U &.e @sjdZdZddlmZmZmZddlmZddlZddl Z ddl Z ddl m Z ddlmZddlZddlZddlZdd d d d d ddddddg ZdadaddZddZddZddZeadade jdddfdd Zd1d!d Zd"d#Zd$d Z Gd%ddZ!Gd&d d Z"e jfd'd Z#d2d(dZ$e jfd)dZ%d*dZ&d+dZ'd,dZ(d-dZ)d.d/Z*e+d0krfe#dS)3zSupport module for CGI (Common Gateway Interface) scripts. This module defines a number of utilities for use by CGI scripts written in Python. z2.6)StringIOBytesIO TextIOWrapper)MappingN) FeedParser)MessageMiniFieldStorage FieldStorageparseparse_multipart parse_headertestprint_exception print_environ print_formprint_directoryprint_argumentsprint_environ_usagecGsFtr,ts,zttdaWntk r*YnXts6tantat|dS)aWrite a log message, if there is a log file. Even though this function is called initlog(), you should always use log(); log is a variable that is set either to initlog (initially), to dolog (once the log file has been opened), or to nolog (when logging is disabled). The first argument is a format string; the remaining arguments (if any) are arguments to the % operator, so e.g. log("%s: %s", "a", "b") will write "a: b" to the log file, followed by a newline. If the global logfp is not None, it should be a file object to which log data is written. If the global logfp is None, the global logfile may be a string giving a filename to open, in append mode. This file should be world writable!!! If the file can't be opened, logging is silently disabled (since there is no safe place where we could send an error message). aN)logfilelogfpopenOSErrornologlogdologZallargsr/usr/lib64/python3.8/cgi.pyinitlog8sr cGst||ddS)z=Write a log message to the log file. See initlog() for docs. N)rwrite)Zfmtargsrrrr[srcGsdS)z9Dummy function, assigned to log when logging is disabled.Nrrrrrr_srcCsdatrtdatadS)zClose the log file.rN)rrcloser rrrrrcloselogcs r%c Cs^|dkrtj}t|dr |j}nd}t|tr4|j}d|krDd|d<|ddkr t|d\}}|dkrxt|||d S|d krt |d }t r|t krt d | | |} nd } d|kr| r| d} | |d} n*tjddr| r| d} | tjd} | |d<nsz#parse_multipart..)r;formatrZset_typeKeyErrorr )r>rCr&rJr+rGrBrIrrNrr s   ccs|dddkr|dd}|d}|dkr`|dd||dd|dr`|d|d}q&|dkrpt|}|d|}|V||d}qdS)Nr1;r"\")findcountlenstrip)sendfrrr _parseparams  (  r]cCstd|}|}i}|D]}|d}|dkr|d|}||dd}t|dkr|d|dkrdkrnn |dd}|d d d d}|||<q||fS) zfParse a Content-type like header. Return the main content-type and a dictionary of options. rR=rNr1rUrSz\\\rT)r]__next__rVrYlowerrXrF)linepartskeyrCpinamevaluerrrr s  ,  c@s@eZdZdZdZdZdZdZiZdZ iZ iZ ddZ ddZ dS)rz=Like FieldStorage, for use when no file uploads are possible.NcCs||_||_dS)z&Constructor from field name and value.Nrhriselfrhrirrr__init__ szMiniFieldStorage.__init__cCsd|j|jfS)z Return printable representation.zMiniFieldStorage(%r, %r)rjrlrrr__repr__szMiniFieldStorage.__repr__)__name__ __module__ __qualname____doc__filenamelisttypefile type_options dispositiondisposition_optionsrIrmrorrrrrsc @seZdZdZdddejdddddddf ddZd d Zd d Zd dZ ddZ ddZ ddZ ddZ d:ddZd;ddZddZddZdd Zd!d"Zd#d$Zd%d&ZdZd'd(Zd)d*Zd+Zd,d-Zd.d/Zd0d1Zd2d3Zd4d5Zd6d7Zd8d9Z dS)rr4r&rJbytesrvrp outerboundary bytes_readlimitr ryrzrhrt _binary_filerx innerboundaryr7r9r8lengthrurwdoneread_urlencoded read_multi read_single)rlr>rIrr?r@rArr&rJrr+methodrDZcdisprCrBZclenrrrrm?s/                          zFieldStorage.__init__cCs(z|jWntk r"YnXdSN)rwr$AttributeErrorrnrrr__del__szFieldStorage.__del__cCs|Srrrnrrr __enter__szFieldStorage.__enter__cGs|jdSr)rwr$)rlr#rrr__exit__szFieldStorage.__exit__cCsd|j|j|jfS)z"Return a printable representation.zFieldStorage(%r, %r, %r))rhrtrirnrrrros zFieldStorage.__repr__cCs t|Sr)iterkeysrnrrr__iter__szFieldStorage.__iter__cCsT|dkrt||jr:|jd|j}|jdn|jdk rL|j}nd}|S)Nrir)rrwseekr:rurkrrr __getattr__s   zFieldStorage.__getattr__cCs^|jdkrtdg}|jD]}|j|kr||q|sBt|t|dkrV|dS|SdS)zDictionary style indexing.N not indexabler1r)rurrhappendrQrX)rlrefounditemrrr __getitem__s    zFieldStorage.__getitem__cCs8||kr0||}t|tr(dd|DS|jSn|SdS)z8Dictionary style get() method, including 'value' lookup.cSsg|] }|jqSrrirLxrrr sz)FieldStorage.getvalue..Nr5rurirlredefaultrirrrgetvalues  zFieldStorage.getvaluecCs4||kr,||}t|tr$|djS|jSn|SdS)z! Return the first value received.rNrrrrrgetfirsts   zFieldStorage.getfirstcCs:||kr2||}t|tr(dd|DS|jgSngSdS)z Return list of received values.cSsg|] }|jqSrrrrrrr.sz(FieldStorage.getlist..Nr)rlrerirrrrK)s   zFieldStorage.getlistcCs*|jdkrtdttdd|jDS)zDictionary style keys() method.Nrcss|] }|jVqdSrrhrLrrrr 8sz$FieldStorage.keys..)rursetrnrrrr4s zFieldStorage.keyscs*|jdkrtdtfdd|jDS)z%Dictionary style __contains__ method.Nrc3s|]}|jkVqdSrrrrerrr>sz,FieldStorage.