mirror of
				https://github.com/python/cpython.git
				synced 2025-10-26 08:19:20 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			628 lines
		
	
	
	
		
			20 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
			
		
		
	
	
			628 lines
		
	
	
	
		
			20 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
| ####
 | |
| # Copyright 2000 by Timothy O'Malley <timo@alum.mit.edu>
 | |
| #
 | |
| #                All Rights Reserved
 | |
| #
 | |
| # Permission to use, copy, modify, and distribute this software
 | |
| # and its documentation for any purpose and without fee is hereby
 | |
| # granted, provided that the above copyright notice appear in all
 | |
| # copies and that both that copyright notice and this permission
 | |
| # notice appear in supporting documentation, and that the name of
 | |
| # Timothy O'Malley  not be used in advertising or publicity
 | |
| # pertaining to distribution of the software without specific, written
 | |
| # prior permission.
 | |
| #
 | |
| # Timothy O'Malley DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS
 | |
| # SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
 | |
| # AND FITNESS, IN NO EVENT SHALL Timothy O'Malley BE LIABLE FOR
 | |
| # ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 | |
| # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
 | |
| # WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
 | |
| # ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 | |
| # PERFORMANCE OF THIS SOFTWARE.
 | |
| #
 | |
| ####
 | |
| #
 | |
| # Id: Cookie.py,v 2.29 2000/08/23 05:28:49 timo Exp
 | |
| #   by Timothy O'Malley <timo@alum.mit.edu>
 | |
| #
 | |
| #  Cookie.py is a Python module for the handling of HTTP
 | |
| #  cookies as a Python dictionary.  See RFC 2109 for more
 | |
| #  information on cookies.
 | |
| #
 | |
| #  The original idea to treat Cookies as a dictionary came from
 | |
| #  Dave Mitchell (davem@magnet.com) in 1995, when he released the
 | |
| #  first version of nscookie.py.
 | |
| #
 | |
| ####
 | |
| 
 | |
| r"""
 | |
| Here's a sample session to show how to use this module.
 | |
| At the moment, this is the only documentation.
 | |
| 
 | |
| The Basics
 | |
| ----------
 | |
| 
 | |
| Importing is easy...
 | |
| 
 | |
|    >>> from http import cookies
 | |
| 
 | |
| Most of the time you start by creating a cookie.
 | |
| 
 | |
|    >>> C = cookies.SimpleCookie()
 | |
| 
 | |
| Once you've created your Cookie, you can add values just as if it were
 | |
| a dictionary.
 | |
| 
 | |
|    >>> C = cookies.SimpleCookie()
 | |
|    >>> C["fig"] = "newton"
 | |
|    >>> C["sugar"] = "wafer"
 | |
|    >>> C.output()
 | |
|    'Set-Cookie: fig=newton\r\nSet-Cookie: sugar=wafer'
 | |
| 
 | |
| Notice that the printable representation of a Cookie is the
 | |
| appropriate format for a Set-Cookie: header.  This is the
 | |
| default behavior.  You can change the header and printed
 | |
| attributes by using the .output() function
 | |
| 
 | |
|    >>> C = cookies.SimpleCookie()
 | |
|    >>> C["rocky"] = "road"
 | |
|    >>> C["rocky"]["path"] = "/cookie"
 | |
|    >>> print(C.output(header="Cookie:"))
 | |
|    Cookie: rocky=road; Path=/cookie
 | |
|    >>> print(C.output(attrs=[], header="Cookie:"))
 | |
|    Cookie: rocky=road
 | |
| 
 | |
| The load() method of a Cookie extracts cookies from a string.  In a
 | |
| CGI script, you would use this method to extract the cookies from the
 | |
| HTTP_COOKIE environment variable.
 | |
| 
 | |
|    >>> C = cookies.SimpleCookie()
 | |
|    >>> C.load("chips=ahoy; vienna=finger")
 | |
|    >>> C.output()
 | |
|    'Set-Cookie: chips=ahoy\r\nSet-Cookie: vienna=finger'
 | |
| 
 | |
| The load() method is darn-tootin smart about identifying cookies
 | |
| within a string.  Escaped quotation marks, nested semicolons, and other
 | |
| such trickeries do not confuse it.
