAR 2016-03-14 05:48:02 +02:00
Jason R. Coombs b118870490 Issue #26302: merge from 3.5 2016-02-24 08:50:59 -05:00
Martin Panter 192697e33b Issue #26045: Merge http.client error addition from 3.5 2016-02-09 11:57:11 +00:00
Martin Panter 44391481d7 Issue #26045: Add UTF-8 suggestion to error in http.client
Based on patch by Guido van Rossum.
2016-02-09 10:20:52 +00:00
Anish Shah 102d813b55 Issue #26302: Correctly identify comma as an invalid character for a cookie (correcting regression in Python 3.5). 2016-02-07 05:36:00 +05:00
Serhiy Storchaka 3fd4a735d8 Issue #25899: Converted non-ASCII characters in docstrings and manpage
to ASCII replacements.  Removed UTF-8 BOM from Misc/NEWS.
Original patch by Chris Angelico.
2015-12-18 13:10:37 +02:00
Martin Panter 22fd1c262a Merge typo and grammar fixes from 3.5 2015-11-14 01:29:13 +00:00
Martin Panter 32acc16cda Merge typo and grammar fixes from 3.4 into 3.5 2015-11-14 01:14:25 +00:00
Martin Panter ac34e09bbf Correct Content-Type syntax in documentation 2015-11-14 00:58:32 +00:00
Serhiy Storchaka 4a7c03aab4 Issue #25523: Merge a-to-an corrections from 3.5. 2015-11-02 14:44:29 +02:00
Serhiy Storchaka a84f6c3dd3 Issue #25523: Merge a-to-an corrections from 3.4. 2015-11-02 14:39:05 +02:00
Serhiy Storchaka d65c9496da Issue #25523: Further a-to-an corrections. 2015-11-02 14:10:23 +02:00
Martin Panter 585a6acfef Merge typo fixes from 3.5 2015-10-07 11:13:55 +00:00
Martin Panter 3f930dcd87 Merge typo fixes from 3.4 into 3.5 2015-10-07 11:01:47 +00:00
Martin Panter 9955a373a8 Various minor typos in documentation and comments 2015-10-07 10:26:23 +00:00
Martin Panter 5e84d037bb Issues #25232, #24657: Merge two CGI server fixes from 3.5 2015-10-03 06:43:19 +00:00
Martin Panter 56b76d25dd Issues #25232, #24657: Merge two CGI server fixes from 3.4 into 3.5 2015-10-03 06:03:25 +00:00
Martin Panter cb29e8c0e5 Issue #24657: Prevent CGIRequestHandler from collapsing the URL query
Initial patch from Xiang Zhang. Also fix out-of-date _url_collapse_path() doc
string.
2015-10-03 05:55:46 +00:00
Martin Panter a02e18a43f Issue #25232: Fix CGIRequestHandler's splitting of URL query
Patch from Xiang Zhang.
2015-10-03 05:38:07 +00:00
Raymond Hettinger 15b87bfedc Add in missing docstrings. 2015-08-18 22:03:08 -07:00
Robert Collins 5409177b62 Issue #24774: Fix docstring in http.server.test.
Patch from Chiu-Hsiang Hsu.
2015-08-17 12:19:19 +12:00
Robert Collins 9644f2450d Issue #24774: Fix docstring in http.server.test.
Patch from Chiu-Hsiang Hsu.
2015-08-17 12:18:35 +12:00
Robert Collins a0e5d981cd Issue #23888: Handle fractional time in cookie expiry. Patch by ssh. 2015-08-04 10:06:29 +12:00
Robert Collins f3d9c315b6 Issue #23888: Handle fractional time in cookie expiry. Patch by ssh. 2015-08-04 10:07:06 +12:00
Benjamin Peterson 5a69420062 merge 3.4 (#22931) 2015-05-23 10:41:30 -05:00
Benjamin Peterson c4ae86e477 merge 3.3 (#22931) 2015-05-23 10:40:47 -05:00
Benjamin Peterson d504f20e1c merge 3.2 (#22931) 2015-05-23 10:38:48 -05:00
Benjamin Peterson 9bd476ea57 allow square brackets in cookie values (closes #22931) 2015-05-23 10:36:48 -05:00
Serhiy Storchaka 7e7a3dba5f Issue #23865: close() methods in multiple modules now are idempotent and more
robust at shutdown. If needs to release multiple resources, they are released
even if errors are occured.
2015-04-10 13:24:41 +03:00
Serhiy Storchaka 2116b12da5 Issue #23865: close() methods in multiple modules now are idempotent and more
robust at shutdown. If needs to release multiple resources, they are released
even if errors are occured.
2015-04-10 13:29:28 +03:00
R David Murray cae7bdb424 #3566: Clean up handling of remote server disconnects.
This changeset does two things: introduces a new RemoteDisconnected exception
(that subclasses ConnectionResetError and BadStatusLine) so that a remote
server disconnection can be detected by client code (and provides a better
error message for debugging purposes), and ensures that the client socket is
closed if a ConnectionError happens, so that the automatic re-connection code
can work if the application handles the error and continues on.

