[issue34155] email.utils.parseaddr mistakenly parse an email
jpic
report at bugs.python.org
Wed Jul 3 08:10:34 EDT 2019
jpic <jpic at yourlabs.org> added the comment:
Thanks for the kind words Cyril, sorry that this patch doesn't address exactly the issue that you have described initially, but rather the security issue related to it.
The exception depending on the parsing issue is already supported by the new API, although it's just "Invalid Domain" for now. For user interfaces it would be nice to detail parse errors indeed. Again I wonder if this should be a separate issue.
Concerning the default behavior, @maxking will know but I would try to defend the "secure by default" paradigm if necessary, especially in the deprecated API. Meanwhile, I think it would create more value for Python to invest in feature development in the new API, that has a very nice private API but apparently lacks unit tests and documentation before becoming available to users.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue34155>
_______________________________________
More information about the Python-bugs-list
mailing list