[Python-checkins] cpython (2.7): Fix typos and clear up one very odd bit of wording as pointed out by
benjamin.peterson
python-checkins at python.org
Sat Mar 30 15:37:39 CET 2013
http://hg.python.org/cpython/rev/7b6bff37259e
changeset: 83018:7b6bff37259e
branch: 2.7
user: Gregory P. Smith <greg at krypto.org>
date: Sat Mar 30 01:38:38 2013 -0700
summary:
Fix typos and clear up one very odd bit of wording as pointed out by
Ezio.
files:
Doc/library/xml.rst | 12 +++++++-----
1 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/Doc/library/xml.rst b/Doc/library/xml.rst
--- a/Doc/library/xml.rst
+++ b/Doc/library/xml.rst
@@ -108,20 +108,22 @@
defused packages
----------------
+These external packages are recommended for any code that parses
+untrusted XML data.
+
`defusedxml`_ is a pure Python package with modified subclasses of all stdlib
-XML parsers that prevent any potentially malicious operation. The courses of
-action are recommended for any server code that parses untrusted XML data. The
-package also ships with example exploits and an extended documentation on more
+XML parsers that prevent any potentially malicious operation. The
+package also ships with example exploits and extended documentation on more
XML exploits like xpath injection.
-`defusedexpat`_ provides a modified libexpat and patched replacment
+`defusedexpat`_ provides a modified libexpat and patched replacement
:mod:`pyexpat` extension module with countermeasures against entity expansion
DoS attacks. Defusedexpat still allows a sane and configurable amount of entity
expansions. The modifications will be merged into future releases of Python.
The workarounds and modifications are not included in patch releases as they
break backward compatibility. After all inline DTD and entity expansion are
-well-definied XML features.
+well-defined XML features.
.. _defusedxml: https://pypi.python.org/pypi/defusedxml/
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list