Tests are added that confirm that a connection is re-used or not re-used
as appropriate to the various combinations of protocol version and headers.

Patch by Martin Panter, reviewed by Demian Brecht.  (Tweaked only slightly by
me.)
2015-04-05 19:26:29 -04:00
Serhiy Storchaka 46ba6c8563 Issue #22831: Use "with" to avoid possible fd leaks. 2015-04-04 11:01:02 +03:00
R David Murray 1813c1701f #2211: properly document the Morsel behavior changes.
Also deprecate the undocumented set argument instead of removing
it already in 3.5.

Initial patch by Demian Brecht.
2015-03-29 17:09:21 -04:00
R David Murray 0a0d20edfb Merge: #23539: Set Content-Length to 0 for PUT, POST, and PATCH if body is None. 2015-03-22 15:19:01 -04:00
R David Murray beed8402ca #23539: Set Content-Length to 0 for PUT, POST, and PATCH if body is None.
Some http servers will reject PUT, POST, and PATCH requests if they
do not have a Content-Length header.

Patch by James Rutherford, with additional cleaning up of the
'request' documentation by me.
2015-03-22 15:18:23 -04:00
Serhiy Storchaka 6c32585f67 Restored backward compatibility of pickling http.cookies.Morsel. It was
broken after converting instance attributes to properies in issue #2211.
2015-03-18 18:03:40 +02:00
Serhiy Storchaka 9c1a9b2657 Issue #2211: Updated the implementation of the http.cookies.Morsel class.
Setting attributes key, value and coded_value directly now is deprecated.
update() and setdefault() now transform and check keys.  Comparing for
equality now takes into account attributes key, value and coded_value.
copy() now returns a Morsel, not a dict.  repr() now contains all attributes.
Optimized checking keys and quoting values.  Added new tests.
Original patch by Demian Brecht.
2015-03-18 10:59:57 +02:00
Serhiy Storchaka 577fc4e87f Issue #23138: Fixed parsing cookies with absent keys or values in cookiejar.
Patch by Demian Brecht.
2015-03-13 09:05:01 +02:00
Serhiy Storchaka f7cc3fccad Issue #23138: Fixed parsing cookies with absent keys or values in cookiejar.
Patch by Demian Brecht.
2015-03-13 09:09:35 +02:00
Serhiy Storchaka b669bfc2be Issue #22928: Disabled HTTP header injections in http.client.
Original patch by Demian Brecht.
2015-03-12 11:15:15 +02:00
Serhiy Storchaka a112a8ae47 Issue #22928: Disabled HTTP header injections in http.client.
Original patch by Demian Brecht.
2015-03-12 11:13:36 +02:00
Serhiy Storchaka c0a23e6320 Issue #21793: BaseHTTPRequestHandler again logs response code as numeric,
not as stringified enum.  Patch by Demian Brecht.
2015-03-07 11:51:37 +02:00
Berker Peksag abbf0f40bb Issue #23442: Rename two member names to stay backward compatible
with the constants in http.client.

Initial patch by Demian Brecht.
2015-02-20 14:57:31 +02:00
Berker Peksag 8e28679417 Issue #23439: Add missing entries to http.client.__all__.
Also, document the LineTooLong exception since it can be raised by
the members of public API (e.g. http.client.HTTPResponse).

Patch by Martin Panter.
2015-02-20 09:45:05 +02:00
Berker Peksag babc688180 Issue #23439: Add missing entries to http.client.__all__.
Also, document the LineTooLong exception since it can be raised by
the members of public API (e.g. http.client.HTTPResponse).

