Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / a28b3e6dfb399a6107b717d78bc81ef6be80f123 / . / Lib / CGIHTTPServer.py
blob: 47a0e2c37a6eb38cc806a0aa65f65028e303bc96 [file] [log] [blame]
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]1"""CGI-savvy HTTP Server.
2
3This module builds on SimpleHTTPServer by implementing GET and POST
4requests to cgi-bin scripts.
5
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]6If the os.fork() function is not present (e.g. on Windows),
7os.popen2() is used as a fallback, with slightly altered semantics; if
8that function is not present either (e.g. on Macintosh), only Python
9scripts are supported, and they are executed by the current process.
10
11In all cases, the implementation is intentionally naive -- all
12requests are executed sychronously.
13
14SECURITY WARNING: DON'T USE THIS CODE UNLESS YOU ARE INSIDE A FIREWALL
15-- it may execute arbitrary Python code or external programs.
Fred Drake40e84db1999-10-16 02:07:50 +0000[diff] [blame]16
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]17"""
18
19
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]20__version__ = "0.4"
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]21
Skip Montanaroe99d5ea2001-01-20 19:54:20 +0000[diff] [blame]22__all__ = ["CGIHTTPRequestHandler"]
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]23
24import os
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]25import sys
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]26import urllib
27import BaseHTTPServer
28import SimpleHTTPServer
Steve Holden8a978f72003-01-08 18:53:18 +0000[diff] [blame]29import select
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]30
31
32class CGIHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
33
34 """Complete HTTP server with GET, HEAD and POST commands.
35
36 GET and HEAD also support running CGI scripts.
37
38 The POST command is *only* implemented for CGI scripts.
39
40 """
41
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]42 # Determine platform specifics
43 have_fork = hasattr(os, 'fork')
44 have_popen2 = hasattr(os, 'popen2')
Guido van Rossum8cb65402002-02-01 16:27:59 +0000[diff] [blame]45 have_popen3 = hasattr(os, 'popen3')
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]46
Guido van Rossum6aefd912000-09-01 03:27:34 +0000[diff] [blame]47 # Make rfile unbuffered -- we need to read one line and then pass
48 # the rest to a subprocess, so we can't use buffered input.
49 rbufsize = 0
50
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]51 def do_POST(self):
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]52 """Serve a POST request.
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]53
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]54 This is only implemented for CGI scripts.
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]55
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]56 """
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]57
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]58 if self.is_cgi():
59 self.run_cgi()
60 else:
61 self.send_error(501, "Can only POST to CGI scripts")
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]62
63 def send_head(self):
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]64 """Version of send_head that support CGI scripts"""
65 if self.is_cgi():
66 return self.run_cgi()
67 else:
68 return SimpleHTTPServer.SimpleHTTPRequestHandler.send_head(self)
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]69
70 def is_cgi(self):
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]71 """Test whether self.path corresponds to a CGI script.
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]72
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]73 Return a tuple (dir, rest) if self.path requires running a
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]74 CGI script, None if not. Note that rest begins with a
75 slash if it is not empty.
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]76
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]77 The default implementation tests whether the path
78 begins with one of the strings in the list
79 self.cgi_directories (and the next character is a '/'
80 or the end of the string).
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]81
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]82 """
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]83
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]84 path = self.path
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]85
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]86 for x in self.cgi_directories:
87 i = len(x)
88 if path[:i] == x and (not path[i:] or path[i] == '/'):
89 self.cgi_info = path[:i], path[i+1:]
Tim Petersbc0e9102002-04-04 22:55:58 +0000[diff] [blame]90 return True
91 return False
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]92
93 cgi_directories = ['/cgi-bin', '/htbin']
94
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]95 def is_executable(self, path):
96 """Test whether argument path is an executable file."""
97 return executable(path)
98
99 def is_python(self, path):
100 """Test whether argument path is a Python script."""
101 head, tail = os.path.splitext(path)
102 return tail.lower() in (".py", ".pyw")
103
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]104 def run_cgi(self):
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]105 """Execute a CGI script."""
106 dir, rest = self.cgi_info
Eric S. Raymond6b71e742001-02-09 08:56:30 +0000[diff] [blame]107 i = rest.rfind('?')
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]108 if i >= 0:
109 rest, query = rest[:i], rest[i+1:]
110 else:
111 query = ''
Eric S. Raymond6b71e742001-02-09 08:56:30 +0000[diff] [blame]112 i = rest.find('/')
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]113 if i >= 0:
114 script, rest = rest[:i], rest[i:]
115 else:
116 script, rest = rest, ''
117 scriptname = dir + '/' + script
118 scriptfile = self.translate_path(scriptname)
119 if not os.path.exists(scriptfile):
Walter Dörwald70a6b492004-02-12 17:35:32 +0000[diff] [blame]120 self.send_error(404, "No such CGI script (%r)" % scriptname)
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]121 return
122 if not os.path.isfile(scriptfile):
Tim Peters27f49612004-03-20 21:51:12 +0000[diff] [blame]123 self.send_error(403, "CGI script is not a plain file (%r)" %
Walter Dörwald70a6b492004-02-12 17:35:32 +0000[diff] [blame]124 scriptname)
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]125 return
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]126 ispy = self.is_python(scriptname)
127 if not ispy:
Guido van Rossum8cb65402002-02-01 16:27:59 +0000[diff] [blame]128 if not (self.have_fork or self.have_popen2 or self.have_popen3):
Walter Dörwald70a6b492004-02-12 17:35:32 +0000[diff] [blame]129 self.send_error(403, "CGI script is not a Python script (%r)" %
130 scriptname)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]131 return
132 if not self.is_executable(scriptfile):
Walter Dörwald70a6b492004-02-12 17:35:32 +0000[diff] [blame]133 self.send_error(403, "CGI script is not executable (%r)" %
134 scriptname)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]135 return
136
137 # Reference: http://hoohoo.ncsa.uiuc.edu/cgi/env.html
138 # XXX Much of the following could be prepared ahead of time!
139 env = {}
140 env['SERVER_SOFTWARE'] = self.version_string()
141 env['SERVER_NAME'] = self.server.server_name
142 env['GATEWAY_INTERFACE'] = 'CGI/1.1'
143 env['SERVER_PROTOCOL'] = self.protocol_version
144 env['SERVER_PORT'] = str(self.server.server_port)
145 env['REQUEST_METHOD'] = self.command
146 uqrest = urllib.unquote(rest)
147 env['PATH_INFO'] = uqrest
148 env['PATH_TRANSLATED'] = self.translate_path(uqrest)
149 env['SCRIPT_NAME'] = scriptname
150 if query:
151 env['QUERY_STRING'] = query
152 host = self.address_string()
153 if host != self.client_address[0]:
154 env['REMOTE_HOST'] = host
155 env['REMOTE_ADDR'] = self.client_address[0]
Martin v. Löwisa28b3e62004-08-29 16:53:26 +0000[diff] [blame^]156 authorization = self.headers.getheader("authorization")
157 if authorization:
158 authorization = authorization.split()
159 if len(authorization) == 2:
160 import base64, binascii
161 env['AUTH_TYPE'] = authorization[0]
162 if authorization[0].lower() == "basic":
163 try:
164 authorization = base64.decodestring(authorization[1])
165 except binascii.Error:
166 pass
167 else:
168 authorization = authorization.split(':')
169 if len(authorization) == 2:
170 env['REMOTE_USER'] = authorization[0]
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]171 # XXX REMOTE_IDENT
172 if self.headers.typeheader is None:
173 env['CONTENT_TYPE'] = self.headers.type
174 else:
175 env['CONTENT_TYPE'] = self.headers.typeheader
176 length = self.headers.getheader('content-length')
177 if length:
178 env['CONTENT_LENGTH'] = length
179 accept = []
180 for line in self.headers.getallmatchingheaders('accept'):
Eric S. Raymond7e642e82001-02-09 12:10:26 +0000[diff] [blame]181 if line[:1] in "\t\n\r ":
Eric S. Raymond6b71e742001-02-09 08:56:30 +0000[diff] [blame]182 accept.append(line.strip())
Guido van Rossum01fc65d1998-05-13 20:13:24 +0000[diff] [blame]183 else:
Eric S. Raymond6b71e742001-02-09 08:56:30 +0000[diff] [blame]184 accept = accept + line[7:].split(',')
185 env['HTTP_ACCEPT'] = ','.join(accept)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]186 ua = self.headers.getheader('user-agent')
187 if ua:
188 env['HTTP_USER_AGENT'] = ua
189 co = filter(None, self.headers.getheaders('cookie'))
190 if co:
Eric S. Raymond6b71e742001-02-09 08:56:30 +0000[diff] [blame]191 env['HTTP_COOKIE'] = ', '.join(co)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]192 # XXX Other HTTP_* headers
Guido van Rossum70ec0b42004-03-20 22:18:03 +0000[diff] [blame]193 # Since we're setting the env in the parent, provide empty
194 # values to override previously set values
195 for k in ('QUERY_STRING', 'REMOTE_HOST', 'CONTENT_LENGTH',
196 'HTTP_USER_AGENT', 'HTTP_COOKIE'):
197 env.setdefault(k, "")
Guido van Rossume3ec2962002-08-20 20:07:10 +0000[diff] [blame]198 os.environ.update(env)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]199
200 self.send_response(200, "Script output follows")
201
Eric S. Raymond6b71e742001-02-09 08:56:30 +0000[diff] [blame]202 decoded_query = query.replace('+', ' ')
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]203
204 if self.have_fork:
205 # Unix -- fork as we should
206 args = [script]
207 if '=' not in decoded_query:
208 args.append(decoded_query)
209 nobody = nobody_uid()
210 self.wfile.flush() # Always flush before forking
211 pid = os.fork()
212 if pid != 0:
213 # Parent
214 pid, sts = os.waitpid(pid, 0)
Steve Holden8a978f72003-01-08 18:53:18 +0000[diff] [blame]215 # throw away additional data [see bug #427345]
216 while select.select([self.rfile], [], [], 0)[0]:
Raymond Hettingere2f18372003-06-29 05:06:56 +0000[diff] [blame]217 if not self.rfile.read(1):
218 break
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]219 if sts:
220 self.log_error("CGI script exit status %#x", sts)
221 return
222 # Child
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]223 try:
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]224 try:
225 os.setuid(nobody)
226 except os.error:
227 pass
228 os.dup2(self.rfile.fileno(), 0)
229 os.dup2(self.wfile.fileno(), 1)
Raymond Hettinger92f200b2003-07-14 06:56:32 +0000[diff] [blame]230 os.execve(scriptfile, args, os.environ)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]231 except:
232 self.server.handle_error(self.request, self.client_address)
233 os._exit(127)
234
Guido van Rossum8cb65402002-02-01 16:27:59 +0000[diff] [blame]235 elif self.have_popen2 or self.have_popen3:
236 # Windows -- use popen2 or popen3 to create a subprocess
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]237 import shutil
Guido van Rossum8cb65402002-02-01 16:27:59 +0000[diff] [blame]238 if self.have_popen3:
239 popenx = os.popen3
240 else:
241 popenx = os.popen2
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]242 cmdline = scriptfile
243 if self.is_python(scriptfile):
244 interp = sys.executable
245 if interp.lower().endswith("w.exe"):
Guido van Rossum0afde132001-10-26 03:38:46 +0000[diff] [blame]246 # On Windows, use python.exe, not pythonw.exe
247 interp = interp[:-5] + interp[-4:]
Guido van Rossum16fd3382001-08-07 19:55:10 +0000[diff] [blame]248 cmdline = "%s -u %s" % (interp, cmdline)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]249 if '=' not in query and '"' not in query:
250 cmdline = '%s "%s"' % (cmdline, query)
Guido van Rossumbcbdc952001-10-17 06:45:56 +0000[diff] [blame]251 self.log_message("command: %s", cmdline)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]252 try:
253 nbytes = int(length)
Guido van Rossumb3903152002-10-17 16:21:35 +0000[diff] [blame]254 except (TypeError, ValueError):
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]255 nbytes = 0
Guido van Rossum8cb65402002-02-01 16:27:59 +0000[diff] [blame]256 files = popenx(cmdline, 'b')
257 fi = files[0]
258 fo = files[1]
259 if self.have_popen3:
260 fe = files[2]
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]261 if self.command.lower() == "post" and nbytes > 0:
262 data = self.rfile.read(nbytes)
263 fi.write(data)
Steve Holden8a978f72003-01-08 18:53:18 +0000[diff] [blame]264 # throw away additional data [see bug #427345]
265 while select.select([self.rfile._sock], [], [], 0)[0]:
Raymond Hettingere2f18372003-06-29 05:06:56 +0000[diff] [blame]266 if not self.rfile._sock.recv(1):
267 break
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]268 fi.close()
269 shutil.copyfileobj(fo, self.wfile)
Guido van Rossum8cb65402002-02-01 16:27:59 +0000[diff] [blame]270 if self.have_popen3:
271 errors = fe.read()
272 fe.close()
273 if errors:
274 self.log_error('%s', errors)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]275 sts = fo.close()
276 if sts:
277 self.log_error("CGI script exit status %#x", sts)
278 else:
Guido van Rossumbcbdc952001-10-17 06:45:56 +0000[diff] [blame]279 self.log_message("CGI script exited OK")
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]280
281 else:
282 # Other O.S. -- execute script in this process
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]283 save_argv = sys.argv
284 save_stdin = sys.stdin
285 save_stdout = sys.stdout
286 save_stderr = sys.stderr
287 try:
Tim Peters27f49612004-03-20 21:51:12 +0000[diff] [blame]288 save_cwd = os.getcwd()
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]289 try:
290 sys.argv = [scriptfile]
291 if '=' not in decoded_query:
292 sys.argv.append(decoded_query)
293 sys.stdout = self.wfile
294 sys.stdin = self.rfile
295 execfile(scriptfile, {"__name__": "__main__"})
296 finally:
297 sys.argv = save_argv
298 sys.stdin = save_stdin
299 sys.stdout = save_stdout
300 sys.stderr = save_stderr
Tim Peters27f49612004-03-20 21:51:12 +0000[diff] [blame]301 os.chdir(save_cwd)
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]302 except SystemExit, sts:
303 self.log_error("CGI script exit status %s", str(sts))
304 else:
Guido van Rossumbcbdc952001-10-17 06:45:56 +0000[diff] [blame]305 self.log_message("CGI script exited OK")
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]306
307
308nobody = None
309
310def nobody_uid():
311 """Internal routine to get nobody's uid"""
312 global nobody
313 if nobody:
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]314 return nobody
Guido van Rossume7d6b0a2000-09-19 04:01:01 +0000[diff] [blame]315 try:
316 import pwd
317 except ImportError:
318 return -1
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]319 try:
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]320 nobody = pwd.getpwnam('nobody')[2]
Guido van Rossum630b8111999-04-28 12:21:47 +0000[diff] [blame]321 except KeyError:
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]322 nobody = 1 + max(map(lambda x: x[2], pwd.getpwall()))
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]323 return nobody
324
325
326def executable(path):
327 """Test for executable file."""
328 try:
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]329 st = os.stat(path)
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]330 except os.error:
Guido van Rossum8ca162f2002-04-07 06:36:23 +0000[diff] [blame]331 return False
Raymond Hettinger32200ae2002-06-01 19:51:15 +0000[diff] [blame]332 return st.st_mode & 0111 != 0
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]333
334
335def test(HandlerClass = CGIHTTPRequestHandler,
Guido van Rossum45e2fbc1998-03-26 21:13:24 +0000[diff] [blame]336 ServerClass = BaseHTTPServer.HTTPServer):
Guido van Rossume7e578f1995-08-04 04:00:20 +0000[diff] [blame]337 SimpleHTTPServer.test(HandlerClass, ServerClass)
338
339
340if __name__ == '__main__':
341 test()