Blame - Lib/cgi.py - platform/external/python/cpython2

1996-03-06 07:20:06 +0000

[diff] [blame]

12

"""Support module for CGI (Common Gateway Interface) scripts.

Guido van Rossum

1c9daa8

1995-09-18 21:52:37 +0000

[diff] [blame]

13

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

14

This module defines a number of utilities for use by CGI scripts

15

written in Python.

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

16

"""

17

Jeremy Hylton

c253d9a

2000-08-03 20:57:44 +0000

[diff] [blame]

18

# XXX Perhaps there should be a slimmed version that doesn't contain

19

# all those backwards compatible and debugging classes and functions?

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

20

21

# History

22

# -------

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

23

#

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

24

# Michael McLay started this module. Steve Majewski changed the

25

# interface to SvFormContentDict and FormContentDict. The multipart

26

# parsing was inspired by code submitted by Andreas Paepcke. Guido van

27

# Rossum rewrote, reformatted and documented the module and is currently

28

# responsible for its maintenance.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

29

#

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

30

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

31

__version__ = "2.6"

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

32

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Imports

# =======

Raymond Hettinger

2004-12-31 21:59:02 +0000

[diff] [blame]

37

from operator import attrgetter

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

38

import sys

39

import os

Guido van Rossum

a5e9fb6

1997-08-12 18:18:13 +0000

[diff] [blame]

40

import urllib

Moshe Zadka

2000-08-25 21:47:56 +0000

[diff] [blame]

41

import UserDict

Facundo Batista

2008-09-03 22:35:50 +0000

[diff] [blame]

42

import urlparse

43

44

from warnings import filterwarnings, catch_warnings, warn

Brett Cannon

1eaf074

2008-09-02 01:25:16 +0000

[diff] [blame]

45

with catch_warnings():

46

if sys.py3kwarning:

47

filterwarnings("ignore", ".*mimetools has been removed",

48

DeprecationWarning)

Brett Cannon

721b145

2008-08-16 22:00:27 +0000

[diff] [blame]

49

import mimetools

Brett Cannon

1eaf074

2008-09-02 01:25:16 +0000

[diff] [blame]

50

if sys.py3kwarning:

51

filterwarnings("ignore", ".*rfc822 has been removed", DeprecationWarning)

Brett Cannon

721b145

2008-08-16 22:00:27 +0000

[diff] [blame]

52

import rfc822

53

Raymond Hettinger

a617271

2004-12-31 19:15:26 +0000

[diff] [blame]

54

try:

55

from cStringIO import StringIO

56

except ImportError:

57

from StringIO import StringIO

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

58

Guido van Rossum

a8423a9

2001-03-19 13:40:44 +0000

[diff] [blame]

59

__all__ = ["MiniFieldStorage", "FieldStorage", "FormContentDict",

60

"SvFormContentDict", "InterpFormContentDict", "FormContent",

61

"parse", "parse_qs", "parse_qsl", "parse_multipart",

62

"parse_header", "print_exception", "print_environ",

63

"print_form", "print_directory", "print_arguments",

64

"print_environ_usage", "escape"]

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

# Logging support

# ===============

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

69

logfile = "" # Filename to log to, if not empty

70

logfp = None # File object to log to, if not None

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

71

72

def initlog(*allargs):

73

"""Write a log message, if there is a log file.

74

75

Even though this function is called initlog(), you should always

76

use log(); log is a variable that is set either to initlog

77

(initially), to dolog (once the log file has been opened), or to

78

nolog (when logging is disabled).

79

80

The first argument is a format string; the remaining arguments (if

81

any) are arguments to the % operator, so e.g.

82

log("%s: %s", "a", "b")

83

will write "a: b" to the log file, followed by a newline.

84

85

If the global logfp is not None, it should be a file object to

86

which log data is written.

87

88

If the global logfp is None, the global logfile may be a string

89

giving a filename to open, in append mode. This file should be

90

world writable!!! If the file can't be opened, logging is

91

silently disabled (since there is no safe place where we could

92

send an error message).

"""

global logfp, log

if logfile and not logfp:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

97

try:

98

logfp = open(logfile, "a")

99

except IOError:

100

pass

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

101

if not logfp:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

102

log = nolog

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

103

else:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

104

log = dolog

Guido van Rossum

68468eb

2003-02-27 20:14:51 +0000

[diff] [blame]

105

log(*allargs)

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

106

107

def dolog(fmt, *args):

108

"""Write a log message to the log file. See initlog() for docs."""

109

logfp.write(fmt%args + "\n")

110

111

def nolog(*allargs):

112

"""Dummy function, assigned to log when logging is disabled."""

113

pass

114

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

115

log = initlog # The current logging function

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

116

117

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Parsing functions

# =================

Guido van Rossum

1997-05-13 19:03:23 +0000

[diff] [blame]

121

# Maximum input we will accept when REQUEST_METHOD is POST

122

# 0 ==> unlimited input

123

maxlen = 0

124

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

125

def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

126

"""Parse a query in the environment or from a file (default stdin)

127

128

Arguments, all optional:

129

130

fp : file pointer; default: sys.stdin

131

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

132

environ : environment dictionary; default: os.environ

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

133

134

keep_blank_values: flag indicating whether blank values in

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

135

URL encoded forms should be treated as blank strings.