 | |
| 
 | |
|    >>> C = cookies.SimpleCookie()
 | |
|    >>> C.load('keebler="E=everybody; L=\\"Loves\\"; fudge=\\012;";')
 | |
|    >>> print(C)
 | |
|    Set-Cookie: keebler="E=everybody; L=\"Loves\"; fudge=\012;"
 | |
| 
 | |
| Each element of the Cookie also supports all of the RFC 2109
 | |
| Cookie attributes.  Here's an example which sets the Path
 | |
| attribute.
 | |
| 
 | |
|    >>> C = cookies.SimpleCookie()
 | |
|    >>> C["oreo"] = "doublestuff"
 | |
|    >>> C["oreo"]["path"] = "/"
 | |
|    >>> print(C)
 | |
|    Set-Cookie: oreo=doublestuff; Path=/
 | |
| 
 | |
| Each dictionary element has a 'value' attribute, which gives you
 | |
| back the value associated with the key.
 | |
| 
 | |
|    >>> C = cookies.SimpleCookie()
 | |
|    >>> C["twix"] = "none for you"
 | |
|    >>> C["twix"].value
 | |
|    'none for you'
 | |
| 
 | |
| The SimpleCookie expects that all values should be standard strings.
 | |
| Just to be sure, SimpleCookie invokes the str() builtin to convert
 | |
| the value to a string, when the values are set dictionary-style.
 | |
| 
 | |
|    >>> C = cookies.SimpleCookie()
 | |
|    >>> C["number"] = 7
 | |
|    >>> C["string"] = "seven"
 | |
|    >>> C["number"].value
 | |
|    '7'
 | |
|    >>> C["string"].value
 | |
|    'seven'
 | |
|    >>> C.output()
 | |
|    'Set-Cookie: number=7\r\nSet-Cookie: string=seven'
 | |
| 
 | |
| Finis.
 | |
| """
 | |
| 
 | |
| #
 | |
| # Import our required modules
 | |
| #
 | |
| import re
 | |
| import string
 | |
| 
 | |
| __all__ = ["CookieError", "BaseCookie", "SimpleCookie"]
 | |
| 
 | |
| _nulljoin = ''.join
 | |
| _semispacejoin = '; '.join
 | |
| _spacejoin = ' '.join
 | |
| 
 | |
| def _warn_deprecated_setter(setter):
 | |
|     import warnings
 | |
|     msg = ('The .%s setter is deprecated. The attribute will be read-only in '
 | |
|            'future releases. Please use the set() method instead.' % setter)
 | |
|     warnings.warn(msg, DeprecationWarning, stacklevel=3)
 | |
| 
 | |
| #
 | |
| # Define an exception visible to External modules
 | |
| #
 | |
| class CookieError(Exception):
 | |
|     pass
 | |
| 
 | |
| 
 | |
| # These quoting routines conform to the RFC2109 specification, which in
 | |
| # turn references the character definitions from RFC2068.  They provide
 | |
| # a two-way quoting algorithm.  Any non-text character is translated
 | |
| # into a 4 character sequence: a forward-slash followed by the
 | |
| # three-digit octal equivalent of the character.  Any '\' or '"' is
 | |
| # quoted with a preceeding '\' slash.
 | |
| # Because of the way browsers really handle cookies (as opposed to what
 | |
| # the RFC says) we also encode "," and ";".
 | |
| #
 | |
| # These are taken from RFC2068 and RFC2109.
