Commit Graph

305 Commits

Author SHA1 Message Date
Benjamin Peterson 94cb7a2429 fix behavior of trailing slash redirection when a query string is involved (closes #23112) 2014-12-26 10:53:43 -06:00
Serhiy Storchaka e4db76967d Issue #21793: Added http.HTTPStatus enums (i.e. HTTPStatus.OK,
HTTPStatus.NOT_FOUND).  Patch by Demian Brecht.
2014-12-23 16:28:28 +02:00
Serhiy Storchaka 4ac7ed97a8 Issue #22095: Fixed HTTPConnection.set_tunnel with default port. The port
value in the host header was set to "None".  Patch by Demian Brecht.
2014-12-12 09:29:15 +02:00
Benjamin Peterson a090f01bb6 HTTPSConnection: prefer the context's check_hostname attribute over the constructor parameter (#22959) 2014-12-07 13:18:25 -05:00
Serhiy Storchaka b491e0521f Issue #21032. Fixed socket leak if HTTPConnection.getresponse() fails.
Original patch by Martin Panter.
2014-12-01 13:07:45 +02:00
Benjamin Peterson 7243b574e5 don't require OpenSSL SNI to pass hostname to ssl functions (#22921)
Patch by Donald Stufft.
2014-11-23 17:04:34 -06:00
Serhiy Storchaka d4a001b23c Issue #22095: Fixed HTTPConnection.set_tunnel with default port. The port
value in the host header was set to "None".  Patch by Demian Brecht.
2014-12-12 09:30:18 +02:00
Benjamin Peterson b46247bee5 merge 3.4 (#22959) 2014-12-07 13:47:34 -05:00
Serhiy Storchaka 2205da43a6 Issue #21032. Fixed socket leak if HTTPConnection.getresponse() fails.
Original patch by Martin Panter.
2014-12-01 13:10:12 +02:00
Benjamin Peterson f9284ae8ed merge 3.4 (#22921) 2014-11-23 17:06:39 -06:00
Antoine Pitrou b1e36073cd Issue #22796: HTTP cookie parsing is now stricter, in order to protect against potential injection attacks. 2014-11-21 01:20:57 +01:00
Benjamin Peterson 1cca273669 merge 3.4 (#22417) 2014-11-03 14:36:48 -05:00
Benjamin Peterson 4ffb075271 PEP 476: enable HTTPS certificate verification by default (#22417)
Patch by Alex Gaynor with some modifications by me.
2014-11-03 14:29:33 -05:00
Serhiy Storchaka 2cb0e73a89 Issue #22775: Fixed unpickling of http.cookies.SimpleCookie with protocol 2
and above.  Patch by Tim Graham.
2014-11-02 22:19:56 +02:00
Serhiy Storchaka 8cf7c1cff0 Issue #22775: Fixed unpickling of http.cookies.SimpleCookie with protocol 2
and above.  Patch by Tim Graham.
2014-11-02 22:18:25 +02:00
Victor Stinner 55e614a2a8 Issue #11957: Explicit parameter name when calling re.split() and re.sub() 2014-10-29 16:58:59 +01:00
Antoine Pitrou 0d54887326 Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
2014-09-17 00:27:26 +02:00
Antoine Pitrou 637e4544af Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
2014-09-17 00:25:57 +02:00
Antoine Pitrou 7d0b8f95e7 Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
2014-09-17 00:23:55 +02:00
Serhiy Storchaka 41a08e557a Issue #22165: SimpleHTTPRequestHandler now supports undecodable file names. 2014-08-17 08:24:49 +03:00
Serhiy Storchaka cb5bc408ad Issue #22165: SimpleHTTPRequestHandler now supports undecodable file names. 2014-08-17 08:22:11 +03:00
Serhiy Storchaka 465e60e654 Issue #22033: Reprs of most Python implemened classes now contain actual
class name instead of hardcoded one.
2014-07-25 23:36:00 +03:00
Serhiy Storchaka fbc877b794 Fixed bugs in reprs of CookieJar and multiprocessing.dummy.Value. 2014-07-22 11:10:37 +03:00
Serhiy Storchaka 1392df96ef Fixed bugs in reprs of CookieJar and multiprocessing.dummy.Value. 2014-07-22 11:09:36 +03:00
Ned Deily 55966193f2 Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:20:15 -07:00
Ned Deily 5d0d2e6ed6 Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:16:56 -07:00
Ned Deily 217f4cd7ee Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:12:39 -07:00
Ned Deily 915a30fb0d Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:06:26 -07:00
Benjamin Peterson ff180af057 merge 3.4 (#21766) 2014-06-14 18:41:31 -07:00
Benjamin Peterson a8c75fe31a merge 3.3 (#21766) 2014-06-14 18:41:13 -07:00
Benjamin Peterson 6cd1954c5c merge 3.2 (#21766) 2014-06-14 18:40:10 -07:00
