Blame - Lib/cgi.py - platform/external/python/cpython3

1996-03-06 07:20:06 +0000

[diff] [blame]

12

"""Support module for CGI (Common Gateway Interface) scripts.

Guido van Rossum

1c9daa8

1995-09-18 21:52:37 +0000

[diff] [blame]

13

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

14

This module defines a number of utilities for use by CGI scripts

15

written in Python.

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

16

"""

17

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

18

# History

19

# -------

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

20

#

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

21

# Michael McLay started this module. Steve Majewski changed the

22

# interface to SvFormContentDict and FormContentDict. The multipart

23

# parsing was inspired by code submitted by Andreas Paepcke. Guido van

24

# Rossum rewrote, reformatted and documented the module and is currently

25

# responsible for its maintenance.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

26

#

Guido van Rossum

98d9fd3

2000-02-28 15:12:25 +0000

[diff] [blame]

27

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

28

__version__ = "2.6"

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

29

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Imports

# =======

Raymond Hettinger

2004-12-31 21:59:02 +0000

[diff] [blame]

34

from operator import attrgetter

Barry Warsaw

2008-06-12 02:38:51 +0000

[diff] [blame]

35

from io import StringIO

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

36

import sys

37

import os

Jeremy Hylton

1afc169

2008-06-18 20:49:58 +0000

[diff] [blame]

38

import urllib.parse

Barry Warsaw

2008-06-12 02:38:51 +0000

[diff] [blame]

39

import email.parser

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

40

from warnings import warn

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

41

Georg Brandl

49d1b4f

2008-05-11 21:42:51 +0000

[diff] [blame]

42

__all__ = ["MiniFieldStorage", "FieldStorage",

Guido van Rossum

a8423a9

2001-03-19 13:40:44 +0000

[diff] [blame]

43

"parse", "parse_qs", "parse_qsl", "parse_multipart",

44

"parse_header", "print_exception", "print_environ",

45

"print_form", "print_directory", "print_arguments",

46

"print_environ_usage", "escape"]

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

# Logging support

# ===============

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

51

logfile = "" # Filename to log to, if not empty

52

logfp = None # File object to log to, if not None

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

53

54

def initlog(*allargs):

55

"""Write a log message, if there is a log file.

56

57

Even though this function is called initlog(), you should always

58

use log(); log is a variable that is set either to initlog

59

(initially), to dolog (once the log file has been opened), or to

60

nolog (when logging is disabled).

61

62

The first argument is a format string; the remaining arguments (if

63

any) are arguments to the % operator, so e.g.

64

log("%s: %s", "a", "b")

65

will write "a: b" to the log file, followed by a newline.

66

67

If the global logfp is not None, it should be a file object to

68

which log data is written.

69

70

If the global logfp is None, the global logfile may be a string

71

giving a filename to open, in append mode. This file should be

72

world writable!!! If the file can't be opened, logging is

73

silently disabled (since there is no safe place where we could

74

send an error message).

"""

global logfp, log

if logfile and not logfp:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

79

try:

80

logfp = open(logfile, "a")

81

except IOError:

82

pass

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

83

if not logfp:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

84

log = nolog

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

85

else:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

86

log = dolog

Guido van Rossum

68468eb

2003-02-27 20:14:51 +0000

[diff] [blame]

87

log(*allargs)

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

88

89

def dolog(fmt, *args):

90

"""Write a log message to the log file. See initlog() for docs."""

91

logfp.write(fmt%args + "\n")

92

93

def nolog(*allargs):

94

"""Dummy function, assigned to log when logging is disabled."""

95

pass

96

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

97

log = initlog # The current logging function

Guido van Rossum

1996-09-05 19:07:11 +0000

[diff] [blame]

98

99

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Parsing functions

# =================

Guido van Rossum

1997-05-13 19:03:23 +0000

[diff] [blame]

103

# Maximum input we will accept when REQUEST_METHOD is POST

104

# 0 ==> unlimited input

105

maxlen = 0

106

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

107

def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

108

"""Parse a query in the environment or from a file (default stdin)

109

110

Arguments, all optional:

111

112

fp : file pointer; default: sys.stdin

113

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

114

environ : environment dictionary; default: os.environ

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

115

116

keep_blank_values: flag indicating whether blank values in

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

117

URL encoded forms should be treated as blank strings.

118

A true value indicates that blanks should be retained as

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

119

blank strings. The default false value indicates that

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

120

blank values are to be ignored and treated as if they were

121

not included.

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

122

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

123

strict_parsing: flag indicating what to do with parsing errors.

124

If false (the default), errors are silently ignored.

125

If true, errors raise a ValueError exception.

