security

Links

urllib-security-vulnerability
On securing the CPython interpreter

Snippets

Urllib fix

import sys
import urllib2
import urlparse

class RedirectHandler(urllib2.HTTPRedirectHandler):
  """Custom redirect handler

  This handler will allow Redirects to http* scheme's. You might just want
  to disable all Redirect support instead by a simple return.
  """

  def redirect_request(self, req, fp, code, msg, headers, newurl):
    if newurl.startswith('http'):
      return urllib2.HTTPRedirectHandler.redirect_request(self, req, fp, code,
                                                          msg, headers, newurl)
    else:
      raise urllib2.URLError('Received non-HTTP redirect: %s' % newurl)


def main(name,url):
  opener = urllib2.build_opener(RedirectHandler)
  urllib2.install_opener(opener)
  print urllib2.urlopen(url).read()

if __name__ == '__main__':
  main(*sys.argv)