__contains__..)rurany)rlrerrr __contains__:s zFieldStorage.__contains__cCs t|S)z Dictionary style len(x) support.)rXrrnrrr__len__@szFieldStorage.__len__cCs|jdkrtdt|jS)NzCannot be converted to bool.)rurboolrnrrr__bool__Ds zFieldStorage.__bool__c Cs|j|j}t|ts0td|jt|jf||j |j }|j rT|d|j 7}t j j||j|j|j |j |j|jd}dd|D|_|dS)z+Internal: read data in query string format.%s should return bytes, got %sr0r&rJrr+cSsg|]\}}t||qSrrrLrerirrrrVsz0FieldStorage.read_urlencoded..N)r>r:rr5rr9rvrpr;r&rJrr=r parse_qslr@rArr+ru skip_lines)rlrDqueryrrrrIs& zFieldStorage.read_urlencodedc CsL|j}t|std|fg|_|jrftjj|j|j|j |j |j |j |j d}|jdd|D|jpp|j}|j}t|tstd|jt|jf|jt|7_|d|jkr|r|j}|jt|7_q|j }|dk r|t|j8}t} d} |j} | | 7} | s q0q | s:q@|jt| 7_| | |j |j | } d | krz| d =|jdkrdn |j|j} ||j| ||||| |j |j ||j }|dk r|d 8}|jr|t|j8}|d krtd |j|j7_|j||j s@|j|j!kr4d krnnq@q|"dS) z/Internal: read a part that is itself multipart.z&Invalid boundary in multipart form: %rrcss|]\}}t||VqdSrrrrrrrfsz*FieldStorage.read_multi..r--Nr{r}r1rzMax number of fields exceeded)#rvalid_boundaryr9rurr=r rr@rAr&rJrr+extendFieldStorageClass __class__r>r~r5rrvrprrXrYrZfeedr;r$rrrrr)rlr?r@rAZibrklassZ first_linerparserZhdr_textdatarIrpartrrrr[s            (zFieldStorage.read_multicCs4|jdkr||n||jddS)zInternal: read an atomic part.rN)r read_binaryr read_linesrwrrnrrrrs   zFieldStorage.read_singlei cCs||_|j}|dkr|dkr|jt||j}t|tsVt d|jt |j f|j t |7_ |std|_q|j||t |}qdS)zInternal: read binary data.rrr_N) make_filerwrr>r:minbufsizer5rr9rvrprrXrr")rlZtodorrrrrs   zFieldStorage.read_binarycCs@|jrt|_|_nt|_|_|jr4|n|dS)z0Internal: read lines until EOF or outerboundary.N)rrrw_FieldStorage__filerrread_lines_to_outerboundaryread_lines_to_eofrnrrrrs  zFieldStorage.read_linescCsv|jdk rF|jt|dkrF||_|j}|j|d|_|jrZ|j|n|j||j |j dS)z line is always bytes, not stringNi) rtellrXrrwrr"rr;r&rJ)rlrcrrrrZ__writes    zFieldStorage.__writecCs:|jd}|jt|7_|s*d|_q6||qdS)zInternal: read lines until EOF.r_N)r>r~rrXr_FieldStorage__write)rlrcrrrrs  zFieldStorage.read_lines_to_eofc CsJd|j}|d}d}d}d}|jdk rFd|jkr>|krFnnqF|jd}|jt|7_|t|7}|s~d|_qF|dkr||}d}|dr|r|}||krqF||krd |_qF|}| d rd }|dd }d}nL| d r d }|dd}d}n*| dr.d}|dd}d }nd}d }| ||qdS)zInternal: read lines until outerboundary. Data is read as bytes: boundaries and line ends must be converted to bytes for comparisons. rr{TrNrr_ r1s  F) rrr>r~rrXr startswithrstripendswithr) rl next_boundary last_boundaryZdelimlast_line_lfendZ_readrc strippedlineZodelimrrrrsN $        z(FieldStorage.read_lines_to_outerboundarycCs|jr |jrdSd|j}|d}d}|jd}|jt|7_|sPd|_q|dr|r|}||krpq||krd|_q|d}q&dS)z5Internal: skip lines until outer boundary if defined.NrTrr_r1r)rrr>r~rrXrrY)rlrrrrcrrrrrs$   zFieldStorage.skip_linescCs&|jrtdStjd|jddSdS)aOverridable: return a readable & writable file. The file will be used as follows: - data is written to it - seek(0) - data is read from it The file is opened in binary mode for files, in text mode for other fields This version opens a temporary file for reading and writing, and immediately deletes (unlinks) it. The trick (on Unix!) is that the file can still be used, but it can't be opened by another process, and it will automatically be deleted when it is closed or when the current process terminates. If you want a more permanent file, you derive a class which overrides this method. If you want a visible temporary file that is nevertheless automatically deleted when the script terminates, try defining a __del__ method in a derived class which unlinks the temporary files you have created. zwb+zw+r!)r&newlineN)rtempfileZ TemporaryFiler&rnrrrr(s  zFieldStorage.make_file)N)N)!rprqrrrsosr?rmrrrrorrrrrrKrrrrrrrrrrrrrrrrrrrrr sL) &   E   2cCstdttjt_zNt}ttt|t|t dd}|fdd}td|Wnt YnXtdda z&t}ttt|t|Wnt YnXd S) zRobust test CGI script, usable as main program. Write minimal HTTP headers and dump all information provided to the script in HTML form. zContent-type: text/htmlcSs tddS)Nz,testing print_exception() -- italics?)execrrrrr\[sztest..fcSs |dSrr)r\rrrg]sztest..gz9

