This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pitrou
Recipients barry, benjamin.peterson, georg.brandl, gvanrossum, orsenthil, pitrou, r.david.murray, vstinner
Date 2011-03-24.17:08:37
SpamBayes Score 0.00016340046
Marked as misclassified No
Message-id <1300986514.3957.16.camel@localhost.localdomain>
In-reply-to <>
> > Senthil's patch allows a redirect to ftp while Guido's doesn't.
> That is a good question. Should we? It doesn't look like ftp:
> participates in the vulnerability, but I'm not sure how useful it is
> either.

I would say accept it anyway. That way we minimize potential for
compatibility breakage.
(do we support "ftps" as well? I don't think so)

> > Senthil's patch doesn't seem to fix urllib-inherited code, only
> urllib2- (see FancyURLopener.redirect_internal()).
> Right, that's for Python 3.

FancyURLopener is still present in Python 3 (even though we would like
to deprecate it in 3.3).
Date User Action Args
2011-03-24 17:08:38pitrousetrecipients: + pitrou, gvanrossum, barry, georg.brandl, orsenthil, vstinner, benjamin.peterson, r.david.murray
2011-03-24 17:08:38pitroulinkissue11662 messages
2011-03-24 17:08:37pitroucreate