Mirror
/
cpython
mirror of https://github.com/python/cpython
4
1
Fork 0
Code Issues Releases Wiki Activity
cpython/Lib/email/_parseaddr.py

561 lines
18 KiB
Python
Raw Normal View History

Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
# Copyright (C) 2002-2007 Python Software Foundation
# Contact: email-sig@python.org
"""Email address parsing code.
Lifted directly from rfc822.py. This should eventually be rewritten.
"""
__all__ = [
'mktime_tz',
'parsedate',
'parsedate_tz',
'quote',
]
gh-109653: Improve import time of importlib.metadata / email.utils (#114664) My criterion for delayed imports is that they're only worth it if the majority of users of the module would benefit from it, otherwise you're just moving latency around unpredictably. mktime_tz is not used anywhere in the standard library and grep.app indicates it's not got much use in the ecosystem either. Distribution.files is not nearly as widely used as other importlib.metadata APIs, so we defer the csv import. Before: ``` λ hyperfine -w 8 './python -c "import importlib.metadata"' Benchmark 1: ./python -c "import importlib.metadata" Time (mean ± σ): 65.1 ms ± 0.5 ms [User: 55.3 ms, System: 9.8 ms] Range (min … max): 64.4 ms … 66.4 ms 44 runs ``` After: ``` λ hyperfine -w 8 './python -c "import importlib.metadata"' Benchmark 1: ./python -c "import importlib.metadata" Time (mean ± σ): 62.0 ms ± 0.3 ms [User: 52.5 ms, System: 9.6 ms] Range (min … max): 61.3 ms … 62.8 ms 46 runs ``` for about a 3ms saving with warm disk cache, maybe 7-11ms with cold disk cache.
2024-01-29 05:30:22 -04:00
import time
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
SPACE = ' '
EMPTYSTRING = ''
COMMASPACE = ', '
# Parse a date field
_monthnames = ['jan', 'feb', 'mar', 'apr', 'may', 'jun', 'jul',
'aug', 'sep', 'oct', 'nov', 'dec',
'january', 'february', 'march', 'april', 'may', 'june', 'july',
'august', 'september', 'october', 'november', 'december']
_daynames = ['mon', 'tue', 'wed', 'thu', 'fri', 'sat', 'sun']
# The timezone table does not include the military time zones defined
# in RFC822, other than Z. According to RFC1123, the description in
# RFC822 gets the signs wrong, so we can't rely on any such time
# zones. RFC1123 recommends that numeric timezone indicators be used
# instead of timezone names.
_timezones = {'UT':0, 'UTC':0, 'GMT':0, 'Z':0,
'AST': -400, 'ADT': -300, # Atlantic (used in Canada)
'EST': -500, 'EDT': -400, # Eastern
'CST': -600, 'CDT': -500, # Central
'MST': -700, 'MDT': -600, # Mountain
'PST': -800, 'PDT': -700 # Pacific
}
def parsedate_tz(data):
"""Convert a date string to a time tuple.
Accounts for military timezones.
#665194: support roundtripping RFC2822 date stamps in the email.utils module
2011-07-20 12:41:21 -03:00
"""
res = _parsedate_tz(data)
Closes #15925: fix regression in parsedate() and parsedate_tz() that should return None if unable to parse the argument.
2012-09-22 04:03:56 -03:00
if not res:
return
#665194: support roundtripping RFC2822 date stamps in the email.utils module
2011-07-20 12:41:21 -03:00
if res[9] is None:
res[9] = 0
return tuple(res)
def _parsedate_tz(data):
"""Convert date to extended time tuple.
The last (additional) element is the time zone offset in seconds, except if
the timezone was specified as -0000. In that case the last element is
None. This indicates a UTC timestamp that explicitly declaims knowledge of
the source timezone, as opposed to a +0000 timestamp that indicates the
source timezone really was UTC.
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
"""
Closes #15925: fix regression in parsedate() and parsedate_tz() that should return None if unable to parse the argument.
