Commit Graph

14 Commits

Author SHA1 Message Date
Christian Heimes 17b1d5d4e3 bpo-17239: Disable external entities in SAX parser (GH-9217)
The SAX parser no longer processes general external entities by default
to increase security. Before, the parser created network connections
to fetch remote files or loaded local files from the file system for DTD
and entities.

Signed-off-by: Christian Heimes <christian@python.org>



https://bugs.python.org/issue17239
2018-09-23 00:50:25 -07:00
Stéphane Wirtel 19177fbd5d bpo-33503: Fix the broken pypi link in the source and the documentation (GH-6814) 2018-05-15 14:58:35 -04:00
Guido van Rossum e1478e4ae2 Issue #18789: Update XML vulnerability table to use Safe/Vulnerable instead of No/Yes. 2016-10-13 14:31:50 -07:00
Terry Jan Reedy fa089b9b0b Issue #22558: Add remaining doc links to source code for Python-coded modules.
Reformat header above separator line (added if missing) to a common format.
Patch by Yoni Lavi.
2016-06-11 15:02:54 -04:00
Georg Brandl 5d94134040 Closes #25910: fix dead and permanently redirected links in the docs. Thanks to SilentGhost for the patch. 2016-02-26 19:37:12 +01:00
Andrew Kuchling 4da9ab0357 #20237: make a revision pass over the XML vulnerabilities section 2014-02-15 15:33:44 -05:00
Zachary Ware 19c1f3dce6 Fix unfinished thought in xml overview page. Suggested by Bo Bayles on docs@. 2014-01-31 11:30:36 -06:00
R David Murray 66c9350a89 #20236: Fix sphinx markup. 2014-01-13 13:51:17 -05:00
Antoine Pitrou f20ea13996 s/lightweight/minimal/, as per issue #11379. 2013-12-22 01:57:01 +01:00
Georg Brandl 57f936ecde Closes #19179: make table of XML vulnerabilities clearer by using "everyday" booleans and explaining the table beforehand. 2013-10-12 18:19:33 +02:00
Georg Brandl 6ba6b13e32 Fix XML vulnerability link targets. 2013-03-28 09:11:44 +01:00
Christian Heimes 768f6a5360 Issue 17538: Document XML vulnerabilties 2013-03-26 17:47:23 +01:00
Christian Heimes 7380a67267 Issue 17538: Document XML vulnerabilties 2013-03-26 17:35:55 +01:00
Georg Brandl fe7b00fb0a Closes #11710: create "landing pages" (/library/package.html) for those packages that have no documented content themselves, e.g. "urllib" or "http". 2012-10-06 13:49:34 +02:00