Commit Graph

37 Commits

Author SHA1 Message Date
Adam Goldschmidt fcbe0cb04d
bpo-42967: only use '&' as a query string separator (#24297)
bpo-42967: [security] Address a web cache-poisoning issue reported in urllib.parse.parse_qsl().

urllib.parse will only us "&" as query string separator by default instead of both ";" and "&" as allowed in earlier versions. An optional argument seperator with default value "&" is added to specify the separator.


Co-authored-by: Éric Araujo <merwok@netwok.org>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com>
Co-authored-by: Éric Araujo <merwok@netwok.org>
2021-02-14 14:41:57 -08:00
INADA Naoki 698865dcbb
bpo-33843: Remove deprecated stuff in cgi module (GH-7662) 2018-06-19 17:28:50 +09:00
Amber Brown 545c955be9 bpo-33497: Add errors param to cgi.parse_multipart and make an encoding in FieldStorage use the given errors (GH-6804) 2018-05-14 18:11:55 -04:00
Serhiy Storchaka 51302a5fcc
bpo-32996: Improve What's New in 3.7. (#5983) 2018-03-11 03:48:14 +02:00
Pierre Quentel cc3fa204d3 bpo-29979: Rewrite cgi.parse_multipart to make it consistent with FieldStorage (#991) 2017-05-08 05:08:34 -07:00
Martin Panter 1050d2d0c7 Issue #26462: Doc: reduce literal_block warnings, fix syntax highlighting.
Patch by Julien Palard.
2016-07-26 11:18:21 +02:00
Terry Jan Reedy fa089b9b0b Issue #22558: Add remaining doc links to source code for Python-coded modules.
Reformat header above separator line (added if missing) to a common format.
Patch by Yoni Lavi.
2016-06-11 15:02:54 -04:00
Martin Panter 926be1b0ec Issue #25176: Merge cgi.parse_qsl link from 3.4 into 3.5 2015-09-20 01:07:41 +00:00
Martin Panter cebfdac32c Issue #25176: Correct link for cgi.parse_qsl; patch from Ville Skyttä 2015-09-20 00:28:50 +00:00
Berker Peksag bf5e9604cc Issue #20289: cgi.FieldStorage() now supports the context management protocol. 2015-02-06 10:21:37 +02:00
Brett Cannon c089f70b54 Issue #18394: Document that cgi.FieldStorage now cleans up after its
'file' attribute properly in Python 3.4.

Thanks to Marcel Hellkamp for pointing out the oversight.
2014-01-17 11:03:19 -05:00
Serhiy Storchaka fd1c3d3059 Issue #19198: Improved cross-references in the cgi module documentation. 2013-10-13 18:28:26 +03:00
Petri Lehtinen 9f74c6cf7d Issue #8890: Stop advertising an insecure use of /tmp in docs 2013-02-23 19:27:49 +01:00
Senthil Kumaran 290416f364 Issue11352 - Update cgi module docs 2012-04-30 22:43:13 +08:00
Raymond Hettinger a199368b23 More source links. 2011-01-27 01:20:32 +00:00
Georg Brandl 1f7fffb308 #2830: add html.escape() helper and move cgi.escape() uses in the standard library to it. It defaults to quote=True and also escapes single quotes, which makes casual use safer. The cgi.escape() interface is not touched, but emits a (silent) PendingDeprecationWarning. 2010-10-15 15:57:45 +00:00
Éric Araujo d7fc374a7a Oops, fix typo 2010-08-14 05:00:18 +00:00
Éric Araujo 71428876ea Fix reference (follow-up to #9061) 2010-08-14 04:55:45 +00:00
Georg Brandl 1800934285 #9061: warn that single quotes are never escaped. 2010-08-02 21:51:18 +00:00
Benjamin Peterson 8719ad5dde Merged revisions 74277,74321,74323,74326,74355,74465,74467,74488,74492,74513,74531,74549,74553,74625,74632,74643-74644,74647,74652,74666,74671,74727,74739 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r74277 | sean.reifschneider | 2009-08-01 18:54:55 -0500 (Sat, 01 Aug 2009) | 3 lines

  - Issue #6624: yArg_ParseTuple with "s" format when parsing argument with
    NUL: Bogus TypeError detail string.
........
  r74321 | guilherme.polo | 2009-08-05 11:51:41 -0500 (Wed, 05 Aug 2009) | 1 line

  Easier reference to find (at least while svn continues being used).
........
  r74323 | guilherme.polo | 2009-08-05 18:48:26 -0500 (Wed, 05 Aug 2009) | 1 line