136

A true value indicates that blanks should be retained as

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

137

blank strings. The default false value indicates that

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

138

blank values are to be ignored and treated as if they were

139

not included.

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

140

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

141

strict_parsing: flag indicating what to do with parsing errors.

142

If false (the default), errors are silently ignored.

143

If true, errors raise a ValueError exception.

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

144

"""

Raymond Hettinger

a144900

2002-05-31 23:54:44 +0000

[diff] [blame]

145

if fp is None:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

146

fp = sys.stdin

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

147

if not 'REQUEST_METHOD' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

148

environ['REQUEST_METHOD'] = 'GET' # For testing stand-alone

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

149

if environ['REQUEST_METHOD'] == 'POST':

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

150

ctype, pdict = parse_header(environ['CONTENT_TYPE'])

151

if ctype == 'multipart/form-data':

152

return parse_multipart(fp, pdict)

153

elif ctype == 'application/x-www-form-urlencoded':

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

154

clength = int(environ['CONTENT_LENGTH'])

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

155

if maxlen and clength > maxlen:

156

raise ValueError, 'Maximum content length exceeded'

157

qs = fp.read(clength)

158

else:

159

qs = '' # Unknown content-type

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

160

if 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

161

if qs: qs = qs + '&'

162

qs = qs + environ['QUERY_STRING']

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

163

elif sys.argv[1:]:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

164

if qs: qs = qs + '&'

165

qs = qs + sys.argv[1]

166

environ['QUERY_STRING'] = qs # XXX Shouldn't, really

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

167

elif 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

168

qs = environ['QUERY_STRING']

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

169

else:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

if sys.argv[1:]:

qs = sys.argv[1]

else:

qs = ""

environ['QUERY_STRING'] = qs # XXX Shouldn't, really

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

175

return parse_qs(qs, keep_blank_values, strict_parsing)

Guido van Rossum

e780877

1995-08-07 20:12:09 +0000

[diff] [blame]

176

177

Facundo Batista

2008-09-03 22:35:50 +0000

[diff] [blame]

178

# parse query string function called from urlparse,

179

# this is done in order to maintain backward compatiblity.

180

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

181

def parse_qs(qs, keep_blank_values=0, strict_parsing=0):

Facundo Batista

2008-09-03 22:35:50 +0000

[diff] [blame]

182

"""Parse a query given as a string argument."""

183

warn("cgi.parse_qs is deprecated, use urlparse.parse_qs \

184

instead",PendingDeprecationWarning)

185

return urlparse.parse_qs(qs, keep_blank_values, strict_parsing)

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

186

Guido van Rossum

1946f0d

1999-06-04 17:54:39 +0000

[diff] [blame]

187

188

def parse_qsl(qs, keep_blank_values=0, strict_parsing=0):

Facundo Batista

2008-09-03 22:35:50 +0000

[diff] [blame]

189

"""Parse a query given as a string argument."""

190

warn("cgi.parse_qsl is deprecated, use urlparse.parse_qsl instead",

191

PendingDeprecationWarning)

Facundo Batista

ace0bcf

2008-09-08 00:20:28 +0000

[diff] [blame]

192

return urlparse.parse_qsl(qs, keep_blank_values, strict_parsing)

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

193

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

194

def parse_multipart(fp, pdict):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

195

"""Parse multipart input.

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

196

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

197

Arguments:

198

fp : input file

Johannes Gijsbers

c7fc10a

2005-01-08 13:56:36 +0000

[diff] [blame]

199

pdict: dictionary containing other parameters of content-type header

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

200

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

201

Returns a dictionary just like parse_qs(): keys are the field names, each

202

value is a list of values for that field. This is easy to use but not

203

much good if you are expecting megabytes to be uploaded -- in that case,

204

use the FieldStorage class instead which is much more flexible. Note

205

that content-type is the raw, unparsed contents of the content-type

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

206

header.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

207

208

XXX This does not parse nested multipart parts -- use FieldStorage for

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

209

that.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

210

211

XXX This should really be subsumed by FieldStorage altogether -- no

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

212

point in having two implementations of the same parsing algorithm.

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

213

Also, FieldStorage protects itself better against certain DoS attacks

214

by limiting the size of the data read in one chunk. The API here

215

does not support that kind of protection. This also affects parse()

216

since it can call parse_multipart().

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

217

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

218

"""

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

219

boundary = ""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

220

if 'boundary' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

221

boundary = pdict['boundary']

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

222

if not valid_boundary(boundary):

Walter Dörwald

2004-02-12 17:35:32 +0000

[diff] [blame]

223

raise ValueError, ('Invalid boundary in multipart form: %r'

224

% (boundary,))

Tim Peters

ab9ba27

2001-08-09 21:40:30 +0000

[diff] [blame]

225

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

226

nextpart = "--" + boundary

227

lastpart = "--" + boundary + "--"

partdict = {}

terminator = ""

while terminator != lastpart:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

bytes = -1

data = None

if terminator:

# At start of next part. Read headers first.

Armin Rigo

3a703b6

2005-09-19 09:11:04 +0000

[diff] [blame]

236

headers = mimetools.Message(fp)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

