How to check client shutdown?

[Paul Pittlerson]

> MAJOR security issue here. You are taking data from a networked source
> 
> and running it through a trusting system (pickle). This is NOT
> 
> recommended.
> 

Security issue!? Do you mean someone could enter devious python h4xx into the chat or something? I had no idea using pickle was so dangerous, but I don't know any other method of transmitting data in python :(



> Also: You're using a stream socket, and depending - I think - on
> 
> getting an entire message in a single read() call. This is definitely
> 
> not guaranteed, though when you're working with localhost it's likely
> 
> to be true. To make this reliable, you'll need to do something like
> 
> prefix the message with its length (eg a Hollerith string), or use
> 
> some system like JSON that lets you detect the end of the message.
> 

I'm guessing the fix is to have a separate thread which only job is to send info about the size of the next data transmission. What is the actual downside of having the server set to anticipate a message length which is known to be more than will be sent (or be allowed to be sent?), for example connection.recv(10000). Does not the receiver know the size after the fact? Is it impacting performance somehow (I haven't noticed anything in my tests)