This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author sethmlarson
Recipients Mike.Lissner, gregory.p.smith, lukasz.langa, mgorny, miss-islington, orsenthil, sethmlarson, xtreak
Date 2021-05-04.17:26:45
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Leaving a thought here, I'm highlighting that we're now implementing two different standards, RFC 3986 with hints of WHATWG-URL. There are pitfalls to doing so as now a strict URL parser for RFC 3986 (like the one used by urllib3/requests) will give different results compared to Python and thus opens up the door for SSRF vulnerabilities [1].

Date User Action Args
2021-05-04 17:26:45sethmlarsonsetrecipients: + sethmlarson, gregory.p.smith, orsenthil, lukasz.langa, mgorny, Mike.Lissner, miss-islington, xtreak
2021-05-04 17:26:45sethmlarsonsetmessageid: <>
2021-05-04 17:26:45sethmlarsonlinkissue43882 messages
2021-05-04 17:26:45sethmlarsoncreate