Patch by Martin Panter.
2015-02-20 09:39:38 +02:00
Benjamin Peterson 1130c7f693 merge 3.4 (#23410) 2015-02-17 21:13:30 -05:00
Benjamin Peterson 70e2847347 document the requestline and close_connection attributes, use real booleans, and add tests (closes #23410)
Patch by Martin Panter.
2015-02-17 21:11:10 -05:00
Berker Peksag 6767757589 Issue #23418: Add missing entries to http.server.__all__.
Patch by Martin Panter.
2015-02-13 20:48:41 +02:00
Berker Peksag 366c570d1f Issue #23418: Add missing entries to http.server.__all__.
Patch by Martin Panter.
2015-02-13 20:48:15 +02:00
Berker Peksag ab53ab0a84 Issue #13128: Print response headers for CONNECT requests when debuglevel > 0.
Patch by Demian Brecht.
2015-02-03 12:22:11 +02:00
Benjamin Peterson 9d8a3ad02a http.client: disable Nagle's algorithm (closes #23302)
Patch by Demian Brecht.
2015-01-23 11:02:57 -05:00
Berker Peksag cb18b95ab8 Issue #20898: Add a "HTTP status codes" section to avoid duplication in HTTP docs.
This commit also removes a couple of non-standard status codes. They were
added as part of edf669b13482, so there is no backwards compatibility issue.

