mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-07-12 13:55:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 14
109518 commits 7 branches 620 tags 2.6 GiB
Commit graph

93 commits

Author SHA1 Message Date
Ken Jin
b38601d496
bpo-42967: coerce bytes separator to string in urllib.parse_qs(l) (#24818) 
* coerce bytes separator to string

* Add news

* Update Misc/NEWS.d/next/Library/2021-03-11-00-31-41.bpo-42967.2PeQRw.rst
 2021-04-11 06:26:09 -07:00
Adam Goldschmidt
fcbe0cb04d
bpo-42967: only use '&' as a query string separator (#24297) 
bpo-42967: [security] Address a web cache-poisoning issue reported in urllib.parse.parse_qsl().

urllib.parse will only us "&" as query string separator by default instead of both ";" and "&" as allowed in earlier versions. An optional argument seperator with default value "&" is added to specify the separator.


Co-authored-by: Éric Araujo <merwok@netwok.org>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Ken Jin <28750310+Fidget-Spinner@users.noreply.github.com>
Co-authored-by: Éric Araujo <merwok@netwok.org>
 2021-02-14 14:41:57 -08:00
Tim Graham
5a88d50ff0 bpo-27657: Fix urlparse() with numeric paths (#661) 
* bpo-27657: Fix urlparse() with numeric paths

Revert parsing decision from bpo-754016 in favor of the documented
consensus in bpo-16932 of how to treat strings without a // to
designate the netloc.

* bpo-22891: Remove urlsplit() optimization for 'http' prefixed inputs.
 2019-10-18 06:07:20 -07:00
Steve Dower
8d0ef0b5ed bpo-36742: Corrects fix to handle decomposition in usernames (#13812) 2019-06-04 17:55:29 +02:00
Rémi Lapeyre
674ee12600 bpo-35397: Remove deprecation and document urllib.parse.unwrap (GH-11481) 2019-05-27 09:43:45 -04:00
Steve Dower
d537ab0ff9
bpo-36742: Fixes handling of pre-normalization characters in urlsplit() (GH-13017) 2019-04-30 12:03:02 +00:00
Steve Dower
16e6f7dee7
bpo-36216: Add check for characters in netloc that normalize to separators (GH-12201) 2019-03-07 08:02:26 -08:00
Srinivas Thatiparthy (శ్రీనివాస్ తాటిపర్తి)
90d0cfb222 bpo-35202: Remove unused imports in tests. (GH-10561) 2018-11-16 17:32:58 +02:00
matthewbelisle-wf
209144831b bpo-34866: Adding max_num_fields to cgi.FieldStorage (GH-9660) 
Adding `max_num_fields` to `cgi.FieldStorage` to make DOS attacks harder by
limiting the number of `MiniFieldStorage` objects created by `FieldStorage`.
 2018-10-19 03:52:59 -07:00
Cheryl Sabella
867b825830 bpo-27485: Change urlparse tests to use private methods. (GH-7070) 2018-06-03 17:31:32 +03:00
Cheryl Sabella
0250de4819 bpo-27485: Rename and deprecate undocumented functions in urllib.parse (GH-2205) 2018-04-25 16:51:54 -07:00
Matt Eaton
2cb4661707 bpo-33034: Improve exception message when cast fails for {Parse,Split}Result.port (GH-6078) 2018-03-20 09:41:37 +03:00
Коренберг Марк
fbd605151f bpo-32323: urllib.parse.urlsplit() must not lowercase() IPv6 scope value (#4867) 2017-12-21 14:16:17 +02:00
postmasters
90e01e50ef urllib: Simplify splithost by calling into urlparse. (#1849) 
The current regex based splitting produces a wrong result. For example::

  http://abc#@def

Web browsers parse that URL as ``http://abc/#@def``, that is, the host
is ``abc``, the path is ``/``, and the fragment is ``#@def``.
 2017-06-20 15:02:44 +02:00
Senthil Kumaran
257b980b31 correct parse_qs and parse_qsl test case descriptions. (#968) 
* correct parse_qs and parse_qsl test case descriptions.
 2017-04-04 21:19:43 -07:00
Berker Peksag
f8479eeb34 Issue #25895: Merge from 3.5 2016-09-16 14:45:15 +03:00
Berker Peksag
f676748a05 Issue #25895: Enable WebSocket URL schemes in urllib.parse.urljoin 
Patch by Gergely Imreh and Markus Holtermann.
 2016-09-16 14:43:58 +03:00
Senthil Kumaran
4d4ac5bd02 merge 3.5 
issue26775 - Improve test coverage for urllib.parse
Patch contributed by Luiz Poleto.
 2016-04-16 07:34:24 -07:00
Senthil Kumaran
e38415e776 issue26775 - Improve test coverage for urllib.parse 
Patch contributed by Luiz Poleto.
 2016-04-16 07:33:15 -07:00
Robert Collins
dfa95c9a8f Issue #20059: urllib.parse raises ValueError on all invalid ports. 
Patch by Martin Panter.
 2015-08-10 09:53:30 +12:00
Berker Peksag
a7c781724f Issue #23684: Clarify the return value of the scheme attribute of ParseResult and SplitResult objects. 
Patch by Martin Panter.
 2015-06-25 23:39:26 +03:00
Berker Peksag
89584c97e4 Issue #23684: Clarify the return value of the scheme attribute of ParseResult and SplitResult objects. 
Patch by Martin Panter.
 2015-06-25 23:38:48 +03:00
R David Murray
c17686f071 Issue #13866: add *quote_via* argument to urlencode. 
Patch by samwyse, completed by Arnon Yaari, and reviewed by
Martin Panter.
 2015-05-17 20:44:50 -04:00
Berker Peksag
20416f7994 Issue #23703: Fix a regression in urljoin() introduced in 901e4e52b20a. 
Patch by Demian Brecht.
 2015-04-16 02:31:14 +03:00
Serhiy Storchaka
1515450440 Issue #23411: Added DefragResult, ParseResult, SplitResult, DefragResultBytes, 
ParseResultBytes, and SplitResultBytes to urllib.parse.__all__.
Patch by Martin Panter.
 2015-04-07 19:09:01 +03:00
Serhiy Storchaka
5e0fd95e3b Added more tests for urllib.parse utility functions. 
These functions are not documented but used in third-party code.
 2015-03-02 16:33:08 +02:00
Serhiy Storchaka
9270be7662 Added more tests for urllib.parse utility functions. 
These functions are not documented but used in third-party code.
 2015-03-02 16:32:29 +02:00
Senthil Kumaran
a66e3885fb Issue #22278: Fix urljoin problem with relative urls, a regression observed 
after changes to issue22118 were submitted.

