Message102940
On Mon, Apr 12, 2010 at 11:50:57AM +0000, Michael Glassford wrote:
> 1) Although the urlparse documentation does mention the relevant RFCs, on a quick read-through I don't see that it actually requires its input to be a valid URL.
> 2) Obviously, some code is using it for invalid URLs.
Which is true, because in some cases like urlparse.urljoin(base, rel),
the rel is a relative url it undergoes the same parsing mechanism
applicable to any url and thus there is no way a 'rigorous' check for
authorized url is happening.
Checks are done for valid chars in scheme and other parsing
behaviours.
> I don't have a problem with this. I reported the issue to bring attention to the fact that the change affected real code and to see if anyone had suggestions for dealing with the problem in a better way (at the moment, I don't).
>
Yeah, I understand the situation with 'changes which break the
existing code', which we try to avoid many times. I shall if this can
be addressed without reverting any recent changes and still being
complaint. |
|
Date |
User |
Action |
Args |
2010-04-12 12:25:19 | orsenthil | set | recipients:
+ orsenthil, eric.araujo, r.david.murray, Michael Glassford |
2010-04-12 12:25:17 | orsenthil | link | issue8339 messages |
2010-04-12 12:25:16 | orsenthil | create | |
|