 | |
| #       _LegalChars       is the list of chars which don't require "'s
 | |
| #       _Translator       hash-table for fast quoting
 | |
| #
 | |
| _LegalChars = string.ascii_letters + string.digits + "!#$%&'*+-.^_`|~:"
 | |
| _UnescapedChars = _LegalChars + ' ()/<=>?@[]{}'
 | |
| 
 | |
| _Translator = {n: '\\%03o' % n
 | |
|                for n in set(range(256)) - set(map(ord, _UnescapedChars))}
 | |
| _Translator.update({
 | |
|     ord('"'): '\\"',
 | |
|     ord('\\'): '\\\\',
 | |
| })
 | |
| 
 | |
| _is_legal_key = re.compile('[%s]+' % _LegalChars).fullmatch
 | |
| 
 | |
| def _quote(str):
 | |
|     r"""Quote a string for use in a cookie header.
 | |
| 
 | |
|     If the string does not need to be double-quoted, then just return the
 | |
|     string.  Otherwise, surround the string in doublequotes and quote
 | |
|     (with a \) special characters.
 | |
|     """
 | |
|     if str is None or _is_legal_key(str):
 | |
|         return str
 | |
|     else:
 | |
|         return '"' + str.translate(_Translator) + '"'
 | |
| 
 | |
| 
 | |
| _OctalPatt = re.compile(r"\\[0-3][0-7][0-7]")
 | |
| _QuotePatt = re.compile(r"[\\].")
 | |
| 
 | |
| def _unquote(str):
 | |
|     # If there aren't any doublequotes,
 | |
|     # then there can't be any special characters.  See RFC 2109.
 | |
|     if str is None or len(str) < 2:
 | |
|         return str
 | |
|     if str[0] != '"' or str[-1] != '"':
 | |
|         return str
 | |
| 
 | |
|     # We have to assume that we must decode this string.
 | |
|     # Down to work.
 | |
| 
 | |
|     # Remove the "s
 | |
|     str = str[1:-1]
 | |
| 
 | |
|     # Check for special sequences.  Examples:
 | |
|     #    \012 --> \n
 | |
|     #    \"   --> "
 | |
|     #
 | |
|     i = 0
 | |
|     n = len(str)
 | |
|     res = []
 | |
|     while 0 <= i < n:
 | |
|         o_match = _OctalPatt.search(str, i)
 | |
|         q_match = _QuotePatt.search(str, i)
 | |
|         if not o_match and not q_match:              # Neither matched
 | |
|             res.append(str[i:])
 | |
|             break
 | |
|         # else:
 | |
|         j = k = -1
 | |
|         if o_match:
 | |
|             j = o_match.start(0)
 | |
|         if q_match:
 | |
|             k = q_match.start(0)
 | |
|         if q_match and (not o_match or k < j):     # QuotePatt matched
 | |
|             res.append(str[i:k])
 | |
|             res.append(str[k+1])
 | |
|             i = k + 2
 | |
|         else:                                      # OctalPatt matched
 | |
|             res.append(str[i:j])
 | |
|             res.append(chr(int(str[j+1:j+4], 8)))
 | |
|             i = j + 4
 | |
|     return _nulljoin(res)
 | |
| 
 | |
| # The _getdate() routine is used to set the expiration time in the cookie's HTTP
 | |
| # header.  By default, _getdate() returns the current time in the appropriate
 | |
| # "expires" format for a Set-Cookie header.  The one optional argument is an
 | |
| # offset from now, in seconds.  For example, an offset of -3600 means "one hour
 | |
| # ago".  The offset may be a floating point number.
 | |
| #
 | |
| 
 | |
| _weekdayname = ['Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun']
 | |
| 
 | |
| _monthname = [None,
 | |
|               'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',
 | |
|               'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec']
 | |
| 
 | |
| def _getdate(future=0, weekdayname=_weekdayname, monthname=_monthname):
 | |
|     from time import gmtime, time
 | |
|     now = time()
 | |
|     year, month, day, hh, mm, ss, wd, y, z = gmtime(now + future)
 | |
|     return "%s, %02d %3s %4d %02d:%02d:%02d GMT" % \
 | |
|            (weekdayname[wd], day, monthname[month], year, hh, mm, ss)
 | |
| 
 | |
| 
 | |
| class Morsel(dict):
 | |
|     """A class to hold ONE (key, value) pair.