  Typo.
........
  r74326 | jesse.noller | 2009-08-05 21:05:56 -0500 (Wed, 05 Aug 2009) | 1 line

  Fix issue 4660: spurious task_done errors in multiprocessing, remove doc note for from_address
........
  r74355 | gregory.p.smith | 2009-08-12 12:02:37 -0500 (Wed, 12 Aug 2009) | 2 lines

  comment typo fix
........
  r74465 | vinay.sajip | 2009-08-15 18:23:12 -0500 (Sat, 15 Aug 2009) | 1 line

  Added section on logging to one file from multiple processes.
........
  r74467 | vinay.sajip | 2009-08-15 18:34:47 -0500 (Sat, 15 Aug 2009) | 1 line

  Refined section on logging to one file from multiple processes.
........
  r74488 | vinay.sajip | 2009-08-17 08:14:37 -0500 (Mon, 17 Aug 2009) | 1 line

  Further refined section on logging to one file from multiple processes.
........
  r74492 | r.david.murray | 2009-08-17 14:26:49 -0500 (Mon, 17 Aug 2009) | 2 lines

  Issue 6685: 'toupper' -> 'upper' in cgi doc example explanation.
........
  r74513 | skip.montanaro | 2009-08-18 09:37:52 -0500 (Tue, 18 Aug 2009) | 1 line

  missing module ref (issue6723)
........
  r74531 | vinay.sajip | 2009-08-20 17:04:32 -0500 (Thu, 20 Aug 2009) | 1 line

  Added section on exceptions raised during logging.
........
  r74549 | benjamin.peterson | 2009-08-24 12:42:36 -0500 (Mon, 24 Aug 2009) | 1 line

  fix pdf building by teaching latex the right encoding package
........
  r74553 | r.david.murray | 2009-08-26 20:04:59 -0500 (Wed, 26 Aug 2009) | 2 lines

  Remove leftover text from end of sentence.
........
  r74625 | benjamin.peterson | 2009-09-01 17:27:57 -0500 (Tue, 01 Sep 2009) | 1 line

  remove the check that classmethod's argument is a callable
........
  r74632 | georg.brandl | 2009-09-03 02:27:26 -0500 (Thu, 03 Sep 2009) | 1 line

  #6828: fix wrongly highlighted blocks.
........
  r74643 | georg.brandl | 2009-09-04 01:59:20 -0500 (Fri, 04 Sep 2009) | 2 lines

  Issue #2666: Handle BROWSER environment variable properly for unknown browser names in the webbrowser module.
........
  r74644 | georg.brandl | 2009-09-04 02:55:14 -0500 (Fri, 04 Sep 2009) | 1 line

  #5047: remove Monterey support from configure.
........
  r74647 | georg.brandl | 2009-09-04 03:17:04 -0500 (Fri, 04 Sep 2009) | 2 lines

  Issue #5275: In Cookie's Cookie.load(), properly handle non-string arguments as documented.
........
  r74652 | georg.brandl | 2009-09-04 06:25:37 -0500 (Fri, 04 Sep 2009) | 1 line

  #6756: add some info about the "acct" parameter.
........
  r74666 | georg.brandl | 2009-09-05 04:04:09 -0500 (Sat, 05 Sep 2009) | 1 line

  #6841: remove duplicated word.
........
  r74671 | georg.brandl | 2009-09-05 11:47:17 -0500 (Sat, 05 Sep 2009) | 1 line

  #6843: add link from filterwarnings to where the meaning of the arguments is covered.
........
  r74727 | benjamin.peterson | 2009-09-08 18:04:22 -0500 (Tue, 08 Sep 2009) | 1 line

  #6865 fix ref counting in initialization of pwd module
........
  r74739 | georg.brandl | 2009-09-11 02:55:20 -0500 (Fri, 11 Sep 2009) | 1 line

  Move function back to its section.
........
2009-09-11 22:24:02 +00:00
Georg Brandl 502d9a5c2c Merged revisions 74207 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r74207 | georg.brandl | 2009-07-26 16:19:57 +0200 (So, 26 Jul 2009) | 1 line

  #6577: fix (hopefully) all links to builtin instead of module/class-specific objects.
........
2009-07-26 15:02:41 +00:00
Ezio Melotti c7e994d009 Merged revisions 74179 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r74179 | ezio.melotti | 2009-07-23 00:08:49 +0300 (Thu, 23 Jul 2009) | 1 line