Benjamin Peterson 73b8b1cdb8 url unquote the path before checking if it refers to a CGI script (closes #21766) 2014-06-14 18:36:29 -07:00
Senthil Kumaran 166214c344 merge from 3.4
Issue #7776: Fix ``Host:'' header and reconnection when using  http.client.HTTPConnection.set_tunnel()
Patch by Nikolaus Rath.
2014-04-14 13:10:05 -04:00
Senthil Kumaran 9da047b3a5 Issue #7776: Fix ``Host:'' header and reconnection when using http.client.HTTPConnection.set_tunnel().
Patch by Nikolaus Rath.
2014-04-14 13:07:56 -04:00
Antoine Pitrou dad182c16e Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
2014-09-17 00:23:55 +02:00
Victor Stinner 03ce1c013d (Merge 3.4) Issue #20976: pyflakes: Remove unused imports 2014-03-20 09:22:39 +01:00
Victor Stinner 7fa767e517 Issue #20976: pyflakes: Remove unused imports 2014-03-20 09:16:38 +01:00
Kristján Valur Jónsson 8e5d0caf92 Issue #19009
Enhance HTTPResponse.readline() performance
2014-03-19 10:07:26 +00:00
Serhiy Storchaka c0b0bb6e01 Issue #20331: Fixed possible FD leaks in various modules:
http.server, imghdr, mailcap, mimetypes, xml.etree.
2014-01-25 19:43:56 +02:00
Serhiy Storchaka 91b0bc237c Issue #20331: Fixed possible FD leaks in various modules:
http.server, imghdr, mailcap, mimetypes, xml.etree.
2014-01-25 19:43:02 +02:00
Benjamin Peterson c28ab08887 merge 3.3 (#18574) 2014-01-18 21:51:11 -05:00
Benjamin Peterson 044242360d fix handling of 100-continue status code (closes #18574) 2014-01-18 21:50:18 -05:00
Serhiy Storchaka 8f8ec92de8 Issue #19936: Added executable bits or shebang lines to Python scripts which
requires them.  Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface.  Fixed
shebang lines in the unittestgui and checkpip scripts.
2014-01-16 17:33:23 +02:00
Serhiy Storchaka b992a0e102 Issue #19936: Added executable bits or shebang lines to Python scripts which
requires them.  Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface.  Fixed
shebang line to use python3 executable in the unittestgui script.
2014-01-16 17:15:49 +02:00
Benjamin Peterson fc45f173a3 merge 3.3 (#20018) 2013-12-18 15:37:03 -06:00
Benjamin Peterson ccedc22769 update url to spec (closes #20018) 2013-12-18 15:35:18 -06:00
Serhiy Storchaka cac05e2e90 Issue #20007: HTTPResponse.read(0) no more prematurely closes connection.
Original patch by Simon Sapin.
2013-12-17 21:51:40 +02:00
Serhiy Storchaka 1c84ac1f55 Issue #20007: HTTPResponse.read(0) no more prematurely closes connection.
Original patch by Simon Sapin.
2013-12-17 21:50:02 +02:00
Christian Heimes f723c711d3 Issue 19509: Don't call match_hostname() twice in http.client. 2013-12-05 07:51:17 +01:00
Christian Heimes 67986f9431 Issue #19735: Implement private function ssl._create_stdlib_context() to
create SSLContext objects in Python's stdlib module. It provides a single
configuration point and makes use of SSLContext.load_default_certs().
2013-11-23 22:43:47 +01:00
Benjamin Peterson c99874da83 merge 3.3 (#19435) 2013-10-30 12:51:16 -04:00
Benjamin Peterson a50f89954d merge 3.2 (#19435) 2013-10-30 12:50:18 -04:00
Benjamin Peterson 35aca89617 merge 3.1 (#19435) 2013-10-30 12:48:59 -04:00
Benjamin Peterson 04e9de40f3 use the collapsed path in the run_cgi method (closes #19435) 2013-10-30 12:43:09 -04:00
Georg Brandl f0746ca463 Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than
100 headers are read.  Adapted from patch by Jyrki Pulliainen.
2014-09-30 14:08:04 +02:00
Georg Brandl bf3f8eb960 Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than
100 headers are read.  Adapted from patch by Jyrki Pulliainen.
2013-10-27 07:34:48 +01:00
Georg Brandl b89b5df9c9 merge with 3.3 2013-10-27 07:46:09 +01:00
Senthil Kumaran b0ce820bb3 merge from 3.3 2013-09-29 18:59:27 -07:00
Senthil Kumaran 600b735062 Minor code improvement. Review comment by Eric V. Smith 2013-09-29 18:59:04 -07:00
Senthil Kumaran defe7f4c62 Expose --bind argument for http.server, enable http.server to bind to a user
specified network interface.

