Message 230201 - Python tracker

Message230201

Author	pitrou
Recipients	Tim.Graham, berker.peksag, georg.brandl, pitrou, r.david.murray
Date	2014-10-29.10:20:34
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1414578034.59.0.611667079411.issue22758@psf.upfronthosting.co.za>
In-reply-to

Content
Is it a normal use of SimpleCookie? The docs don't seem to imply it: """ >>> C = cookies.SimpleCookie() >>> C.load("chips=ahoy; vienna=finger") # load from a string (HTTP header) """ In any case, it's up to Georg to decide. But changeset 572d9c59a1441c6f8ffb9308824c804856020e31 fixes a security issue reported to security@python.org (the report included a concrete example of how to exploit it under certain conditions).

Content

Is it a normal use of SimpleCookie? The docs don't seem to imply it:

"""
>>> C = cookies.SimpleCookie()
>>> C.load("chips=ahoy; vienna=finger") # load from a string (HTTP header)
"""

In any case, it's up to Georg to decide. But changeset 572d9c59a1441c6f8ffb9308824c804856020e31 fixes a security issue reported to security@python.org (the report included a concrete example of how to exploit it under certain conditions).

History
Date	User	Action	Args
2014-10-29 10:20:34	pitrou	set	recipients: + pitrou, georg.brandl, r.david.murray, berker.peksag, Tim.Graham
2014-10-29 10:20:34	pitrou	set	messageid: <1414578034.59.0.611667079411.issue22758@psf.upfronthosting.co.za>
2014-10-29 10:20:34	pitrou	link	issue22758 messages
2014-10-29 10:20:34	pitrou	create