Message 342054 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	docs@python, vstinner
Date	2019-05-10.03:41:30
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1557459691.12.0.556693975132.issue36873@roundup.psfhosted.org>
In-reply-to

Content
http.server documentation starts with a red warning: "Warning: http.server is not recommended for production. It only implements basic security checks." https://docs.python.org/dev/library/http.server.html It would help to be even more explicit on what it means. For example, document that symbolic links are followed and SimpleHTTPRequestHandler directory can be "escaped" following symbolic links.

http.server documentation starts with a red warning:

"Warning: http.server is not recommended for production. It only implements basic security checks."

https://docs.python.org/dev/library/http.server.html

It would help to be even more explicit on what it means. For example, document that symbolic links are followed and SimpleHTTPRequestHandler directory can be "escaped" following symbolic links.

History
Date	User	Action	Args
2019-05-10 03:41:31	vstinner	set	recipients: + vstinner, docs@python
2019-05-10 03:41:31	vstinner	set	messageid: <1557459691.12.0.556693975132.issue36873@roundup.psfhosted.org>
2019-05-10 03:41:31	vstinner	link	issue36873 messages
2019-05-10 03:41:30	vstinner	create