237

clength = headers.getheader('content-length')

238

if clength:

239

try:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

240

bytes = int(clength)

241

except ValueError:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

242

pass

243

if bytes > 0:

244

if maxlen and bytes > maxlen:

245

raise ValueError, 'Maximum content length exceeded'

246

data = fp.read(bytes)

247

else:

248

data = ""

249

# Read lines until end of part.

lines = []

while 1:

line = fp.readline()

if not line:

terminator = lastpart # End outer loop

255

break

256

if line[:2] == "--":

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

257

terminator = line.strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

258

if terminator in (nextpart, lastpart):

break

lines.append(line)

# Done with part.

if data is None:

continue

if bytes < 0:

if lines:

# Strip final line terminator

267

line = lines[-1]

268

if line[-2:] == "\r\n":

269

line = line[:-2]

270

elif line[-1:] == "\n":

271

line = line[:-1]

272

lines[-1] = line

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

273

data = "".join(lines)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

274

line = headers['content-disposition']

275

if not line:

276

continue

277

key, params = parse_header(line)

278

if key != 'form-data':

279

continue

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

280

if 'name' in params:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

281

name = params['name']

282

else:

283

continue

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

284

if name in partdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

285

partdict[name].append(data)

286

else:

287

partdict[name] = [data]

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

288

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

289

return partdict

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

290

291

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

292

def parse_header(line):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

293

"""Parse a Content-type like header.

294

295

Return the main content-type and a dictionary of options.

296

297

"""

Raymond Hettinger

f871d83

2004-12-31 21:59:02 +0000

[diff] [blame]

298

plist = [x.strip() for x in line.split(';')]

Raymond Hettinger

46ac8eb

2002-06-30 03:39:14 +0000

[diff] [blame]

299

key = plist.pop(0).lower()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

300

pdict = {}

301

for p in plist:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

302

i = p.find('=')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

303

if i >= 0:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

304

name = p[:i].strip().lower()

305

value = p[i+1:].strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

306

if len(value) >= 2 and value[0] == value[-1] == '"':

307

value = value[1:-1]

Johannes Gijsbers

9e15dd6

2004-08-14 15:39:34 +0000

[diff] [blame]

308

value = value.replace('\\\\', '\\').replace('\\"', '"')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

309

pdict[name] = value

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

310

return key, pdict

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

311

312

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

313

# Classes for field storage

314

# =========================

315

316

class MiniFieldStorage:

317

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

318

"""Like FieldStorage, for use when no file uploads are possible."""

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

319

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

# Dummy attributes

filename = None

list = None

type = None

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

324

file = None

Guido van Rossum

4032c2c

1996-03-09 04:04:35 +0000

[diff] [blame]

325

type_options = {}

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

326

disposition = None

327

disposition_options = {}

328

headers = {}

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

329

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

330

def __init__(self, name, value):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

331

"""Constructor from field name and value."""

332

self.name = name

333

self.value = value

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

334

# self.file = StringIO(value)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

335

336

def __repr__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

337

"""Return printable representation."""

Walter Dörwald

2004-02-12 17:35:32 +0000

[diff] [blame]

338

return "MiniFieldStorage(%r, %r)" % (self.name, self.value)

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

class FieldStorage:

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

343

"""Store a sequence of fields, reading multipart/form-data.

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

344

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

345

This class provides naming, typing, files stored on disk, and

346

more. At the top level, it is accessible like a dictionary, whose

347

keys are the field names. (Note: None can occur as a field name.)

348

The items are either a Python list (if there's multiple values) or

349

another FieldStorage or MiniFieldStorage object. If it's a single

350

object, it has the following attributes:

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

351

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

352

name: the field name, if specified; otherwise None

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

353

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

354

filename: the filename, if specified; otherwise None; this is the

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

355

client side filename, *not* the file name on which it is

356

stored (that's a temporary file you don't deal with)

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

357

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

358

value: the value as a *string*; for file uploads, this

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

359

transparently reads the file every time you request the value

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

360

361

file: the file(-like) object from which you can read the data;

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

362

None if the data is stored a simple string

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

363

364

type: the content-type, or None if not specified

365

366

type_options: dictionary of options specified on the content-type

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

367

line

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

368

369

disposition: content-disposition, or None if not specified

370

371

disposition_options: dictionary of corresponding options

372

Armin Rigo

3a703b6

2005-09-19 09:11:04 +0000

[diff] [blame]

373

headers: a dictionary(-like) object (sometimes rfc822.Message or a

374

subclass thereof) containing *all* headers

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

375

376

The class is subclassable, mostly for the purpose of overriding

377

the make_file() method, which is called internally to come up with

378

a file open for reading and writing. This makes it possible to

379

override the default choice of storing all files in a temporary

380

directory and unlinking them as soon as they have been opened.

"""

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

384

def __init__(self, fp=None, headers=None, outerboundary="",

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

385

environ=os.environ, keep_blank_values=0, strict_parsing=0):

386

"""Constructor. Read multipart/* until last part.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

387

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

388

Arguments, all optional:

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

389

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

390

fp : file pointer; default: sys.stdin

Guido van Rossum

b1b4f94

1998-05-08 19:55:51 +0000

[diff] [blame]

391

(not used when the request method is GET)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

392

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

393

headers : header dictionary-like object; default:

394

taken from environ as per CGI spec

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

395

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

396

outerboundary : terminating multipart boundary

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

397

(for internal use only)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

398

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

399

environ : environment dictionary; default: os.environ

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

400

401

keep_blank_values: flag indicating whether blank values in

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

402

URL encoded forms should be treated as blank strings.