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

126

"""

Raymond Hettinger

a144900

2002-05-31 23:54:44 +0000

[diff] [blame]

127

if fp is None:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

128

fp = sys.stdin

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

129

if not 'REQUEST_METHOD' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

130

environ['REQUEST_METHOD'] = 'GET' # For testing stand-alone

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

131

if environ['REQUEST_METHOD'] == 'POST':

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

132

ctype, pdict = parse_header(environ['CONTENT_TYPE'])

133

if ctype == 'multipart/form-data':

134

return parse_multipart(fp, pdict)

135

elif ctype == 'application/x-www-form-urlencoded':

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

136

clength = int(environ['CONTENT_LENGTH'])

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

137

if maxlen and clength > maxlen:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

138

raise ValueError('Maximum content length exceeded')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

139

qs = fp.read(clength)

140

else:

141

qs = '' # Unknown content-type

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

142

if 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

143

if qs: qs = qs + '&'

144

qs = qs + environ['QUERY_STRING']

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

145

elif sys.argv[1:]:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

146

if qs: qs = qs + '&'

147

qs = qs + sys.argv[1]

148

environ['QUERY_STRING'] = qs # XXX Shouldn't, really

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

149

elif 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

150

qs = environ['QUERY_STRING']

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

151

else:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

if sys.argv[1:]:

qs = sys.argv[1]

else:

qs = ""

environ['QUERY_STRING'] = qs # XXX Shouldn't, really

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

157

return urllib.parse.parse_qs(qs, keep_blank_values, strict_parsing)

Guido van Rossum

e780877

1995-08-07 20:12:09 +0000

[diff] [blame]

158

159

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

160

# parse query string function called from urlparse,

161

# this is done in order to maintain backward compatiblity.

162

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

163

def parse_qs(qs, keep_blank_values=0, strict_parsing=0):

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

164

"""Parse a query given as a string argument."""

165

warn("cgi.parse_qs is deprecated, use urllib.parse.parse_qs instead",

Philip Jenvey

a394f2d

2009-05-08 03:57:12 +0000

[diff] [blame]

166

DeprecationWarning, 2)

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

167

return urllib.parse.parse_qs(qs, keep_blank_values, strict_parsing)

Guido van Rossum

1946f0d

1999-06-04 17:54:39 +0000

[diff] [blame]

168

169

def parse_qsl(qs, keep_blank_values=0, strict_parsing=0):

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

170

"""Parse a query given as a string argument."""

Facundo Batista

a27244b

2008-09-09 02:43:19 +0000

[diff] [blame]

171

warn("cgi.parse_qsl is deprecated, use urllib.parse.parse_qsl instead",

Philip Jenvey

a394f2d

2009-05-08 03:57:12 +0000

[diff] [blame]

172

DeprecationWarning, 2)

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

173

return urllib.parse.parse_qsl(qs, keep_blank_values, strict_parsing)

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

174

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

175

def parse_multipart(fp, pdict):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

176

"""Parse multipart input.

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

177

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

178

Arguments:

179

fp : input file

Johannes Gijsbers

c7fc10a

2005-01-08 13:56:36 +0000

[diff] [blame]

180

pdict: dictionary containing other parameters of content-type header

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

181

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

182

Returns a dictionary just like parse_qs(): keys are the field names, each

183

value is a list of values for that field. This is easy to use but not

184

much good if you are expecting megabytes to be uploaded -- in that case,

185

use the FieldStorage class instead which is much more flexible. Note

186

that content-type is the raw, unparsed contents of the content-type

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

187

header.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

188

189

XXX This does not parse nested multipart parts -- use FieldStorage for

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

190

that.

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

191

192

XXX This should really be subsumed by FieldStorage altogether -- no

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

193

point in having two implementations of the same parsing algorithm.

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

194

Also, FieldStorage protects itself better against certain DoS attacks

195

by limiting the size of the data read in one chunk. The API here

196

does not support that kind of protection. This also affects parse()

197

since it can call parse_multipart().

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

198

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

199

"""

Barry Warsaw

820c120

2008-06-12 04:06:45 +0000

[diff] [blame]

200

import http.client

201

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

202

boundary = ""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

203

if 'boundary' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

204

boundary = pdict['boundary']

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

205

if not valid_boundary(boundary):

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

206

raise ValueError('Invalid boundary in multipart form: %r'

Walter Dörwald

70a6b49

2004-02-12 17:35:32 +0000

[diff] [blame]

207

% (boundary,))

Tim Peters

ab9ba27

2001-08-09 21:40:30 +0000

[diff] [blame]

208

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

209

nextpart = "--" + boundary

210

lastpart = "--" + boundary + "--"

partdict = {}

terminator = ""

while terminator != lastpart:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

bytes = -1

data = None

if terminator:

# At start of next part. Read headers first.

Barry Warsaw

820c120

2008-06-12 04:06:45 +0000

[diff] [blame]

219

headers = http.client.parse_headers(fp)

220

clength = headers.get('content-length')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

221

if clength:

