If a url query has a field names that contain a dot (e.g. openid.assoc_handle), bad stuff happens.
For example: try http://www.object-craft.com.au/cgi-bin/alsamp/form4/form.py?funny.field=told+you+so
This can cause 2 problems:
- Some applications (e.g. OpenID) require fields with names like openid.something
Judging from the traceback, maybe there's even a way to inject bad stuff into the context this way