403

A true value indicates that blanks should be retained as

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

404

blank strings. The default false value indicates that

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

405

blank values are to be ignored and treated as if they were

406

not included.

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

407

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

408

strict_parsing: flag indicating what to do with parsing errors.

409

If false (the default), errors are silently ignored.

410

If true, errors raise a ValueError exception.

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

411

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

412

"""

413

method = 'GET'

414

self.keep_blank_values = keep_blank_values

415

self.strict_parsing = strict_parsing

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

416

if 'REQUEST_METHOD' in environ:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

417

method = environ['REQUEST_METHOD'].upper()

Facundo Batista

2008-06-21 18:58:04 +0000

[diff] [blame]

418

self.qs_on_post = None

Guido van Rossum

0185283

1998-06-25 02:40:17 +0000

[diff] [blame]

419

if method == 'GET' or method == 'HEAD':

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

420

if 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

421

qs = environ['QUERY_STRING']

elif sys.argv[1:]:

qs = sys.argv[1]

else:

qs = ""

fp = StringIO(qs)

if headers is None:

headers = {'content-type':

429

"application/x-www-form-urlencoded"}

430

if headers is None:

Guido van Rossum

cff311a

1998-06-11 14:06:59 +0000

[diff] [blame]

431

headers = {}

432

if method == 'POST':

433

# Set default content-type for POST to what's traditional

434

headers['content-type'] = "application/x-www-form-urlencoded"

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

435

if 'CONTENT_TYPE' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

436

headers['content-type'] = environ['CONTENT_TYPE']

Facundo Batista

2008-06-21 18:58:04 +0000

[diff] [blame]

437

if 'QUERY_STRING' in environ:

438

self.qs_on_post = environ['QUERY_STRING']

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

439

if 'CONTENT_LENGTH' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

440

headers['content-length'] = environ['CONTENT_LENGTH']

441

self.fp = fp or sys.stdin

442

self.headers = headers

443

self.outerboundary = outerboundary

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

444

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

445

# Process content-disposition header

446

cdisp, pdict = "", {}

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

447

if 'content-disposition' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

448

cdisp, pdict = parse_header(self.headers['content-disposition'])

449

self.disposition = cdisp

450

self.disposition_options = pdict

451

self.name = None

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

452

if 'name' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

453

self.name = pdict['name']

454

self.filename = None

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

455

if 'filename' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

456

self.filename = pdict['filename']

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

457

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

458

# Process content-type header

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

459

#

460

# Honor any existing content-type header. But if there is no

461

# content-type header, use some sensible defaults. Assume

462

# outerboundary is "" at the outer level, but something non-false

463

# inside a multi-part. The default for an inner part is text/plain,

464

# but for an outer part it should be urlencoded. This should catch

465

# bogus clients which erroneously forget to include a content-type

466

# header.

467

#

468

# See below for what we do if there does exist a content-type header,

469

# but it happens to be something we don't understand.

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

470

if 'content-type' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

471

ctype, pdict = parse_header(self.headers['content-type'])

Guido van Rossum

ce900de

1999-06-02 18:44:22 +0000

[diff] [blame]

472

elif self.outerboundary or method != 'POST':

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

473

ctype, pdict = "text/plain", {}

474

else:

475

ctype, pdict = 'application/x-www-form-urlencoded', {}

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

476

self.type = ctype

477

self.type_options = pdict

478

self.innerboundary = ""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

479

if 'boundary' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

480

self.innerboundary = pdict['boundary']

481

clen = -1

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

482

if 'content-length' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

483

try:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

484

clen = int(self.headers['content-length'])

Skip Montanaro

db5d144

2002-03-23 05:50:17 +0000

[diff] [blame]

485

except ValueError:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

486

pass

487

if maxlen and clen > maxlen:

488

raise ValueError, 'Maximum content length exceeded'

489

self.length = clen

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

490

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

491

self.list = self.file = None

492

self.done = 0

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

493

if ctype == 'application/x-www-form-urlencoded':

494

self.read_urlencoded()

495

elif ctype[:10] == 'multipart/':

Guido van Rossum

f574500

1998-10-20 14:43:02 +0000

[diff] [blame]

496

self.read_multi(environ, keep_blank_values, strict_parsing)

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

497

else:

Guido van Rossum

60a3bd8

1999-06-11 18:26:09 +0000

[diff] [blame]

498

self.read_single()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

499

500

def __repr__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

501

"""Return a printable representation."""

Walter Dörwald

2004-02-12 17:35:32 +0000

[diff] [blame]

502

return "FieldStorage(%r, %r, %r)" % (

503

self.name, self.filename, self.value)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

504

Guido van Rossum

4061cbe

2002-09-11 18:20:34 +0000

[diff] [blame]

505

def __iter__(self):

506

return iter(self.keys())

507

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

508

def __getattr__(self, name):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

509

if name != 'value':

510

raise AttributeError, name

511

if self.file:

512

self.file.seek(0)

513

value = self.file.read()

514

self.file.seek(0)

515

elif self.list is not None:

value = self.list

else:

value = None

return value

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

520

521

def __getitem__(self, key):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

522

"""Dictionary style indexing."""

