[Python-Dev] Should urlencode() sort the query parameters (if they come from a dict)?
Stephen J. Turnbull
stephen at xemacs.org
Sat Aug 18 07:23:13 CEST 2012
Joao S. O. Bueno writes:
> I don't think this behavior is only desirable to unit tests: having
> URL's been formed in predictable way a good thing in any way one
> thinks about it.
Especially if you're a hacker. One more thing you may be able to use
against careless sites that don't expect the unexpected to occur in
URLs.
I'm not saying this is a bad thing, but we should remember that the
whole point of PYTHONHASHSEED is that regularities can be exploited
for devious and malicious purposes, and reducing regularity makes many
attacks more difficult. "*Any* way one thinks about it" is far too
strong a claim.
Steve
More information about the Python-Dev
mailing list