Message 238255 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	martin.panter
Recipients	demian.brecht, martin.panter, orsenthil, soilandreyes
Date	2015-03-17.02:09:13
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1426558154.54.0.85868842335.issue22852@psf.upfronthosting.co.za>
In-reply-to

Content
Regarding unparsing of "////evil.com", see Issue 23505, where the invalid behaviour is pointed out as a security issue. This was one of the bugs that motivated me to make this patch. I cannot imagine some existing code (other than an exploit) that would be broken by restoring the empty “//” component; do you have an example? Why do you think the asterisks (*) in the Split/ParseResult signatures are misleading? I am trying to document that the has_ flags are keyword-only parameters. I avoided making them positional parameters, as they are not part of the underlying tuple object.

Regarding unparsing of "////evil.com", see Issue 23505, where the invalid behaviour is pointed out as a security issue. This was one of the bugs that motivated me to make this patch. I cannot imagine some existing code (other than an exploit) that would be broken by restoring the empty “//” component; do you have an example?

Why do you think the asterisks (*) in the Split/ParseResult signatures are misleading? I am trying to document that the has_ flags are keyword-only parameters. I avoided making them positional parameters, as they are not part of the underlying tuple object.

History
Date	User	Action	Args
2015-03-17 02:09:14	martin.panter	set	recipients: + martin.panter, orsenthil, demian.brecht, soilandreyes
2015-03-17 02:09:14	martin.panter	set	messageid: <1426558154.54.0.85868842335.issue22852@psf.upfronthosting.co.za>
2015-03-17 02:09:14	martin.panter	link	issue22852 messages
2015-03-17 02:09:13	martin.panter	create