Martin Panter
d274b3f1f1
Issue #26657 : Fix Windows directory traversal vulnerability with http.server
...
Based on patch by Philipp Hagemeister. This fixes a regression caused by
revision f4377699fd47.
2016-04-18 03:45:18 +00:00
Martin Panter
cc71a795df
Fix typos in documentation and comments
2016-04-05 06:19:42 +00:00
Martin Panter
acc03195b0
Issue #26586 : Handle excessive header fields in http.server, by Xiang Zhang
2016-04-03 00:45:46 +00:00
Martin Panter
ce911c3fed
Issue #26499 : Fixes to HTTPResponse.readline() and read1(), by Silent Ghost
2016-03-17 06:42:48 +00:00
Berker Peksag
20be53e5b5
Issue #16181 : cookiejar.http2time() now returns None if year is higher than datetime.MAXYEAR
2016-03-14 05:48:02 +02:00
Anish Shah
102d813b55
Issue #26302 : Correctly identify comma as an invalid character for a cookie (correcting regression in Python 3.5).
2016-02-07 05:36:00 +05:00
Martin Panter
44391481d7
Issue #26045 : Add UTF-8 suggestion to error in http.client
...
Based on patch by Guido van Rossum.
2016-02-09 10:20:52 +00:00
Martin Panter
32acc16cda
Merge typo and grammar fixes from 3.4 into 3.5
2015-11-14 01:14:25 +00:00
Martin Panter
ac34e09bbf
Correct Content-Type syntax in documentation
2015-11-14 00:58:32 +00:00
Serhiy Storchaka
a84f6c3dd3
Issue #25523 : Merge a-to-an corrections from 3.4.
2015-11-02 14:39:05 +02:00
Serhiy Storchaka
d65c9496da
Issue #25523 : Further a-to-an corrections.
2015-11-02 14:10:23 +02:00
Martin Panter
3f930dcd87
Merge typo fixes from 3.4 into 3.5
2015-10-07 11:01:47 +00:00
Martin Panter
9955a373a8
Various minor typos in documentation and comments
2015-10-07 10:26:23 +00:00
Martin Panter
56b76d25dd
Issues #25232 , #24657 : Merge two CGI server fixes from 3.4 into 3.5
2015-10-03 06:03:25 +00:00
Martin Panter
cb29e8c0e5
Issue #24657 : Prevent CGIRequestHandler from collapsing the URL query
...
Initial patch from Xiang Zhang. Also fix out-of-date _url_collapse_path() doc
string.
2015-10-03 05:55:46 +00:00
Martin Panter
a02e18a43f
Issue #25232 : Fix CGIRequestHandler's splitting of URL query
...
Patch from Xiang Zhang.
2015-10-03 05:38:07 +00:00
Robert Collins
5409177b62
Issue #24774 : Fix docstring in http.server.test.
...
Patch from Chiu-Hsiang Hsu.
2015-08-17 12:19:19 +12:00
Robert Collins
9644f2450d
Issue #24774 : Fix docstring in http.server.test.
...
Patch from Chiu-Hsiang Hsu.
2015-08-17 12:18:35 +12:00
Robert Collins
a0e5d981cd
Issue #23888 : Handle fractional time in cookie expiry. Patch by ssh.
2015-08-04 10:06:29 +12:00
Robert Collins
f3d9c315b6
Issue #23888 : Handle fractional time in cookie expiry. Patch by ssh.
2015-08-04 10:07:06 +12:00
Benjamin Peterson
5a69420062
merge 3.4 ( #22931 )
2015-05-23 10:41:30 -05:00
Benjamin Peterson
c4ae86e477
merge 3.3 ( #22931 )
2015-05-23 10:40:47 -05:00
Benjamin Peterson
d504f20e1c
merge 3.2 ( #22931 )
2015-05-23 10:38:48 -05:00
Benjamin Peterson
9bd476ea57
allow square brackets in cookie values ( closes #22931 )
2015-05-23 10:36:48 -05:00
Serhiy Storchaka
7e7a3dba5f
Issue #23865 : close() methods in multiple modules now are idempotent and more
...
robust at shutdown. If needs to release multiple resources, they are released
even if errors are occured.
2015-04-10 13:24:41 +03:00
Serhiy Storchaka
2116b12da5
Issue #23865 : close() methods in multiple modules now are idempotent and more
...
robust at shutdown. If needs to release multiple resources, they are released
even if errors are occured.
2015-04-10 13:29:28 +03:00
R David Murray
cae7bdb424
#3566 : Clean up handling of remote server disconnects.
...
This changeset does two things: introduces a new RemoteDisconnected exception
(that subclasses ConnectionResetError and BadStatusLine) so that a remote
server disconnection can be detected by client code (and provides a better
error message for debugging purposes), and ensures that the client socket is
closed if a ConnectionError happens, so that the automatic re-connection code
can work if the application handles the error and continues on.
Tests are added that confirm that a connection is re-used or not re-used
as appropriate to the various combinations of protocol version and headers.
Patch by Martin Panter, reviewed by Demian Brecht. (Tweaked only slightly by
me.)
2015-04-05 19:26:29 -04:00
Serhiy Storchaka
46ba6c8563
Issue #22831 : Use "with" to avoid possible fd leaks.
