Blame - Lib/cgi.py - platform/external/python/cpython3

1996-03-06 07:20:06 +0000

[diff] [blame]

12

"""Support module for CGI (Common Gateway Interface) scripts.

Guido van Rossum

1c9daa8

1995-09-18 21:52:37 +0000

[diff] [blame]

13

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

14

This module defines a number of utilities for use by CGI scripts

15

written in Python.

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

16

"""

17

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

18

# History

19

# -------

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

20

#

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

21

# Michael McLay started this module. Steve Majewski changed the

22

# interface to SvFormContentDict and FormContentDict. The multipart

23

# parsing was inspired by code submitted by Andreas Paepcke. Guido van

24

# Rossum rewrote, reformatted and documented the module and is currently

25

# responsible for its maintenance.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

26

#

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

27

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

28

__version__ = "2.6"

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

29

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Imports

# =======

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

34

from io import StringIO, BytesIO, TextIOWrapper

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

35

import sys

36

import os

Jeremy Hylton

1afc169

2008-06-18 20:49:58 +0000

[diff] [blame]

37

import urllib.parse

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

38

from email.parser import FeedParser

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

39

from warnings import warn

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

40

import html

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

41

import locale

42

import tempfile

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

43

Georg Brandl

49d1b4f

2008-05-11 21:42:51 +0000

[diff] [blame]

44

__all__ = ["MiniFieldStorage", "FieldStorage",

Guido van Rossum

a8423a9

2001-03-19 13:40:44 +0000

[diff] [blame]

45

"parse", "parse_qs", "parse_qsl", "parse_multipart",

46

"parse_header", "print_exception", "print_environ",

47

"print_form", "print_directory", "print_arguments",

48

"print_environ_usage", "escape"]

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

# Logging support

# ===============

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

53

logfile = "" # Filename to log to, if not empty

54

logfp = None # File object to log to, if not None

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

55

56

def initlog(*allargs):

57

"""Write a log message, if there is a log file.

58

59

Even though this function is called initlog(), you should always

60

use log(); log is a variable that is set either to initlog

61

(initially), to dolog (once the log file has been opened), or to

62

nolog (when logging is disabled).

63

64

The first argument is a format string; the remaining arguments (if

65

any) are arguments to the % operator, so e.g.

66

log("%s: %s", "a", "b")

67

will write "a: b" to the log file, followed by a newline.

68

69

If the global logfp is not None, it should be a file object to

70

which log data is written.

71

72

If the global logfp is None, the global logfile may be a string

73

giving a filename to open, in append mode. This file should be

74

world writable!!! If the file can't be opened, logging is

75

silently disabled (since there is no safe place where we could

76

send an error message).

"""

global logfp, log

if logfile and not logfp:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

81

try:

82

logfp = open(logfile, "a")

83

except IOError:

84

pass

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

85

if not logfp:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

86

log = nolog

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

87

else:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

88

log = dolog

Guido van Rossum

68468eb

2003-02-27 20:14:51 +0000

[diff] [blame]

89

log(*allargs)

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

90

91

def dolog(fmt, *args):

92

"""Write a log message to the log file. See initlog() for docs."""

93

logfp.write(fmt%args + "\n")

94

95

def nolog(*allargs):

96

"""Dummy function, assigned to log when logging is disabled."""

97

pass

98

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

99

log = initlog # The current logging function

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

100

101

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Parsing functions

# =================

Guido van Rossum

1997-05-13 19:03:23 +0000

[diff] [blame]

105

# Maximum input we will accept when REQUEST_METHOD is POST

106

# 0 ==> unlimited input

107

maxlen = 0

108

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

109

def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

110

"""Parse a query in the environment or from a file (default stdin)

111

112

Arguments, all optional:

113

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

114

fp : file pointer; default: sys.stdin.buffer

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

115

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

116

environ : environment dictionary; default: os.environ

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

117

118

keep_blank_values: flag indicating whether blank values in

Senthil Kumaran

30e86a4

2010-08-09 20:01:35 +0000

[diff] [blame]

119

percent-encoded forms should be treated as blank strings.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

120

A true value indicates that blanks should be retained as

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

121

blank strings. The default false value indicates that

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

122

blank values are to be ignored and treated as if they were

123

not included.

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

124

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

125

strict_parsing: flag indicating what to do with parsing errors.

126

If false (the default), errors are silently ignored.

127

If true, errors raise a ValueError exception.

