Fett a écrit :
On Aug 28, 7:57 pm, Paul Rubin <http://[EMAIL PROTECTED]> wrote:
So long story short: if I am expecting a dictionary of strings, I
should make a parser that only accepts a dictionary of strings then.
or use an existing parser for an existing and documented format, as many
posters (including myself) already suggested.
There is no safe way to use an existing construct.
Nothing coming from the outside world is safe.
That is what I was afraid of. I know I will have to deal with the
possibility of bad data, but considering my use (an acronym legend for
a database), and the fact that the site I plan to use should be
secure, these issues should be minimal.
If you feel like opening the door to any script-kiddie, then please
proceed. It's *your* computer, anyway...
Else, use a known format with a known working parser (xml, json, yaml,
csv, etc...), and possibly https if your data are to be protected.
--
http://mail.python.org/mailman/listinfo/python-list