2012-09-22 04:03:56 -03:00
if not data:
bpo-30681: Support invalid date format or value in email Date header (GH-22090) I am re-submitting an older PR which was abandoned but is still relevant, #10783 by @timb07. The issue being solved () is still relevant. The original PR #10783 was closed as the final request changes were not applied and since abandoned. In this new PR I have re-used the original patch plus applied both comments from the review, by @maxking and @pganssle. For reference, here is the original PR description: In email.utils.parsedate_to_datetime(), a failure to parse the date, or invalid date components (such as hour outside 0..23) raises an exception. Document this behaviour, and add tests to test_email/test_utils.py to confirm this behaviour. In email.headerregistry.DateHeader.parse(), check when parsedate_to_datetime() raises an exception and add a new defect InvalidDateDefect; preserve the invalid value as the string value of the header, but set the datetime attribute to None. Add tests to test_email/test_headerregistry.py to confirm this behaviour; also added test to test_email/test_inversion.py to confirm emails with such defective date headers round trip successfully. This pull request incorporates feedback gratefully received from @bitdancer, @brettcannon, @Mariatta and @warsaw, and replaces the earlier PR #2254. Automerge-Triggered-By: GH:warsaw
2020-10-26 21:31:06 -03:00
return None
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
data = data.split()
bpo-45001: Make email date parsing more robust against malformed input (GH-27946) Various date parsing utilities in the email module, such as email.utils.parsedate(), are supposed to gracefully handle invalid input, typically by raising an appropriate exception or by returning None. The internal email._parseaddr._parsedate_tz() helper used by some of these date parsing routines tries to be robust against malformed input, but unfortunately it can still crash ungracefully when a non-empty but whitespace-only input is passed. This manifests as an unexpected IndexError. In practice, this can happen when parsing an email with only a newline inside a ‘Date:’ header, which unfortunately happens occasionally in the real world. Here's a minimal example: $ python Python 3.9.6 (default, Jun 30 2021, 10:22:16) [GCC 11.1.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import email.utils >>> email.utils.parsedate('foo') >>> email.utils.parsedate(' ') Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python3.9/email/_parseaddr.py", line 176, in parsedate t = parsedate_tz(data) File "/usr/lib/python3.9/email/_parseaddr.py", line 50, in parsedate_tz res = _parsedate_tz(data) File "/usr/lib/python3.9/email/_parseaddr.py", line 72, in _parsedate_tz if data[0].endswith(',') or data[0].lower() in _daynames: IndexError: list index out of range The fix is rather straight-forward: guard against empty lists, after splitting on whitespace, but before accessing the first element.
2021-08-26 11:49:03 -03:00
if not data: # This happens for whitespace-only input.
return None
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
# The FWS after the comma after the day-of-week is optional, so search and
# adjust for this.
if data[0].endswith(',') or data[0].lower() in _daynames:
# There's a dayname here. Skip it
del data[0]
else:
i = data[0].rfind(',')
if i >= 0:
data[0] = data[0][i+1:]
if len(data) == 3: # RFC 850 date, deprecated
stuff = data[0].split('-')
if len(stuff) == 3:
data = stuff + data[1:]
if len(data) == 4:
s = data[3]
i = s.find('+')
#1155362: allow hh:mm:ss-uuuu like we allow hh:mm:ss+uuuu in parsedate_tz Original patch by Thomas Herve.
2010-12-23 16:35:46 -04:00
if i == -1:
i = s.find('-')
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
if i > 0:
#1155362: allow hh:mm:ss-uuuu like we allow hh:mm:ss+uuuu in parsedate_tz Original patch by Thomas Herve.