523

if self.list is None:

524

raise TypeError, "not indexable"

525

found = []

526

for item in self.list:

527

if item.name == key: found.append(item)

if not found:

raise KeyError, key

if len(found) == 1:

return found[0]

else:

return found

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

534

Moshe Zadka

2000-08-25 21:47:56 +0000

[diff] [blame]

535

def getvalue(self, key, default=None):

536

"""Dictionary style get() method, including 'value' lookup."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

537

if key in self:

Moshe Zadka

2000-08-25 21:47:56 +0000

[diff] [blame]

538

value = self[key]

539

if type(value) is type([]):

Raymond Hettinger

f871d83

2004-12-31 21:59:02 +0000

[diff] [blame]

540

return map(attrgetter('value'), value)

Moshe Zadka

2000-08-25 21:47:56 +0000

[diff] [blame]

else:

return value.value

else:

return default

Guido van Rossum

2001-09-05 19:45:34 +0000

[diff] [blame]

546

def getfirst(self, key, default=None):

547

""" Return the first value received."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

548

if key in self:

Guido van Rossum

1bfb388

2001-09-05 19:45:34 +0000

[diff] [blame]

549

value = self[key]

550

if type(value) is type([]):

551

return value[0].value

else:

return value.value

else:

return default

def getlist(self, key):

558

""" Return list of received values."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

559

if key in self:

Guido van Rossum

1bfb388

2001-09-05 19:45:34 +0000

[diff] [blame]

560

value = self[key]

561

if type(value) is type([]):

Raymond Hettinger

f871d83

2004-12-31 21:59:02 +0000

[diff] [blame]

562

return map(attrgetter('value'), value)

Guido van Rossum

1bfb388

2001-09-05 19:45:34 +0000

[diff] [blame]

else:

return [value.value]

else:

return []

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

568

def keys(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

569

"""Dictionary style keys() method."""

570

if self.list is None:

571

raise TypeError, "not indexable"

Georg Brandl

2007-09-20 16:06:07 +0000

[diff] [blame]

572

return list(set(item.name for item in self.list))

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

573

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

574

def has_key(self, key):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

575

"""Dictionary style has_key() method."""

576

if self.list is None:

577

raise TypeError, "not indexable"

Georg Brandl

2007-09-20 16:06:07 +0000

[diff] [blame]

578

return any(item.name == key for item in self.list)

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

579

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

580

def __contains__(self, key):

581

"""Dictionary style __contains__ method."""

582

if self.list is None:

583

raise TypeError, "not indexable"

Georg Brandl

2007-09-20 16:06:07 +0000

[diff] [blame]

584

return any(item.name == key for item in self.list)

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

585

Guido van Rossum

88b85d4

1997-01-11 19:21:33 +0000

[diff] [blame]

586

def __len__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

587

"""Dictionary style len(x) support."""

588

return len(self.keys())

Guido van Rossum

88b85d4

1997-01-11 19:21:33 +0000

[diff] [blame]

589

Georg Brandl

2007-09-20 16:06:07 +0000

[diff] [blame]

590

def __nonzero__(self):

591

return bool(self.list)

592

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

593

def read_urlencoded(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

594

"""Internal: read data in query string format."""

595

qs = self.fp.read(self.length)

Facundo Batista

2008-06-21 18:58:04 +0000

[diff] [blame]

596

if self.qs_on_post:

597

qs += '&' + self.qs_on_post

Guido van Rossum

1946f0d

1999-06-04 17:54:39 +0000

[diff] [blame]

598

self.list = list = []

Facundo Batista

2008-09-03 22:35:50 +0000

[diff] [blame]

599

for key, value in urlparse.parse_qsl(qs, self.keep_blank_values,

600

self.strict_parsing):

Guido van Rossum

1946f0d

1999-06-04 17:54:39 +0000

[diff] [blame]

601

list.append(MiniFieldStorage(key, value))

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

602

self.skip_lines()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

603

Guido van Rossum

1998-12-09 22:16:46 +0000

[diff] [blame]

604

FieldStorageClass = None

605

Guido van Rossum

f574500

1998-10-20 14:43:02 +0000

[diff] [blame]

606

def read_multi(self, environ, keep_blank_values, strict_parsing):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

607

"""Internal: read a part that is itself multipart."""

