#32725 closed Uncategorized (duplicate)
Release notes for 2.2.21 are incomplete, or the code is too strict
Reported by: | Ned Batchelder | Owned by: | nobody |
---|---|---|---|
Component: | Uncategorized | Version: | 2.2 |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Pull Requests: | How to create a pull request | ||
Description (last modified by ) ¶
It seems to me that the release note for 2.2.21 is incomplete. It says, "Specifically, empty file names and paths with dot segments will be
rejected."
But it's stricter than that: any path component causes the path to be rejected:
if name != os.path.basename(name): raise SuspiciousFileOperation("File name '%s' includes path elements" % name)
Is this level of strictness necessary?
Change History (5)
comment:1 by , 4 years ago
Description: | modified (diff) |
---|
comment:2 by , 4 years ago
Description: | modified (diff) |
---|
comment:3 by , 4 years ago
Description: | modified (diff) |
---|
comment:5 by , 4 years ago
Resolution: | → duplicate |
---|---|
Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Looks like this is a dup of #32718.