2010-12-23 16:35:46 -04:00
data[3:] = [s[:i], s[i:]]
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
else:
data.append('') # Dummy tz
if len(data) < 5:
return None
data = data[:5]
[dd, mm, yy, tm, tz] = data
gh-95087: Fix IndexError in parsing invalid date in the email module (GH-95201) Co-authored-by: wouter bolsterlee <wouter@bolsterl.ee>
2022-07-25 03:17:25 -03:00
if not (dd and mm and yy):
return None
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
mm = mm.lower()
if mm not in _monthnames:
dd, mm = mm, dd.lower()
if mm not in _monthnames:
return None
mm = _monthnames.index(mm) + 1
if mm > 12:
mm -= 12
if dd[-1] == ',':
dd = dd[:-1]
i = yy.find(':')
if i > 0:
yy, tm = tm, yy
if yy[-1] == ',':
yy = yy[:-1]
gh-95087: Fix IndexError in parsing invalid date in the email module (GH-95201) Co-authored-by: wouter bolsterlee <wouter@bolsterl.ee>
2022-07-25 03:17:25 -03:00
if not yy:
return None
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
if not yy[0].isdigit():
yy, tz = tz, yy
if tm[-1] == ',':
tm = tm[:-1]
tm = tm.split(':')
if len(tm) == 2:
[thh, tmm] = tm
tss = '0'
elif len(tm) == 3:
[thh, tmm, tss] = tm
#1162477: accept '.' in addition to ':' when parsing time in date header. Some non-compliant MUAs use '.'s, so by the Postel Principle we should accept them. Patch by Thomas Herve.
2011-03-13 21:06:23 -03:00
elif len(tm) == 1 and '.' in tm[0]:
# Some non-compliant MUAs use '.' to separate time elements.
tm = tm[0].split('.')
if len(tm) == 2:
[thh, tmm] = tm
tss = 0
elif len(tm) == 3:
[thh, tmm, tss] = tm
bpo-45239: Fix parsedate_tz when time has more than 2 dots in it (GH-28452) Co-authored-by: Łukasz Langa <lukasz@langa.pl>
2021-10-13 13:21:27 -03:00
else:
return None
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
else:
return None
try:
yy = int(yy)
dd = int(dd)
thh = int(thh)
tmm = int(tmm)
tss = int(tss)
except ValueError:
return None
#1194222: make parsedate always return RFC2822 four character years. Two character years are now converted to four character years using the Posix standard rule (<68 == 2000, >=68==1900). This makes the parsed date RFC2822 compliant even if the input is not. Patch and test by Jeffrey Finkelstein.
2010-08-24 21:45:55 -03:00
# Check for a yy specified in two-digit format, then convert it to the
# appropriate four-digit format, according to the POSIX standard. RFC 822
# calls for a two-digit yy, but RFC 2822 (which obsoletes RFC 822)
# mandates a 4-digit yy. For more information, see the documentation for
# the time module.
if yy < 100:
# The year is between 1969 and 1999 (inclusive).
if yy > 68:
yy += 1900
# The year is between 2000 and 2068 (inclusive).
else:
yy += 2000
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
tzoffset = None
tz = tz.upper()
if tz in _timezones:
tzoffset = _timezones[tz]
else:
try:
tzoffset = int(tz)
except ValueError:
pass
#665194: support roundtripping RFC2822 date stamps in the email.utils module
2011-07-20 12:41:21 -03:00
if tzoffset==0 and tz.startswith('-'):
tzoffset = None
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
# Convert a timezone offset into seconds ; -0500 -> -18000
if tzoffset:
if tzoffset < 0:
tzsign = -1
tzoffset = -tzoffset
else:
tzsign = 1
tzoffset = tzsign * ( (tzoffset//100)*3600 + (tzoffset % 100)*60)
# Daylight Saving Time flag is set to -1, since DST is unknown.
#665194: support roundtripping RFC2822 date stamps in the email.utils module
2011-07-20 12:41:21 -03:00
return [yy, mm, dd, thh, tmm, tss, 0, 1, -1, tzoffset]
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
def parsedate(data):
"""Convert a time string to a time tuple."""
t = parsedate_tz(data)
if isinstance(t, tuple):
return t[:9]
else:
return t
def mktime_tz(data):
Issue #14653: email.utils.mktime_tz() no longer relies on system mktime() when timezone offest is supplied.
2012-06-21 21:34:09 -03:00
"""Turn a 10-tuple as returned by parsedate_tz() into a POSIX timestamp."""
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
if data[9] is None:
# No zone info, so localtime is better assumption than GMT
return time.mktime(data[:8] + (-1,))
else:
gh-109653: Improve import time of importlib.metadata / email.utils (#114664) My criterion for delayed imports is that they're only worth it if the majority of users of the module would benefit from it, otherwise you're just moving latency around unpredictably. mktime_tz is not used anywhere in the standard library and grep.app indicates it's not got much use in the ecosystem either. Distribution.files is not nearly as widely used as other importlib.metadata APIs, so we defer the csv import. Before: ``` λ hyperfine -w 8 './python -c "import importlib.metadata"' Benchmark 1: ./python -c "import importlib.metadata" Time (mean ± σ): 65.1 ms ± 0.5 ms [User: 55.3 ms, System: 9.8 ms] Range (min … max): 64.4 ms … 66.4 ms 44 runs ``` After: ``` λ hyperfine -w 8 './python -c "import importlib.metadata"' Benchmark 1: ./python -c "import importlib.metadata" Time (mean ± σ): 62.0 ms ± 0.3 ms [User: 52.5 ms, System: 9.6 ms] Range (min … max): 61.3 ms … 62.8 ms 46 runs ``` for about a 3ms saving with warm disk cache, maybe 7-11ms with cold disk cache.
2024-01-29 05:30:22 -04:00
# Delay the import, since mktime_tz is rarely used
import calendar
Issue #14653: email.utils.mktime_tz() no longer relies on system mktime() when timezone offest is supplied.
2012-06-21 21:34:09 -03:00
t = calendar.timegm(data)
return t - data[9]
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
def quote(str):
#1050268: make parseaddr 'quote' the contents of quoted strings in addresses. Also made the doc string for email._parseaddr's 'quote' function more accurate; I'd love to make the function match the old docstring instead, but other code uses it according the existing semantics.
2010-10-02 12:58:26 -03:00
"""Prepare string to be used in a quoted string.
Turns backslash and double quote characters into quoted pairs. These
are the only characters that need to be quoted inside a quoted string.
Does not add the surrounding double quotes.
"""
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
return str.replace('\\', '\\\\').replace('"', '\\"')
class AddrlistClass:
"""Address parser class by Ben Escoto.
To understand what this class does, it helps to have a copy of RFC 2822 in
front of you.
Note: this class interface is deprecated and may be removed in the future.
Fix few typos.
2011-11-11 14:35:42 -04:00
Use email.utils.AddressList instead.
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
"""
def __init__(self, field):
"""Initialize a new instance.
Remove almost all unpaired backticks in docstrings (#119231) As reported in #117847 and #115366, an unpaired backtick in a docstring tends to confuse e.g. Sphinx running on subclasses of standard library objects, and the typographic style of using a backtick as an opening quote is no longer in favor. Convert almost all uses of the form The variable `foo' should do xyz to The variable 'foo' should do xyz and also fix up miscellaneous other unpaired backticks (extraneous / missing characters). No functional change is intended here other than in human-readable docstrings.
2024-05-22 13:35:18 -03:00
'field' is an unparsed address header field, containing
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
one or more addresses.
"""
self.specials = '()<>@,:;.\"[]'
self.pos = 0
self.LWS = ' \t'
self.CR = '\r\n'
self.FWS = self.LWS + self.CR
self.atomends = self.specials + self.LWS + self.CR
Remove almost all unpaired backticks in docstrings (#119231) As reported in #117847 and #115366, an unpaired backtick in a docstring tends to confuse e.g. Sphinx running on subclasses of standard library objects, and the typographic style of using a backtick as an opening quote is no longer in favor. Convert almost all uses of the form The variable `foo' should do xyz to The variable 'foo' should do xyz and also fix up miscellaneous other unpaired backticks (extraneous / missing characters). No functional change is intended here other than in human-readable docstrings.