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

128

"""

Raymond Hettinger

a144900

2002-05-31 23:54:44 +0000

[diff] [blame]

129

if fp is None:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

130

fp = sys.stdin

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

131

132

# field keys and values (except for files) are returned as strings

133

# an encoding is required to decode the bytes read from self.fp

134

if hasattr(fp,'encoding'):

135

encoding = fp.encoding

else:

encoding = 'latin-1'

# fp.read() must return bytes

140

if isinstance(fp, TextIOWrapper):

141

fp = fp.buffer

142

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

143

if not 'REQUEST_METHOD' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

144

environ['REQUEST_METHOD'] = 'GET' # For testing stand-alone

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

145

if environ['REQUEST_METHOD'] == 'POST':

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

146

ctype, pdict = parse_header(environ['CONTENT_TYPE'])

147

if ctype == 'multipart/form-data':

148

return parse_multipart(fp, pdict)

149

elif ctype == 'application/x-www-form-urlencoded':

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

150

clength = int(environ['CONTENT_LENGTH'])

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

151

if maxlen and clength > maxlen:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

152

raise ValueError('Maximum content length exceeded')

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

153

qs = fp.read(clength).decode(encoding)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

154

else:

155

qs = '' # Unknown content-type

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

156

if 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

157

if qs: qs = qs + '&'

158

qs = qs + environ['QUERY_STRING']

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

159

elif sys.argv[1:]:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

160

if qs: qs = qs + '&'

161

qs = qs + sys.argv[1]

162

environ['QUERY_STRING'] = qs # XXX Shouldn't, really

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

163

elif 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

164

qs = environ['QUERY_STRING']

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

165

else:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

if sys.argv[1:]:

qs = sys.argv[1]

else:

qs = ""

environ['QUERY_STRING'] = qs # XXX Shouldn't, really

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

171

return urllib.parse.parse_qs(qs, keep_blank_values, strict_parsing,

172

encoding=encoding)

Guido van Rossum

e780877

1995-08-07 20:12:09 +0000

[diff] [blame]

173

174

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

175

# parse query string function called from urlparse,

176

# this is done in order to maintain backward compatiblity.

177

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

178

def parse_qs(qs, keep_blank_values=0, strict_parsing=0):

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

179

"""Parse a query given as a string argument."""

180

warn("cgi.parse_qs is deprecated, use urllib.parse.parse_qs instead",

Philip Jenvey

a394f2d

2009-05-08 03:57:12 +0000

[diff] [blame]

181

DeprecationWarning, 2)

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

182

return urllib.parse.parse_qs(qs, keep_blank_values, strict_parsing)

Guido van Rossum

1946f0d

1999-06-04 17:54:39 +0000

[diff] [blame]

183

184

def parse_qsl(qs, keep_blank_values=0, strict_parsing=0):

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

185

"""Parse a query given as a string argument."""

Facundo Batista

a27244b

2008-09-09 02:43:19 +0000

[diff] [blame]

186

warn("cgi.parse_qsl is deprecated, use urllib.parse.parse_qsl instead",

Philip Jenvey

a394f2d

2009-05-08 03:57:12 +0000

[diff] [blame]

187

DeprecationWarning, 2)

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

188

return urllib.parse.parse_qsl(qs, keep_blank_values, strict_parsing)

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

189

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

190

def parse_multipart(fp, pdict):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

191

"""Parse multipart input.

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

192

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

193

Arguments:

194

fp : input file

Johannes Gijsbers

c7fc10a

2005-01-08 13:56:36 +0000

[diff] [blame]

195

pdict: dictionary containing other parameters of content-type header

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

196

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

197

Returns a dictionary just like parse_qs(): keys are the field names, each

198

value is a list of values for that field. This is easy to use but not

199

much good if you are expecting megabytes to be uploaded -- in that case,

200

use the FieldStorage class instead which is much more flexible. Note

201

that content-type is the raw, unparsed contents of the content-type

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

202

header.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

203

204

XXX This does not parse nested multipart parts -- use FieldStorage for

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

205

that.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

206

207

XXX This should really be subsumed by FieldStorage altogether -- no

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

208

point in having two implementations of the same parsing algorithm.

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

209

Also, FieldStorage protects itself better against certain DoS attacks

210

by limiting the size of the data read in one chunk. The API here

211

does not support that kind of protection. This also affects parse()

212

since it can call parse_multipart().

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

213

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

214

"""

Barry Warsaw

820c120

2008-06-12 04:06:45 +0000

[diff] [blame]

215

import http.client

216

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

217

boundary = ""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

218

if 'boundary' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

219

boundary = pdict['boundary']

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

220

if not valid_boundary(boundary):

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

221

raise ValueError('Invalid boundary in multipart form: %r'

Walter Dörwald

70a6b49

2004-02-12 17:35:32 +0000

[diff] [blame]

222

% (boundary,))

Tim Peters

ab9ba27

2001-08-09 21:40:30 +0000

[diff] [blame]

223

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

224

nextpart = "--" + boundary

225

lastpart = "--" + boundary + "--"

partdict = {}

terminator = ""

while terminator != lastpart:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

bytes = -1

data = None

if terminator:

# At start of next part. Read headers first.

Barry Warsaw

820c120

2008-06-12 04:06:45 +0000

[diff] [blame]

234

headers = http.client.parse_headers(fp)

235

clength = headers.get('content-length')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

236

if clength:

237

try:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

238

bytes = int(clength)

239

except ValueError:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

240

pass

241

if bytes > 0:

242

if maxlen and bytes > maxlen:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

243

raise ValueError('Maximum content length exceeded')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

244

data = fp.read(bytes)

245

else:

246

data = ""

