Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / b8bc439b2093add9b313bcca2cc507a2d0e87764 / . / Lib / test / test_cgi.py
blob: 4347668c78d5163960979ccb0e5e46761da7a770 [file] [log] [blame]
Florent Xicluna8fbddf12010-03-17 20:29:51 +0000[diff] [blame]1from test.support import run_unittest, check_warnings
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]2import cgi
3import os
4import sys
Thomas Wouters00ee7ba2006-08-21 19:07:27 +0000[diff] [blame]5import tempfile
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]6import unittest
Guido van Rossum34d19282007-08-09 01:03:29 +0000[diff] [blame]7from io import StringIO
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]8
9class HackedSysModule:
10 # The regression test will have real values in sys.argv, which
Fred Drake004d5e62000-10-23 17:22:08 +0000[diff] [blame]11 # will completely confuse the test of the cgi module
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]12 argv = []
13 stdin = sys.stdin
14
15cgi.sys = HackedSysModule()
16
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]17
18class ComparableException:
19 def __init__(self, err):
20 self.err = err
21
22 def __str__(self):
23 return str(self.err)
24
Guido van Rossum47b9ff62006-08-24 00:41:19 +0000[diff] [blame]25 def __eq__(self, anExc):
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]26 if not isinstance(anExc, Exception):
Guido van Rossum47b9ff62006-08-24 00:41:19 +0000[diff] [blame]27 return NotImplemented
28 return (self.err.__class__ == anExc.__class__ and
29 self.err.args == anExc.args)
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]30
31 def __getattr__(self, attr):
Guido van Rossum846d6db2001-01-17 15:08:37 +0000[diff] [blame]32 return getattr(self.err, attr)
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]33
34def do_test(buf, method):
35 env = {}
36 if method == "GET":
37 fp = None
38 env['REQUEST_METHOD'] = 'GET'
39 env['QUERY_STRING'] = buf
40 elif method == "POST":
41 fp = StringIO(buf)
42 env['REQUEST_METHOD'] = 'POST'
43 env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'
44 env['CONTENT_LENGTH'] = str(len(buf))
45 else:
Collin Winter3add4d72007-08-29 23:37:32 +0000[diff] [blame]46 raise ValueError("unknown method: %s" % method)
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]47 try:
48 return cgi.parse(fp, env, strict_parsing=1)
Guido van Rossumcd16bf62007-06-13 18:07:49 +0000[diff] [blame]49 except Exception as err:
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]50 return ComparableException(err)
51
Neil Schemenauer66edb622004-07-19 15:38:11 +0000[diff] [blame]52parse_strict_test_cases = [
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]53 ("", ValueError("bad query field: ''")),
54 ("&", ValueError("bad query field: ''")),
55 ("&&", ValueError("bad query field: ''")),
Jeremy Hyltonafde7e22000-09-15 20:06:57 +0000[diff] [blame]56 (";", ValueError("bad query field: ''")),
57 (";&;", ValueError("bad query field: ''")),
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]58 # Should the next few really be valid?
59 ("=", {}),
60 ("=&=", {}),
Jeremy Hyltonafde7e22000-09-15 20:06:57 +0000[diff] [blame]61 ("=;=", {}),
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]62 # This rest seem to make sense
63 ("=a", {'': ['a']}),
64 ("&=a", ValueError("bad query field: ''")),
65 ("=a&", ValueError("bad query field: ''")),
66 ("=&a", ValueError("bad query field: 'a'")),
67 ("b=a", {'b': ['a']}),
68 ("b+=a", {'b ': ['a']}),
69 ("a=b=a", {'a': ['b=a']}),
70 ("a=+b=a", {'a': [' b=a']}),
71 ("&b=a", ValueError("bad query field: ''")),
72 ("b&=a", ValueError("bad query field: 'b'")),
73 ("a=a+b&b=b+c", {'a': ['a b'], 'b': ['b c']}),
74 ("a=a+b&a=b+a", {'a': ['a b', 'b a']}),
75 ("x=1&y=2.0&z=2-3.%2b0", {'x': ['1'], 'y': ['2.0'], 'z': ['2-3.+0']}),
Jeremy Hyltonafde7e22000-09-15 20:06:57 +0000[diff] [blame]76 ("x=1;y=2.0&z=2-3.%2b0", {'x': ['1'], 'y': ['2.0'], 'z': ['2-3.+0']}),
77 ("x=1;y=2.0;z=2-3.%2b0", {'x': ['1'], 'y': ['2.0'], 'z': ['2-3.+0']}),