222

try:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

223

bytes = int(clength)

224

except ValueError:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

225

pass

226

if bytes > 0:

227

if maxlen and bytes > maxlen:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

228

raise ValueError('Maximum content length exceeded')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

229

data = fp.read(bytes)

230

else:

231

data = ""

232

# Read lines until end of part.

lines = []

while 1:

line = fp.readline()

if not line:

terminator = lastpart # End outer loop

238

break

239

if line[:2] == "--":

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

240

terminator = line.strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

241

if terminator in (nextpart, lastpart):

break

lines.append(line)

# Done with part.

if data is None:

continue

if bytes < 0:

if lines:

# Strip final line terminator

250

line = lines[-1]

251

if line[-2:] == "\r\n":

252

line = line[:-2]

253

elif line[-1:] == "\n":

254

line = line[:-1]

255

lines[-1] = line

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

256

data = "".join(lines)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

257

line = headers['content-disposition']

258

if not line:

259

continue

260

key, params = parse_header(line)

261

if key != 'form-data':

262

continue

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

263

if 'name' in params:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

264

name = params['name']

265

else:

266

continue

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

267

if name in partdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

268

partdict[name].append(data)

269

else:

270

partdict[name] = [data]

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

271

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

272

return partdict

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

273

274

Fred Drake

9a0a65b

2008-12-04 19:24:50 +0000

[diff] [blame]

def _parseparam(s):

while s[:1] == ';':

s = s[1:]

end = s.find(';')

while end > 0 and s.count('"', 0, end) % 2:

280

end = s.find(';', end + 1)

if end < 0:

end = len(s)

f = s[:end]

yield f.strip()

s = s[end:]

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

287

def parse_header(line):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

288

"""Parse a Content-type like header.

289

290

Return the main content-type and a dictionary of options.

291

292

"""

Fred Drake

9a0a65b

2008-12-04 19:24:50 +0000

[diff] [blame]

293

parts = _parseparam(';' + line)

294

key = parts.__next__()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

295

pdict = {}

Fred Drake

9a0a65b

2008-12-04 19:24:50 +0000

[diff] [blame]

296

for p in parts:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

297

i = p.find('=')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

298

if i >= 0:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

299

name = p[:i].strip().lower()

300

value = p[i+1:].strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

301

if len(value) >= 2 and value[0] == value[-1] == '"':

302

value = value[1:-1]

Johannes Gijsbers

9e15dd6

2004-08-14 15:39:34 +0000

[diff] [blame]

303

value = value.replace('\\\\', '\\').replace('\\"', '"')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

304

pdict[name] = value

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

305

return key, pdict

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

306

307

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

308

# Classes for field storage

309

# =========================

310

311

class MiniFieldStorage:

312

Guido van Rossum

1996-03-09 03:16:04 +0000

[diff] [blame]

313

"""Like FieldStorage, for use when no file uploads are possible."""

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

314

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

# Dummy attributes

filename = None

list = None

type = None

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

319

file = None

Guido van Rossum

4032c2c

1996-03-09 04:04:35 +0000

[diff] [blame]

320

type_options = {}

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

321

disposition = None

322

disposition_options = {}

323

headers = {}

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

324

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

325

def __init__(self, name, value):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

326

"""Constructor from field name and value."""

327

self.name = name

328

self.value = value

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

329

# self.file = StringIO(value)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

330

331

def __repr__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

332

"""Return printable representation."""

Walter Dörwald

70a6b49

2004-02-12 17:35:32 +0000

[diff] [blame]

333

return "MiniFieldStorage(%r, %r)" % (self.name, self.value)

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

class FieldStorage:

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

338

"""Store a sequence of fields, reading multipart/form-data.

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

339

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

340

This class provides naming, typing, files stored on disk, and

341

more. At the top level, it is accessible like a dictionary, whose

342

keys are the field names. (Note: None can occur as a field name.)

343

The items are either a Python list (if there's multiple values) or

344

another FieldStorage or MiniFieldStorage object. If it's a single

345

object, it has the following attributes:

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

346

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

347

name: the field name, if specified; otherwise None

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

348

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

349

filename: the filename, if specified; otherwise None; this is the

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

350

client side filename, *not* the file name on which it is

351

stored (that's a temporary file you don't deal with)

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

352

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

353

value: the value as a *string*; for file uploads, this

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

354

transparently reads the file every time you request the value

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

355

356

file: the file(-like) object from which you can read the data;

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

357

None if the data is stored a simple string

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

358

359

type: the content-type, or None if not specified

360

361

type_options: dictionary of options specified on the content-type

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

362

line

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

363

364

disposition: content-disposition, or None if not specified

365

366

disposition_options: dictionary of corresponding options

367

Barry Warsaw

2008-06-12 02:38:51 +0000

[diff] [blame]

368

headers: a dictionary(-like) object (sometimes email.message.Message or a

Armin Rigo

3a703b6

2005-09-19 09:11:04 +0000

[diff] [blame]

369

subclass thereof) containing *all* headers

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

370

371

The class is subclassable, mostly for the purpose of overriding

372

the make_file() method, which is called internally to come up with

373

a file open for reading and writing. This makes it possible to

374

override the default choice of storing all files in a temporary

375

directory and unlinking them as soon as they have been opened.

