[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Roundup Robot
Roundup Robot added the comment: New changeset aa60b34d5200 by Steve Dower in branch '3.5': Issue #25005: Backout fix for #8232 because of use of unsafe subprocess.call(shell=True) https://hg.python.org/cpython/rev/aa60b34d5200 New changeset 7d320c3bf9c6 by Larry Hastings in branch '3.5': Merge

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Larry Hastings
Changes by Larry Hastings : -- resolution: -> fixed stage: -> resolved status: open -> closed ___ Python tracker ___ ___ Python-bugs

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Larry Hastings
Larry Hastings added the comment: Backout pull request merged, please forward-merge, thanks! -- ___ Python tracker ___ ___ Python-bugs

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Steve Dower
Steve Dower added the comment: PR is: https://bitbucket.org/larry/cpython350/pull-requests/20/issue-25005-backout-fix-for-8232-because/diff -- ___ Python tracker ___ ___

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Steve Dower
Steve Dower added the comment: I guess now I've been that definitive I'll go make you a PR :) If someone (perhaps Brandon?) is willing to thoroughly validate patch 1 we might be able to consider it for 3.5.1 (the only API change is to startfile() - the webbrowser API is already there, it just

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Steve Dower
Steve Dower added the comment: Rollback. I'm not 100% confident in patch 1 (too many things I can't predict) and with only a week it probably won't get enough testing to flush out other surprises. -- ___ Python tracker

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Larry Hastings
Larry Hastings added the comment: Well, so, what do you recommend I do here? -- ___ Python tracker ___ ___ Python-bugs-list mailing li

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Steve Dower
Steve Dower added the comment: Correct. os.startfile uses ShellExecute (https://msdn.microsoft.com/en-us/library/windows/desktop/bb762153.aspx), which is the same API that the shell uses for the 'start' command. So by using os.startfile we get the same behaviour, but we're calling in after th

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Larry Hastings
Larry Hastings added the comment: So, whatever the security hole is that subprocess.call(shell=True) leaves open, os.startfile() doesn't have? os.startfile() doesn't use a shell? (How does it find the full path to the executable?) -- ___ Python tr

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Steve Dower
Steve Dower added the comment: Oh, and the "start" is necessary because, while the Windows kernel can only resolve "chrome.exe" if it appears on PATH, the Windows shell has some other ways to resolve it. By using ShellExecute (via 'start' or startfile), we can let the OS find it rather than h

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Steve Dower
Steve Dower added the comment: To be more specific, with patch 1 applied: subprocess.call("start file a&b>x", shell=True) is equivalent to typing the following at a command prompt: start file a & b > x That is, "start file a" and then do "b", redirecting the output from "b" to a file named "

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Steve Dower
Steve Dower added the comment: subprocess with shell=True turns it into a "cmd.exe /C "start chrome.exe ..."" type command, which means the arguments will use shell parsing (e.g. > for redirection, & for multiple commands, etc.) "start" in cmd.exe behaves the same as os.startfile, but can also

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Larry Hastings
Larry Hastings added the comment: I want to ship something, but I don't think it'll be either of those patches in their current form. Maybe I'm dense, but I don't feel like I understand these patches. They have very different approaches. The first one attempts to rehabilitate the patch by ru

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread R. David Murray
R. David Murray added the comment: You have to ship one of them by ("one of them" being either the fix or the backout) in 3.5.0, Larry, otherwise you are introducing a security vulnerability into 3.5 that doesn't exist in 3.4. If you don't ship it in rc3, then there's no chance that 3.5.0 wil

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Steve Dower
Steve Dower added the comment: Does that mean not shipping either of them in 3.5.0 at all? Do you need convincing or a simpler patch? -- ___ Python tracker ___ _

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Larry Hastings
Larry Hastings added the comment: Marking this as deferred, as I'm not convinced I should ship either of those patches in 3.5.0rc3. -- nosy: +larry ___ Python tracker ___ __

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-06 Thread Larry Hastings
Changes by Larry Hastings : -- priority: release blocker -> deferred blocker ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-05 Thread Steve Dower
Steve Dower added the comment: Patch 1 also requires a minor update to Doc\library\os.rst: -.. function:: startfile(path[, operation]) +.. function:: startfile(path[, operation[, arguments]]) ... +*arguments* is passed to the underlying :c:func:`ShellExecute` +call. Its format is determined by t

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-05 Thread Steve Dower
Steve Dower added the comment: Patch for backing out #8232's changes. -- Added file: http://bugs.python.org/file40376/25005_2.patch ___ Python tracker ___ ___

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-05 Thread Steve Dower
Steve Dower added the comment: Here's an alternative to backing out the change, and it's simpler than I expected when I said it would be too much for 3.5.0. We add an 'arguments' parameter to os.startfile and use that instead of subprocess.call(shell=True). The underlying ShellExecute call doe

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-04 Thread Steve Dower
Steve Dower added the comment: It'll have to be backed out. There may be a fix to salvage some of the functionality, but it's certainly too significant at this stage. -- ___ Python tracker

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-04 Thread R. David Murray
R. David Murray added the comment: Thank you for reporting this. I see that the Windows browser class uses shell=True, and that is wrong from a security standpoint. This appears to be a regression from 3.4, introduced by issue 8232. Since this is a security regression there either needs to b

[issue25005] webbrowser breaks on query strings with multiple fields on Windows

2015-09-04 Thread Brian Hou
New submission from Brian Hou: With Python 3.5.0rc2 (tested with both Git BASH and Cmder on Windows 8): $ python3 >>> import webbrowser >>> webbrowser.open_new('http://example.com/?a=1&b=2') 'b' is not recognized as an internal or external command, operable program or batch file. True The opene