Ken Jin <kenjin4...@gmail.com> added the comment:
I have updated the PR to do the following: - removed html_getfile - implement a unique secret as suggested above Now it says: >>> python.exe -m pydoc -b Server ready at http://localhost:52035/Y1YzOyEbitE9BB_dtH0YXbMgGXbcg3ytXLpvpg8P7GEM3z1hlCkTXgxaojtAordVqs2s6oHZHPMbXqq9mXq_wbJCVW8jnHrgQeYE5hFUQuI/ FWIW, it seems that Jupyter notebook server deals with the same problems in a similar manner: https://jupyter-notebook.readthedocs.io/en/stable/security.html#security-in-the-jupyter-notebook-server I removed the warning message in the PR because I think this is secure enough. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue42988> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
