Message 253860 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	gvanrossum
Recipients	Pathangi Jatinshravan, Tim.Graham, gvanrossum, martin.panter, pitrou, r.david.murray
Date	2015-11-01.16:57:10
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<CAP7+vJ+X24jeU_-JT14SBduPjjUrd7Gf8+=T8bBf-HDB_u35xw@mail.gmail.com>
In-reply-to	<1446358303.32.0.47944550947.issue25228@psf.upfronthosting.co.za>

Content
I'm coming at this without much context (I don't recall the original issue) but IIUC from a security POV, lenient parsing is unsafe -- it could allow an attacker to modify a cookie (or part of a cookie -- I'm unclear on the correct terminology here) and that's what we're trying to avoid.

I'm coming at this without much context (I don't recall the original issue)
but IIUC from a security POV, lenient parsing is unsafe -- it could allow
an attacker to modify a cookie (or part of a cookie -- I'm unclear on the
correct terminology here) and that's what we're trying to avoid.

History
Date	User	Action	Args
2015-11-01 16:57:10	gvanrossum	set	recipients: + gvanrossum, pitrou, r.david.murray, martin.panter, Tim.Graham, Pathangi Jatinshravan
2015-11-01 16:57:10	gvanrossum	link	issue25228 messages
2015-11-01 16:57:10	gvanrossum	create