2024-05-22 13:35:18 -03:00
# Note that RFC 2822 now specifies '.' as obs-phrase, meaning that it
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
# is obsolete syntax. RFC 2822 requires that we recognize obsolete
# syntax, so allow dots in phrases.
self.phraseends = self.atomends.replace('.', '')
self.field = field
self.commentlist = []
def gotonext(self):
#9286: Fix the rfc822 parser to preserve whitespace in address local part. Such addresses are not RFC compliant except under the 'obsolete syntax' rules, but before this fix the whitespace was dropped from the input, concatenating the pieces. That breaks one of the principles of the email package, that of preserving the input as much as possible. It also denies the application program the opportunity to apply its own heuristics to interpretation of such non-compliant addresses. It is possible users of the email package were depending on the local part always being a single token, so this fix will not be backported.
2010-12-18 14:25:38 -04:00
"""Skip white space and extract comments."""
wslist = []
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
while self.pos < len(self.field):
if self.field[self.pos] in self.LWS + '\n\r':
#9286: Fix the rfc822 parser to preserve whitespace in address local part. Such addresses are not RFC compliant except under the 'obsolete syntax' rules, but before this fix the whitespace was dropped from the input, concatenating the pieces. That breaks one of the principles of the email package, that of preserving the input as much as possible. It also denies the application program the opportunity to apply its own heuristics to interpretation of such non-compliant addresses. It is possible users of the email package were depending on the local part always being a single token, so this fix will not be backported.
2010-12-18 14:25:38 -04:00
if self.field[self.pos] not in '\n\r':
wslist.append(self.field[self.pos])
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
self.pos += 1
elif self.field[self.pos] == '(':
self.commentlist.append(self.getcomment())
else:
break
#9286: Fix the rfc822 parser to preserve whitespace in address local part. Such addresses are not RFC compliant except under the 'obsolete syntax' rules, but before this fix the whitespace was dropped from the input, concatenating the pieces. That breaks one of the principles of the email package, that of preserving the input as much as possible. It also denies the application program the opportunity to apply its own heuristics to interpretation of such non-compliant addresses. It is possible users of the email package were depending on the local part always being a single token, so this fix will not be backported.
2010-12-18 14:25:38 -04:00
return EMPTYSTRING.join(wslist)
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
def getaddrlist(self):
"""Parse all addresses.
Returns a list containing all of the addresses.
"""
result = []
while self.pos < len(self.field):
ad = self.getaddress()
if ad:
result += ad
else:
result.append(('', ''))
return result
def getaddress(self):
"""Parse the next address."""
self.commentlist = []
self.gotonext()
oldpos = self.pos
oldcl = self.commentlist
plist = self.getphraselist()
self.gotonext()
returnlist = []
if self.pos >= len(self.field):
# Bad email address technically, no domain.
if plist:
returnlist = [(SPACE.join(self.commentlist), plist[0])]
elif self.field[self.pos] in '.@':
# email address is just an addrspec
# this isn't very efficient since we start over
self.pos = oldpos
self.commentlist = oldcl
addrspec = self.getaddrspec()
returnlist = [(SPACE.join(self.commentlist), addrspec)]
elif self.field[self.pos] == ':':
# address is a group
returnlist = []
fieldlen = len(self.field)
self.pos += 1
while self.pos < len(self.field):
self.gotonext()
if self.pos < fieldlen and self.field[self.pos] == ';':
self.pos += 1
break
returnlist = returnlist + self.getaddress()
elif self.field[self.pos] == '<':
# Address is a phrase then a route addr
routeaddr = self.getrouteaddr()
if self.commentlist:
returnlist = [(SPACE.join(plist) + ' (' +
' '.join(self.commentlist) + ')', routeaddr)]
else:
returnlist = [(SPACE.join(plist), routeaddr)]
else:
if plist:
returnlist = [(SPACE.join(self.commentlist), plist[0])]
elif self.field[self.pos] in self.specials:
self.pos += 1
self.gotonext()
if self.pos < len(self.field) and self.field[self.pos] == ',':
self.pos += 1
return returnlist
def getrouteaddr(self):
"""Parse a route address (Return-path value).
This method just skips all the route stuff and returns the addrspec.