  #6423 has_key -> in
........
2009-07-22 21:17:14 +00:00
Georg Brandl 0d8f07305d Update signature style of optional arguments, part two. 2009-04-05 22:20:44 +00:00
Georg Brandl ae2dbe2543 #5486: typos. 2009-03-13 19:04:40 +00:00
Benjamin Peterson ad3d5c2235 Merged revisions 69803-69805,69840,69901,69905,69907,69924,69927,69987 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r69803 | georg.brandl | 2009-02-20 01:48:21 -0600 (Fri, 20 Feb 2009) | 1 line

  #5327: fix a broken link by joining it.
........
  r69804 | georg.brandl | 2009-02-20 02:22:21 -0600 (Fri, 20 Feb 2009) | 1 line

  At least separate imports from other statements.
........
  r69805 | georg.brandl | 2009-02-20 02:45:47 -0600 (Fri, 20 Feb 2009) | 2 lines

  Fix punctuation.
........
  r69840 | georg.brandl | 2009-02-21 13:09:40 -0600 (Sat, 21 Feb 2009) | 1 line

  #5338, #5339: two types in the API manual.
........
  r69901 | georg.brandl | 2009-02-23 05:24:46 -0600 (Mon, 23 Feb 2009) | 2 lines

  #5349: C++ pure virtuals can also have an implementation.
........
  r69905 | georg.brandl | 2009-02-23 09:51:27 -0600 (Mon, 23 Feb 2009) | 2 lines

  #5352: str.count() counts non-overlapping instances.
........
  r69907 | georg.brandl | 2009-02-23 12:33:48 -0600 (Mon, 23 Feb 2009) | 1 line

  Fix grammar.
........
  r69924 | benjamin.peterson | 2009-02-23 20:45:35 -0600 (Mon, 23 Feb 2009) | 1 line

  update README on running tests
........
  r69927 | neil.schemenauer | 2009-02-23 22:23:25 -0600 (Mon, 23 Feb 2009) | 1 line

  Fix call to os.waitpid, it does not take keyword args.
........
  r69987 | benjamin.peterson | 2009-02-25 18:30:11 -0600 (Wed, 25 Feb 2009) | 1 line

  fix str.format()'s first arg #5371
........
2009-02-26 03:38:59 +00:00
Facundo Batista c469d4c3aa Issue 600362: Relocated parse_qs() and parse_qsl(), from the cgi module
to the urlparse one.  Added a DeprecationWarning in the old module, it
will be deprecated in the future.  Docs and tests updated.
2008-09-03 22:49:01 +00:00
Georg Brandl 32480b0755 Fix urllib function reference. 2008-07-18 21:09:40 +00:00
Benjamin Peterson dcf97b98ec Merged revisions 64434-64435,64440-64443,64445,64447-64448,64450,64452,64455,64461,64464,64466,64468 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r64434 | andrew.kuchling | 2008-06-20 18:13:58 -0500 (Fri, 20 Jun 2008) | 1 line

  Remove request for e-mail; it's unlikely these classes will be saved
........
  r64435 | andrew.kuchling | 2008-06-20 18:14:32 -0500 (Fri, 20 Jun 2008) | 1 line

  Grammar fixes
........
  r64440 | andrew.kuchling | 2008-06-21 08:29:12 -0500 (Sat, 21 Jun 2008) | 1 line

  Docstring typo
........
  r64441 | andrew.kuchling | 2008-06-21 08:47:20 -0500 (Sat, 21 Jun 2008) | 1 line

  Use repr() for bad input strings; this makes the empty string or binary characters more visible
........
  r64442 | andrew.kuchling | 2008-06-21 08:48:38 -0500 (Sat, 21 Jun 2008) | 1 line

  Docstring correction
........
  r64443 | georg.brandl | 2008-06-21 09:26:19 -0500 (Sat, 21 Jun 2008) | 2 lines

  Documentation fix.
........
  r64445 | facundo.batista | 2008-06-21 12:30:06 -0500 (Sat, 21 Jun 2008) | 3 lines


  Reviewed and updated the documentation. Fixes #3017.
........
  r64447 | facundo.batista | 2008-06-21 13:58:04 -0500 (Sat, 21 Jun 2008) | 6 lines


  Now a from submitted via POST that also has a query string
  will contain both FieldStorage and MiniFieldStorage items.