Patch contributed by Malte Swart. Addresses issue #17764.

HG :Enter commit message.  Lines beginning with 'HG:' are removed.
2013-09-15 09:37:27 -07:00
Senthil Kumaran 187b063005 Fix http.server's request handling case on trailing '/'.
Patch contributed by Vajrasky Kok. Addresses Issue #17324
2013-09-13 00:22:45 -07:00
Senthil Kumaran 72c238e21a Fix http.server's request handling case on trailing '/'.
Patch contributed by Vajrasky Kok. Addresses Issue #17324
2013-09-13 00:21:18 -07:00
R David Murray 0cb8e5131d Merge #16611: BaseCookie now parses 'secure' and 'httponly' flags. 2013-08-25 11:09:45 -04:00
R David Murray cd0f74b1e0 #16611: BaseCookie now parses 'secure' and 'httponly' flags.
Previously it generated them if they were given a value, but completely
ignored them if they were present in the string passed in to be parsed.  Now
if the flag appears on a cookie, the corresponding Morsel key will reference a
True value.  Other pre-existing behavior is retained in this maintenance
patch: if the source contains something like 'secure=foo', morsel['secure']
will return 'foo'.  Since such a value doesn't round trip and never did (and
would be a surprising occurrence) a subsequent non-bug-fix patch may change
this behavior.

Inspired by a patch from Julien Phalip, who reviewed this one.
2013-08-25 11:09:02 -04:00
Brett Cannon cd171c8e92 Issue #18200: Back out usage of ModuleNotFoundError (8d28d44f3a9a) 2013-07-04 17:43:24 -04:00
Brett Cannon 0a140668fa Issue #18200: Update the stdlib (except tests) to use
ModuleNotFoundError.
2013-06-13 20:57:26 -04:00
Andrew Svetlov 3042b5ebf4 Issue #16658: add missing return to HTTPConnection.send().
Patch by Jeff Knupp
2013-04-12 22:50:42 +03:00
Andrew Svetlov 7b2c8bb833 Issue #16658: add missing return to HTTPConnection.send().
Patch by Jeff Knupp
2013-04-12 22:49:19 +03:00
Senthil Kumaran 7005b1f90a #17678: Remove the use of a deprecated method http/cookiejar.py. Changing the
usage of get_origin_req_host() to origin_req_host.

Patch by Wei-Cheng Pan
2013-04-09 07:11:07 -07:00
Senthil Kumaran d9fbf36bbd #17678: Fix DeprecationWarning in the http/cookiejar.py by changing the usage
of get_origin_req_host() to origin_req_host.