 | |
| 
 | |
|     In a cookie, each such pair may have several attributes, so this class is
 | |
|     used to keep the attributes associated with the appropriate key,value pair.
 | |
|     This class also includes a coded_value attribute, which is used to hold
 | |
|     the network representation of the value.  This is most useful when Python
 | |
|     objects are pickled for network transit.
 | |
|     """
 | |
|     # RFC 2109 lists these attributes as reserved:
 | |
|     #   path       comment         domain
 | |
|     #   max-age    secure      version
 | |
|     #
 | |
|     # For historical reasons, these attributes are also reserved:
 | |
|     #   expires
 | |
|     #
 | |
|     # This is an extension from Microsoft:
 | |
|     #   httponly
 | |
|     #
 | |
|     # This dictionary provides a mapping from the lowercase
 | |
|     # variant on the left to the appropriate traditional
 | |
|     # formatting on the right.
 | |
|     _reserved = {
 | |
|         "expires"  : "expires",
 | |
|         "path"     : "Path",
 | |
|         "comment"  : "Comment",
 | |
|         "domain"   : "Domain",
 | |
|         "max-age"  : "Max-Age",
 | |
|         "secure"   : "Secure",
 | |
|         "httponly" : "HttpOnly",
 | |
|         "version"  : "Version",
 | |
|     }
 | |
| 
 | |
|     _flags = {'secure', 'httponly'}
 | |
| 
 | |
|     def __init__(self):
 | |
|         # Set defaults
 | |
|         self._key = self._value = self._coded_value = None
 | |
| 
 | |
|         # Set default attributes
 | |
|         for key in self._reserved:
 | |
|             dict.__setitem__(self, key, "")
 | |
| 
 | |
|     @property
 | |
|     def key(self):
 | |
|         return self._key
 | |
| 
 | |
|     @key.setter
 | |
|     def key(self, key):
 | |
|         _warn_deprecated_setter('key')
 | |
|         self._key = key
 | |
| 
 | |
|     @property
 | |
|     def value(self):
 | |
|         return self._value
 | |
| 
 | |
|     @value.setter
 | |
|     def value(self, value):
 | |
|         _warn_deprecated_setter('value')
 | |
|         self._value = value
 | |
| 
 | |
|     @property
 | |
|     def coded_value(self):
 | |
|         return self._coded_value
 | |
| 
 | |
|     @coded_value.setter
 | |
|     def coded_value(self, coded_value):
 | |
|         _warn_deprecated_setter('coded_value')
 | |
|         self._coded_value = coded_value
 | |
| 
 | |
|     def __setitem__(self, K, V):
 | |
|         K = K.lower()
 | |
|         if not K in self._reserved:
 | |
|             raise CookieError("Invalid attribute %r" % (K,))
 | |
|         dict.__setitem__(self, K, V)
 | |
| 
 | |
|     def setdefault(self, key, val=None):
 | |
|         key = key.lower()
 | |
|         if key not in self._reserved:
 | |
|             raise CookieError("Invalid attribute %r" % (key,))
 | |
|         return dict.setdefault(self, key, val)
 | |
| 
 | |
|     def __eq__(self, morsel):
 | |
|         if not isinstance(morsel, Morsel):
 | |
|             return NotImplemented
 | |
|         return (dict.__eq__(self, morsel) and
 | |
|                 self._value == morsel._value and
 | |
|                 self._key == morsel._key and
 | |
|                 self._coded_value == morsel._coded_value)
 | |
| 
 | |
|     __ne__ = object.__ne__
 | |
| 
 | |
|     def copy(self):
 | |
|         morsel = Morsel()
 | |
|         dict.update(morsel, self)
 | |
|         morsel.__dict__.update(self.__dict__)
 | |
|         return morsel
 | |
| 
 | |
|     def update(self, values):
 | |
|         data = {}
 | |
|         for key, val in dict(values).items():
 | |
|             key = key.lower()
 | |
|             if key not in self._reserved:
 | |
|                 raise CookieError("Invalid attribute %r" % (key,))
 | |
|             data[key] = val
 | |
|         dict.update(self, data)
 | |
| 
 | |
|     def isReservedKey(self, K):
 | |
|         return K.lower() in self._reserved
 | |
| 
 | |
|     def set(self, key, val, coded_val):
 | |
|         if key.lower() in self._reserved:
 | |
|             raise CookieError('Attempt to set a reserved key %r' % (key,))
 | |
|         if not _is_legal_key(key):
 | |
|             raise CookieError('Illegal key %r' % (key,))
 | |
| 
 | |
|         # It's a good key, so save it.