247

# Read lines until end of part.

lines = []

while 1:

line = fp.readline()

if not line:

terminator = lastpart # End outer loop

253

break

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

254

if line.startswith("--"):

255

terminator = line.rstrip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

256

if terminator in (nextpart, lastpart):

break

lines.append(line)

# Done with part.

if data is None:

continue

if bytes < 0:

if lines:

# Strip final line terminator

265

line = lines[-1]

266

if line[-2:] == "\r\n":

267

line = line[:-2]

268

elif line[-1:] == "\n":

269

line = line[:-1]

270

lines[-1] = line

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

271

data = "".join(lines)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

272

line = headers['content-disposition']

273

if not line:

274

continue

275

key, params = parse_header(line)

276

if key != 'form-data':

277

continue

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

278

if 'name' in params:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

279

name = params['name']

280

else:

281

continue

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

282

if name in partdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

283

partdict[name].append(data)

284

else:

285

partdict[name] = [data]

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

286

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

287

return partdict

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

288

289

Fred Drake

9a0a65b

2008-12-04 19:24:50 +0000

[diff] [blame]

def _parseparam(s):

while s[:1] == ';':

s = s[1:]

end = s.find(';')

while end > 0 and s.count('"', 0, end) % 2:

295

end = s.find(';', end + 1)

if end < 0:

end = len(s)

f = s[:end]

yield f.strip()

s = s[end:]

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

302

def parse_header(line):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

303

"""Parse a Content-type like header.

304

305

Return the main content-type and a dictionary of options.

306

307

"""

Fred Drake

9a0a65b

2008-12-04 19:24:50 +0000

[diff] [blame]

308

parts = _parseparam(';' + line)

309

key = parts.__next__()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

310

pdict = {}

Fred Drake

9a0a65b

2008-12-04 19:24:50 +0000

[diff] [blame]

311

for p in parts:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

312

i = p.find('=')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

313

if i >= 0:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

314

name = p[:i].strip().lower()

315

value = p[i+1:].strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

316

if len(value) >= 2 and value[0] == value[-1] == '"':

317

value = value[1:-1]

Johannes Gijsbers

9e15dd6

2004-08-14 15:39:34 +0000

[diff] [blame]

318

value = value.replace('\\\\', '\\').replace('\\"', '"')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

319

pdict[name] = value

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

320

return key, pdict

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

321

322

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

323

# Classes for field storage

324

# =========================

325

326

class MiniFieldStorage:

327

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

328

"""Like FieldStorage, for use when no file uploads are possible."""

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

329

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

# Dummy attributes

filename = None

list = None

type = None

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

334

file = None

Guido van Rossum

4032c2c

1996-03-09 04:04:35 +0000

[diff] [blame]

335

type_options = {}

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

336

disposition = None

337

disposition_options = {}

338

headers = {}

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

339

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

340

def __init__(self, name, value):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

341

"""Constructor from field name and value."""

342

self.name = name

343

self.value = value

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

344

# self.file = StringIO(value)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

345

346

def __repr__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

347

"""Return printable representation."""

Walter Dörwald

70a6b49

2004-02-12 17:35:32 +0000

[diff] [blame]

348

return "MiniFieldStorage(%r, %r)" % (self.name, self.value)

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

class FieldStorage:

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

353

"""Store a sequence of fields, reading multipart/form-data.

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

354

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

355

This class provides naming, typing, files stored on disk, and

356

more. At the top level, it is accessible like a dictionary, whose

357

keys are the field names. (Note: None can occur as a field name.)

358

The items are either a Python list (if there's multiple values) or

359

another FieldStorage or MiniFieldStorage object. If it's a single

360

object, it has the following attributes:

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

361

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

362

name: the field name, if specified; otherwise None

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

363

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

364

filename: the filename, if specified; otherwise None; this is the

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

365

client side filename, *not* the file name on which it is

366

stored (that's a temporary file you don't deal with)

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

367

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

368

value: the value as a *string*; for file uploads, this

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

369

transparently reads the file every time you request the value

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

370

and returns *bytes*

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

371

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

372

file: the file(-like) object from which you can read the data *as

373

bytes* ; None if the data is stored a simple string

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

374

375

type: the content-type, or None if not specified

376

377

type_options: dictionary of options specified on the content-type

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

378

line

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

379

380

disposition: content-disposition, or None if not specified

381

382

disposition_options: dictionary of corresponding options

383

Barry Warsaw

596097e

2008-06-12 02:38:51 +0000

[diff] [blame]

384

headers: a dictionary(-like) object (sometimes email.message.Message or a

Armin Rigo

3a703b6

2005-09-19 09:11:04 +0000

[diff] [blame]

385

subclass thereof) containing *all* headers

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

386

387

The class is subclassable, mostly for the purpose of overriding

388

the make_file() method, which is called internally to come up with

389

a file open for reading and writing. This makes it possible to

390

override the default choice of storing all files in a temporary

391

directory and unlinking them as soon as they have been opened.

