Merge from 3.1: Issue #13703: add a way to randomize the hash values of basic types (str, bytes, datetime)

in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated. The environment variable PYTHONHASHSEED and the new command line flag -R control this behavior.
2025-08-31 05:58:33 +00:00 · 2012-02-20 21:31:46 +01:00 · 2012-02-20 21:31:46 +01:00 · 09a7c72cad
commit 09a7c72cad
parent fee358b0df 2daf6ae249
34 changed files with 676 additions and 162 deletions
--- a/Lib/test/test_urllib.py
+++ b/Lib/test/test_urllib.py
@ -13,6 +13,7 @@ import sys
 import tempfile

 from base64 import b64encode
+import collections

 def hexescape(char):
    """Escape char as RFC 2396 specifies"""
@ -953,8 +954,9 @@ class urlencode_Tests(unittest.TestCase):
        self.assertEqual("a=1&a=2", urllib.parse.urlencode({"a": [1, 2]}, True))
        self.assertEqual("a=None&a=a",
                         urllib.parse.urlencode({"a": [None, "a"]}, True))
+        data = collections.OrderedDict([("a", 1), ("b", 1)])
        self.assertEqual("a=a&a=b",
-                         urllib.parse.urlencode({"a": {"a": 1, "b": 1}}, True))
+                         urllib.parse.urlencode({"a": data}, True))

    def test_urlencode_encoding(self):
        # ASCII encoding. Expect %3F with errors="replace'