Message138663
The packaging.pypi.simple.Crawler blindly follows external download URLs. The crawler should honor a list of allowed hosts (see also the hosts parameter) before attempting to download from an external source.
Éric Araujo has also pointed out that established tools like easy_install and pip provide ways of allowing/restricting by host. |
|
Date |
User |
Action |
Args |
2011-06-19 21:08:20 | michael.mulich | set | recipients:
+ michael.mulich, tarek, eric.araujo, alexis |
2011-06-19 21:08:19 | michael.mulich | set | messageid: <1308517699.95.0.568809306044.issue12368@psf.upfronthosting.co.za> |
2011-06-19 21:08:19 | michael.mulich | link | issue12368 messages |
2011-06-19 21:08:19 | michael.mulich | create | |
|