Skip to content
Snippets Groups Projects
Unverified Commit 5c17dfc5 authored by Senthil Kumaran's avatar Senthil Kumaran Committed by GitHub
Browse files

[3.6] bpo-42967: only use '&' as a query string separator (GH-24297) (GH-24532)


bpo-42967: [security] Address a web cache-poisoning issue reported in
urllib.parse.parse_qsl().

urllib.parse will only us "&" as query string separator by default
instead of both ";" and "&" as allowed in earlier versions. An optional
argument seperator with default value "&" is added to specify the
separator.

Co-authored-by: default avatarÉric Araujo <merwok@netwok.org>
Co-authored-by: default avatarKen Jin <28750310+Fidget-Spinner@users.noreply.github.com>
Co-authored-by: default avatarAdam Goldschmidt <adamgold7@gmail.com>
parent 34df10a9
No related branches found
No related tags found
No related merge requests found
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment