Felipe Rodrigues <fel...@felipevr.com> added the comment: Well, even if we do fix some security issues in SimpleHTTPServer, it doesn't change the fact that it shouldn't really be used for sensitive applications. I like how Django docs handles a similar issue regarding their development server (https://docs.djangoproject.com/en/2.1/ref/django-admin/#runserver)
> DO NOT USE THIS SERVER IN A PRODUCTION SETTING. It has not gone through > security audits or performance tests. (And that’s how it’s gonna stay. We’re > in the business of making Web frameworks, not Web servers, so improving this > server to be able to handle a production environment is outside the scope of > Django.) I think that the same philosophy applies to SimpleHTTPServer. If the warning should be add to the docs, I'll be glad to issue an PR fixing it! ---------- nosy: +fbidu _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue34576> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com