"""

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

379

def __init__(self, fp=None, headers=None, outerboundary="",

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

380

environ=os.environ, keep_blank_values=0, strict_parsing=0):

381

"""Constructor. Read multipart/* until last part.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

382

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

383

Arguments, all optional:

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

384

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

385

fp : file pointer; default: sys.stdin

Guido van Rossum

b1b4f94

1998-05-08 19:55:51 +0000

[diff] [blame]

386

(not used when the request method is GET)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

387

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

388

headers : header dictionary-like object; default:

389

taken from environ as per CGI spec

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

390

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

391

outerboundary : terminating multipart boundary

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

392

(for internal use only)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

393

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

394

environ : environment dictionary; default: os.environ

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

395

396

keep_blank_values: flag indicating whether blank values in

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

397

URL encoded forms should be treated as blank strings.

398

A true value indicates that blanks should be retained as

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

399

blank strings. The default false value indicates that

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

400

blank values are to be ignored and treated as if they were

401

not included.

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

402

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

403

strict_parsing: flag indicating what to do with parsing errors.

404

If false (the default), errors are silently ignored.

405

If true, errors raise a ValueError exception.

Guido van Rossum

1996-11-11 19:29:11 +0000

[diff] [blame]

406

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

407

"""

408

method = 'GET'

409

self.keep_blank_values = keep_blank_values

410

self.strict_parsing = strict_parsing

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

411

if 'REQUEST_METHOD' in environ:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

412

method = environ['REQUEST_METHOD'].upper()

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

413

self.qs_on_post = None

Guido van Rossum

0185283

1998-06-25 02:40:17 +0000

[diff] [blame]

414

if method == 'GET' or method == 'HEAD':

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

415

if 'QUERY_STRING' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

416

qs = environ['QUERY_STRING']

elif sys.argv[1:]:

qs = sys.argv[1]

else:

qs = ""

fp = StringIO(qs)

if headers is None:

headers = {'content-type':

424

"application/x-www-form-urlencoded"}

425

if headers is None:

Guido van Rossum

cff311a

1998-06-11 14:06:59 +0000

[diff] [blame]

426

headers = {}

427

if method == 'POST':

428

# Set default content-type for POST to what's traditional

429

headers['content-type'] = "application/x-www-form-urlencoded"

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

430

if 'CONTENT_TYPE' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

431

headers['content-type'] = environ['CONTENT_TYPE']

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

432

if 'QUERY_STRING' in environ:

433

self.qs_on_post = environ['QUERY_STRING']

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

434

if 'CONTENT_LENGTH' in environ:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

435

headers['content-length'] = environ['CONTENT_LENGTH']

436

self.fp = fp or sys.stdin

437

self.headers = headers

438

self.outerboundary = outerboundary

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

439

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

440

# Process content-disposition header

441

cdisp, pdict = "", {}

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

442

if 'content-disposition' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

443

cdisp, pdict = parse_header(self.headers['content-disposition'])

444

self.disposition = cdisp

445

self.disposition_options = pdict

446

self.name = None

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

447

if 'name' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

448

self.name = pdict['name']

449

self.filename = None

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

450

if 'filename' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

451

self.filename = pdict['filename']

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

452

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

453

# Process content-type header

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

454

#

455

# Honor any existing content-type header. But if there is no

456

# content-type header, use some sensible defaults. Assume

457

# outerboundary is "" at the outer level, but something non-false

458

# inside a multi-part. The default for an inner part is text/plain,

459

# but for an outer part it should be urlencoded. This should catch

460

# bogus clients which erroneously forget to include a content-type

461

# header.

462

#

463

# See below for what we do if there does exist a content-type header,

464

# but it happens to be something we don't understand.

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

465

if 'content-type' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

466

ctype, pdict = parse_header(self.headers['content-type'])

Guido van Rossum

ce900de

1999-06-02 18:44:22 +0000

[diff] [blame]

467

elif self.outerboundary or method != 'POST':

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

468

ctype, pdict = "text/plain", {}

469

else:

470

ctype, pdict = 'application/x-www-form-urlencoded', {}

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

471

self.type = ctype

472

self.type_options = pdict

473

self.innerboundary = ""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

474

if 'boundary' in pdict:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

475

self.innerboundary = pdict['boundary']

476

clen = -1

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

477

if 'content-length' in self.headers:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

478

try:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

479

clen = int(self.headers['content-length'])

