Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / f9a8386e44a695551a1e54e709969e90e9b96bc4
commitf9a8386e44a695551a1e54e709969e90e9b96bc4[log] [tgz]
authorAmmar Askar <ammar@ammaraskar.com>Wed Nov 11 02:29:56 2020 -0500
committerGitHub <noreply@github.com>Tue Nov 10 23:29:56 2020 -0800
tree8388f4572c7ff038dd4dab22b5231cbb61d5b87c
parentfa476fe13255d0360f18528e864540d927560f66 [diff]
bpo-40932: Note security caveat of shlex.quote on Windows (GH-21502)



Added a note in the `subprocess` docs that recommend using `shlex.quote` without mentioning that this is only applicable to Unix. 

Also added a warning straight into the `shlex` docs since it only says "for simple syntaxes resembling that of the Unix shell" and says using `quote` plugs the security hole without mentioning this important caveat.
2 files changed
tree: 8388f4572c7ff038dd4dab22b5231cbb61d5b87c
  1. .azure-pipelines/
  2. .github/
  3. Doc/
  4. Grammar/
  5. Include/
  6. Lib/
  7. m4/
  8. Mac/
  9. Misc/
  10. Modules/
  11. Objects/
  12. Parser/
  13. PC/
  14. PCbuild/
  15. Programs/
  16. Python/
  17. Tools/
  18. .gitattributes
  19. .gitignore
  20. .travis.yml
  21. aclocal.m4
  22. CODE_OF_CONDUCT.md
  23. config.guess
  24. config.sub
  25. configure
  26. configure.ac
  27. install-sh
  28. LICENSE
  29. Makefile.pre.in
  30. netlify.toml
  31. pyconfig.h.in
  32. README.rst
  33. setup.py