Quote:
Originally Posted by Sane
Can downloading textual content lead to any client-side side-effects?
|
You need to be careful about paths. Use os.path.join and os.path.basename etc. to make sure that the user doesn't enter in something like "../../somecoresystemfile".
Quote:
Originally Posted by Sane
Finally, can malicious code be pushed into urllib2.Request, such as the problem with eval with input?
|
Probably not.