What follows is a test, not an actual exception:

z*

Second try with a small maxlen...

2N) printr2stdoutstderrr rrrrrrr8)r?formr\rrrrr Js4    c Csx|dkrt\}}}ddl}ttd||||||}tdtd|ddt|df~dS)Nrz+

Traceback (most recent call last):

z
%s%s
rr_) r2exc_info tracebackr format_tbformat_exception_onlyhtmlescapejoin)rvritbrrrurrrrqs   c Cs\t|}ttdtd|D]"}tdt|dt||q&tdtdS)z#Dump the shell environment as HTML.z

Shell Environment:





N)sortedrrrr)r?rrerrrrs  cCst|}ttd|s&tdtd|D]Z}tdt|ddd||}tdttt|d td tt|q2td td S) z$Dump the contents of a form as HTML.z

Form Contents:

z

No form fields.rr: )r[zzrrN)rrrrrreprrv)rrrerirrrrs c Csjttdz t}Wn6tk rP}ztdtt|W5d}~XYnXtt|tdS)z#Dump the current directory as HTML.z#

Current Working Directory:

zOSError:N)rrgetcwdrrrstr)pwdmsgrrrrs &cCs(ttdtttjtdS)Nz

Command Line Arguments:

)rr2r<rrrrrs  cCs tddS)z9Dump a list of environment variables used by CGI as HTML.a

These environment variables could have been set:

  • AUTH_TYPE
  • CONTENT_LENGTH
  • CONTENT_TYPE
  • DATE_GMT
  • DATE_LOCAL
  • DOCUMENT_NAME
  • DOCUMENT_ROOT
  • DOCUMENT_URI
  • GATEWAY_INTERFACE
  • LAST_MODIFIED
  • PATH
  • PATH_INFO
  • PATH_TRANSLATED
  • QUERY_STRING
  • REMOTE_ADDR
  • REMOTE_HOST
  • REMOTE_IDENT
  • REMOTE_USER
  • REQUEST_METHOD
  • SCRIPT_NAME
  • SERVER_NAME
  • SERVER_PORT
  • SERVER_PROTOCOL
  • SERVER_ROOT
  • SERVER_SOFTWARE
In addition, HTTP headers sent by the server may be passed in the environment as well. Here are some common variable names:
  • HTTP_ACCEPT
  • HTTP_CONNECTION
  • HTTP_HOST
  • HTTP_PRAGMA
  • HTTP_REFERER
  • HTTP_USER_AGENT
N)rrrrrrscCs(ddl}t|trd}nd}|||S)Nrs^[ -~]{0,200}[!-~]$z^[ -~]{0,200}[!-~]$)rer5rmatch)rZrZ _vb_patternrrrrs  r__main__)rErFr0)NNNN),rs __version__iorrrZcollections.abcrr2rZ urllib.parser=Z email.parserrZ email.messagerrrr__all__rrr rrr%rr8r?r r r]r rr r rrrrrrrrprrrr sh   #  F  :'   /