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]78 ("Hbc5161168c542333633315dee1182227:key_store_seqid=400006&cuyer=r&view=bustomer&order_id=0bb2e248638833d48cb7fed300000f1b&expire=964546263&lobale=en-US&kid=130003.300038&ss=env",
79 {'Hbc5161168c542333633315dee1182227:key_store_seqid': ['400006'],
80 'cuyer': ['r'],
81 'expire': ['964546263'],
82 'kid': ['130003.300038'],
83 'lobale': ['en-US'],
84 'order_id': ['0bb2e248638833d48cb7fed300000f1b'],
85 'ss': ['env'],
86 'view': ['bustomer'],
87 }),
Fred Drake004d5e62000-10-23 17:22:08 +0000[diff] [blame]88
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]89 ("group_id=5470&set=custom&_assigned_to=31392&_status=1&_category=100&SUBMIT=Browse",
90 {'SUBMIT': ['Browse'],
91 '_assigned_to': ['31392'],
92 '_category': ['100'],
93 '_status': ['1'],
94 'group_id': ['5470'],
95 'set': ['custom'],
96 })
97 ]
98
Guido van Rossum47b9ff62006-08-24 00:41:19 +0000[diff] [blame]99def norm(seq):
Guido van Rossumcc2b0162007-02-11 06:12:03 +0000[diff] [blame]100 return sorted(seq, key=repr)
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]101
102def first_elts(list):
Guido van Rossumc1f779c2007-07-03 08:25:58 +0000[diff] [blame]103 return [p[0] for p in list]
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]104
105def first_second_elts(list):
Guido van Rossumc1f779c2007-07-03 08:25:58 +0000[diff] [blame]106 return [(p[0], p[1][0]) for p in list]
107
Benjamin Petersondcf97b92008-07-02 17:30:14 +0000[diff] [blame]108def gen_result(data, environ):
109 fake_stdin = StringIO(data)
110 fake_stdin.seek(0)
111 form = cgi.FieldStorage(fp=fake_stdin, environ=environ)
112
113 result = {}
114 for k, v in dict(form).items():
Florent Xicluna8fbddf12010-03-17 20:29:51 +0000[diff] [blame]115 result[k] = isinstance(v, list) and form.getlist(k) or v.value
Benjamin Petersondcf97b92008-07-02 17:30:14 +0000[diff] [blame]116
117 return result
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]118
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]119class CgiTests(unittest.TestCase):
Neil Schemenauer66edb622004-07-19 15:38:11 +0000[diff] [blame]120
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]121 def test_strict(self):
122 for orig, expect in parse_strict_test_cases:
123 # Test basic parsing
124 d = do_test(orig, "GET")
125 self.assertEqual(d, expect, "Error parsing %s" % repr(orig))
126 d = do_test(orig, "POST")
127 self.assertEqual(d, expect, "Error parsing %s" % repr(orig))
128
129 env = {'QUERY_STRING': orig}
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]130 fs = cgi.FieldStorage(environ=env)
Florent Xicluna8fbddf12010-03-17 20:29:51 +0000[diff] [blame]131 if isinstance(expect, dict):
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]132 # test dict interface
Georg Brandl49d1b4f2008-05-11 21:42:51 +0000[diff] [blame]133 self.assertEqual(len(expect), len(fs))
Michael Foordabd91d52010-03-20 18:09:14 +0000[diff] [blame]134 self.assertItemsEqual(expect.keys(), fs.keys())
Georg Brandl49d1b4f2008-05-11 21:42:51 +0000[diff] [blame]135 ##self.assertEqual(norm(expect.values()), norm(fs.values()))
136 ##self.assertEqual(norm(expect.items()), norm(fs.items()))
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]137 self.assertEqual(fs.getvalue("nonexistent field", "default"), "default")
138 # test individual fields
139 for key in expect.keys():
140 expect_val = expect[key]
Benjamin Peterson577473f2010-01-19 00:09:57 +0000[diff] [blame]141 self.assertIn(key, fs)
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]142 if len(expect_val) > 1:
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]143 self.assertEqual(fs.getvalue(key), expect_val)
144 else:
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]145 self.assertEqual(fs.getvalue(key), expect_val[0])
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]146
147 def test_log(self):
148 cgi.log("Testing")
149
150 cgi.logfp = StringIO()
151 cgi.initlog("%s", "Testing initlog 1")
152 cgi.log("%s", "Testing log 2")
153 self.assertEqual(cgi.logfp.getvalue(), "Testing initlog 1\nTesting log 2\n")
154 if os.path.exists("/dev/null"):
155 cgi.logfp = None
156 cgi.logfile = "/dev/null"
157 cgi.initlog("%s", "Testing log 3")
158 cgi.log("Testing log 4")
159
160 def test_fieldstorage_readline(self):
161 # FieldStorage uses readline, which has the capacity to read all
162 # contents of the input file into memory; we use readline's size argument
163 # to prevent that for files that do not contain any newlines in
164 # non-GET/HEAD requests
165 class TestReadlineFile:
166 def __init__(self, file):
167 self.file = file
168 self.numcalls = 0
169
170 def readline(self, size=None):
171 self.numcalls += 1
172 if size:
173 return self.file.readline(size)
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]174 else:
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]175 return self.file.readline()
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]176
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]177 def __getattr__(self, name):
178 file = self.__dict__['file']
179 a = getattr(file, name)
180 if not isinstance(a, int):
181 setattr(self, name, a)
182 return a
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]183
Guido van Rossuma1a68522007-08-28 03:11:34 +0000[diff] [blame]184 f = TestReadlineFile(tempfile.TemporaryFile("w+"))
Benjamin Peterson807a5a12010-10-30 22:59:37 +0000[diff] [blame]185 self.addCleanup(f.close)
Guido van Rossuma1a68522007-08-28 03:11:34 +0000[diff] [blame]186 f.write('x' * 256 * 1024)
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]187 f.seek(0)
188 env = {'REQUEST_METHOD':'PUT'}
189 fs = cgi.FieldStorage(fp=f, environ=env)
Benjamin Peterson807a5a12010-10-30 22:59:37 +0000[diff] [blame]190 self.addCleanup(fs.file.close)
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]191 # if we're not chunking properly, readline is only called twice
192 # (by read_binary); if we are chunking properly, it will be called 5 times
193 # as long as the chunksize is 1 << 16.
Benjamin Petersonc9c0f202009-06-30 23:06:06 +0000[diff] [blame]194 self.assertTrue(f.numcalls > 2)
Jeremy Hyltond9827c42000-08-03 22:11:43 +0000[diff] [blame]195
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]196 def test_fieldstorage_multipart(self):
197 #Test basic FieldStorage multipart parsing
198 env = {'REQUEST_METHOD':'POST', 'CONTENT_TYPE':'multipart/form-data; boundary=---------------------------721837373350705526688164684', 'CONTENT_LENGTH':'558'}
199 postdata = """-----------------------------721837373350705526688164684
Thomas Wouters00ee7ba2006-08-21 19:07:27 +0000[diff] [blame]200Content-Disposition: form-data; name="id"
201
2021234
203-----------------------------721837373350705526688164684
204Content-Disposition: form-data; name="title"
205
206
207-----------------------------721837373350705526688164684
208Content-Disposition: form-data; name="file"; filename="test.txt"
209Content-Type: text/plain
210
211Testing 123.
212
213-----------------------------721837373350705526688164684
214Content-Disposition: form-data; name="submit"
215
216 Add\x20
217-----------------------------721837373350705526688164684--
218"""
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]219 fs = cgi.FieldStorage(fp=StringIO(postdata), environ=env)
220 self.assertEquals(len(fs.list), 4)
221 expect = [{'name':'id', 'filename':None, 'value':'1234'},
222 {'name':'title', 'filename':None, 'value':''},
Barry Warsaw596097e2008-06-12 02:38:51 +0000[diff] [blame]223 {'name':'file', 'filename':'test.txt', 'value':'Testing 123.'},
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]224 {'name':'submit', 'filename':None, 'value':' Add '}]
225 for x in range(len(fs.list)):
226 for k, exp in expect[x].items():
227 got = getattr(fs.list[x], k)
228 self.assertEquals(got, exp)
Thomas Wouters00ee7ba2006-08-21 19:07:27 +0000[diff] [blame]229
Benjamin Petersondcf97b92008-07-02 17:30:14 +0000[diff] [blame]230 _qs_result = {
231 'key1': 'value1',
232 'key2': ['value2x', 'value2y'],
233 'key3': 'value3',
234 'key4': 'value4'
235 }
236 def testQSAndUrlEncode(self):
237 data = "key2=value2x&key3=value3&key4=value4"
