Message 385503 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	kj
Recipients	hroncok, kj, lemburg, mdk, serhiy.storchaka, vstinner
Date	2021-01-22.16:05:20
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1611331520.71.0.0954880207091.issue42988@roundup.psfhosted.org>
In-reply-to

Content
I have updated the PR to do the following: - removed html_getfile - implement a unique secret as suggested above Now it says: >>> python.exe -m pydoc -b Server ready at http://localhost:52035/Y1YzOyEbitE9BB_dtH0YXbMgGXbcg3ytXLpvpg8P7GEM3z1hlCkTXgxaojtAordVqs2s6oHZHPMbXqq9mXq_wbJCVW8jnHrgQeYE5hFUQuI/ FWIW, it seems that Jupyter notebook server deals with the same problems in a similar manner: https://jupyter-notebook.readthedocs.io/en/stable/security.html#security-in-the-jupyter-notebook-server I removed the warning message in the PR because I think this is secure enough.

I have updated the PR to do the following:

- removed html_getfile
- implement a unique secret as suggested above

Now it says:
>>> python.exe -m pydoc -b
Server ready at http://localhost:52035/Y1YzOyEbitE9BB_dtH0YXbMgGXbcg3ytXLpvpg8P7GEM3z1hlCkTXgxaojtAordVqs2s6oHZHPMbXqq9mXq_wbJCVW8jnHrgQeYE5hFUQuI/


FWIW, it seems that Jupyter notebook server deals with the same problems in a similar manner: https://jupyter-notebook.readthedocs.io/en/stable/security.html#security-in-the-jupyter-notebook-server

I removed the warning message in the PR because I think this is secure enough.

History
Date	User	Action	Args
2021-01-22 16:05:20	kj	set	recipients: + kj, lemburg, vstinner, serhiy.storchaka, mdk, hroncok
2021-01-22 16:05:20	kj	set	messageid: <1611331520.71.0.0954880207091.issue42988@roundup.psfhosted.org>
2021-01-22 16:05:20	kj	link	issue42988 messages
2021-01-22 16:05:20	kj	create