Ronald Oussoren <ronaldousso...@mac.com> added the comment: I agree with Martin that the security problem would be in the application, not python itself.
Testing with isalpha is generally not the right thing to do anyway, it is much better to restrict input to a know-good set of data, such as by using regular expressions. For multi-byte encodings like UTF-8 you cannot rely on per-byte calls to isalpha anyway. The situation is even worse for an encoding like Shift-JIS where you need context to know if a byte is part of a multi-byte value. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue9335> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