"""
if self.field[self.pos] != '<':
return
expectroute = False
self.pos += 1
self.gotonext()
adlist = ''
while self.pos < len(self.field):
if expectroute:
self.getdomain()
expectroute = False
elif self.field[self.pos] == '>':
self.pos += 1
break
elif self.field[self.pos] == '@':
self.pos += 1
expectroute = True
elif self.field[self.pos] == ':':
self.pos += 1
else:
adlist = self.getaddrspec()
self.pos += 1
break
self.gotonext()
return adlist
def getaddrspec(self):
"""Parse an RFC 2822 addr-spec."""
aslist = []
self.gotonext()
while self.pos < len(self.field):
#9286: Fix the rfc822 parser to preserve whitespace in address local part. Such addresses are not RFC compliant except under the 'obsolete syntax' rules, but before this fix the whitespace was dropped from the input, concatenating the pieces. That breaks one of the principles of the email package, that of preserving the input as much as possible. It also denies the application program the opportunity to apply its own heuristics to interpretation of such non-compliant addresses. It is possible users of the email package were depending on the local part always being a single token, so this fix will not be backported.
2010-12-18 14:25:38 -04:00
preserve_ws = True
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
if self.field[self.pos] == '.':
#9286: Fix the rfc822 parser to preserve whitespace in address local part. Such addresses are not RFC compliant except under the 'obsolete syntax' rules, but before this fix the whitespace was dropped from the input, concatenating the pieces. That breaks one of the principles of the email package, that of preserving the input as much as possible. It also denies the application program the opportunity to apply its own heuristics to interpretation of such non-compliant addresses. It is possible users of the email package were depending on the local part always being a single token, so this fix will not be backported.
2010-12-18 14:25:38 -04:00
if aslist and not aslist[-1].strip():
aslist.pop()
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
aslist.append('.')
self.pos += 1
#9286: Fix the rfc822 parser to preserve whitespace in address local part. Such addresses are not RFC compliant except under the 'obsolete syntax' rules, but before this fix the whitespace was dropped from the input, concatenating the pieces. That breaks one of the principles of the email package, that of preserving the input as much as possible. It also denies the application program the opportunity to apply its own heuristics to interpretation of such non-compliant addresses. It is possible users of the email package were depending on the local part always being a single token, so this fix will not be backported.
2010-12-18 14:25:38 -04:00
preserve_ws = False
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
elif self.field[self.pos] == '"':
#1050268: make parseaddr 'quote' the contents of quoted strings in addresses. Also made the doc string for email._parseaddr's 'quote' function more accurate; I'd love to make the function match the old docstring instead, but other code uses it according the existing semantics.
2010-10-02 12:58:26 -03:00
aslist.append('"%s"' % quote(self.getquote()))
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
elif self.field[self.pos] in self.atomends:
#9286: Fix the rfc822 parser to preserve whitespace in address local part. Such addresses are not RFC compliant except under the 'obsolete syntax' rules, but before this fix the whitespace was dropped from the input, concatenating the pieces. That breaks one of the principles of the email package, that of preserving the input as much as possible. It also denies the application program the opportunity to apply its own heuristics to interpretation of such non-compliant addresses. It is possible users of the email package were depending on the local part always being a single token, so this fix will not be backported.
2010-12-18 14:25:38 -04:00
if aslist and not aslist[-1].strip():
aslist.pop()
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
break
else:
aslist.append(self.getatom())
#9286: Fix the rfc822 parser to preserve whitespace in address local part. Such addresses are not RFC compliant except under the 'obsolete syntax' rules, but before this fix the whitespace was dropped from the input, concatenating the pieces. That breaks one of the principles of the email package, that of preserving the input as much as possible. It also denies the application program the opportunity to apply its own heuristics to interpretation of such non-compliant addresses. It is possible users of the email package were depending on the local part always being a single token, so this fix will not be backported.