392

393

"""

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

394

def __init__(self, fp=None, headers=None, outerboundary=b'',

395

environ=os.environ, keep_blank_values=0, strict_parsing=0,

396

limit=None, encoding='utf-8', errors='replace'):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

397

"""Constructor. Read multipart/* until last part.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

398

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

399

Arguments, all optional:

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

400

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

401

fp : file pointer; default: sys.stdin.buffer

Guido van Rossum

b1b4f94

1998-05-08 19:55:51 +0000

[diff] [blame]

402

(not used when the request method is GET)

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

403

Can be :

404

1. a TextIOWrapper object

405

2. an object whose read() and readline() methods return bytes

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

406

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

407

headers : header dictionary-like object; default:

408

taken from environ as per CGI spec

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

409

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

410

outerboundary : terminating multipart boundary

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

411

(for internal use only)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

412

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

413

environ : environment dictionary; default: os.environ

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

414

415

keep_blank_values: flag indicating whether blank values in

Senthil Kumaran

30e86a4

2010-08-09 20:01:35 +0000

[diff] [blame]

416

percent-encoded forms should be treated as blank strings.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

417

A true value indicates that blanks should be retained as

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

418

blank strings. The default false value indicates that

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

419

blank values are to be ignored and treated as if they were

420

not included.

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

421

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

422

strict_parsing: flag indicating what to do with parsing errors.

423

If false (the default), errors are silently ignored.

424

If true, errors raise a ValueError exception.

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

425

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

426

limit : used internally to read parts of multipart/form-data forms,

427

to exit from the reading loop when reached. It is the difference

428

between the form content-length and the number of bytes already

429

read

430

431

encoding, errors : the encoding and error handler used to decode the

432

binary stream to strings. Must be the same as the charset defined

433

for the page sending the form (content-type : meta http-equiv or

434

header)

435

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

436

"""

437

method = 'GET'

438

self.keep_blank_values = keep_blank_values

439

self.strict_parsing = strict_parsing

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

440

if 'REQUEST_METHOD' in environ:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

441

method = environ['REQUEST_METHOD'].upper()

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

442

self.qs_on_post = None

Guido van Rossum

0185283

1998-06-25 02:40:17 +0000

[diff] [blame]

443

if method == 'GET' or method == 'HEAD':

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

444

if 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

445

qs = environ['QUERY_STRING']

elif sys.argv[1:]:

qs = sys.argv[1]

else:

qs = ""

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

450

qs = qs.encode(locale.getpreferredencoding(), 'surrogateescape')

451

fp = BytesIO(qs)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

452

if headers is None:

453

headers = {'content-type':

454

"application/x-www-form-urlencoded"}

455

if headers is None:

Guido van Rossum

cff311a

1998-06-11 14:06:59 +0000

[diff] [blame]

456

headers = {}

457

if method == 'POST':

458

# Set default content-type for POST to what's traditional

459

headers['content-type'] = "application/x-www-form-urlencoded"

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

460

if 'CONTENT_TYPE' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

461

headers['content-type'] = environ['CONTENT_TYPE']

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

462

if 'QUERY_STRING' in environ:

463

self.qs_on_post = environ['QUERY_STRING']

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

464

if 'CONTENT_LENGTH' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

465

headers['content-length'] = environ['CONTENT_LENGTH']

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

466

if fp is None:

467

self.fp = sys.stdin.buffer

468

# self.fp.read() must return bytes

469

elif isinstance(fp, TextIOWrapper):

self.fp = fp.buffer

else:

self.fp = fp

self.encoding = encoding

475

self.errors = errors

476

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

477

self.headers = headers

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

478

if not isinstance(outerboundary, bytes):

479

raise TypeError('outerboundary must be bytes, not %s'

480

% type(outerboundary).__name__)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

481

self.outerboundary = outerboundary

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

482

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

self.bytes_read = 0

self.limit = limit

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

486

# Process content-disposition header

487

cdisp, pdict = "", {}

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

488

if 'content-disposition' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

489

cdisp, pdict = parse_header(self.headers['content-disposition'])

490

self.disposition = cdisp

491

self.disposition_options = pdict

492

self.name = None

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

493

if 'name' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

494

self.name = pdict['name']

495

self.filename = None

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

496

if 'filename' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

497

self.filename = pdict['filename']

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

498

self._binary_file = self.filename is not None

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

499

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

500

# Process content-type header

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

501

#

502

# Honor any existing content-type header. But if there is no

503

# content-type header, use some sensible defaults. Assume

504

# outerboundary is "" at the outer level, but something non-false

505

# inside a multi-part. The default for an inner part is text/plain,

506

# but for an outer part it should be urlencoded. This should catch

507

# bogus clients which erroneously forget to include a content-type

508

# header.

509

#

510

# See below for what we do if there does exist a content-type header,

511

# but it happens to be something we don't understand.

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

512

if 'content-type' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

513

ctype, pdict = parse_header(self.headers['content-type'])

Guido van Rossum

ce900de

1999-06-02 18:44:22 +0000

[diff] [blame]

514

elif self.outerboundary or method != 'POST':

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

515

ctype, pdict = "text/plain", {}

516

else:

517

ctype, pdict = 'application/x-www-form-urlencoded', {}

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

518

self.type = ctype

519

self.type_options = pdict

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

520

if 'boundary' in pdict:

