On Jan 19, 8:44 pm, Emil Stenström wrote:
> On Thursday, 22 December 2011 03:49:44 UTC+1, Russell Keith-Magee wrote:
> > ... there isn't a single solution that will work
> > everywhere, which one of the reasons that the docs are silent on the
> > issue.
>
> Just for the record: The docs are actu
On 20/01/12 17:22, Tom Evans wrote:
> The python bug is marked wont-fix. In our production code, we have
> temporarily worked around it by forcing sessions to be encoded with
> protocol 1 (binary) rather than protocol 2, by monkey patching
> pickle.HIGHEST_PROTOCOL in settings.py.
>
> Do you thin
On Thu, Jan 19, 2012 at 1:27 PM, Adrian Holovaty wrote:
> On Thu, Jan 19, 2012 at 12:15 PM, Carl Meyer wrote:
> > I don't think Adrian is proposing anything as extensive as #17. What
> > he's proposing (IIUC) wouldn't change the semantics of your sample code
> > at all. All it would do is prepopu
Hi all
I was recently affected in production by a python bug:
http://bugs.python.org/issue826897
(also http://bugs.python.org/issue964868 , which refers to the problem
with Cookie)
The class affected by this bug is python's Cookie.Morsel. With the
bug, each time the object is pickled/unpickled,
Paul McMillan had a very good posting about this on the Python issue tracker.
The problem is that whenever you put user supplied data into a hashmap, you are
vulnerable to this attack. This basically includes most Python modules, and I
would guess a lot of user code, too. So, if you fix JSON and
On 20/01/12 08:47, Aymeric Augustin wrote:
> 2012/1/20 Łukasz Rekucki mailto:lreku...@gmail.com>>
>
> We all know browsers won't crash and they will render the page exactly
> the same. I volunteer to fix any issues in the test suite (considering
> the hash changes also between 32-bit/6
On Jan 20, 5:54 am, David Cramer wrote:
> So a few things we've done to take our test suite from 45 minutes to
> 12:
>
> 1. Implement global fixtures
>
> These get loaded after syncing just like initial data. Obviously this
> is a massive speed up
> as you only reload them in between transaction t
2012/1/20 Łukasz Rekucki
> We all know browsers won't crash and they will render the page exactly
> the same. I volunteer to fix any issues in the test suite (considering
> the hash changes also between 32-bit/64-bit Python, i'm not sure there
> are even any or we would get a report on that, woul