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

608

ib = self.innerboundary

609

if not valid_boundary(ib):

Walter Dörwald

2004-02-12 17:35:32 +0000

[diff] [blame]

610

raise ValueError, 'Invalid boundary in multipart form: %r' % (ib,)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

611

self.list = []

Facundo Batista

2008-06-21 18:58:04 +0000

[diff] [blame]

612

if self.qs_on_post:

Facundo Batista

2008-09-03 22:35:50 +0000

[diff] [blame]

613

for key, value in urlparse.parse_qsl(self.qs_on_post,

614

self.keep_blank_values, self.strict_parsing):

Facundo Batista

2008-06-21 18:58:04 +0000

[diff] [blame]

615

self.list.append(MiniFieldStorage(key, value))

616

FieldStorageClass = None

617

Guido van Rossum

1998-12-09 22:16:46 +0000

[diff] [blame]

618

klass = self.FieldStorageClass or self.__class__

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

619

part = klass(self.fp, {}, ib,

Guido van Rossum

1998-12-09 22:16:46 +0000

[diff] [blame]

620

environ, keep_blank_values, strict_parsing)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

621

# Throw first part away

622

while not part.done:

Armin Rigo

3a703b6

2005-09-19 09:11:04 +0000

[diff] [blame]

623

headers = rfc822.Message(self.fp)

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

624

part = klass(self.fp, headers, ib,

Guido van Rossum

1998-12-09 22:16:46 +0000

[diff] [blame]

625

environ, keep_blank_values, strict_parsing)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

626

self.list.append(part)

627

self.skip_lines()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

628

629

def read_single(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

630

"""Internal: read an atomic part."""

if self.length >= 0:

self.read_binary()

self.skip_lines()

else:

self.read_lines()

self.file.seek(0)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

637

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

638

bufsize = 8*1024 # I/O buffering size for copy to file

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

639

640

def read_binary(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

641

"""Internal: read binary data."""

642

self.file = self.make_file('b')

todo = self.length

if todo >= 0:

while todo > 0:

data = self.fp.read(min(todo, self.bufsize))

if not data:

self.done = -1

break

self.file.write(data)

651

todo = todo - len(data)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

652

653

def read_lines(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

654

"""Internal: read lines until EOF or outerboundary."""

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

655

self.file = self.__file = StringIO()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

656

if self.outerboundary:

657

self.read_lines_to_outerboundary()

658

else:

659

self.read_lines_to_eof()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

660

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

661

def __write(self, line):

662

if self.__file is not None:

663

if self.__file.tell() + len(line) > 1000:

664

self.file = self.make_file('')

665

self.file.write(self.__file.getvalue())

666

self.__file = None

667

self.file.write(line)

668

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

669

def read_lines_to_eof(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

670

"""Internal: read lines until EOF."""

671

while 1:

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

672

line = self.fp.readline(1<<16)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

673

if not line:

674

self.done = -1

675

break

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

676

self.__write(line)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

677

678

def read_lines_to_outerboundary(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

679

"""Internal: read lines until outerboundary."""

680

next = "--" + self.outerboundary

681

last = next + "--"

682

delim = ""

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

683

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

684

while 1:

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

685

line = self.fp.readline(1<<16)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

686

if not line:

687

self.done = -1

688

break

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

689

if line[:2] == "--" and last_line_lfend:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

690

strippedline = line.strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

691

if strippedline == next:

692

break

693

if strippedline == last:

self.done = 1

break

odelim = delim

if line[-2:] == "\r\n":

698

delim = "\r\n"

699

line = line[:-2]

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

700

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

701

elif line[-1] == "\n":

702

delim = "\n"

703

line = line[:-1]

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

704

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

705

else:

706

delim = ""

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

707

last_line_lfend = False

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

708

self.__write(odelim + line)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

709

710

def skip_lines(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

711

"""Internal: skip lines until outer boundary if defined."""

712

if not self.outerboundary or self.done:

713

return

714

next = "--" + self.outerboundary

715

last = next + "--"

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

716

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

717

while 1:

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

718

line = self.fp.readline(1<<16)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

719

if not line:

720

self.done = -1

721

break

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

722

if line[:2] == "--" and last_line_lfend:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

723

strippedline = line.strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

724

if strippedline == next:

725

break

726

if strippedline == last:

727

self.done = 1

728

break

Guido van Rossum

2006-08-10 17:41:07 +0000

[diff] [blame]

729

last_line_lfend = line.endswith('\n')

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

730

Guido van Rossum

a5e9fb6

1997-08-12 18:18:13 +0000

[diff] [blame]

731

def make_file(self, binary=None):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

732

"""Overridable: return a readable & writable file.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

733

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

734

The file will be used as follows:

735

- data is written to it

736

- seek(0)

737

- data is read from it

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

738

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

739

The 'binary' argument is unused -- the file is always opened

740

in binary mode.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

741

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

742

This version opens a temporary file for reading and writing,

743

and immediately deletes (unlinks) it. The trick (on Unix!) is

744

that the file can still be used, but it can't be opened by

745

another process, and it will automatically be deleted when it

746

is closed or when the current process terminates.

Guido van Rossum

4032c2c

1996-03-09 04:04:35 +0000

[diff] [blame]

747

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

748

If you want a more permanent file, you derive a class which

749

overrides this method. If you want a visible temporary file

750

that is nevertheless automatically deleted when the script

751

terminates, try defining a __del__ method in a derived class

752

which unlinks the temporary files you have created.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

753

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

754

"""

755

import tempfile

756

return tempfile.TemporaryFile("w+b")

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

757

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

758

759

Guido van Rossum

4032c2c

1996-03-09 04:04:35 +0000

[diff] [blame]

760

# Backwards Compatibility Classes

761

# ===============================

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

762

Moshe Zadka

2000-08-25 21:47:56 +0000

[diff] [blame]

763

class FormContentDict(UserDict.UserDict):

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

764

"""Form content as dictionary with a list of values per field.