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

521

self.innerboundary = pdict['boundary'].encode(self.encoding)

522

else:

523

self.innerboundary = b""

524

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

525

clen = -1

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

526

if 'content-length' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

527

try:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

528

clen = int(self.headers['content-length'])

Skip Montanaro

db5d144

2002-03-23 05:50:17 +0000

[diff] [blame]

529

except ValueError:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

530

pass

531

if maxlen and clen > maxlen:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

532

raise ValueError('Maximum content length exceeded')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

533

self.length = clen

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

534

if self.limit is None and clen:

535

self.limit = clen

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

536

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

537

self.list = self.file = None

538

self.done = 0

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

539

if ctype == 'application/x-www-form-urlencoded':

540

self.read_urlencoded()

541

elif ctype[:10] == 'multipart/':

Guido van Rossum

f574500

1998-10-20 14:43:02 +0000

[diff] [blame]

542

self.read_multi(environ, keep_blank_values, strict_parsing)

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

543

else:

Guido van Rossum

60a3bd8

1999-06-11 18:26:09 +0000

[diff] [blame]

544

self.read_single()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

545

546

def __repr__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

547

"""Return a printable representation."""

Walter Dörwald

70a6b49

2004-02-12 17:35:32 +0000

[diff] [blame]

548

return "FieldStorage(%r, %r, %r)" % (

549

self.name, self.filename, self.value)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

550

Guido van Rossum

4061cbe

2002-09-11 18:20:34 +0000

[diff] [blame]

551

def __iter__(self):

552

return iter(self.keys())

553

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

554

def __getattr__(self, name):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

555

if name != 'value':

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

556

raise AttributeError(name)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

557

if self.file:

558

self.file.seek(0)

559

value = self.file.read()

560

self.file.seek(0)

561

elif self.list is not None:

value = self.list

else:

value = None

return value

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

566

567

def __getitem__(self, key):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

568

"""Dictionary style indexing."""

569

if self.list is None:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

570

raise TypeError("not indexable")

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

571

found = []

572

for item in self.list:

573

if item.name == key: found.append(item)

574

if not found:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

575

raise KeyError(key)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

if len(found) == 1:

return found[0]

else:

return found

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

580

Moshe Zadka

a1a4b59

2000-08-25 21:47:56 +0000

[diff] [blame]

581

def getvalue(self, key, default=None):

582

"""Dictionary style get() method, including 'value' lookup."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

583

if key in self:

Moshe Zadka

a1a4b59

2000-08-25 21:47:56 +0000

[diff] [blame]

584

value = self[key]

Victor Stinner

f1c7ca9

2011-01-14 13:08:27 +0000

[diff] [blame]

585

if isinstance(value, list):

Guido van Rossum

c1f779c

2007-07-03 08:25:58 +0000

[diff] [blame]

586

return [x.value for x in value]

Moshe Zadka

a1a4b59

2000-08-25 21:47:56 +0000

[diff] [blame]

else:

return value.value

else:

return default

Guido van Rossum

2001-09-05 19:45:34 +0000

[diff] [blame]

592

def getfirst(self, key, default=None):

593

""" Return the first value received."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

594

if key in self:

Guido van Rossum

2001-09-05 19:45:34 +0000

[diff] [blame]

595

value = self[key]

Victor Stinner

f1c7ca9

2011-01-14 13:08:27 +0000

[diff] [blame]

596

if isinstance(value, list):

Guido van Rossum

2001-09-05 19:45:34 +0000

[diff] [blame]

597

return value[0].value

else:

return value.value

else:

return default

def getlist(self, key):

604

""" Return list of received values."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

605

if key in self:

Guido van Rossum

2001-09-05 19:45:34 +0000

[diff] [blame]

606

value = self[key]

Victor Stinner

f1c7ca9

2011-01-14 13:08:27 +0000

[diff] [blame]

607

if isinstance(value, list):

Guido van Rossum

c1f779c

2007-07-03 08:25:58 +0000

[diff] [blame]

608

return [x.value for x in value]

Guido van Rossum

2001-09-05 19:45:34 +0000

[diff] [blame]

else:

return [value.value]

else:

return []

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

614

def keys(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

615

"""Dictionary style keys() method."""

616

if self.list is None:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

617

raise TypeError("not indexable")

Thomas Wouters

8ce81f7

2007-09-20 18:22:40 +0000

[diff] [blame]

618

return list(set(item.name for item in self.list))

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

619

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

620

def __contains__(self, key):

621

"""Dictionary style __contains__ method."""

622

if self.list is None:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

623

raise TypeError("not indexable")

Thomas Wouters

8ce81f7

2007-09-20 18:22:40 +0000

[diff] [blame]

624

return any(item.name == key for item in self.list)

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

625

Guido van Rossum

88b85d4

1997-01-11 19:21:33 +0000

[diff] [blame]

626

def __len__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

627

"""Dictionary style len(x) support."""