Skip Montanaro

db5d144

2002-03-23 05:50:17 +0000

[diff] [blame]

480

except ValueError:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

481

pass

482

if maxlen and clen > maxlen:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

483

raise ValueError('Maximum content length exceeded')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

484

self.length = clen

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

485

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

486

self.list = self.file = None

487

self.done = 0

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

488

if ctype == 'application/x-www-form-urlencoded':

489

self.read_urlencoded()

490

elif ctype[:10] == 'multipart/':

Guido van Rossum

f574500

1998-10-20 14:43:02 +0000

[diff] [blame]

491

self.read_multi(environ, keep_blank_values, strict_parsing)

Barry Warsaw

302331a

1999-01-08 17:42:03 +0000

[diff] [blame]

492

else:

Guido van Rossum

60a3bd8

1999-06-11 18:26:09 +0000

[diff] [blame]

493

self.read_single()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

494

495

def __repr__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

496

"""Return a printable representation."""

Walter Dörwald

70a6b49

2004-02-12 17:35:32 +0000

[diff] [blame]

497

return "FieldStorage(%r, %r, %r)" % (

498

self.name, self.filename, self.value)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

499

Guido van Rossum

4061cbe

2002-09-11 18:20:34 +0000

[diff] [blame]

500

def __iter__(self):

501

return iter(self.keys())

502

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

503

def __getattr__(self, name):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

504

if name != 'value':

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

505

raise AttributeError(name)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

506

if self.file:

507

self.file.seek(0)

508

value = self.file.read()

509

self.file.seek(0)

510

elif self.list is not None:

value = self.list

else:

value = None

return value

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

515

516

def __getitem__(self, key):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

517

"""Dictionary style indexing."""

518

if self.list is None:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

519

raise TypeError("not indexable")

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

520

found = []

521

for item in self.list:

522

if item.name == key: found.append(item)

523

if not found:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

524

raise KeyError(key)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

if len(found) == 1:

return found[0]

else:

return found

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

529

Moshe Zadka

a1a4b59

2000-08-25 21:47:56 +0000

[diff] [blame]

530

def getvalue(self, key, default=None):

531

"""Dictionary style get() method, including 'value' lookup."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

532

if key in self:

Moshe Zadka

a1a4b59

2000-08-25 21:47:56 +0000

[diff] [blame]

533

value = self[key]

534

if type(value) is type([]):

Guido van Rossum

c1f779c

2007-07-03 08:25:58 +0000

[diff] [blame]

535

return [x.value for x in value]

Moshe Zadka

a1a4b59

2000-08-25 21:47:56 +0000

[diff] [blame]

else:

return value.value

else:

return default

Guido van Rossum

2001-09-05 19:45:34 +0000

[diff] [blame]

541

def getfirst(self, key, default=None):

542

""" Return the first value received."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

543

if key in self:

Guido van Rossum

1bfb388

2001-09-05 19:45:34 +0000

[diff] [blame]

544

value = self[key]

545

if type(value) is type([]):

546

return value[0].value

else:

return value.value

else:

return default

def getlist(self, key):

553

""" Return list of received values."""

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

554

if key in self:

Guido van Rossum

1bfb388

2001-09-05 19:45:34 +0000

[diff] [blame]

555

value = self[key]

556

if type(value) is type([]):

Guido van Rossum

c1f779c

2007-07-03 08:25:58 +0000

[diff] [blame]

557

return [x.value for x in value]

Guido van Rossum

1bfb388

2001-09-05 19:45:34 +0000

[diff] [blame]

else:

return [value.value]

else:

return []

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

563

def keys(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

564

"""Dictionary style keys() method."""

565

if self.list is None:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

566

raise TypeError("not indexable")

Thomas Wouters

8ce81f7

2007-09-20 18:22:40 +0000

[diff] [blame]

567

return list(set(item.name for item in self.list))

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

568

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

569

def __contains__(self, key):

570

"""Dictionary style __contains__ method."""

571

if self.list is None:

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

572

raise TypeError("not indexable")

Thomas Wouters

8ce81f7

2007-09-20 18:22:40 +0000

[diff] [blame]

573

return any(item.name == key for item in self.list)

Raymond Hettinger

2002-06-01 14:18:47 +0000

[diff] [blame]

574

Guido van Rossum

88b85d4

1997-01-11 19:21:33 +0000

[diff] [blame]

575

def __len__(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

576

"""Dictionary style len(x) support."""

577

return len(self.keys())

Guido van Rossum

88b85d4

1997-01-11 19:21:33 +0000

[diff] [blame]

578

Thomas Wouters

8ce81f7

2007-09-20 18:22:40 +0000

[diff] [blame]

579

def __nonzero__(self):

580

return bool(self.list)

581

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

582

def read_urlencoded(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

583

"""Internal: read data in query string format."""

