RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from http://mail.python.org/pipermail/python-dev/2002-June/025586.html below:

[Python-Dev] PEP 292, Simpler String Substitutions

[Python-Dev] PEP 292, Simpler String Substitutions [Python-Dev] PEP 292, Simpler String SubstitutionsBarry A. Warsaw barry@zope.com
Wed, 19 Jun 2002 08:18:44 -0400

Previous message: [Python-Dev] PEP 292, Simpler String Substitutions
Next message: [Python-Dev] PEP 292, Simpler String Substitutions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> "FL" == Fredrik Lundh <fredrik@pythonware.com> writes:

    FL> combine 1, 2, and 3 with _getframe(), and you have a
    FL> feature that crackers are going to love...

Why?

I've added a note that you should never use no-arg .sub() on strings
that come from untrusted sources.  Are there any other specific
security concerns you can identify?

-Barry

Previous message: [Python-Dev] PEP 292, Simpler String Substitutions
Next message: [Python-Dev] PEP 292, Simpler String Substitutions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4