628

return len(self.keys())

Guido van Rossum

88b85d4

1997-01-11 19:21:33 +0000

[diff] [blame]

629

Thomas Wouters

8ce81f7

2007-09-20 18:22:40 +0000

[diff] [blame]

630

def __nonzero__(self):

631

return bool(self.list)

632

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

633

def read_urlencoded(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

634

"""Internal: read data in query string format."""

635

qs = self.fp.read(self.length)

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

636

if not isinstance(qs, bytes):

637

raise ValueError("%s should return bytes, got %s" \

638

% (self.fp, type(qs).__name__))

639

qs = qs.decode(self.encoding, self.errors)

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

640

if self.qs_on_post:

641

qs += '&' + self.qs_on_post

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

642

self.list = []

643

query = urllib.parse.parse_qsl(

644

qs, self.keep_blank_values, self.strict_parsing,

645

encoding=self.encoding, errors=self.errors)

646

for key, value in query:

647

self.list.append(MiniFieldStorage(key, value))

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

648

self.skip_lines()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

649

Guido van Rossum

030d2ec

1998-12-09 22:16:46 +0000

[diff] [blame]

650

FieldStorageClass = None

651

Guido van Rossum

f574500

1998-10-20 14:43:02 +0000

[diff] [blame]

652

def read_multi(self, environ, keep_blank_values, strict_parsing):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

653

"""Internal: read a part that is itself multipart."""

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

654

ib = self.innerboundary

655

if not valid_boundary(ib):

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

656

raise ValueError('Invalid boundary in multipart form: %r' % (ib,))

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

657

self.list = []

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

658

if self.qs_on_post:

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

659

query = urllib.parse.parse_qsl(

660

self.qs_on_post, self.keep_blank_values, self.strict_parsing,

661

encoding=self.encoding, errors=self.errors)

662

for key, value in query:

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

663

self.list.append(MiniFieldStorage(key, value))

664

FieldStorageClass = None

665

Guido van Rossum

030d2ec

1998-12-09 22:16:46 +0000

[diff] [blame]

666

klass = self.FieldStorageClass or self.__class__

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

667

first_line = self.fp.readline() # bytes

668

if not isinstance(first_line, bytes):

669

raise ValueError("%s should return bytes, got %s" \

670

% (self.fp, type(first_line).__name__))

671

self.bytes_read += len(first_line)

672

# first line holds boundary ; ignore it, or check that

673

# b"--" + ib == first_line.strip() ?

674

while True:

675

parser = FeedParser()

676

hdr_text = b""

677

while True:

678

data = self.fp.readline()

hdr_text += data

if not data.strip():

break

if not hdr_text:

break

# parser takes strings, not bytes

685

self.bytes_read += len(hdr_text)

686

parser.feed(hdr_text.decode(self.encoding, self.errors))

687

headers = parser.close()

688

part = klass(self.fp, headers, ib, environ, keep_blank_values,

689

strict_parsing,self.limit-self.bytes_read,

690

self.encoding, self.errors)

691

self.bytes_read += part.bytes_read

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

692

self.list.append(part)

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

693

if self.bytes_read >= self.length:

694

break

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

695

self.skip_lines()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

696

697

def read_single(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

698

"""Internal: read an atomic part."""

if self.length >= 0:

self.read_binary()

self.skip_lines()

else:

self.read_lines()

self.file.seek(0)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

705

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

706

bufsize = 8*1024 # I/O buffering size for copy to file

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

707

708

def read_binary(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

709

"""Internal: read binary data."""

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

710

self.file = self.make_file()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

711

todo = self.length

712

if todo >= 0:

713

while todo > 0:

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

714

data = self.fp.read(min(todo, self.bufsize)) # bytes

715

if not isinstance(data, bytes):

716

raise ValueError("%s should return bytes, got %s"

717

% (self.fp, type(data).__name__))

718

self.bytes_read += len(data)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

if not data:

self.done = -1

break

self.file.write(data)

723

todo = todo - len(data)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

724

725

def read_lines(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

726

"""Internal: read lines until EOF or outerboundary."""

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

727

if self._binary_file:

728

self.file = self.__file = BytesIO() # store data as bytes for files

729

else:

730

self.file = self.__file = StringIO() # as strings for other fields

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

731

if self.outerboundary:

732

self.read_lines_to_outerboundary()

733

else:

734

self.read_lines_to_eof()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

735

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

736

def __write(self, line):

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

737

"""line is always bytes, not string"""

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

738

if self.__file is not None:

739

if self.__file.tell() + len(line) > 1000:

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

740

self.file = self.make_file()

741

data = self.__file.getvalue()

742

self.file.write(data)

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

743

self.__file = None

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

744

if self._binary_file:

745

# keep bytes

746

self.file.write(line)

747

else:

748

# decode to string

749

self.file.write(line.decode(self.encoding, self.errors))

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

750

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

751

def read_lines_to_eof(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

752

"""Internal: read lines until EOF."""

753

while 1:

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

754

line = self.fp.readline(1<<16) # bytes

755

self.bytes_read += len(line)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

756

if not line:

757

self.done = -1

758

break

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

759

self.__write(line)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

760

761

def read_lines_to_outerboundary(self):

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

762

"""Internal: read lines until outerboundary.

