mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-30 21:48:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

Added 'strict_parsing' option to all parsing functions. This causes a

Browse source 
ValueError exception when the query string contains fields that don't
contain exactly one '=' sign.  (By default, such fields are simply
ignored.)  Added this to the doc string describing parse() and
parse_qs().

Also changed the default for keep_blank_values from None to 0 (the
preferred way to spell 'FALSE').
This commit is contained in:
Guido van Rossum 1996-11-11 19:29:11 +00:00
parent 73eba25f5f
commit e08c04c387
1 changed files with 27 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

38
Lib/cgi.py
View file

@ -159,10 +159,11 @@ These are useful if you want more control, or if you want to employ
some of the algorithms implemented in this module in other some of the algorithms implemented in this module in other
circumstances. circumstances.
parse(fp): parse a form into a Python dictionary. parse(fp, [environ, [keep_blank_values, [strict_parsing]]]): parse a
form into a Python dictionary.
parse_qs(qs): parse a query string (data of type parse_qs(qs, [keep_blank_values, [strict_parsing]]): parse a query
application/x-www-form-urlencoded). string (data of type application/x-www-form-urlencoded).
parse_multipart(fp, pdict): parse input of type multipart/form-data (for parse_multipart(fp, pdict): parse input of type multipart/form-data (for
file uploads). file uploads).
@ -407,7 +408,7 @@ backwards compatible and debugging classes and functions?
# " <== Emacs font-lock de-bogo-kludgificocity # " <== Emacs font-lock de-bogo-kludgificocity
__version__ = "2.0" __version__ = "2.1"
# Imports # Imports
@ -473,7 +474,7 @@ log = initlog # The current logging function
# Parsing functions # Parsing functions
# ================= # =================
def parse(fp=None, environ=os.environ, keep_blank_values=None): def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
"""Parse a query in the environment or from a file (default stdin) """Parse a query in the environment or from a file (default stdin)
Arguments, all optional: Arguments, all optional:
@ -488,6 +489,10 @@ def parse(fp=None, environ=os.environ, keep_blank_values=None):
blank strings. The default false value indicates that blank strings. The default false value indicates that
blank values are to be ignored and treated as if they were blank values are to be ignored and treated as if they were
not included. not included.
strict_parsing: flag indicating what to do with parsing errors.
If false (the default), errors are silently ignored.
If true, errors raise a ValueError exception.
""" """
if not fp: if not fp:
fp = sys.stdin fp = sys.stdin
@ -517,15 +522,15 @@ def parse(fp=None, environ=os.environ, keep_blank_values=None):
else: else:
qs = "" qs = ""
environ['QUERY_STRING'] = qs # XXX Shouldn't, really environ['QUERY_STRING'] = qs # XXX Shouldn't, really
return parse_qs(qs, keep_blank_values) return parse_qs(qs, keep_blank_values, strict_parsing)
def parse_qs(qs, keep_blank_values=None): def parse_qs(qs, keep_blank_values=0, strict_parsing=0):
"""Parse a query given as a string argumen """Parse a query given as a string argument.
Arguments: Arguments:
qs : URL-encoded query string to be parsed qs: URL-encoded query string to be parsed
keep_blank_values: flag indicating whether blank values in keep_blank_values: flag indicating whether blank values in
URL encoded queries should be treated as blank strings. URL encoded queries should be treated as blank strings.
@ -533,6 +538,10 @@ def parse_qs(qs, keep_blank_values=None):
blank strings. The default false value indicates that blank strings. The default false value indicates that
blank values are to be ignored and treated as if they were blank values are to be ignored and treated as if they were
not included. not included.
strict_parsing: flag indicating what to do with parsing errors.
If false (the default), errors are silently ignored.
If true, errors raise a ValueError exception.
""" """
import urllib, regsub import urllib, regsub
name_value_pairs = string.splitfields(qs, '&') name_value_pairs = string.splitfields(qs, '&')
@ -540,6 +549,8 @@ def parse_qs(qs, keep_blank_values=None):
for name_value in name_value_pairs: for name_value in name_value_pairs:
nv = string.splitfields(name_value, '=') nv = string.splitfields(name_value, '=')
if len(nv) != 2: if len(nv) != 2:
if strict_parsing:
raise ValueError, "bad query field: %s" % `name_value`
continue continue
name = nv[0] name = nv[0]
value = urllib.unquote(regsub.gsub('+', ' ', nv[1])) value = urllib.unquote(regsub.gsub('+', ' ', nv[1]))
@ -735,7 +746,7 @@ class FieldStorage:
""" """
def __init__(self, fp=None, headers=None, outerboundary="", def __init__(self, fp=None, headers=None, outerboundary="",
environ=os.environ, keep_blank_values=None): environ=os.environ, keep_blank_values=0, strict_parsing=0):
"""Constructor. Read multipart/* until last part. """Constructor. Read multipart/* until last part.
Arguments, all optional: Arguments, all optional:
@ -757,9 +768,14 @@ class FieldStorage:
blank values are to be ignored and treated as if they were blank values are to be ignored and treated as if they were
not included. not included.
strict_parsing: flag indicating what to do with parsing errors.
If false (the default), errors are silently ignored.
If true, errors raise a ValueError exception.
""" """
method = None method = None
self.keep_blank_values = keep_blank_values self.keep_blank_values = keep_blank_values
self.strict_parsing = strict_parsing
if environ.has_key('REQUEST_METHOD'): if environ.has_key('REQUEST_METHOD'):
method = string.upper(environ['REQUEST_METHOD']) method = string.upper(environ['REQUEST_METHOD'])
if not fp and method == 'GET': if not fp and method == 'GET':
@ -873,7 +889,7 @@ class FieldStorage:
def read_urlencoded(self): def read_urlencoded(self):
"""Internal: read data in query string format.""" """Internal: read data in query string format."""
qs = self.fp.read(self.length) qs = self.fp.read(self.length)
dict = parse_qs(qs, self.keep_blank_values) dict = parse_qs(qs, self.keep_blank_values, self.strict_parsing)
self.list = [] self.list = []
for key, valuelist in dict.items(): for key, valuelist in dict.items():
for value in valuelist: for value in valuelist: