It was proposed to add an warning for http.server regarding security
issues. The wording was provided at bpo-26005 by @orsenthil
(cherry picked from commit
1d26c72e6a9c5b28b27c158f2f196217707dbb0f)
Co-authored-by: Felipe Rodrigues <felipe@felipevr.com>
This module defines classes for implementing HTTP servers (Web servers).
+Security Considerations
+-----------------------
+
+http.server is meant for demo purposes and does not implement the stringent
+security checks needed of real HTTP server. We do not recommend
+using this module directly in production.
+
+
One class, :class:`HTTPServer`, is a :class:`socketserver.TCPServer` subclass.
It creates and listens at the HTTP socket, dispatching the requests to a
handler. Code to create and run the server looks like this::
projects / thirdparty / Python / cpython.git / commitdiff