763

Data is read as bytes: boundaries and line ends must be converted

764

to bytes for comparisons.

765

"""

766

next_boundary = b"--" + self.outerboundary

767

last_boundary = next_boundary + b"--"

768

delim = b""

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

769

last_line_lfend = True

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

770

_read = 0

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

771

while 1:

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

772

if _read >= self.limit:

773

break

774

line = self.fp.readline(1<<16) # bytes

775

self.bytes_read += len(line)

776

_read += len(line)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

777

if not line:

778

self.done = -1

779

break

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

780

if line.startswith(b"--") and last_line_lfend:

781

strippedline = line.rstrip()

782

if strippedline == next_boundary:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

783

break

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

784

if strippedline == last_boundary:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

785

self.done = 1

786

break

787

odelim = delim

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

788

if line.endswith(b"\r\n"):

789

delim = b"\r\n"

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

790

line = line[:-2]

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

791

last_line_lfend = True

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

792

elif line.endswith(b"\n"):

793

delim = b"\n"

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

794

line = line[:-1]

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

795

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

796

else:

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

797

delim = b""

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

798

last_line_lfend = False

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

799

self.__write(odelim + line)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

800

801

def skip_lines(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

802

"""Internal: skip lines until outer boundary if defined."""

803

if not self.outerboundary or self.done:

804

return

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

805

next_boundary = b"--" + self.outerboundary

806

last_boundary = next_boundary + b"--"

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

807

last_line_lfend = True

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

808

while True:

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

809

line = self.fp.readline(1<<16)

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

810

self.bytes_read += len(line)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

811

if not line:

812

self.done = -1

813

break

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

814

if line.endswith(b"--") and last_line_lfend:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

815

strippedline = line.strip()

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

816

if strippedline == next_boundary:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

817

break

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

818

if strippedline == last_boundary:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

819

self.done = 1

820

break

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

821

last_line_lfend = line.endswith(b'\n')

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

822

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

823

def make_file(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

824

"""Overridable: return a readable & writable file.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

825

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

826

The file will be used as follows:

827

- data is written to it

828

- seek(0)

829

- data is read from it

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

830

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

831

The file is opened in binary mode for files, in text mode

832

for other fields

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

833

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

834

This version opens a temporary file for reading and writing,

835

and immediately deletes (unlinks) it. The trick (on Unix!) is

836

that the file can still be used, but it can't be opened by

837

another process, and it will automatically be deleted when it

838

is closed or when the current process terminates.

Guido van Rossum

4032c2c

1996-03-09 04:04:35 +0000

[diff] [blame]

839

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

840

If you want a more permanent file, you derive a class which

841

overrides this method. If you want a visible temporary file

842

that is nevertheless automatically deleted when the script

843

terminates, try defining a __del__ method in a derived class

844

which unlinks the temporary files you have created.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

845

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

846

"""

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

847

if self._binary_file:

848

return tempfile.TemporaryFile("wb+")

849

else:

850

return tempfile.TemporaryFile("w+",

851

encoding=self.encoding, newline = '\n')

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

852

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

853

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

854

# Test/debug code

855

# ===============

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

856

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

857

def test(environ=os.environ):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

858

"""Robust test CGI script, usable as main program.

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

859

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

860

Write minimal HTTP headers and dump all information provided to

861

the script in HTML form.

862

863

"""

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

864

print("Content-type: text/html")

865

print()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

866

sys.stderr = sys.stdout

867

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

868

form = FieldStorage() # Replace with other classes to test those

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

869

print_directory()

870

print_arguments()

Guido van Rossum

a3c6a8a

2000-09-19 04:11:46 +0000

[diff] [blame]

871

print_form(form)

872

print_environ(environ)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

873

print_environ_usage()

874

def f():

Georg Brandl

7cae87c

2006-09-06 06:51:57 +0000

[diff] [blame]

875

exec("testing print_exception() -- <I>italics?</I>")

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

876

def g(f=f):

877

f()

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

878

print("<H3>What follows is a test, not an actual exception:</H3>")

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

879

g()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

880

except:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

881

print_exception()

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

882

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

883

print("<H1>Second try with a small maxlen...</H1>")

Guido van Rossum

57d51f2

2000-09-16 21:16:01 +0000

[diff] [blame]

884

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

885

global maxlen

886

maxlen = 50

887

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

888

form = FieldStorage() # Replace with other classes to test those

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

889

print_directory()

890

print_arguments()

Guido van Rossum

a3c6a8a

2000-09-19 04:11:46 +0000

[diff] [blame]

891

print_form(form)

892

print_environ(environ)

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

893

except:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

894

print_exception()

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

895

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

896

def print_exception(type=None, value=None, tb=None, limit=None):

897

if type is None:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

898

type, value, tb = sys.exc_info()

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

899

import traceback

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

900

print()

901

print("<H3>Traceback (most recent call last):</H3>")

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

902

list = traceback.format_tb(tb, limit) + \

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

903

traceback.format_exception_only(type, value)

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

904

print("<PRE>%s<B>%s</B></PRE>" % (

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

905

html.escape("".join(list[:-1])),

906

html.escape(list[-1]),

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

907

))

Guido van Rossum

f15d159

1997-09-29 23:22:12 +0000

[diff] [blame]

908

del tb

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

909

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

910

def print_environ(environ=os.environ):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

911

"""Dump the shell environment as HTML."""