2010-12-18 14:25:38 -04:00
ws = self.gotonext()
if preserve_ws and ws:
aslist.append(ws)
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
if self.pos >= len(self.field) or self.field[self.pos] != '@':
return EMPTYSTRING.join(aslist)
aslist.append('@')
self.pos += 1
self.gotonext()
bpo-34155: Dont parse domains containing @ (GH-13079) Before: >>> email.message_from_string('From: a@malicious.org@important.com', policy=email.policy.default)['from'].addresses (Address(display_name='', username='a', domain='malicious.org'),) >>> parseaddr('a@malicious.org@important.com') ('', 'a@malicious.org') After: >>> email.message_from_string('From: a@malicious.org@important.com', policy=email.policy.default)['from'].addresses (Address(display_name='', username='', domain=''),) >>> parseaddr('a@malicious.org@important.com') ('', 'a@') https://bugs.python.org/issue34155
2019-07-17 18:54:25 -03:00
domain = self.getdomain()
if not domain:
# Invalid domain, return an empty address instead of returning a
# local part to denote failed parsing.
return EMPTYSTRING
return EMPTYSTRING.join(aslist) + domain
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
def getdomain(self):
"""Get the complete domain name from an address."""
sdlist = []
while self.pos < len(self.field):
if self.field[self.pos] in self.LWS:
self.pos += 1
elif self.field[self.pos] == '(':
self.commentlist.append(self.getcomment())
elif self.field[self.pos] == '[':
sdlist.append(self.getdomainliteral())
elif self.field[self.pos] == '.':
self.pos += 1
sdlist.append('.')
bpo-34155: Dont parse domains containing @ (GH-13079) Before: >>> email.message_from_string('From: a@malicious.org@important.com', policy=email.policy.default)['from'].addresses (Address(display_name='', username='a', domain='malicious.org'),) >>> parseaddr('a@malicious.org@important.com') ('', 'a@malicious.org') After: >>> email.message_from_string('From: a@malicious.org@important.com', policy=email.policy.default)['from'].addresses (Address(display_name='', username='', domain=''),) >>> parseaddr('a@malicious.org@important.com') ('', 'a@') https://bugs.python.org/issue34155
2019-07-17 18:54:25 -03:00
elif self.field[self.pos] == '@':
# bpo-34155: Don't parse domains with two `@` like
# `a@malicious.org@important.com`.
return EMPTYSTRING
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
elif self.field[self.pos] in self.atomends:
break
else:
sdlist.append(self.getatom())
return EMPTYSTRING.join(sdlist)
def getdelimited(self, beginchar, endchars, allowcomments=True):
"""Parse a header fragment delimited by special characters.
Remove almost all unpaired backticks in docstrings (#119231) As reported in #117847 and #115366, an unpaired backtick in a docstring tends to confuse e.g. Sphinx running on subclasses of standard library objects, and the typographic style of using a backtick as an opening quote is no longer in favor. Convert almost all uses of the form The variable `foo' should do xyz to The variable 'foo' should do xyz and also fix up miscellaneous other unpaired backticks (extraneous / missing characters). No functional change is intended here other than in human-readable docstrings.
2024-05-22 13:35:18 -03:00
'beginchar' is the start character for the fragment.
If self is not looking at an instance of 'beginchar' then
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
getdelimited returns the empty string.
Remove almost all unpaired backticks in docstrings (#119231) As reported in #117847 and #115366, an unpaired backtick in a docstring tends to confuse e.g. Sphinx running on subclasses of standard library objects, and the typographic style of using a backtick as an opening quote is no longer in favor. Convert almost all uses of the form The variable `foo' should do xyz to The variable 'foo' should do xyz and also fix up miscellaneous other unpaired backticks (extraneous / missing characters). No functional change is intended here other than in human-readable docstrings.
2024-05-22 13:35:18 -03:00
'endchars' is a sequence of allowable end-delimiting characters.
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
Parsing stops when one of these is encountered.
Remove almost all unpaired backticks in docstrings (#119231) As reported in #117847 and #115366, an unpaired backtick in a docstring tends to confuse e.g. Sphinx running on subclasses of standard library objects, and the typographic style of using a backtick as an opening quote is no longer in favor. Convert almost all uses of the form The variable `foo' should do xyz to The variable 'foo' should do xyz and also fix up miscellaneous other unpaired backticks (extraneous / missing characters). No functional change is intended here other than in human-readable docstrings.