Patch by Demian Brecht.
2015-01-20 06:30:46 +02:00
Benjamin Peterson 5b883296f6 merge 3.4 (#22986) 2015-01-16 20:46:37 -05:00
Benjamin Peterson bd341629b0 capitialize "HttpOnly" and "Secure" as they appear in the standard and other impls (closes #23250)
Patch by Jon Dufresne.
2015-01-16 20:43:55 -05:00
Benjamin Peterson 610bc6a211 merge 3.4 (#23221) 2015-01-13 09:20:31 -05:00
Benjamin Peterson 82f34ada45 fix instances of consecutive articles (closes #23221)
Patch by Karan Goel.
2015-01-13 09:17:24 -05:00
Benjamin Peterson fe975a234f merge 3.4 (#23112) 2014-12-26 10:56:51 -06:00
Benjamin Peterson 94cb7a2429 fix behavior of trailing slash redirection when a query string is involved (closes #23112) 2014-12-26 10:53:43 -06:00
Serhiy Storchaka e4db76967d Issue #21793: Added http.HTTPStatus enums (i.e. HTTPStatus.OK,
HTTPStatus.NOT_FOUND).  Patch by Demian Brecht.
2014-12-23 16:28:28 +02:00
Serhiy Storchaka 4ac7ed97a8 Issue #22095: Fixed HTTPConnection.set_tunnel with default port. The port
value in the host header was set to "None".  Patch by Demian Brecht.
2014-12-12 09:29:15 +02:00
Benjamin Peterson a090f01bb6 HTTPSConnection: prefer the context's check_hostname attribute over the constructor parameter (#22959) 2014-12-07 13:18:25 -05:00
Serhiy Storchaka b491e0521f Issue #21032. Fixed socket leak if HTTPConnection.getresponse() fails.
Original patch by Martin Panter.
2014-12-01 13:07:45 +02:00
Benjamin Peterson 7243b574e5 don't require OpenSSL SNI to pass hostname to ssl functions (#22921)
Patch by Donald Stufft.
2014-11-23 17:04:34 -06:00
Serhiy Storchaka d4a001b23c Issue #22095: Fixed HTTPConnection.set_tunnel with default port. The port
value in the host header was set to "None".  Patch by Demian Brecht.
2014-12-12 09:30:18 +02:00
Benjamin Peterson b46247bee5 merge 3.4 (#22959) 2014-12-07 13:47:34 -05:00
Serhiy Storchaka 2205da43a6 Issue #21032. Fixed socket leak if HTTPConnection.getresponse() fails.
Original patch by Martin Panter.
2014-12-01 13:10:12 +02:00
Benjamin Peterson f9284ae8ed merge 3.4 (#22921) 2014-11-23 17:06:39 -06:00
Antoine Pitrou b1e36073cd Issue #22796: HTTP cookie parsing is now stricter, in order to protect against potential injection attacks. 2014-11-21 01:20:57 +01:00
Benjamin Peterson 1cca273669 merge 3.4 (#22417) 2014-11-03 14:36:48 -05:00
Benjamin Peterson 4ffb075271 PEP 476: enable HTTPS certificate verification by default (#22417)
Patch by Alex Gaynor with some modifications by me.
2014-11-03 14:29:33 -05:00
Serhiy Storchaka 2cb0e73a89 Issue #22775: Fixed unpickling of http.cookies.SimpleCookie with protocol 2
and above.  Patch by Tim Graham.
2014-11-02 22:19:56 +02:00
Serhiy Storchaka 8cf7c1cff0 Issue #22775: Fixed unpickling of http.cookies.SimpleCookie with protocol 2
and above.  Patch by Tim Graham.
2014-11-02 22:18:25 +02:00
Victor Stinner 55e614a2a8 Issue #11957: Explicit parameter name when calling re.split() and re.sub() 2014-10-29 16:58:59 +01:00
Antoine Pitrou 0d54887326 Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
2014-09-17 00:27:26 +02:00
Antoine Pitrou 637e4544af Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
2014-09-17 00:25:57 +02:00
Antoine Pitrou 7d0b8f95e7 Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
2014-09-17 00:23:55 +02:00
Serhiy Storchaka 41a08e557a Issue #22165: SimpleHTTPRequestHandler now supports undecodable file names. 2014-08-17 08:24:49 +03:00
Serhiy Storchaka cb5bc408ad Issue #22165: SimpleHTTPRequestHandler now supports undecodable file names. 2014-08-17 08:22:11 +03:00
Serhiy Storchaka 465e60e654 Issue #22033: Reprs of most Python implemened classes now contain actual
class name instead of hardcoded one.
2014-07-25 23:36:00 +03:00
Serhiy Storchaka fbc877b794 Fixed bugs in reprs of CookieJar and multiprocessing.dummy.Value. 2014-07-22 11:10:37 +03:00
Serhiy Storchaka 1392df96ef Fixed bugs in reprs of CookieJar and multiprocessing.dummy.Value. 2014-07-22 11:09:36 +03:00
Ned Deily 55966193f2 Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:20:15 -07:00
Ned Deily 5d0d2e6ed6 Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:16:56 -07:00
Ned Deily 217f4cd7ee Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:12:39 -07:00
Ned Deily 915a30fb0d Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:06:26 -07:00
Benjamin Peterson ff180af057 merge 3.4 (#21766) 2014-06-14 18:41:31 -07:00
Benjamin Peterson a8c75fe31a merge 3.3 (#21766) 2014-06-14 18:41:13 -07:00
Benjamin Peterson 6cd1954c5c merge 3.2 (#21766) 2014-06-14 18:40:10 -07:00
Benjamin Peterson 73b8b1cdb8 url unquote the path before checking if it refers to a CGI script (closes #21766) 2014-06-14 18:36:29 -07:00
Senthil Kumaran 166214c344 merge from 3.4
Issue #7776: Fix ``Host:'' header and reconnection when using  http.client.HTTPConnection.set_tunnel()
Patch by Nikolaus Rath.
2014-04-14 13:10:05 -04:00
Senthil Kumaran 9da047b3a5 Issue #7776: Fix ``Host:'' header and reconnection when using http.client.HTTPConnection.set_tunnel().
Patch by Nikolaus Rath.
2014-04-14 13:07:56 -04:00
Antoine Pitrou dad182c16e Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
2014-09-17 00:23:55 +02:00
Victor Stinner 03ce1c013d (Merge 3.4) Issue #20976: pyflakes: Remove unused imports 2014-03-20 09:22:39 +01:00
Victor Stinner 7fa767e517 Issue #20976: pyflakes: Remove unused imports 2014-03-20 09:16:38 +01:00
Kristján Valur Jónsson 8e5d0caf92 Issue #19009
Enhance HTTPResponse.readline() performance
2014-03-19 10:07:26 +00:00
Serhiy Storchaka c0b0bb6e01 Issue #20331: Fixed possible FD leaks in various modules:
http.server, imghdr, mailcap, mimetypes, xml.etree.
2014-01-25 19:43:56 +02:00
Serhiy Storchaka 91b0bc237c Issue #20331: Fixed possible FD leaks in various modules:
http.server, imghdr, mailcap, mimetypes, xml.etree.
2014-01-25 19:43:02 +02:00
Benjamin Peterson c28ab08887 merge 3.3 (#18574) 2014-01-18 21:51:11 -05:00
Benjamin Peterson 044242360d fix handling of 100-continue status code (closes #18574) 2014-01-18 21:50:18 -05:00
Serhiy Storchaka 8f8ec92de8 Issue #19936: Added executable bits or shebang lines to Python scripts which
requires them.  Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface.  Fixed
shebang lines in the unittestgui and checkpip scripts.
2014-01-16 17:33:23 +02:00
Serhiy Storchaka b992a0e102 Issue #19936: Added executable bits or shebang lines to Python scripts which
requires them.  Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface.  Fixed
shebang line to use python3 executable in the unittestgui script.
2014-01-16 17:15:49 +02:00
Benjamin Peterson fc45f173a3 merge 3.3 (#20018) 2013-12-18 15:37:03 -06:00
Benjamin Peterson ccedc22769 update url to spec (closes #20018) 2013-12-18 15:35:18 -06:00