Message359252
> The function literal_eval is not safe anymore as the constructor can be intercepted:
Well, actually it can also be done with any other builtin via the same trick, so this is no different but is only slightly more obvious that it can be done.
I still find a bit weird that the documentation says "literal or container display" but 'set' is neither. |
|
Date |
User |
Action |
Args |
2020-01-03 19:40:29 | pablogsal | set | recipients:
+ pablogsal, rhettinger, serhiy.storchaka, BTaskaya |
2020-01-03 19:40:29 | pablogsal | set | messageid: <1578080429.1.0.34389659698.issue39158@roundup.psfhosted.org> |
2020-01-03 19:40:29 | pablogsal | link | issue39158 messages |
2020-01-03 19:40:29 | pablogsal | create | |
|