 | |
|         self._key = key
 | |
|         self._value = val
 | |
|         self._coded_value = coded_val
 | |
| 
 | |
|     def __getstate__(self):
 | |
|         return {
 | |
|             'key': self._key,
 | |
|             'value': self._value,
 | |
|             'coded_value': self._coded_value,
 | |
|         }
 | |
| 
 | |
|     def __setstate__(self, state):
 | |
|         self._key = state['key']
 | |
|         self._value = state['value']
 | |
|         self._coded_value = state['coded_value']
 | |
| 
 | |
|     def output(self, attrs=None, header="Set-Cookie:"):
 | |
|         return "%s %s" % (header, self.OutputString(attrs))
 | |
| 
 | |
|     __str__ = output
 | |
| 
 | |
|     def __repr__(self):
 | |
|         return '<%s: %s>' % (self.__class__.__name__, self.OutputString())
 | |
| 
 | |
|     def js_output(self, attrs=None):
 | |
|         # Print javascript
 | |
|         return """
 | |
|         <script type="text/javascript">
 | |
|         <!-- begin hiding
 | |
|         document.cookie = \"%s\";
 | |
|         // end hiding -->
 | |
|         </script>
 | |
|         """ % (self.OutputString(attrs).replace('"', r'\"'))
 | |
| 
 | |
|     def OutputString(self, attrs=None):
 | |
|         # Build up our result
 | |
|         #
 | |
|         result = []
 | |
|         append = result.append
 | |
| 
 | |
|         # First, the key=value pair
 | |
|         append("%s=%s" % (self.key, self.coded_value))
 | |
| 
 | |
|         # Now add any defined attributes
 | |
|         if attrs is None:
 | |
|             attrs = self._reserved
 | |
|         items = sorted(self.items())
 | |
|         for key, value in items:
 | |
|             if value == "":
 | |
|                 continue
 | |
|             if key not in attrs:
 | |
|                 continue
 | |
|             if key == "expires" and isinstance(value, int):
 | |
|                 append("%s=%s" % (self._reserved[key], _getdate(value)))
 | |
|             elif key == "max-age" and isinstance(value, int):
 | |
|                 append("%s=%d" % (self._reserved[key], value))
 | |
|             elif key in self._flags:
 | |
|                 if value:
 | |
|                     append(str(self._reserved[key]))
 | |
|             else:
 | |
|                 append("%s=%s" % (self._reserved[key], value))
 | |
| 
 | |
|         # Return the result
 | |
|         return _semispacejoin(result)
 | |
| 
 | |
| 
 | |
| #
 | |
| # Pattern for finding cookie
 | |
| #
 | |
| # This used to be strict parsing based on the RFC2109 and RFC2068
 | |
| # specifications.  I have since discovered that MSIE 3.0x doesn't
 | |
| # follow the character rules outlined in those specs.  As a
 | |
| # result, the parsing rules here are less strict.
 | |
| #
 | |
| 
 | |
| _LegalCharsPatt  = r"[\w\d!#%&'~_`><@,:/\$\*\+\-\.\^\|\)\(\?\}\{\=]"
 | |
| _CookiePattern = re.compile(r"""
 | |
|     (?x)                           # This is a verbose pattern
 | |
|     \s*                            # Optional whitespace at start of cookie
 | |
|     (?P<key>                       # Start of group 'key'
 | |
|     """ + _LegalCharsPatt + r"""+?   # Any word of at least one letter
 | |
|     )                              # End of group 'key'
 | |
|     (                              # Optional group: there may not be a value.
