Security/Safety question re: eval() and dicts

Raymond Hettinger vze4rx4y at verizon.net
Sat Jan 25 21:51:22 EST 2003

Previous message (by thread): Security/Safety question re: eval() and dicts
Next message (by thread): wxMenuBar
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Paul Rubin" <phr-n2003b at NOSPAMnightsong.com> wrote in message
> andy <andy at eastonwest.co.uk> writes:
> > Currently, this is decoded by using
> >
> >     dict=eval(request)
>
> Don't do that.  Just send a bunch of name-value pairs instead.

Agreed!

Then create your dictionary with dict(itemlist) instead of eval().


Raymond Hettinger

Previous message (by thread): Security/Safety question re: eval() and dicts
Next message (by thread): wxMenuBar
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-list mailing list