584

qs = self.fp.read(self.length)

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

585

if self.qs_on_post:

586

qs += '&' + self.qs_on_post

Guido van Rossum

1946f0d

1999-06-04 17:54:39 +0000

[diff] [blame]

587

self.list = list = []

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

588

for key, value in urllib.parse.parse_qsl(qs, self.keep_blank_values,

589

self.strict_parsing):

Guido van Rossum

1946f0d

1999-06-04 17:54:39 +0000

[diff] [blame]

590

list.append(MiniFieldStorage(key, value))

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

591

self.skip_lines()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

592

Guido van Rossum

030d2ec

1998-12-09 22:16:46 +0000

[diff] [blame]

593

FieldStorageClass = None

594

Guido van Rossum

f574500

1998-10-20 14:43:02 +0000

[diff] [blame]

595

def read_multi(self, environ, keep_blank_values, strict_parsing):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

596

"""Internal: read a part that is itself multipart."""

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

597

ib = self.innerboundary

598

if not valid_boundary(ib):

Collin Winter

2007-08-30 01:19:48 +0000

[diff] [blame]

599

raise ValueError('Invalid boundary in multipart form: %r' % (ib,))

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

600

self.list = []

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

601

if self.qs_on_post:

Facundo Batista

2008-09-03 22:49:01 +0000

[diff] [blame]

602

for key, value in urllib.parse.parse_qsl(self.qs_on_post,

603

self.keep_blank_values, self.strict_parsing):

Benjamin Peterson

2008-07-02 17:30:14 +0000

[diff] [blame]

604

self.list.append(MiniFieldStorage(key, value))

605

FieldStorageClass = None

606

Guido van Rossum

030d2ec

1998-12-09 22:16:46 +0000

[diff] [blame]

607

klass = self.FieldStorageClass or self.__class__

Barry Warsaw

2008-06-12 02:38:51 +0000

[diff] [blame]

608

parser = email.parser.FeedParser()

609

# Create bogus content-type header for proper multipart parsing

610

parser.feed('Content-Type: %s; boundary=%s\r\n\r\n' % (self.type, ib))

611

parser.feed(self.fp.read())

612

full_msg = parser.close()

613

# Get subparts

614

msgs = full_msg.get_payload()

615

for msg in msgs:

616

fp = StringIO(msg.get_payload())

617

part = klass(fp, msg, ib, environ, keep_blank_values,

618

strict_parsing)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

619

self.list.append(part)

620

self.skip_lines()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

621

622

def read_single(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

623

"""Internal: read an atomic part."""

if self.length >= 0:

self.read_binary()

self.skip_lines()

else:

self.read_lines()

self.file.seek(0)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

630

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

631

bufsize = 8*1024 # I/O buffering size for copy to file

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

632

633

def read_binary(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

634

"""Internal: read binary data."""

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

635

self.file = self.make_file()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

todo = self.length

if todo >= 0:

while todo > 0:

data = self.fp.read(min(todo, self.bufsize))

if not data:

self.done = -1

break

self.file.write(data)

644

todo = todo - len(data)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

645

646

def read_lines(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

647

"""Internal: read lines until EOF or outerboundary."""

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

648

self.file = self.__file = StringIO()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

649

if self.outerboundary:

650

self.read_lines_to_outerboundary()

651

else:

652

self.read_lines_to_eof()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

653

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

654

def __write(self, line):

655

if self.__file is not None:

656

if self.__file.tell() + len(line) > 1000:

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

657

self.file = self.make_file()

658

data = self.__file.getvalue()

659

self.file.write(data)

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

660

self.__file = None

661

self.file.write(line)

662

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

663

def read_lines_to_eof(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

664

"""Internal: read lines until EOF."""

665

while 1:

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

666

line = self.fp.readline(1<<16)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

667

if not line:

668

self.done = -1

669

break

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

670

self.__write(line)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

671

672

def read_lines_to_outerboundary(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

673

"""Internal: read lines until outerboundary."""

674

next = "--" + self.outerboundary

675

last = next + "--"

676

delim = ""

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

677

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

678

while 1:

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

679

line = self.fp.readline(1<<16)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

680

if not line:

681

self.done = -1

682

break

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

683

if line[:2] == "--" and last_line_lfend:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

684

strippedline = line.strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

685

if strippedline == next:

686

break

687

if strippedline == last:

self.done = 1

break

odelim = delim

if line[-2:] == "\r\n":

692

delim = "\r\n"

693

line = line[:-2]

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

694

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

695

elif line[-1] == "\n":

696

delim = "\n"

697

line = line[:-1]

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

698

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

699

else:

700

delim = ""

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

701

last_line_lfend = False

Guido van Rossum

2001-06-29 13:06:06 +0000

[diff] [blame]

702

self.__write(odelim + line)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

703

704

def skip_lines(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

705

"""Internal: skip lines until outer boundary if defined."""