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

765

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

766

form = FormContentDict()

767

768

form[key] -> [value, value, ...]

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

769

key in form -> Boolean

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

770

form.keys() -> [key, key, ...]

771

form.values() -> [[val, val, ...], [val, val, ...], ...]

772

form.items() -> [(key, [val, val, ...]), (key, [val, val, ...]), ...]

773

form.dict == {key: [val, val, ...], ...}

774

775

"""

Georg Brandl

05b3c45

2006-09-30 10:58:01 +0000

[diff] [blame]

776

def __init__(self, environ=os.environ, keep_blank_values=0, strict_parsing=0):

777

self.dict = self.data = parse(environ=environ,

778

keep_blank_values=keep_blank_values,

779

strict_parsing=strict_parsing)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

780

self.query_string = environ['QUERY_STRING']

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

781

782

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

783

class SvFormContentDict(FormContentDict):

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

784

"""Form content as dictionary expecting a single value per field.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

785

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

786

If you only expect a single value for each field, then form[key]

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

787

will return that single value. It will raise an IndexError if

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

788

that expectation is not true. If you expect a field to have

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

789

possible multiple values, than you can use form.getlist(key) to

790

get all of the values. values() and items() are a compromise:

791

they return single strings where there is a single value, and

792

lists of strings otherwise.

793

794

"""

795

def __getitem__(self, key):

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

796

if len(self.dict[key]) > 1:

797

raise IndexError, 'expecting a single value'

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

798

return self.dict[key][0]

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

799

def getlist(self, key):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

800

return self.dict[key]

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

801

def values(self):

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

802

result = []

803

for value in self.dict.values():

804

if len(value) == 1:

805

result.append(value[0])

806

else: result.append(value)

807

return result

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

808

def items(self):

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

809

result = []

810

for key, value in self.dict.items():

811

if len(value) == 1:

812

result.append((key, value[0]))

813

else: result.append((key, value))

814

return result

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

815

816

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

817

class InterpFormContentDict(SvFormContentDict):

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

818

"""This class is present for backwards compatibility only."""

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

819

def __getitem__(self, key):

820

v = SvFormContentDict.__getitem__(self, key)

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

821

if v[0] in '0123456789+-.':

822

try: return int(v)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

823

except ValueError:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

824

try: return float(v)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

825

except ValueError: pass

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

826

return v.strip()

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

827

def values(self):

828

result = []

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

829

for key in self.keys():

830

try:

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

831

result.append(self[key])

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

832

except IndexError:

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

833

result.append(self.dict[key])

834

return result

835

def items(self):

836

result = []

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

837

for key in self.keys():

838

try:

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

839

result.append((key, self[key]))

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

840

except IndexError:

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

841

result.append((key, self.dict[key]))

842

return result

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

843

844

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

845

class FormContent(FormContentDict):

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

846

"""This class is present for backwards compatibility only."""

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

847

def values(self, key):

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

848

if key in self.dict :return self.dict[key]

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

849

else: return None

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

850

def indexed_value(self, key, location):

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

851

if key in self.dict:

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

852

if len(self.dict[key]) > location:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

853

return self.dict[key][location]

854

else: return None

855

else: return None

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

856

def value(self, key):

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

857

if key in self.dict: return self.dict[key][0]

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

858

else: return None

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

859

def length(self, key):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

860

return len(self.dict[key])

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

861

def stripped(self, key):

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

862

if key in self.dict: return self.dict[key][0].strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

863

else: return None

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

864

def pars(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

865

return self.dict

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

866

867

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

868

# Test/debug code

869

# ===============

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

870

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

871

def test(environ=os.environ):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

872

"""Robust test CGI script, usable as main program.

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

873

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

874

Write minimal HTTP headers and dump all information provided to

875

the script in HTML form.

876

877

"""

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

878

print "Content-type: text/html"

879

print

880

sys.stderr = sys.stdout

881

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

882

form = FieldStorage() # Replace with other classes to test those

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

883

print_directory()

884

print_arguments()

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

885

print_form(form)

886

print_environ(environ)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

887

print_environ_usage()

888

def f():

889

exec "testing print_exception() -- <I>italics?</I>"

890

def g(f=f):

891

f()

892

print "<H3>What follows is a test, not an actual exception:</H3>"

893

g()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

894

except:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

895

print_exception()

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

896

Guido van Rossum

57d51f2

2000-09-16 21:16:01 +0000

[diff] [blame]

897

print "<H1>Second try with a small maxlen...</H1>"

898

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

899

global maxlen

900

maxlen = 50

901

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

902

form = FieldStorage() # Replace with other classes to test those

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

903

print_directory()

904

print_arguments()

Guido van Rossum

2000-09-19 04:11:46 +0000

[diff] [blame]

905

print_form(form)

906

print_environ(environ)

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

907

except:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

908

print_exception()

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

909

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

910

def print_exception(type=None, value=None, tb=None, limit=None):

911

if type is None:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

912

type, value, tb = sys.exc_info()

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

913

import traceback

914

print

Guido van Rossum

7dd0696

2000-12-27 19:12:58 +0000

[diff] [blame]

915

print "<H3>Traceback (most recent call last):</H3>"

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

916

list = traceback.format_tb(tb, limit) + \

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

917

traceback.format_exception_only(type, value)

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

918

print "<PRE>%s<B>%s</B></PRE>" % (

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

919

escape("".join(list[:-1])),

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

920

escape(list[-1]),

921

)

Guido van Rossum

f15d159

1997-09-29 23:22:12 +0000

[diff] [blame]

922

del tb

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

923

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

924

def print_environ(environ=os.environ):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

925

"""Dump the shell environment as HTML."""

