Commit Graph

93 Commits

Author SHA1 Message Date
Facundo Batista ace0bcf669 Issue 3801. Fixing a dumb error in the deprecated parse_qsl()
function.  Tests added.
2008-09-08 00:20:28 +00:00
Facundo Batista c585df9476 Issue 600362: Relocated parse_qs() and parse_qsl(), from the cgi module
to the urlparse one.  Added a PendingDeprecationWarning in the old
module, it will be deprecated in the future.  Docs and tests updated.
2008-09-03 22:35:50 +00:00
Brett Cannon 1eaf0742d8 Move test.test_support.catch_warning() to the warnings module, rename it
catch_warnings(), and clean up the API.

While expanding the test suite, a bug was found where a warning about the
'line' argument to showwarning() was not letting functions with '*args' go
without a warning.

Closes issue 3602.
Code review by Benjamin Peterson.
2008-09-02 01:25:16 +00:00
Brett Cannon 721b1457a0 Silence DeprecationWarning raised by mimetools and rfc822 in cgi. 2008-08-16 22:00:27 +00:00
Facundo Batista a6a4d50efe Now a from submitted via POST that also has a query string
will contain both FieldStorage and MiniFieldStorage items.

Fixes #1817.
2008-06-21 18:58:04 +00:00
Georg Brandl aff85e2d26 Patch #1541463: optimize performance of cgi.FieldStorage operations. 2007-09-20 16:06:07 +00:00
Georg Brandl 05b3c450a8 Bug #1457823: cgi.(Sv)FormContentDict's constructor now takes
keep_blank_values and strict_parsing keyword arguments.
2006-09-30 10:58:01 +00:00
Guido van Rossum 9568b738ec Chris McDonough's patch to defend against certain DoS attacks on FieldStorage.
SF bug #1112549.
2006-08-10 17:41:07 +00:00
Armin Rigo 3a703b6059 Reverted revision 1.83, which introduced a bug and subtle incompatibility
issues.  See bug #1112856.
2005-09-19 09:11:04 +00:00
Skip Montanaro 97b2fa229c Bring cgi.escape docstring slightly more in line with the library ref
manual.  Closes #1243553.
2005-08-02 02:50:25 +00:00
Johannes Gijsbers c7fc10a418 Patch #1079734: remove dependencies on (deprecated) rfc822 and mimetools
modules, replacing with email. Thanks to Josh Hoyt for the patch!
2005-01-08 13:56:36 +00:00
Raymond Hettinger f871d833dd Remove some lambdas. 2004-12-31 21:59:02 +00:00
Raymond Hettinger a617271dbd Use cStringIO where available. 2004-12-31 19:15:26 +00:00
Johannes Gijsbers 9e15dd6861 Let cgi.parse_header() properly unquote headers (patch #1008597). 2004-08-14 15:39:34 +00:00
Neil Schemenauer 66edb6295f Don't return spurious empty fields if 'keep_empty_values' is True.
Fixes SF bug #990307.
2004-07-19 15:38:11 +00:00
Brett Cannon 8d9b60f102 Change parse_qsl() to accept control-name's with no equal sign (e.g., "name")
when keep_blank_values is true.
2004-03-21 22:16:15 +00:00
Walter Dörwald 70a6b49821 Replace backticks with repr() or "%r"
From SF patch #852334.
2004-02-12 17:35:32 +00:00
Guido van Rossum 68468eba63 Get rid of many apply() calls. 2003-02-27 20:14:51 +00:00
Guido van Rossum 4061cbee9c Patch suggested by Hamish Lawson: add an __iter__() that returns
iter(self.keys()).
2002-09-11 18:20:34 +00:00
Raymond Hettinger 46ac8eb3c8 Code modernization. Replace v=s[i]; del s[i] with single lookup v=s.pop(i) 2002-06-30 03:39:14 +00:00
Raymond Hettinger 54f0222547 SF 563203. Replaced 'has_key()' with 'in'. 2002-06-01 14:18:47 +00:00
Raymond Hettinger a144900b86 Use is None rather than general boolean 2002-05-31 23:54:44 +00:00
Tim Peters bc0e910826 Convert a pile of obvious "yes/no" functions to return bool. 2002-04-04 22:55:58 +00:00
Skip Montanaro db5d1444a1 tighten up except - only ValueError can be raised in this situation 2002-03-23 05:50:17 +00:00
Neal Norwitz 7fd41ccdb1 SF #515006, remove unnecessary import 2002-02-11 17:57:55 +00:00
Fred Drake 4c85da4d16 "ib" should be "boundary"; reported by Neal Norwitz. 2001-10-13 18:38:53 +00:00
Guido van Rossum 1bfb388d86 Class FieldStorage: add two new methods, getfirst() and getlist(),
that provide a somewhat more uniform interface to getting values.