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

912

keys = sorted(environ.keys())

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

913

print()

914

print("<H3>Shell Environment:</H3>")

915

print("<DL>")

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

916

for key in keys:

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

917

print("<DT>", html.escape(key), "<DD>", html.escape(environ[key]))

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

918

print("</DL>")

919

print()

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

920

921

def print_form(form):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

922

"""Dump the contents of a form as HTML."""

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

923

keys = sorted(form.keys())

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

924

print()

925

print("<H3>Form Contents:</H3>")

Guido van Rossum

57d51f2

2000-09-16 21:16:01 +0000

[diff] [blame]

926

if not keys:

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

927

print("<P>No form fields.")

928

print("<DL>")

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

929

for key in keys:

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

930

print("<DT>" + html.escape(key) + ":", end=' ')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

931

value = form[key]

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

932

print("<i>" + html.escape(repr(type(value))) + "</i>")

933

print("<DD>" + html.escape(repr(value)))

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

934

print("</DL>")

935

print()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

936

937

def print_directory():

938

"""Dump the current directory as HTML."""

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

939

print()

940

print("<H3>Current Working Directory:</H3>")

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

941

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

942

pwd = os.getcwd()

Guido van Rossum

b940e11

2007-01-10 16:19:56 +0000

[diff] [blame]

943

except os.error as msg:

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

944

print("os.error:", html.escape(str(msg)))

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

945

else:

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

946

print(html.escape(pwd))

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

947

print()

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

948

Guido van Rossum

a8738a5

1996-03-14 21:30:28 +0000

[diff] [blame]

949

def print_arguments():

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

950

print()

951

print("<H3>Command Line Arguments:</H3>")

952

print()

953

print(sys.argv)

954

print()

Guido van Rossum

a8738a5

1996-03-14 21:30:28 +0000

[diff] [blame]

955

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

956

def print_environ_usage():

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

957

"""Dump a list of environment variables used by CGI as HTML."""

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

958

print("""

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

959

<H3>These environment variables could have been set:</H3>

960

<UL>

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

<LI>AUTH_TYPE

<LI>CONTENT_LENGTH

<LI>CONTENT_TYPE

<LI>DATE_GMT

<LI>DATE_LOCAL

<LI>DOCUMENT_NAME

<LI>DOCUMENT_ROOT

<LI>DOCUMENT_URI

<LI>GATEWAY_INTERFACE

<LI>LAST_MODIFIED

<LI>PATH

<LI>PATH_INFO

<LI>PATH_TRANSLATED

<LI>QUERY_STRING

<LI>REMOTE_ADDR

<LI>REMOTE_HOST

<LI>REMOTE_IDENT

<LI>REMOTE_USER

<LI>REQUEST_METHOD

<LI>SCRIPT_NAME

<LI>SERVER_NAME

<LI>SERVER_PORT

<LI>SERVER_PROTOCOL

<LI>SERVER_ROOT

<LI>SERVER_SOFTWARE

</UL>

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

987

In addition, HTTP headers sent by the server may be passed in the

988

environment as well. Here are some common variable names:

<UL>

<LI>HTTP_ACCEPT

<LI>HTTP_CONNECTION

<LI>HTTP_HOST

<LI>HTTP_PRAGMA

<LI>HTTP_REFERER

<LI>HTTP_USER_AGENT

</UL>

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

997

""")

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

998

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

999

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

1000

# Utilities

1001

# =========

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

1002

Guido van Rossum

64c6620

1997-07-19 20:11:53 +0000

[diff] [blame]

1003

def escape(s, quote=None):

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

1004

"""Deprecated API."""

1005

warn("cgi.escape is deprecated, use html.escape instead",

1006

PendingDeprecationWarning, stacklevel=2)

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

1007

s = s.replace("&", "&") # Must be done first!

1008

s = s.replace("<", "<")

1009

s = s.replace(">", ">")

Guido van Rossum

64c6620

1997-07-19 20:11:53 +0000

[diff] [blame]

1010

if quote:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

1011

s = s.replace('"', """)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

1012

return s

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

1013

Georg Brandl

2010-10-15 15:57:45 +0000

[diff] [blame]

1014

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

1015

def valid_boundary(s, _vb_pattern=None):

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

1016

import re

Victor Stinner

2011-01-14 13:05:21 +0000

[diff] [blame]

1017

if isinstance(s, bytes):

1018

_vb_pattern = b"^[ -~]{0,200}[!-~]$"

1019

else:

1020

_vb_pattern = "^[ -~]{0,200}[!-~]$"

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

1021

return re.match(_vb_pattern, s)

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

1022

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Invoke mainline

# ===============

# Call test() when this file is run as a script (not imported as a module)

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

1027

if __name__ == '__main__':

Guido van Rossum