 | |
|     \s*=\s*                          # Equal Sign
 | |
|     (?P<val>                         # Start of group 'val'
 | |
|     "(?:[^\\"]|\\.)*"                  # Any doublequoted string
 | |
|     |                                  # or
 | |
|     \w{3},\s[\w\d\s-]{9,11}\s[\d:]{8}\sGMT  # Special case for "expires" attr
 | |
|     |                                  # or
 | |
|     """ + _LegalCharsPatt + r"""*      # Any word or empty string
 | |
|     )                                # End of group 'val'
 | |
|     )?                             # End of optional value group
 | |
|     \s*                            # Any number of spaces.
 | |
|     (\s+|;|$)                      # Ending either at space, semicolon, or EOS.
 | |
|     """, re.ASCII)                 # May be removed if safe.
 | |
| 
 | |
| 
 | |
| # At long last, here is the cookie class.  Using this class is almost just like
 | |
| # using a dictionary.  See this module's docstring for example usage.
 | |
| #
 | |
| class BaseCookie(dict):
 | |
|     """A container class for a set of Morsels."""
 | |
| 
 | |
|     def value_decode(self, val):
 | |
|         """real_value, coded_value = value_decode(STRING)
 | |
|         Called prior to setting a cookie's value from the network
 | |
|         representation.  The VALUE is the value read from HTTP
 | |
|         header.
 | |
|         Override this function to modify the behavior of cookies.
 | |
|         """
 | |
|         return val, val
 | |
| 
 | |
|     def value_encode(self, val):
 | |
|         """real_value, coded_value = value_encode(VALUE)
 | |
|         Called prior to setting a cookie's value from the dictionary
 | |
|         representation.  The VALUE is the value being assigned.
 | |
|         Override this function to modify the behavior of cookies.
 | |
|         """
 | |
|         strval = str(val)
 | |
|         return strval, strval
 | |
| 
 | |
|     def __init__(self, input=None):
 | |
|         if input:
 | |
|             self.load(input)
 | |
| 
 | |
|     def __set(self, key, real_value, coded_value):
 | |
|         """Private method for setting a cookie's value"""
 | |
|         M = self.get(key, Morsel())
 | |
|         M.set(key, real_value, coded_value)
 | |
|         dict.__setitem__(self, key, M)
 | |
| 
 | |
|     def __setitem__(self, key, value):
 | |
|         """Dictionary style assignment."""
 | |
|         if isinstance(value, Morsel):
 | |
|             # allow assignment of constructed Morsels (e.g. for pickling)
 | |
|             dict.__setitem__(self, key, value)
 | |
|         else:
 | |
|             rval, cval = self.value_encode(value)
 | |
|             self.__set(key, rval, cval)
 | |
| 
 | |
|     def output(self, attrs=None, header="Set-Cookie:", sep="\015\012"):
 | |
|         """Return a string suitable for HTTP."""
 | |
|         result = []
 | |
|         items = sorted(self.items())
 | |
|         for key, value in items:
 | |
|             result.append(value.output(attrs, header))
 | |
|         return sep.join(result)
 | |
| 
 | |
|     __str__ = output
 | |
| 
 | |
|     def __repr__(self):
 | |
|         l = []
 | |
|         items = sorted(self.items())
 | |
|         for key, value in items:
 | |
|             l.append('%s=%s' % (key, repr(value.value)))
 | |
|         return '<%s: %s>' % (self.__class__.__name__, _spacejoin(l))
 | |
| 
 | |
|     def js_output(self, attrs=None):
 | |
|         """Return a string suitable for JavaScript."""