238 environ = {
239 'CONTENT_LENGTH': str(len(data)),
240 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
241 'QUERY_STRING': 'key1=value1&key2=value2y',
242 'REQUEST_METHOD': 'POST',
243 }
244 v = gen_result(data, environ)
245 self.assertEqual(self._qs_result, v)
246
247 def testQSAndFormData(self):
248 data = """
249---123
250Content-Disposition: form-data; name="key2"
251
252value2y
253---123
254Content-Disposition: form-data; name="key3"
255
256value3
257---123
258Content-Disposition: form-data; name="key4"
259
260value4
261---123--
262"""
263 environ = {
264 'CONTENT_LENGTH': str(len(data)),
265 'CONTENT_TYPE': 'multipart/form-data; boundary=-123',
266 'QUERY_STRING': 'key1=value1&key2=value2x',
267 'REQUEST_METHOD': 'POST',
268 }
269 v = gen_result(data, environ)
270 self.assertEqual(self._qs_result, v)
271
272 def testQSAndFormDataFile(self):
273 data = """
274---123
275Content-Disposition: form-data; name="key2"
276
277value2y
278---123
279Content-Disposition: form-data; name="key3"
280
281value3
282---123
283Content-Disposition: form-data; name="key4"
284
285value4
286---123
287Content-Disposition: form-data; name="upload"; filename="fake.txt"
288Content-Type: text/plain
289
290this is the content of the fake file
291
292---123--
293"""
294 environ = {
295 'CONTENT_LENGTH': str(len(data)),
296 'CONTENT_TYPE': 'multipart/form-data; boundary=-123',
297 'QUERY_STRING': 'key1=value1&key2=value2x',
298 'REQUEST_METHOD': 'POST',
299 }
300 result = self._qs_result.copy()
301 result.update({
302 'upload': 'this is the content of the fake file'
303 })
304 v = gen_result(data, environ)
305 self.assertEqual(result, v)
306
Facundo Batistabd18fd62008-09-08 00:23:29 +0000[diff] [blame]307 def test_deprecated_parse_qs(self):
Florent Xicluna8fbddf12010-03-17 20:29:51 +0000[diff] [blame]308 # this func is moved to urllib.parse, this is just a sanity check
309 with check_warnings(('cgi.parse_qs is deprecated, use urllib.parse.'
310 'parse_qs instead', DeprecationWarning)):
Facundo Batistaa27244b2008-09-09 02:43:19 +0000[diff] [blame]311 self.assertEqual({'a': ['A1'], 'B': ['B3'], 'b': ['B2']},
312 cgi.parse_qs('a=A1&b=B2&B=B3'))
Facundo Batistabd18fd62008-09-08 00:23:29 +0000[diff] [blame]313
314 def test_deprecated_parse_qsl(self):
Florent Xicluna8fbddf12010-03-17 20:29:51 +0000[diff] [blame]315 # this func is moved to urllib.parse, this is just a sanity check
316 with check_warnings(('cgi.parse_qsl is deprecated, use urllib.parse.'
317 'parse_qsl instead', DeprecationWarning)):
Facundo Batistaa27244b2008-09-09 02:43:19 +0000[diff] [blame]318 self.assertEqual([('a', 'A1'), ('b', 'B2'), ('B', 'B3')],
319 cgi.parse_qsl('a=A1&b=B2&B=B3'))
Facundo Batistabd18fd62008-09-08 00:23:29 +0000[diff] [blame]320
Fred Drake9a0a65b2008-12-04 19:24:50 +0000[diff] [blame]321 def test_parse_header(self):
322 self.assertEqual(
323 cgi.parse_header("text/plain"),
324 ("text/plain", {}))
325 self.assertEqual(
326 cgi.parse_header("text/vnd.just.made.this.up ; "),
327 ("text/vnd.just.made.this.up", {}))
328 self.assertEqual(
329 cgi.parse_header("text/plain;charset=us-ascii"),
330 ("text/plain", {"charset": "us-ascii"}))
331 self.assertEqual(
332 cgi.parse_header('text/plain ; charset="us-ascii"'),
333 ("text/plain", {"charset": "us-ascii"}))
334 self.assertEqual(
335 cgi.parse_header('text/plain ; charset="us-ascii"; another=opt'),
336 ("text/plain", {"charset": "us-ascii", "another": "opt"}))
337 self.assertEqual(
338 cgi.parse_header('attachment; filename="silly.txt"'),
339 ("attachment", {"filename": "silly.txt"}))
340 self.assertEqual(
341 cgi.parse_header('attachment; filename="strange;name"'),
342 ("attachment", {"filename": "strange;name"}))
343 self.assertEqual(
344 cgi.parse_header('attachment; filename="strange;name";size=123;'),
345 ("attachment", {"filename": "strange;name", "size": "123"}))
346
347
Thomas Wouters89f507f2006-12-13 04:49:30 +0000[diff] [blame]348def test_main():
349 run_unittest(CgiTests)
350
351if __name__ == '__main__':
352 test_main()