Serhiy Storchaka
d65c9496da
Issue #25523 : Further a-to-an corrections.
2015-11-02 14:10:23 +02:00
Martin Panter
9955a373a8
Various minor typos in documentation and comments
2015-10-07 10:26:23 +00:00
Martin Panter
cb29e8c0e5
Issue #24657 : Prevent CGIRequestHandler from collapsing the URL query
...
Initial patch from Xiang Zhang. Also fix out-of-date _url_collapse_path() doc
string.
2015-10-03 05:55:46 +00:00
Martin Panter
a02e18a43f
Issue #25232 : Fix CGIRequestHandler's splitting of URL query
...
Patch from Xiang Zhang.
2015-10-03 05:38:07 +00:00
Robert Collins
9644f2450d
Issue #24774 : Fix docstring in http.server.test.
...
Patch from Chiu-Hsiang Hsu.
2015-08-17 12:18:35 +12:00
Robert Collins
a0e5d981cd
Issue #23888 : Handle fractional time in cookie expiry. Patch by ssh.
2015-08-04 10:06:29 +12:00
Benjamin Peterson
c4ae86e477
merge 3.3 ( #22931 )
2015-05-23 10:40:47 -05:00
Benjamin Peterson
d504f20e1c
merge 3.2 ( #22931 )
2015-05-23 10:38:48 -05:00
Benjamin Peterson
9bd476ea57
allow square brackets in cookie values ( closes #22931 )
2015-05-23 10:36:48 -05:00
Serhiy Storchaka
7e7a3dba5f
Issue #23865 : close() methods in multiple modules now are idempotent and more
...
robust at shutdown. If needs to release multiple resources, they are released
even if errors are occured.
2015-04-10 13:24:41 +03:00
Antoine Pitrou
7d0b8f95e7
Lax cookie parsing in http.cookies could be a security issue when combined
...
with non-standard cookie handling in some Web browsers.
Reported by Sergey Bobrov.
2014-09-17 00:23:55 +02:00
Ned Deily
217f4cd7ee
Issue #21323 : Fix http.server to again handle scripts in CGI subdirectories,
...
broken by the fix for security issue #19435 . Patch by Zach Byrne.
2014-07-12 22:12:39 -07:00
Ned Deily
915a30fb0d
Issue #21323 : Fix http.server to again handle scripts in CGI subdirectories,
...
broken by the fix for security issue #19435 . Patch by Zach Byrne.
2014-07-12 22:06:26 -07:00
Benjamin Peterson
6cd1954c5c
merge 3.2 ( #21766 )
2014-06-14 18:40:10 -07:00
Benjamin Peterson
73b8b1cdb8
url unquote the path before checking if it refers to a CGI script ( closes #21766 )
2014-06-14 18:36:29 -07:00
R David Murray
beed8402ca
#23539 : Set Content-Length to 0 for PUT, POST, and PATCH if body is None.
...
Some http servers will reject PUT, POST, and PATCH requests if they
do not have a Content-Length header.
Patch by James Rutherford, with additional cleaning up of the
'request' documentation by me.
2015-03-22 15:18:23 -04:00
Serhiy Storchaka
577fc4e87f
Issue #23138 : Fixed parsing cookies with absent keys or values in cookiejar.
...
Patch by Demian Brecht.
2015-03-13 09:05:01 +02:00
Serhiy Storchaka
a112a8ae47
Issue #22928 : Disabled HTTP header injections in http.client.
...
Original patch by Demian Brecht.
2015-03-12 11:13:36 +02:00
Berker Peksag
babc688180
Issue #23439 : Add missing entries to http.client.__all__.
...
Also, document the LineTooLong exception since it can be raised by
the members of public API (e.g. http.client.HTTPResponse).
Patch by Martin Panter.
2015-02-20 09:39:38 +02:00
Benjamin Peterson
70e2847347
document the requestline and close_connection attributes, use real booleans, and add tests ( closes #23410 )
...
Patch by Martin Panter.
2015-02-17 21:11:10 -05:00
Berker Peksag
366c570d1f
Issue #23418 : Add missing entries to http.server.__all__.
...
Patch by Martin Panter.
2015-02-13 20:48:15 +02:00
Benjamin Peterson
bd341629b0
capitialize "HttpOnly" and "Secure" as they appear in the standard and other impls ( closes #23250 )
...
Patch by Jon Dufresne.
2015-01-16 20:43:55 -05:00
Benjamin Peterson
82f34ada45
fix instances of consecutive articles ( closes #23221 )
...
Patch by Karan Goel.
2015-01-13 09:17:24 -05:00
Benjamin Peterson
94cb7a2429
fix behavior of trailing slash redirection when a query string is involved ( closes #23112 )
2014-12-26 10:53:43 -06:00
Serhiy Storchaka
4ac7ed97a8
Issue #22095 : Fixed HTTPConnection.set_tunnel with default port. The port
...
value in the host header was set to "None". Patch by Demian Brecht.
2014-12-12 09:29:15 +02:00
Benjamin Peterson
a090f01bb6
HTTPSConnection: prefer the context's check_hostname attribute over the constructor parameter ( #22959 )
2014-12-07 13:18:25 -05:00
Serhiy Storchaka
b491e0521f
Issue #21032 . Fixed socket leak if HTTPConnection.getresponse() fails.
...
Original patch by Martin Panter.
2014-12-01 13:07:45 +02:00
Benjamin Peterson
7243b574e5
don't require OpenSSL SNI to pass hostname to ssl functions ( #22921 )
...
Patch by Donald Stufft.
2014-11-23 17:04:34 -06:00
Benjamin Peterson
4ffb075271
PEP 476: enable HTTPS certificate verification by default ( #22417 )
...
Patch by Alex Gaynor with some modifications by me.
2014-11-03 14:29:33 -05:00
Serhiy Storchaka
8cf7c1cff0
Issue #22775 : Fixed unpickling of http.cookies.SimpleCookie with protocol 2
...
and above. Patch by Tim Graham.
2014-11-02 22:18:25 +02:00
Antoine Pitrou
637e4544af
Lax cookie parsing in http.cookies could be a security issue when combined
...
with non-standard cookie handling in some Web browsers.
Reported by Sergey Bobrov.
2014-09-17 00:25:57 +02:00
Serhiy Storchaka
cb5bc408ad
Issue #22165 : SimpleHTTPRequestHandler now supports undecodable file names.
2014-08-17 08:22:11 +03:00
Serhiy Storchaka
1392df96ef
Fixed bugs in reprs of CookieJar and multiprocessing.dummy.Value.
2014-07-22 11:09:36 +03:00
Ned Deily
5d0d2e6ed6
Issue #21323 : Fix http.server to again handle scripts in CGI subdirectories,
...
broken by the fix for security issue #19435 . Patch by Zach Byrne.
2014-07-12 22:16:56 -07:00
Benjamin Peterson
a8c75fe31a
merge 3.3 ( #21766 )
2014-06-14 18:41:13 -07:00
Senthil Kumaran
9da047b3a5
Issue #7776 : Fix ``Host:'' header and reconnection when using http.client.HTTPConnection.set_tunnel().
...
Patch by Nikolaus Rath.
2014-04-14 13:07:56 -04:00
Antoine Pitrou
dad182c16e
Lax cookie parsing in http.cookies could be a security issue when combined
...
with non-standard cookie handling in some Web browsers.
Reported by Sergey Bobrov.
2014-09-17 00:23:55 +02:00
Victor Stinner
7fa767e517
Issue #20976 : pyflakes: Remove unused imports
2014-03-20 09:16:38 +01:00
Serhiy Storchaka
c0b0bb6e01
Issue #20331 : Fixed possible FD leaks in various modules:
...
http.server, imghdr, mailcap, mimetypes, xml.etree.
2014-01-25 19:43:56 +02:00
Serhiy Storchaka
91b0bc237c
Issue #20331 : Fixed possible FD leaks in various modules:
...
http.server, imghdr, mailcap, mimetypes, xml.etree.
2014-01-25 19:43:02 +02:00
Benjamin Peterson
c28ab08887
merge 3.3 ( #18574 )
2014-01-18 21:51:11 -05:00
Benjamin Peterson
044242360d
fix handling of 100-continue status code ( closes #18574 )
2014-01-18 21:50:18 -05:00
Serhiy Storchaka
8f8ec92de8
Issue #19936 : Added executable bits or shebang lines to Python scripts which
...
requires them. Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface. Fixed
shebang lines in the unittestgui and checkpip scripts.
2014-01-16 17:33:23 +02:00
Serhiy Storchaka
b992a0e102
Issue #19936 : Added executable bits or shebang lines to Python scripts which
...
requires them. Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface. Fixed
shebang line to use python3 executable in the unittestgui script.
2014-01-16 17:15:49 +02:00
Benjamin Peterson
fc45f173a3
merge 3.3 ( #20018 )
2013-12-18 15:37:03 -06:00
Benjamin Peterson
ccedc22769
update url to spec ( closes #20018 )
2013-12-18 15:35:18 -06:00
Serhiy Storchaka
cac05e2e90
Issue #20007 : HTTPResponse.read(0) no more prematurely closes connection.
...
Original patch by Simon Sapin.
2013-12-17 21:51:40 +02:00
Serhiy Storchaka
1c84ac1f55
Issue #20007 : HTTPResponse.read(0) no more prematurely closes connection.
...
Original patch by Simon Sapin.
2013-12-17 21:50:02 +02:00
Christian Heimes
f723c711d3
Issue 19509: Don't call match_hostname() twice in http.client.
2013-12-05 07:51:17 +01:00
Christian Heimes
67986f9431
Issue #19735 : Implement private function ssl._create_stdlib_context() to
...
create SSLContext objects in Python's stdlib module. It provides a single
configuration point and makes use of SSLContext.load_default_certs().
2013-11-23 22:43:47 +01:00