Adding `max_num_fields` to `cgi.FieldStorage` to make DOS attacks harder by
limiting the number of `MiniFieldStorage` objects created by `FieldStorage`.
(cherry picked from commit 209144831b)
Co-authored-by: matthewbelisle-wf <matthew.belisle@workiva.com>
Issue #24764: cgi.FieldStorage.read_multi() now ignores the Content-Length
header in part headers. Patch written by Peter Landry and reviewed by Pierre
Quentel.
Issue #24764: cgi.FieldStorage.read_multi() now ignores the Content-Length
header in part headers. Patch written by Peter Landry and reviewed by Pierre
Quentel.
svn+ssh://pythondev@svn.python.org/python/branches/py3k
........
r88496 | brett.cannon | 2011-02-21 19:14:12 -0800 (Mon, 21 Feb 2011) | 4 lines
Issue #10512: close the log file in cgi when running tests.
Thanks to Nadeem Vawda for the find and an initial fix.
........
Code contributed by Matt Giuca. quote() now encodes the input
before quoting, unquote() decodes after unquoting. There are
new arguments to change the encoding and errors settings.
There are also new APIs to skip the encode/decode steps.
[un]quote_plus() are also affected.
svn+ssh://pythondev@svn.python.org/python/trunk
........
r64434 | andrew.kuchling | 2008-06-20 18:13:58 -0500 (Fri, 20 Jun 2008) | 1 line
Remove request for e-mail; it's unlikely these classes will be saved
........
r64435 | andrew.kuchling | 2008-06-20 18:14:32 -0500 (Fri, 20 Jun 2008) | 1 line
Grammar fixes
........
r64440 | andrew.kuchling | 2008-06-21 08:29:12 -0500 (Sat, 21 Jun 2008) | 1 line
Docstring typo
........
r64441 | andrew.kuchling | 2008-06-21 08:47:20 -0500 (Sat, 21 Jun 2008) | 1 line
Use repr() for bad input strings; this makes the empty string or binary characters more visible
........
r64442 | andrew.kuchling | 2008-06-21 08:48:38 -0500 (Sat, 21 Jun 2008) | 1 line
Docstring correction
........
r64443 | georg.brandl | 2008-06-21 09:26:19 -0500 (Sat, 21 Jun 2008) | 2 lines
Documentation fix.
........
r64445 | facundo.batista | 2008-06-21 12:30:06 -0500 (Sat, 21 Jun 2008) | 3 lines
Reviewed and updated the documentation. Fixes#3017.
........
r64447 | facundo.batista | 2008-06-21 13:58:04 -0500 (Sat, 21 Jun 2008) | 6 lines
Now a from submitted via POST that also has a query string
will contain both FieldStorage and MiniFieldStorage items.
Fixes#1817.
........
r64448 | facundo.batista | 2008-06-21 14:48:19 -0500 (Sat, 21 Jun 2008) | 5 lines
In the deprecated functions I added an alert to review
specially a section of the subprocess documentation
that helps with the replacing of those functionss.
........
r64450 | georg.brandl | 2008-06-22 04:05:29 -0500 (Sun, 22 Jun 2008) | 2 lines
Turn section references into proper cross-references.
........
r64452 | facundo.batista | 2008-06-22 08:36:20 -0500 (Sun, 22 Jun 2008) | 5 lines
Issue #2722. Now the char buffer to support the path string has
not fixed length, it mallocs memory if needed. As a result, we
don't have a maximum for the getcwd() method.
........
r64455 | facundo.batista | 2008-06-22 10:27:10 -0500 (Sun, 22 Jun 2008) | 4 lines
Issue 3164. Small fix to don't repeat a comparation
without necessity.
........
r64461 | georg.brandl | 2008-06-22 13:11:52 -0500 (Sun, 22 Jun 2008) | 2 lines
#3085: Fix syntax error.
........
r64464 | georg.brandl | 2008-06-22 13:31:54 -0500 (Sun, 22 Jun 2008) | 2 lines
Expand docstrings of sqlite3 functions.
........
r64466 | georg.brandl | 2008-06-22 14:07:59 -0500 (Sun, 22 Jun 2008) | 2 lines
Write out "phi" consistently.
........
r64468 | facundo.batista | 2008-06-22 14:35:24 -0500 (Sun, 22 Jun 2008) | 4 lines
Just returning nothing instead of rising TestSkipped, because
it makes the test fail in the trunk.loewis-sun buildbot.
........
the standard library. There are still a few cases of it in Demo and
Tools, but that's fine for now. These should eventually get cleaned
up. mimetools still has an import of rfc822, but mimetools itself
should go away.
to be a text file. (XXX It should use UTF-8 as the encoding.)
I also removed the unised 'binary' argument from the make_file() signature.
XXX I am under no illusion that this is now working; I're pretty sure
it would be more principled if it always read binary data. But that's
for someone who actually cares about this module.
Completely get rid of StringIO.py and cStringIO.c.
I had to fix a few tests and modules beyond what Christian did, and
invent a few conventions. E.g. in elementtree, I chose to
write/return Unicode strings whe no encoding is given, but bytes when
an explicit encoding is given. Also mimetools was made to always
assume binary files.
svn+ssh://pythondev@svn.python.org/python/branches/p3yk
........
r56127 | georg.brandl | 2007-06-30 09:32:49 +0200 (Sat, 30 Jun 2007) | 2 lines
Fix a place where floor division would be in order.
........
r56135 | guido.van.rossum | 2007-07-01 06:13:54 +0200 (Sun, 01 Jul 2007) | 28 lines
Make map() and filter() identical to itertools.imap() and .ifilter(),
respectively.
I fixed two bootstrap issues, due to the dynamic import of itertools:
1. Starting python requires that map() and filter() are not used until
site.py has added build/lib.<arch> to sys.path.
2. Building python requires that setup.py and distutils and everything
they use is free of map() and filter() calls.
Beyond this, I only fixed the tests in test_builtin.py.
Others, please help fixing the remaining tests that are now broken!
The fixes are usually simple:
a. map(None, X) -> list(X)
b. map(F, X) -> list(map(F, X))
c. map(lambda x: F(x), X) -> [F(x) for x in X]
d. filter(F, X) -> list(filter(F, X))
e. filter(lambda x: P(x), X) -> [x for x in X if P(x)]
Someone, please also contribute a fixer for 2to3 to do this.
It can leave map()/filter() calls alone that are already
inside a list() or sorted() call or for-loop.
Only in rare cases have I seen code that depends on map() of lists
of different lengths going to the end of the longest, or on filter()
of a string or tuple returning an object of the same type; these
will need more thought to fix.
........
r56136 | guido.van.rossum | 2007-07-01 06:22:01 +0200 (Sun, 01 Jul 2007) | 3 lines
Make it so that test_decimal fails instead of hangs, to help automated
test runners.
........
r56139 | georg.brandl | 2007-07-01 18:20:58 +0200 (Sun, 01 Jul 2007) | 2 lines
Fix a few test cases after the map->imap change.
........
r56142 | neal.norwitz | 2007-07-02 06:38:12 +0200 (Mon, 02 Jul 2007) | 1 line
Get a bunch more tests passing after converting map/filter to return iterators.
........
r56147 | guido.van.rossum | 2007-07-02 15:32:02 +0200 (Mon, 02 Jul 2007) | 4 lines
Fix the remaining failing unit tests (at least on OSX).
Also tweaked urllib2 so it doesn't raise socket.gaierror when
all network interfaces are turned off.
........