Patch contributed by Demian Brecht and reviewed by Antoine Pitrou.
 2014-09-22 15:49:16 +08:00
Antoine Pitrou
55ac5b3f7b Issue #22118: Switch urllib.parse to use RFC 3986 semantics for the resolution of relative URLs, rather than RFCs 1808 and 2396. 
Patch by Demian Brecht.
 2014-08-21 19:16:17 -04:00
Serhiy Storchaka
5d83d1a814 Issue #20270: urllib.urlparse now supports empty ports. 2014-01-18 18:31:41 +02:00
Serhiy Storchaka
ff97b08d00 Issue #20270: urllib.urlparse now supports empty ports. 2014-01-18 18:30:33 +02:00
Serhiy Storchaka
8f8ec92de8 Issue #19936: Added executable bits or shebang lines to Python scripts which 
requires them.  Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface.  Fixed
shebang lines in the unittestgui and checkpip scripts.
 2014-01-16 17:33:23 +02:00
Serhiy Storchaka
b992a0e102 Issue #19936: Added executable bits or shebang lines to Python scripts which 
requires them.  Disable executable bits and shebang lines in test and
benchmark files in order to prevent using a random system python, and in
source files of modules which don't provide command line interface.  Fixed
shebang line to use python3 executable in the unittestgui script.
 2014-01-16 17:15:49 +02:00
R David Murray
f516388de8 #17472: add tests for a couple of untested methods in urllib.urlparse. 
Original patch by Daniel Wozniak.
 2013-03-21 20:56:51 -04:00
Senthil Kumaran
ed30199e78 Fix issue16713 - tel url parsing with params 2012-12-24 14:00:20 -08:00
Senthil Kumaran
2fc5a50809 Issue #14036: return None when port in urlparse cross 65535 2012-05-24 21:56:17 +08:00
Ezio Melotti
6709b7d5d1 #14072: Fix parsing of tel URIs in urlparse by making the check for ports stricter. 2012-05-19 17:15:19 +03:00
Senthil Kumaran
1be320ebdd Issue9374 - Generic parsing of query and fragment portion of urls for any scheme 2012-05-19 08:12:00 +08:00
Georg Brandl
09a7c72cad Merge from 3.1: Issue #13703: add a way to randomize the hash values of basic types (str, bytes, datetime) 
in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated.

The environment variable PYTHONHASHSEED and the new command line flag -R control this
behavior.
 2012-02-20 21:31:46 +01:00
Ezio Melotti
e130a52d8a Remove duplication. 2011-10-19 10:58:56 +03:00
Senthil Kumaran
7ce71f6496 change the redundant svn scheme urljoin test case to svn+ssh scheme. 2011-08-03 22:08:46 +08:00
Senthil Kumaran
2a157d2a3d Fix closes issue12683 - urljoin to work with relative join of svn scheme. 2011-08-03 18:37:22 +08:00
Senthil Kumaran
de02a7194c Fix closes issue12581 - Increase the urllib.parse test coverage. Patch by Petter Haggholm. 2011-07-23 18:27:45 +08:00
Senthil Kumaran
b4bd4af8c4 merge from 3.1 2011-04-15 18:21:26 +08:00
Senthil Kumaran
397eb4411a Issue #11467: Fix urlparse behavior when handling urls which contains scheme specific part only digits. 2011-04-15 18:20:24 +08:00
Victor Stinner
1d87deb605 test_urlparse: add tests for encoding and errors arguments 2011-01-14 13:05:19 +00:00
Senthil Kumaran
3396e8671d Merged revisions 87329 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r87329 | senthil.kumaran | 2010-12-17 12:48:45 +0800 (Fri, 17 Dec 2010) | 3 lines

  Fix Issue9721 - urljoin behavior when the relative url starts with ';'
........
 2010-12-17 04:54:43 +00:00
Senthil Kumaran
dca5b86233 Fix Issue9721 - urljoin behavior when the relative url starts with ';' 2010-12-17 04:48:45 +00:00
Ezio Melotti
ed3a7d2d60 #10273: Rename assertRegexpMatches and assertRaisesRegexp to assertRegex and assertRaisesRegex. 2010-12-01 02:32:32 +00:00
Nick Coghlan
9fc443cf59 Issue 9873: the URL parsing functions now accept ASCII encoded byte sequences in addition to character strings 2010-11-30 15:48:08 +00:00