Security/Safety question re: eval() and dicts

Paul Rubin phr-n2003b at NOSPAMnightsong.com
Sun Jan 26 02:17:48 CET 2003


andy <andy at eastonwest.co.uk> writes:
> Currently, this is decoded by using 
> 
>     dict=eval(request) 

Don't do that.  Just send a bunch of name-value pairs instead.  For
that matter, are already several modules included Python that do 
things like that.  XMLRPC might be a good choice.






More information about the Python-list mailing list