- 09 Jan, 2011 1 commit
-
-
R. David Murray authored
This makes Header.encode throw a HeaderParseError if it winds up formatting a header such that a continuation line has no leading whitespace and looks like a header. Since Header accepts values containing newlines and preserves them (and this is by design), without this fix any program that took user input (say, a subject in a web form) and passed it to the email package as a header was vulnerable to header injection attacks. (As far as we know this has never been exploited.) Thanks to Jakub Wilk for reporting this vulnerability.
-
- 08 Jan, 2011 22 commits
-
-
Raymond Hettinger authored
-
Georg Brandl authored
-
Alexander Belopolsky authored
-
Victor Stinner authored
-
Victor Stinner authored
-
Raymond Hettinger authored
-
Antoine Pitrou authored
-
Raymond Hettinger authored
in the operator module.
-
Antoine Pitrou authored
-
Antoine Pitrou authored
private by renaming it to `_GeneratorContextManager`.
-
Georg Brandl authored
-
Raymond Hettinger authored
-
Raymond Hettinger authored
-
Raymond Hettinger authored
comparisons that could lead to infinite recursion.
-
Victor Stinner authored
-
Victor Stinner authored
-
Victor Stinner authored
The buildbots will tell us which platform does support or not negative years.
-
Victor Stinner authored
-
Victor Stinner authored
-
Victor Stinner authored
* With Visual Studio, year have to be in [1; 9999] * Add more tests on the year field
-
Alexander Belopolsky authored
Victor Stinner for pointing this out.
-
Alexander Belopolsky authored
-
- 07 Jan, 2011 17 commits
-
-
R. David Murray authored
This applies only when generating strings from non-RFC compliant binary input; it makes the existing recoding behavior more consistent (ie: now no data is lost when recoding).
-
R. David Murray authored
Before this patch if a value being encoded had an embedded newline, the line following the newline would have no leading whitespace, and the whitespace it did have was encoded into the word. Now the existing whitespace gets turned into a blank, the way it does in other header reformatting, and the _continuation_ws gets added at the beginning of the encoded line.
-
Raymond Hettinger authored
Revert r87821 which moved the source link to the wrong section (from the module intro covering the module to a section on thread imports).
-
Antoine Pitrou authored
-
Antoine Pitrou authored
non-Python managed memory while it is being modified by another thread. Patch by Matt Bandy.
-
Raymond Hettinger authored
-
Raymond Hettinger authored
-
Georg Brandl authored
-
Raymond Hettinger authored
-
Alexander Belopolsky authored
function will now format any year when time.accept2dyear is false and will accept years >= 1000 otherwise. The year range accepted by time.mktime and time.strftime is still system dependent, but time.mktime will now accept full range supported by the OS. Conversion of 2-digit years to 4-digit is deprecated.
-
Antoine Pitrou authored
-
Antoine Pitrou authored
-
Antoine Pitrou authored
-
Victor Stinner authored
-
Victor Stinner authored
On Windows, set the binary mode on stdin, stdout, stderr and all io.FileIO objects (to not translate newlines, \r\n <=> \n). The Python parser translates newlines (\r\n => \n).
-
Antoine Pitrou authored
-
Antoine Pitrou authored
-