2024-05-22 13:35:18 -03:00
If 'allowcomments' is non-zero, embedded RFC 2822 comments are allowed
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
within the parsed fragment.
"""
if self.field[self.pos] != beginchar:
return ''
slist = ['']
quote = False
self.pos += 1
while self.pos < len(self.field):
if quote:
slist.append(self.field[self.pos])
quote = False
elif self.field[self.pos] in endchars:
self.pos += 1
break
elif allowcomments and self.field[self.pos] == '(':
slist.append(self.getcomment())
continue # have already advanced pos from getcomment
elif self.field[self.pos] == '\\':
quote = True
else:
slist.append(self.field[self.pos])
self.pos += 1
return EMPTYSTRING.join(slist)
def getquote(self):
"""Get a quote-delimited fragment from self's field."""
return self.getdelimited('"', '"\r', False)
def getcomment(self):
"""Get a parenthesis-delimited fragment from self's field."""
return self.getdelimited('(', ')\r', True)
def getdomainliteral(self):
"""Parse an RFC 2822 domain-literal."""
return '[%s]' % self.getdelimited('[', ']\r', False)
def getatom(self, atomends=None):
"""Parse an RFC 2822 atom.
Optional atomends specifies a different set of end token delimiters
(the default is to use self.atomends). This is used e.g. in
Remove almost all unpaired backticks in docstrings (#119231) As reported in #117847 and #115366, an unpaired backtick in a docstring tends to confuse e.g. Sphinx running on subclasses of standard library objects, and the typographic style of using a backtick as an opening quote is no longer in favor. Convert almost all uses of the form The variable `foo' should do xyz to The variable 'foo' should do xyz and also fix up miscellaneous other unpaired backticks (extraneous / missing characters). No functional change is intended here other than in human-readable docstrings.
2024-05-22 13:35:18 -03:00
getphraselist() since phrase endings must not include the '.' (which
Copying the email package back, despite its failings.
2007-08-29 22:15:14 -03:00
is legal in phrases)."""
atomlist = ['']
if atomends is None:
atomends = self.atomends
while self.pos < len(self.field):
if self.field[self.pos] in atomends:
break
else:
atomlist.append(self.field[self.pos])
self.pos += 1
return EMPTYSTRING.join(atomlist)
def getphraselist(self):
"""Parse a sequence of RFC 2822 phrases.
A phrase is a sequence of words, which are in turn either RFC 2822
atoms or quoted-strings. Phrases are canonicalized by squeezing all
runs of continuous whitespace into one space.
"""
plist = []
while self.pos < len(self.field):
if self.field[self.pos] in self.FWS:
self.pos += 1
elif self.field[self.pos] == '"':
plist.append(self.getquote())
elif self.field[self.pos] == '(':
self.commentlist.append(self.getcomment())
elif self.field[self.pos] in self.phraseends:
break
else:
plist.append(self.getatom(self.phraseends))
return plist
class AddressList(AddrlistClass):
"""An AddressList encapsulates a list of parsed RFC 2822 addresses."""
def __init__(self, field):
AddrlistClass.__init__(self, field)
if field:
self.addresslist = self.getaddrlist()
else:
self.addresslist = []
def __len__(self):
return len(self.addresslist)
def __add__(self, other):
# Set union
newaddr = AddressList(None)
newaddr.addresslist = self.addresslist[:]
for x in other.addresslist:
if not x in self.addresslist:
newaddr.addresslist.append(x)
return newaddr
def __iadd__(self, other):
# Set union, in-place
for x in other.addresslist:
if not x in self.addresslist:
self.addresslist.append(x)
return self
def __sub__(self, other):
# Set difference
newaddr = AddressList(None)
for x in self.addresslist:
if not x in other.addresslist:
newaddr.addresslist.append(x)
return newaddr
def __isub__(self, other):
# Set difference, in-place
for x in other.addresslist:
if x in self.addresslist:
self.addresslist.remove(x)
return self
def __getitem__(self, index):
# Make indexing, slices, and 'in' work
return self.addresslist[index]