2015-04-04 11:01:02 +03:00
R David Murray
1813c1701f
#2211 : properly document the Morsel behavior changes.
...
Also deprecate the undocumented set argument instead of removing
it already in 3.5.
Initial patch by Demian Brecht.
2015-03-29 17:09:21 -04:00
R David Murray
0a0d20edfb
Merge: #23539 : Set Content-Length to 0 for PUT, POST, and PATCH if body is None.
2015-03-22 15:19:01 -04:00
R David Murray
beed8402ca
#23539 : Set Content-Length to 0 for PUT, POST, and PATCH if body is None.
...
Some http servers will reject PUT, POST, and PATCH requests if they
do not have a Content-Length header.
Patch by James Rutherford, with additional cleaning up of the
'request' documentation by me.
2015-03-22 15:18:23 -04:00
Serhiy Storchaka
6c32585f67
Restored backward compatibility of pickling http.cookies.Morsel. It was
...
broken after converting instance attributes to properies in issue #2211 .
2015-03-18 18:03:40 +02:00
Serhiy Storchaka
9c1a9b2657
Issue #2211 : Updated the implementation of the http.cookies.Morsel class.
...
Setting attributes key, value and coded_value directly now is deprecated.
update() and setdefault() now transform and check keys. Comparing for
equality now takes into account attributes key, value and coded_value.
copy() now returns a Morsel, not a dict. repr() now contains all attributes.
Optimized checking keys and quoting values. Added new tests.
Original patch by Demian Brecht.
2015-03-18 10:59:57 +02:00
Serhiy Storchaka
577fc4e87f
Issue #23138 : Fixed parsing cookies with absent keys or values in cookiejar.
...
Patch by Demian Brecht.
2015-03-13 09:05:01 +02:00
Serhiy Storchaka
f7cc3fccad
Issue #23138 : Fixed parsing cookies with absent keys or values in cookiejar.
...
Patch by Demian Brecht.
2015-03-13 09:09:35 +02:00
Serhiy Storchaka
b669bfc2be
Issue #22928 : Disabled HTTP header injections in http.client.
...
Original patch by Demian Brecht.
2015-03-12 11:15:15 +02:00
Serhiy Storchaka
a112a8ae47
Issue #22928 : Disabled HTTP header injections in http.client.
...
Original patch by Demian Brecht.
2015-03-12 11:13:36 +02:00
Serhiy Storchaka
c0a23e6320
Issue #21793 : BaseHTTPRequestHandler again logs response code as numeric,
...
not as stringified enum. Patch by Demian Brecht.
2015-03-07 11:51:37 +02:00
Berker Peksag
abbf0f40bb
Issue #23442 : Rename two member names to stay backward compatible
...
with the constants in http.client.
Initial patch by Demian Brecht.
2015-02-20 14:57:31 +02:00
Berker Peksag
8e28679417
Issue #23439 : Add missing entries to http.client.__all__.
...
Also, document the LineTooLong exception since it can be raised by
the members of public API (e.g. http.client.HTTPResponse).
Patch by Martin Panter.
2015-02-20 09:45:05 +02:00
Berker Peksag
babc688180
Issue #23439 : Add missing entries to http.client.__all__.
...
Also, document the LineTooLong exception since it can be raised by
the members of public API (e.g. http.client.HTTPResponse).
Patch by Martin Panter.
2015-02-20 09:39:38 +02:00
Benjamin Peterson
1130c7f693
merge 3.4 ( #23410 )
2015-02-17 21:13:30 -05:00
Benjamin Peterson
70e2847347
document the requestline and close_connection attributes, use real booleans, and add tests ( closes #23410 )
...
Patch by Martin Panter.
2015-02-17 21:11:10 -05:00
Berker Peksag
6767757589
Issue #23418 : Add missing entries to http.server.__all__.
...
Patch by Martin Panter.
2015-02-13 20:48:41 +02:00
Berker Peksag
366c570d1f
Issue #23418 : Add missing entries to http.server.__all__.
...
Patch by Martin Panter.
2015-02-13 20:48:15 +02:00
Berker Peksag
ab53ab0a84
Issue #13128 : Print response headers for CONNECT requests when debuglevel > 0.
...
Patch by Demian Brecht.
2015-02-03 12:22:11 +02:00
Benjamin Peterson
9d8a3ad02a
http.client: disable Nagle's algorithm ( closes #23302 )
...
Patch by Demian Brecht.
2015-01-23 11:02:57 -05:00
Berker Peksag
cb18b95ab8
Issue #20898 : Add a "HTTP status codes" section to avoid duplication in HTTP docs.
...
This commit also removes a couple of non-standard status codes. They were
added as part of edf669b13482, so there is no backwards compatibility issue.
Patch by Demian Brecht.
2015-01-20 06:30:46 +02:00
Benjamin Peterson
5b883296f6
merge 3.4 ( #22986 )
2015-01-16 20:46:37 -05:00
Benjamin Peterson
bd341629b0
capitialize "HttpOnly" and "Secure" as they appear in the standard and other impls ( closes #23250 )
...
Patch by Jon Dufresne.
2015-01-16 20:43:55 -05:00