jpic <j...@yourlabs.org> added the comment:

Thanks for the kind words Cyril, sorry that this patch doesn't address exactly 
the issue that you have described initially, but rather the security issue 
related to it.

The exception depending on the parsing issue is already supported by the new 
API, although it's just "Invalid Domain" for now. For user interfaces it would 
be nice to detail parse errors indeed. Again I wonder if this should be a 
separate issue.

Concerning the default behavior, @maxking will know but I would try to defend 
the "secure by default" paradigm if necessary, especially in the deprecated 
API. Meanwhile, I think it would create more value for Python to invest in 
feature development in the new API, that has a very nice private API but 
apparently lacks unit tests and documentation before becoming available to 
users.

----------

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue34155>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to