Python 2.7.8
python.orgRe: the arbitrary code execution in CGIHTTPServer.
CGIHTTPServer executes cgi files inside a folder specified at init. Its function for deciding what's inside the folder (to be executed) and what's outside (to be returned raw) is completely bust. If you urlencode the slashes you will confuse it enough to yield false negative/positive.
This means that if you are using CGIHTTPServer, anyone can execute anything that the web server was supposed to print, or get the source of any cgi script.
You should probably not be using CGIHTTPServer anyway. </PSA>
Somewhat related:
After nearly a year of very little activity, Jython finally has a 2.7 beta 2 version released recently, with a 2.7b3 release coming soon.
So, if you use Jython and you are sick of dealing with <=2.5 code, you should be in luck real soon.
They've really shinied up the web site since I last been there. I really like the ability to run Python in an interactive console on the home page too, with a live connection to an actual box on which you can actually run stuff.
Wasn't there a post on here a couple months back indicating the EOL for Python 2.7? Maybe it was "we'll release through 2.7.10, and that's it."
Edit: Found it here - https://news.ycombinator.com/item?id=7581434. Release will continue at least through 2015, support through 2020.
The website is new and rad since last time i visited
Yup its the result of a design competition. Old relevant post from HN: http://grokcode.com/746/dear-python-why-are-you-so-ugly/
While the process was competitive, it wasn't a "competition." There was a bidding process that several firms took part in.
That, and the end result can hardly be called good - maybe it is better, maybe not, hard to say even that, but definitely not good, unfortunately.
Yeah, I don't send people there anymore, sadly.
I'd like to add that I am the go-to person in my department (of 50 people) for all things python. I had a guy (a data scientist) ask me how to install and use python on his machine in the past hour...
I think this is the first popular Python post with a version number I've seen that doesn't have a lot of comments about the Python 2 vs 3 "battle".
That's because this was posted 1h ago, come back in a couple hours.
Until you made this comment..
Well, you know, that CGI HTTP Server issue would not have happened if we had finally moved onto Python 3! The community is very confusing to newcomers. We really should just move on and forget about Python 2.
Edit: :) to indicate sarcasm.
Seriously guys we're gonna drop 2.
--Many Releases Later--
Seriously guys we're gonna drop 2.
There is no battle. Python 2 is winning handily if there is, it's not even close.