Dave Brueck <[EMAIL PROTECTED]> writes: > One thing from your experience that did resonate with me is that, > except for ftplib and occasionally urllib (for basic, one-shot GETs), > we don't use any of the standard library's "protocol" modules - partly > because we had to implement our own HTTP libraries for performance and > scalability reasons anyway, and partly because we had trouble figuring > out e.g. all the ins and outs of urllib/urllib2/httplib.
What do you use for HTTPS? And did you use the Cookie module in your HTTP servers? You may have had problems without even being aware of them (until recently if you used Cookie with its default settings, any attacker could completely take over your server by sending you carefully concoted cookies). I'm not trying to be contentious here, just mentioning a couple further cases of where problems aren't visible from far away but are there when you look close. -- http://mail.python.org/mailman/listinfo/python-list