  Fixes #1817.
........
  r64448 | facundo.batista | 2008-06-21 14:48:19 -0500 (Sat, 21 Jun 2008) | 5 lines


  In the deprecated functions I added an alert to review
  specially a section of the subprocess documentation
  that helps with the replacing of those functionss.
........
  r64450 | georg.brandl | 2008-06-22 04:05:29 -0500 (Sun, 22 Jun 2008) | 2 lines

  Turn section references into proper cross-references.
........
  r64452 | facundo.batista | 2008-06-22 08:36:20 -0500 (Sun, 22 Jun 2008) | 5 lines


  Issue #2722. Now the char buffer to support the path string has
  not fixed length, it mallocs memory if needed. As a result, we
  don't have a maximum for the getcwd() method.
........
  r64455 | facundo.batista | 2008-06-22 10:27:10 -0500 (Sun, 22 Jun 2008) | 4 lines


  Issue 3164. Small fix to don't repeat a comparation
  without necessity.
........
  r64461 | georg.brandl | 2008-06-22 13:11:52 -0500 (Sun, 22 Jun 2008) | 2 lines

  #3085: Fix syntax error.
........
  r64464 | georg.brandl | 2008-06-22 13:31:54 -0500 (Sun, 22 Jun 2008) | 2 lines

  Expand docstrings of sqlite3 functions.
........
  r64466 | georg.brandl | 2008-06-22 14:07:59 -0500 (Sun, 22 Jun 2008) | 2 lines

  Write out "phi" consistently.
........
  r64468 | facundo.batista | 2008-06-22 14:35:24 -0500 (Sun, 22 Jun 2008) | 4 lines


  Just returning nothing instead of rising TestSkipped, because
  it makes the test fail in the trunk.loewis-sun buildbot.
........
2008-07-02 17:30:14 +00:00
Georg Brandl f4a41231b2 Fix old-style octal literals in the docs. 2008-05-26 17:55:52 +00:00
Georg Brandl 49d1b4f919 Remove old backwards-compatibility classes from the cgi module. 2008-05-11 21:42:51 +00:00
Christian Heimes 5b5e81c637 Merged revisions 59605-59624 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r59606 | georg.brandl | 2007-12-29 11:57:00 +0100 (Sat, 29 Dec 2007) | 2 lines

  Some cleanup in the docs.
........
  r59611 | martin.v.loewis | 2007-12-29 19:49:21 +0100 (Sat, 29 Dec 2007) | 2 lines

  Bug #1699: Define _BSD_SOURCE only on OpenBSD.
........
  r59612 | raymond.hettinger | 2007-12-29 23:09:34 +0100 (Sat, 29 Dec 2007) | 1 line

  Simpler documentation for itertools.tee().  Should be backported.
........
  r59613 | raymond.hettinger | 2007-12-29 23:16:24 +0100 (Sat, 29 Dec 2007) | 1 line

  Improve docs for itertools.groupby().  The use of xrange(0) to create a unique object is less obvious than object().
........
  r59620 | christian.heimes | 2007-12-31 15:47:07 +0100 (Mon, 31 Dec 2007) | 3 lines

  Added wininst-9.0.exe executable for VS 2008
  Integrated bdist_wininst into PCBuild9 directory
........
  r59621 | christian.heimes | 2007-12-31 15:51:18 +0100 (Mon, 31 Dec 2007) | 1 line

  Moved PCbuild directory to PC/VS7.1
........
  r59622 | christian.heimes | 2007-12-31 15:59:26 +0100 (Mon, 31 Dec 2007) | 1 line

  Fix paths for build bot
........
  r59623 | christian.heimes | 2007-12-31 16:02:41 +0100 (Mon, 31 Dec 2007) | 1 line

  Fix paths for build bot, part 2
........
  r59624 | christian.heimes | 2007-12-31 16:18:55 +0100 (Mon, 31 Dec 2007) | 1 line

  Renamed PCBuild9 directory to PCBuild
........
2007-12-31 16:14:33 +00:00
Sean Reifscheider 782d6b44a1 issue1172: Documentation of "done" attribute in cgi module. 2007-09-18 23:39:35 +00:00
Collin Winter 463344813f Change instances of 'while 1:' in the docs into 'while True:'. 2007-09-10 00:49:57 +00:00
Georg Brandl 6911e3ce3f Convert all print statements in the docs. 2007-09-04 07:15:32 +00:00
Collin Winter c79461b164 Partial py3k-ification of Doc/library/: convert has_key references into either 'k in d' or __contains__; normalize raise statements; convert print statements into print function calls. 2007-09-01 23:34:30 +00:00
Georg Brandl 55ac8f0f26 Get rid of the remaining versionadded/versionchanged directives. 2007-09-01 13:51:09 +00:00
Georg Brandl 116aa62bf5 Move the 3k reST doc tree in place. 2007-08-15 14:28:22 +00:00