Message385352
FWIW, a surprising amount of things rely on treating ';' as a valid separator in the standard test suite.
From just a cursory look:
test_cgi
test_urlparse
A change in the public API of urlparse will also require a change in cgi.py's FieldStorage, FieldStorage.read_multi, parse and parse_multipart to expose that parameter since those functions forward arguments directly to urllib.parse.parse_qs internally.
If we backport this, it seems that we will *also* need to backport all those changes to cgi's public API. Otherwise, just backporting the security fix part without allowing the user to switch would break existing code.
Just my 2 cents on the issue. I'm not too familiar with security fixes in cpython anyways ;). |
|
Date |
User |
Action |
Args |
2021-01-20 16:06:30 | kj | set | recipients:
+ kj, lemburg, vstinner, serhiy.storchaka, AdamGold |
2021-01-20 16:06:30 | kj | set | messageid: <1611158790.09.0.212553831731.issue42967@roundup.psfhosted.org> |
2021-01-20 16:06:30 | kj | link | issue42967 messages |
2021-01-20 16:06:29 | kj | create | |
|