926

keys = environ.keys()

927

keys.sort()

928

print

Guido van Rossum

503e50b

1996-05-28 22:57:20 +0000

[diff] [blame]

929

print "<H3>Shell Environment:</H3>"

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

930

print "<DL>"

931

for key in keys:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

932

print "<DT>", escape(key), "<DD>", escape(environ[key])

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

933

print "</DL>"

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

934

print

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

935

936

def print_form(form):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

937

"""Dump the contents of a form as HTML."""

938

keys = form.keys()

939

keys.sort()

940

print

Guido van Rossum

503e50b

1996-05-28 22:57:20 +0000

[diff] [blame]

941

print "<H3>Form Contents:</H3>"

Guido van Rossum

57d51f2

2000-09-16 21:16:01 +0000

[diff] [blame]

942

if not keys:

943

print "<P>No form fields."

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

944

print "<DL>"

945

for key in keys:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

946

print "<DT>" + escape(key) + ":",

947

value = form[key]

Walter Dörwald

2004-02-12 17:35:32 +0000

[diff] [blame]

948

print "<i>" + escape(repr(type(value))) + "</i>"

949

print "<DD>" + escape(repr(value))

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

print "</DL>"

print

def print_directory():

954

"""Dump the current directory as HTML."""

955

print

956

print "<H3>Current Working Directory:</H3>"

957

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

958

pwd = os.getcwd()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

959

except os.error, msg:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

960

print "os.error:", escape(str(msg))

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

961

else:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

962

print escape(pwd)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

963

print

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

964

Guido van Rossum

a8738a5

1996-03-14 21:30:28 +0000

[diff] [blame]

965

def print_arguments():

966

print

Guido van Rossum

503e50b

1996-05-28 22:57:20 +0000

[diff] [blame]

967

print "<H3>Command Line Arguments:</H3>"

Guido van Rossum

a8738a5

1996-03-14 21:30:28 +0000

[diff] [blame]

print

print sys.argv

print

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

972

def print_environ_usage():

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

973

"""Dump a list of environment variables used by CGI as HTML."""

974

print """

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

975

<H3>These environment variables could have been set:</H3>

976

<UL>

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

<LI>AUTH_TYPE

<LI>CONTENT_LENGTH

<LI>CONTENT_TYPE

<LI>DATE_GMT

<LI>DATE_LOCAL

<LI>DOCUMENT_NAME

<LI>DOCUMENT_ROOT

<LI>DOCUMENT_URI

<LI>GATEWAY_INTERFACE

<LI>LAST_MODIFIED

<LI>PATH

<LI>PATH_INFO

<LI>PATH_TRANSLATED

<LI>QUERY_STRING

<LI>REMOTE_ADDR

<LI>REMOTE_HOST

<LI>REMOTE_IDENT

<LI>REMOTE_USER

<LI>REQUEST_METHOD

<LI>SCRIPT_NAME

<LI>SERVER_NAME

<LI>SERVER_PORT

<LI>SERVER_PROTOCOL

<LI>SERVER_ROOT

<LI>SERVER_SOFTWARE

</UL>

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

1003

In addition, HTTP headers sent by the server may be passed in the

1004

environment as well. Here are some common variable names:

<UL>

<LI>HTTP_ACCEPT

<LI>HTTP_CONNECTION

<LI>HTTP_HOST

<LI>HTTP_PRAGMA

<LI>HTTP_REFERER

<LI>HTTP_USER_AGENT

</UL>

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

1013

"""

1014

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

1015

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

1016

# Utilities

1017

# =========

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

1018

Guido van Rossum

64c6620

1997-07-19 20:11:53 +0000

[diff] [blame]

1019

def escape(s, quote=None):

Skip Montanaro

97b2fa2

2005-08-02 02:50:25 +0000

[diff] [blame]

1020

'''Replace special characters "&", "<" and ">" to HTML-safe sequences.

1021

If the optional flag quote is true, the quotation mark character (")

1022

is also translated.'''

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

1023

s = s.replace("&", "&") # Must be done first!

1024

s = s.replace("<", "<")

1025

s = s.replace(">", ">")

Guido van Rossum

64c6620

1997-07-19 20:11:53 +0000

[diff] [blame]

1026

if quote:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

1027

s = s.replace('"', """)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

1028

return s

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

1029

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

1030

def valid_boundary(s, _vb_pattern="^[ -~]{0,200}[!-~]$"):

1031

import re

1032

return re.match(_vb_pattern, s)

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

1033

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Invoke mainline

# ===============

# Call test() when this file is run as a script (not imported as a module)

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

1038

if __name__ == '__main__':

Guido van Rossum