706

if not self.outerboundary or self.done:

707

return

708

next = "--" + self.outerboundary

709

last = next + "--"

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

710

last_line_lfend = True

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

711

while 1:

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

712

line = self.fp.readline(1<<16)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

713

if not line:

714

self.done = -1

715

break

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

716

if line[:2] == "--" and last_line_lfend:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

717

strippedline = line.strip()

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

718

if strippedline == next:

719

break

720

if strippedline == last:

721

self.done = 1

722

break

Thomas Wouters

2006-08-21 19:07:27 +0000

[diff] [blame]

723

last_line_lfend = line.endswith('\n')

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

724

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

725

def make_file(self):

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

726

"""Overridable: return a readable & writable file.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

727

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

728

The file will be used as follows:

729

- data is written to it

730

- seek(0)

731

- data is read from it

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

732

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

733

The file is always opened in text mode.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

734

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

735

This version opens a temporary file for reading and writing,

736

and immediately deletes (unlinks) it. The trick (on Unix!) is

737

that the file can still be used, but it can't be opened by

738

another process, and it will automatically be deleted when it

739

is closed or when the current process terminates.

Guido van Rossum

4032c2c

1996-03-09 04:04:35 +0000

[diff] [blame]

740

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

741

If you want a more permanent file, you derive a class which

742

overrides this method. If you want a visible temporary file

743

that is nevertheless automatically deleted when the script

744

terminates, try defining a __del__ method in a derived class

745

which unlinks the temporary files you have created.

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

746

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

747

"""

748

import tempfile

Guido van Rossum

92bab81

2007-08-28 03:32:38 +0000

[diff] [blame]

749

return tempfile.TemporaryFile("w+", encoding="utf-8", newline="\n")

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

750

Guido van Rossum

1996-03-07 06:33:07 +0000

[diff] [blame]

751

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

752

# Test/debug code

753

# ===============

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

754

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

755

def test(environ=os.environ):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

756

"""Robust test CGI script, usable as main program.

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

757

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

758

Write minimal HTTP headers and dump all information provided to

759

the script in HTML form.

760

761

"""

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

762

print("Content-type: text/html")

763

print()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

764

sys.stderr = sys.stdout

765

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

766

form = FieldStorage() # Replace with other classes to test those

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

767

print_directory()

768

print_arguments()

Guido van Rossum

a3c6a8a

2000-09-19 04:11:46 +0000

[diff] [blame]

769

print_form(form)

770

print_environ(environ)

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

771

print_environ_usage()

772

def f():

Georg Brandl

7cae87c

2006-09-06 06:51:57 +0000

[diff] [blame]

773

exec("testing print_exception() -- <I>italics?</I>")

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

774

def g(f=f):

775

f()

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

776

print("<H3>What follows is a test, not an actual exception:</H3>")

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

777

g()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

778

except:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

779

print_exception()

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

780

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

781

print("<H1>Second try with a small maxlen...</H1>")

Guido van Rossum

57d51f2

2000-09-16 21:16:01 +0000

[diff] [blame]

782

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

783

global maxlen

784

maxlen = 50

785

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

786

form = FieldStorage() # Replace with other classes to test those

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

787

print_directory()

788

print_arguments()

Guido van Rossum

a3c6a8a

2000-09-19 04:11:46 +0000

[diff] [blame]

789

print_form(form)

790

print_environ(environ)

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

791

except:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

792

print_exception()

Guido van Rossum

ad16471

1997-05-13 19:03:23 +0000

[diff] [blame]

793

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

794

def print_exception(type=None, value=None, tb=None, limit=None):

795

if type is None:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

796

type, value, tb = sys.exc_info()

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

797

import traceback

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

798

print()

799

print("<H3>Traceback (most recent call last):</H3>")

Guido van Rossum

1996-08-20 20:22:39 +0000

[diff] [blame]

800

list = traceback.format_tb(tb, limit) + \

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

801

traceback.format_exception_only(type, value)

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

802

print("<PRE>%s<B>%s</B></PRE>" % (

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

803

escape("".join(list[:-1])),

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

804

escape(list[-1]),

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

805

))

Guido van Rossum

f15d159

1997-09-29 23:22:12 +0000

[diff] [blame]

806

del tb

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

807

Guido van Rossum

1996-07-23 03:46:24 +0000

[diff] [blame]

808

def print_environ(environ=os.environ):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

809

"""Dump the shell environment as HTML."""

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

810

keys = sorted(environ.keys())

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

811

print()

812

print("<H3>Shell Environment:</H3>")

813

print("<DL>")

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

814

for key in keys:

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

815

print("<DT>", escape(key), "<DD>", escape(environ[key]))

816

print("</DL>")

817

print()

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

818

819

def print_form(form):

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

820

"""Dump the contents of a form as HTML."""

