Message102940
| Author |
orsenthil |
| Recipients |
Michael Glassford, eric.araujo, orsenthil, r.david.murray |
| Date |
2010年04月12日.12:25:16 |
| SpamBayes Score |
5.42138e-11 |
| Marked as misclassified |
No |
| Message-id |
<20100412122505.GA29009@remy> |
| In-reply-to |
<1271073057.05.0.615685762358.issue8339@psf.upfronthosting.co.za> |
| Content |
On Mon, Apr 12, 2010 at 11:50:57AM +0000, Michael Glassford wrote:
> 1) Although the urlparse documentation does mention the relevant RFCs, on a quick read-through I don't see that it actually requires its input to be a valid URL.
> 2) Obviously, some code is using it for invalid URLs.
Which is true, because in some cases like urlparse.urljoin(base, rel),
the rel is a relative url it undergoes the same parsing mechanism
applicable to any url and thus there is no way a 'rigorous' check for
authorized url is happening.
Checks are done for valid chars in scheme and other parsing
behaviours.
> I don't have a problem with this. I reported the issue to bring attention to the fact that the change affected real code and to see if anyone had suggestions for dealing with the problem in a better way (at the moment, I don't).
>
Yeah, I understand the situation with 'changes which break the
existing code', which we try to avoid many times. I shall if this can
be addressed without reverting any recent changes and still being
complaint. |
|