[albatross-users] python 2.2-ism in httpdapp
Andrew McNamara
andrewm at object-craft.com.au
Fri Sep 26 13:55:48 EST 2003
>httpdapp.py (in 1.10) does
> from urlparse import urlsplit
>which is a 2.2-ism and breaks on my 2.1 installation.
Ooooh - a 2.1 user! We were just about to break Albatross completely
for you. It's been pointed out that our use of MD5 hashes is insecure,
and that we should use HMAC, but the hmac module doesn't exist in 2.1.
I'm reluctant to have the code silently fallback to MD5 when 2.1 is used
because it gives people a false sense of security. We could include the
python hmac module in the albatross source, I guess?
Thoughts?
--
Andrew McNamara, Senior Developer, Object Craft
http://www.object-craft.com.au/
More information about the Albatross-users
mailing list