Patch by Wei-Cheng Pan
2013-04-09 07:07:59 -07:00
Senthil Kumaran 052ddb01b3 #17460: Remove the strict argument of HTTPConnection and removing the
DeprecationWarning being issued from 3.2 onwards.
2013-03-18 14:11:41 -07:00
Senthil Kumaran 2688644eef #1291 http.server's send_error takes an optional explain argument 2013-03-15 07:53:21 -07:00
Senthil Kumaran df1d3c5c4b Reverting the changeset b87792757ee8 made for Issue #12921 2013-03-05 02:28:18 -08:00
Senthil Kumaran 884f0585a4 Reverting the changeset 5d76a4746d9d made for Issue #12921 2013-03-05 02:26:50 -08:00
Senthil Kumaran 1e7551dc87 Reverting the changeset 5126e62c60af made for Issue #12921 2013-03-05 02:25:58 -08:00
Senthil Kumaran 24431f1802 Fix Issue #12921: BaseHTTPServer's send_error should send the correct error
response message when  send_error includes a message in addition to error
status. Patch contributed by Karl.
2013-03-05 01:26:33 -08:00
Senthil Kumaran c37f835a43 Fix Issue #12921: BaseHTTPServer's send_error should send the correct error
response message when  send_error includes a message in addition to error
status. Patch contributed by Karl.
2013-03-05 01:23:44 -08:00
Senthil Kumaran 3fb066d286 Fix Issue #12921: BaseHTTPServer's send_error should send the correct error
response message when  send_error includes a message in addition to error
status. Patch contributed by Karl.
2013-03-05 01:22:57 -08:00
Giampaolo Rodola' 2f50aaf2ff modernize some modules' code by using with statement around open() 2013-02-12 02:04:27 +01:00
Serhiy Storchaka daf990f8a7 Issue #16723: httplib.HTTPResponse no longer marked closed when the connection
is automatically closed.
2013-02-06 10:37:19 +02:00
Serhiy Storchaka b6c86fd87f Issue #16723: httplib.HTTPResponse no longer marked closed when the connection
is automatically closed.
2013-02-06 10:35:40 +02:00
Serhiy Storchaka b5b9c8cd40 Issue #16723: httplib.HTTPResponse no longer marked closed when the connection
is automatically closed.
2013-02-06 10:31:57 +02:00
Antoine Pitrou b5032c85af Issue #15633: httplib.HTTPResponse is now mark closed when the server sends less than the advertised Content-Length. 2013-02-02 23:06:22 +01:00
Antoine Pitrou 6a35e18161 Issue #15633: httplib.HTTPResponse is now mark closed when the server sends less than the advertised Content-Length. 2013-02-02 23:04:56 +01:00
Antoine Pitrou beec61ae4e Issue #15633: httplib.HTTPResponse is now mark closed when the server sends less than the advertised Content-Length. 2013-02-02 22:49:34 +01:00
Antoine Pitrou 90e4774558 Issue #16833: In http.client.HTTPConnection, do not concatenate the request headers and body when the payload exceeds 16 KB, since it can consume more memory for no benefit.
Patch by Benno Leslie.
2013-01-02 22:10:47 +01:00
Andrew Svetlov f7a17b48d7 Replace IOError with OSError (#16715) 2012-12-25 16:47:37 +02:00
Andrew Svetlov 0832af6628 Issue #16717: get rid of socket.error, replace with OSError 2012-12-18 23:10:48 +02:00
Andrew Svetlov ad28c7f9da Issue #16706: get rid of os.error 2012-12-18 22:02:39 +02:00
Antoine Pitrou 3454339430 Issue #16298: In HTTPResponse.read(), close the socket when there is no Content-Length and the incoming stream is finished.
Patch by Eran Rundstein.
2012-12-15 19:23:34 +01:00
Antoine Pitrou d20e7745ee Issue #16298: In HTTPResponse.read(), close the socket when there is no Content-Length and the incoming stream is finished.
Patch by Eran Rundstein.
2012-12-15 19:22:30 +01:00
Antoine Pitrou 084daa2f74 Issue #16298: In HTTPResponse.read(), close the socket when there is no Content-Length and the incoming stream is finished.
Patch by Eran Rundstein.
2012-12-15 19:11:54 +01:00
Senthil Kumaran 52d2720499 Issue #16088: BaseHTTPRequestHandler's send_error method includes a
Content-Length header.  Patch by Antoine Pitrou.
2012-10-10 23:16:21 -07:00
Philip Jenvey fd0d3e5d25 more yield from
patch by Serhiy Storchaka
2012-10-01 15:34:31 -07:00
Ezio Melotti 8b15ee0d6e #15980: merge with 3.2. 2012-09-21 16:31:24 +03:00
Ezio Melotti 0847db7c01 #15980: properly escape newlines in docstrings. Patch by Serhiy Storchaka. 2012-09-21 16:30:22 +03:00
Meador Inge da1ffbc4ee Issue #15409: Replace use of deprecated urllib.request.Request methods in http.cookijar
Patch by Flávio Ribeiro.
2012-07-20 19:12:04 -05:00
Antoine Pitrou de59565f29 Simplify code in HTTPResponse.read() 2013-02-02 23:08:51 +01:00
Senthil Kumaran 1251fafcc5 Issue 14989: http.server --cgi option can enable the CGI http server. 2012-06-03 16:15:54 +08:00
Senthil Kumaran 185f401308 merge - Fix for issue14426 - buildbots here I come 2012-05-20 16:58:59 +08:00