Guido van Rossum

2007-08-28 03:11:34 +0000

[diff] [blame]

821

keys = sorted(form.keys())

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

822

print()

823

print("<H3>Form Contents:</H3>")

Guido van Rossum

57d51f2

2000-09-16 21:16:01 +0000

[diff] [blame]

824

if not keys:

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

825

print("<P>No form fields.")

826

print("<DL>")

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

827

for key in keys:

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

828

print("<DT>" + escape(key) + ":", end=' ')

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

829

value = form[key]

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

830

print("<i>" + escape(repr(type(value))) + "</i>")

831

print("<DD>" + escape(repr(value)))

832

print("</DL>")

833

print()

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

834

835

def print_directory():

836

"""Dump the current directory as HTML."""

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

837

print()

838

print("<H3>Current Working Directory:</H3>")

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

839

try:

Guido van Rossum

1998-03-26 21:13:24 +0000

[diff] [blame]

840

pwd = os.getcwd()

Guido van Rossum

b940e11

2007-01-10 16:19:56 +0000

[diff] [blame]

841

except os.error as msg:

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

842

print("os.error:", escape(str(msg)))

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

843

else:

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

844

print(escape(pwd))

845

print()

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

846

Guido van Rossum

a8738a5

1996-03-14 21:30:28 +0000

[diff] [blame]

847

def print_arguments():

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

848

print()

849

print("<H3>Command Line Arguments:</H3>")

850

print()

851

print(sys.argv)

852

print()

Guido van Rossum

a8738a5

1996-03-14 21:30:28 +0000

[diff] [blame]

853

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

854

def print_environ_usage():

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

855

"""Dump a list of environment variables used by CGI as HTML."""

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

856

print("""

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

857

<H3>These environment variables could have been set:</H3>

858

<UL>

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

<LI>AUTH_TYPE

<LI>CONTENT_LENGTH

<LI>CONTENT_TYPE

<LI>DATE_GMT

<LI>DATE_LOCAL

<LI>DOCUMENT_NAME

<LI>DOCUMENT_ROOT

<LI>DOCUMENT_URI

<LI>GATEWAY_INTERFACE

<LI>LAST_MODIFIED

<LI>PATH

<LI>PATH_INFO

<LI>PATH_TRANSLATED

<LI>QUERY_STRING

<LI>REMOTE_ADDR

<LI>REMOTE_HOST

<LI>REMOTE_IDENT

<LI>REMOTE_USER

<LI>REQUEST_METHOD

<LI>SCRIPT_NAME

<LI>SERVER_NAME

<LI>SERVER_PORT

<LI>SERVER_PROTOCOL

<LI>SERVER_ROOT

<LI>SERVER_SOFTWARE

</UL>

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

885

In addition, HTTP headers sent by the server may be passed in the

886

environment as well. Here are some common variable names:

<UL>

<LI>HTTP_ACCEPT

<LI>HTTP_CONNECTION

<LI>HTTP_HOST

<LI>HTTP_PRAGMA

<LI>HTTP_REFERER

<LI>HTTP_USER_AGENT

</UL>

Guido van Rossum

2007-02-09 05:37:30 +0000

[diff] [blame]

895

""")

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

896

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

897

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

898

# Utilities

899

# =========

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

900

Guido van Rossum

64c6620

1997-07-19 20:11:53 +0000

[diff] [blame]

901

def escape(s, quote=None):

Skip Montanaro

97b2fa2

2005-08-02 02:50:25 +0000

[diff] [blame]

902

'''Replace special characters "&", "<" and ">" to HTML-safe sequences.

903

If the optional flag quote is true, the quotation mark character (")

904

is also translated.'''

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

905

s = s.replace("&", "&") # Must be done first!

906

s = s.replace("<", "<")

907

s = s.replace(">", ">")

Guido van Rossum

64c6620

1997-07-19 20:11:53 +0000

[diff] [blame]

908

if quote:

Eric S. Raymond

2001-02-09 09:59:10 +0000

[diff] [blame]

909

s = s.replace('"', """)

Guido van Rossum

1996-03-07 18:00:44 +0000

[diff] [blame]

910

return s

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

911

Guido van Rossum

2001-07-25 21:00:19 +0000

[diff] [blame]

912

def valid_boundary(s, _vb_pattern="^[ -~]{0,200}[!-~]$"):

913

import re

914

return re.match(_vb_pattern, s)

Guido van Rossum

1995-01-12 12:29:47 +0000

[diff] [blame]

915

Guido van Rossum

1996-03-06 07:20:06 +0000

[diff] [blame]

# Invoke mainline

# ===============

# Call test() when this file is run as a script (not imported as a module)

Tim Peters

2001-01-14 23:36:06 +0000

[diff] [blame]

920

if __name__ == '__main__':

Guido van Rossum