Author kj
Recipients hroncok, kj, lemburg, mdk, serhiy.storchaka, vstinner
Date 2021-01-22.16:05:20
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1611331520.71.0.0954880207091.issue42988@roundup.psfhosted.org>
In-reply-to
Content
I have updated the PR to do the following:

- removed html_getfile
- implement a unique secret as suggested above

Now it says:
>>> python.exe -m pydoc -b
Server ready at http://localhost:52035/Y1YzOyEbitE9BB_dtH0YXbMgGXbcg3ytXLpvpg8P7GEM3z1hlCkTXgxaojtAordVqs2s6oHZHPMbXqq9mXq_wbJCVW8jnHrgQeYE5hFUQuI/


FWIW, it seems that Jupyter notebook server deals with the same problems in a similar manner: https://jupyter-notebook.readthedocs.io/en/stable/security.html#security-in-the-jupyter-notebook-server

I removed the warning message in the PR because I think this is secure enough.
History
Date User Action Args
2021-01-22 16:05:20kjsetrecipients: + kj, lemburg, vstinner, serhiy.storchaka, mdk, hroncok
2021-01-22 16:05:20kjsetmessageid: <1611331520.71.0.0954880207091.issue42988@roundup.psfhosted.org>
2021-01-22 16:05:20kjlinkissue42988 messages
2021-01-22 16:05:20kjcreate