Message 185199 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	christian.heimes, docs@python, dstufft, hynek
Date	2013-03-25.12:16:49
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1364213809.28.0.841072928225.issue17538@psf.upfronthosting.co.za>
In-reply-to

Content
Donald: Thanks! I'm going to look at your patch later today. Hynek: Because the preferred way is another: use patched expat and pyexpat C modules of defusedexpat. It's a fix on C level and still allows a sane amount of entity expansions. defusedxml disallows any XML document that smells even a tiny bit. This approach needs a) more reviews and b) an API to enable the limitations-

Donald: Thanks! I'm going to look at your patch later today.

Hynek: Because the preferred way is another: use patched expat and pyexpat C modules of defusedexpat. It's a fix on C level and still allows a sane amount of entity expansions. defusedxml disallows any XML document that smells even a tiny bit. This approach needs a) more reviews and b) an API to enable the limitations-

History
Date	User	Action	Args
2013-03-25 12:16:49	christian.heimes	set	recipients: + christian.heimes, docs@python, hynek, dstufft
2013-03-25 12:16:49	christian.heimes	set	messageid: <1364213809.28.0.841072928225.issue17538@psf.upfronthosting.co.za>
2013-03-25 12:16:49	christian.heimes	link	issue17538 messages
2013-03-25 12:16:49	christian.heimes	create