 | |
|         result = []
 | |
|         items = sorted(self.items())
 | |
|         for key, value in items:
 | |
|             result.append(value.js_output(attrs))
 | |
|         return _nulljoin(result)
 | |
| 
 | |
|     def load(self, rawdata):
 | |
|         """Load cookies from a string (presumably HTTP_COOKIE) or
 | |
|         from a dictionary.  Loading cookies from a dictionary 'd'
 | |
|         is equivalent to calling:
 | |
|             map(Cookie.__setitem__, d.keys(), d.values())
 | |
|         """
 | |
|         if isinstance(rawdata, str):
 | |
|             self.__parse_string(rawdata)
 | |
|         else:
 | |
|             # self.update() wouldn't call our custom __setitem__
 | |
|             for key, value in rawdata.items():
 | |
|                 self[key] = value
 | |
|         return
 | |
| 
 | |
|     def __parse_string(self, str, patt=_CookiePattern):
 | |
|         i = 0                 # Our starting point
 | |
|         n = len(str)          # Length of string
 | |
|         parsed_items = []     # Parsed (type, key, value) triples
 | |
|         morsel_seen = False   # A key=value pair was previously encountered
 | |
| 
 | |
|         TYPE_ATTRIBUTE = 1
 | |
|         TYPE_KEYVALUE = 2
 | |
| 
 | |
|         # We first parse the whole cookie string and reject it if it's
 | |
|         # syntactically invalid (this helps avoid some classes of injection
 | |
|         # attacks).
 | |
|         while 0 <= i < n:
 | |
|             # Start looking for a cookie
 | |
|             match = patt.match(str, i)
 | |
|             if not match:
 | |
|                 # No more cookies
 | |
|                 break
 | |
| 
 | |
|             key, value = match.group("key"), match.group("val")
 | |
|             i = match.end(0)
 | |
| 
 | |
|             if key[0] == "$":
 | |
|                 if not morsel_seen:
 | |
|                     # We ignore attributes which pertain to the cookie
 | |
|                     # mechanism as a whole, such as "$Version".
 | |
|                     # See RFC 2965. (Does anyone care?)
 | |
|                     continue
 | |
|                 parsed_items.append((TYPE_ATTRIBUTE, key[1:], value))
 | |
|             elif key.lower() in Morsel._reserved:
 | |
|                 if not morsel_seen:
 | |
|                     # Invalid cookie string
 | |
|                     return
 | |
|                 if value is None:
 | |
|                     if key.lower() in Morsel._flags:
 | |
|                         parsed_items.append((TYPE_ATTRIBUTE, key, True))
 | |
|                     else:
 | |
|                         # Invalid cookie string
 | |
|                         return
 | |
|                 else:
 | |
|                     parsed_items.append((TYPE_ATTRIBUTE, key, _unquote(value)))
 | |
|             elif value is not None:
 | |
|                 parsed_items.append((TYPE_KEYVALUE, key, self.value_decode(value)))
 | |
|                 morsel_seen = True
 | |
|             else:
 | |
|                 # Invalid cookie string
 | |
|                 return
 | |
| 
 | |
|         # The cookie string is valid, apply it.
 | |
|         M = None         # current morsel
 | |
|         for tp, key, value in parsed_items:
 | |
|             if tp == TYPE_ATTRIBUTE:
 | |
|                 assert M is not None
 | |
|                 M[key] = value
 | |
|             else:
 | |
|                 assert tp == TYPE_KEYVALUE
 | |
|                 rval, cval = value
 | |
|                 self.__set(key, rval, cval)
 | |
|                 M = self[key]
 | |
| 
 | |
| 
 | |
| class SimpleCookie(BaseCookie):
 | |
|     """
 | |
|     SimpleCookie supports strings as cookie values.  When setting
 | |
|     the value using the dictionary assignment notation, SimpleCookie
 | |
|     calls the builtin str() to convert the value to a string.  Values
 | |
|     received from HTTP are kept as strings.
 | |
|     """
 | |
|     def value_decode(self, val):
 | |
|         return _unquote(val), val
 | |
| 
 | |
|     def value_encode(self, val):
 | |
|         strval = str(val)
 | |
|         return strval, _quote(strval)
 | 
