Security/Safety question re: eval() and dicts
Raymond Hettinger
vze4rx4y at verizon.net
Sat Jan 25 21:51:22 EST 2003
"Paul Rubin" <phr-n2003b at NOSPAMnightsong.com> wrote in message
> andy <andy at eastonwest.co.uk> writes:
> > Currently, this is decoded by using
> >
> > dict=eval(request)
>
> Don't do that. Just send a bunch of name-value pairs instead.
Agreed!
Then create your dictionary with dict(itemlist) instead of eval().
Raymond Hettinger
More information about the Python-list
mailing list