]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fa476fe) | patch
bpo-40932: Note security caveat of shlex.quote on Windows (GH-21502)
authorAmmar Askar <ammar@ammaraskar.com>
Wed, 11 Nov 2020 07:29:56 +0000 (02:29 -0500)
committerGitHub <noreply@github.com>
Wed, 11 Nov 2020 07:29:56 +0000 (23:29 -0800)
commitf9a8386e44a695551a1e54e709969e90e9b96bc4
tree8388f4572c7ff038dd4dab22b5231cbb61d5b87ctree | snapshot
parentfa476fe13255d0360f18528e864540d927560f66commit | diff
bpo-40932: Note security caveat of shlex.quote on Windows (GH-21502)

Added a note in the `subprocess` docs that recommend using `shlex.quote` without mentioning that this is only applicable to Unix.

Also added a warning straight into the `shlex` docs since it only says "for simple syntaxes resembling that of the Unix shell" and says using `quote` plugs the security hole without mentioning this important caveat.
Doc/library/shlex.rst diff | blob | blame | history
Doc/library/subprocess.rst diff | blob | blame | history
Mirror of https://github.com/python/cpython.git