Commit Graph

23 Commits

Author SHA1 Message Date
Andrew M. Kuchling a5453c48d5 [Bug #1525469] SimpleXMLRPCServer still uses the sys.exc_{value,type} module-level globals instead of calling sys.exc_info(). Reported by Russell Warren 2006-09-05 13:15:41 +00:00
Tim Peters 5535da0303 Whitespace normalization. 2006-06-01 13:41:46 +00:00
Georg Brandl b9120e772b Correctly dispatch Faults in loads (patch #1498627) 2006-06-01 12:30:46 +00:00
Andrew M. Kuchling 622f144175 [Bug #1473048]
SimpleXMLRPCServer and DocXMLRPCServer don't look at
the path of the HTTP request at all; you can POST or
GET from / or /RPC2 or /blahblahblah with the same results.
Security scanners that look for /cgi-bin/phf will therefore report
lots of vulnerabilities.

Fix: add a .rpc_paths attribute to the SimpleXMLRPCServer class,
and report a 404 error if the path isn't on the allowed list.

Possibly-controversial aspect of this change: the default makes only
'/' and '/RPC2' legal.  Maybe this will break people's applications
(though I doubt it).  We could just set the default to an empty tuple,
which would exactly match the current behaviour.
2006-05-31 14:08:48 +00:00
Andrew M. Kuchling b0a1e6b735 Add explanatory message 2006-04-21 12:57:35 +00:00
Anthony Baxter e29002ccb0 Bug #1469163: SimpleXMLRPCServer unconditionally attempted to import fcntl.
Wrapped in a try/except.
2006-04-12 12:07:31 +00:00
Tim Peters 536cf99536 Whitespace normalization. 2005-12-25 23:18:31 +00:00
Andrew M. Kuchling 427aedbbd4 [Patch #1039083] Add 'encoding' parameter to SimpleXMLRPCServer 2005-12-04 17:13:12 +00:00
Andrew M. Kuchling ce100d8d4c Use boolean name 2005-12-04 16:45:05 +00:00
Andrew M. Kuchling 10a16dea74 [Patch #893642] Add optional allow_none argument to SimpleXMLRPCServer, CGIXMLRPCRequestHandler 2005-12-04 16:34:40 +00:00
Andrew M. Kuchling e63fde72f3 [Bug #792570] Under Windows, socket.read() seems to run into trouble when
asked to read tens of megabytes of data.  On my Mac, it hits MemoryErrors
when reading around 15Mb in one chunk.  The fix is to read the body in several
parts, not as one big piece.

It would be nice to fix the underlying socket.read() problem, too.

2.4 bugfix candidate.
2005-12-04 15:36:57 +00:00
Andrew M. Kuchling 3a97605500 [Bug #1222790] Set reuse-address and close-on-exec flags on the HTTP listening socket 2005-12-04 15:07:41 +00:00
Georg Brandl 7eb4b7d177 Fix all wrong instances of "it's". 2005-07-22 21:49:32 +00:00
Guido van Rossum d064142579 Security fix PSF-2005-001 for SimpleXMLRPCServer.py. 2005-02-03 15:01:24 +00:00
Brett Cannon b9b5f160ab Fix a small typo in the docstring for system_methodSignature .
Closes bug #1038935.  Thanks Malte Helmert for spotting it.
2004-10-03 23:21:44 +00:00
Raymond Hettinger cc523fc53d SF patch #834015: Remove imports of unused modules
(Contributed by George Yoshida.)
2003-11-02 09:47:05 +00:00
Neal Norwitz 3f401f07e8 whitespace normalization 2003-06-29 04:19:37 +00:00
Neal Norwitz 732911fd1e fix problems found by pychecker 2003-06-29 04:16:28 +00:00
Martin v. Löwis 9c5ea50c25 Patch #727805: Remove extra line ending from CGI responses. 2003-05-01 05:05:09 +00:00
Tim Peters 2c60f7a136 Whitespace normalization. 2003-01-29 03:49:43 +00:00
Martin v. Löwis d69663d300 Patch #473586: Implement CGIXMLRPCRequestHandler. 2003-01-15 11:37:23 +00:00
Fred Drake 787fd8cdeb _dispatch(): Do no re-define the resolve_dotted_atttribute() function
every time this gets called; move it out as a global helper function.
    Simplify the call to the _dispatch() method of the registered instance.
2001-09-29 04:54:33 +00:00
Fredrik Lundh b329b7134c Brian Quinlan's XML-RPC server framework. 2001-09-17 17:35:21 +00:00