This is from SF patch #453691.
2001-09-05 19:45:34 +00:00
Tim Peters ab9ba27dc0 Whitespace normalization. 2001-08-09 21:40:30 +00:00
Guido van Rossum 2e441f7836 Fix a denial-of-service attack, SF bug #443120.
Code by Evan Simpson.
2001-07-25 21:00:19 +00:00
Guido van Rossum 52b8c29ca7 Solve SF bug #231249: cgi.py opens too many (temporary) files.
class FieldStorage: this patch changes read_lines() and co. to use a
StringIO() instead of a real file.  The write() calls are redirected
to a private method that replaces it with a real, external file only
when it gets too big (> 1000 bytes).

This avoids problems in forms using the multipart/form-data encoding
with many fields.  The original code created a temporary file for
*every* field (not just for file upload fields), thereby sometimes
exceeding the open file limit of some systems.

Note that the simpler solution "use a real file only for file uploads"
can't be used because the form field parser has no way to tell which
fields correspond to file uploads.

It's *possible* but extremely unlikely that this would break someone's
code; they would have to be stepping way outside the documented
interface for FieldStorage and use f.file.fileno(), or depend on
overriding make_file() to return a file-like object with additional
known properties.
2001-06-29 13:06:06 +00:00
Guido van Rossum a8423a95b8 Add a whole lot of stuff to __all__.
(Excluding the logging stuff, which doesn't lend itself to use via
"from cgi import *" -- it manipulates globals.)
2001-03-19 13:40:44 +00:00
Skip Montanaro ff443a51eb added missing element to __all__ 2001-02-28 01:03:48 +00:00
Guido van Rossum 467d723bd7 Added a comment explaining why this file must really have #!
/usr/local/bin/python and not #! /usr/bin/env python.
2001-02-13 13:13:33 +00:00
Eric S. Raymond 7e9b4f58b6 String method conversion. 2001-02-09 09:59:10 +00:00
Skip Montanaro e99d5ea25b added __all__ lists to a number of Python modules
added test script and expected output file as well
this closes patch 103297.
__all__ attributes will be added to other modules without first submitting
a patch, just adding the necessary line to the test script to verify
more-or-less correct implementation.
2001-01-20 19:54:20 +00:00
Tim Peters 88869f9787 Whitespace normalization. 2001-01-14 23:36:06 +00:00
Guido van Rossum 7dd06966cb Make Traceback header conform to new traceback ("innermost last" ->
"most recent call last").
2000-12-27 19:12:58 +00:00
Barry Warsaw 7fed217515 This fixes several bug reports concering memory bloating during large
file uploads.

In response to SF bugs 110674 and 119806, and discussions on
python-dev, we are removing the self.lines attribute from the
FieldStorage class.  Specifically touched where methods __init__(),
read_lines_to_eof(), and skip_lines().

No one can remember why self.lines was added.  Technically, it's part
of the public interface for the class, but it was never documented.
It's possible clever or nosy code will break because of this, but it
was decided to remove it and see who complains.

This resolution also closes the second half of the cgi.py entry in PEP
42.  The first half of that PEP concerns specifically binary file
uploads, where there may be no end-of-line marker for a very long
time.  This patch does not address that issue.
2000-11-06 18:46:09 +00:00
Guido van Rossum 5191463276 Undo Ping's change.
CGI scripts should *not* use /usr/bin/env, since on systems that don't
come standard with Python installed, Python isn't on the default $PATH.

Too bad that this breaks on Linux, where Python is in /usr/bin which
is on the default path -- the point is that you must manually edit
your CGI scripts when you install them.
2000-10-03 13:51:09 +00:00
Ka-Ping Yee 099e534fa4 Change first line to #!/usr/bin/env python (really just to test check-in). 2000-10-03 08:32:00 +00:00
Guido van Rossum a3c6a8a30e Patch #101121, by Ka-Ping Yee: cosmetic cleanup of cgi.py, using my
style conventions.  (Ping has checkin privileges but apparently
ignores them at the moment.)

Ping improves a few doc strings and fixes style violations like foo ( bar ).

An addition of my own: rearrange the printing of various items in
test() so that the (long) environment comes at the end.  This avoids
having to scroll if you want to see the current directory or command
line arguments.
2000-09-19 04:11:46 +00:00
Guido van Rossum 57d51f2f1d Improve the test output a bit. 2000-09-16 21:16:01 +00:00
Jeremy Hylton afde7e24b6 fix bug #110661 (PR#356) -- accept either & or ; as separator for CGI
query string
also some doc string reformatting and use of string methods instead of
    older string.splitfields
2000-09-15 20:06:57 +00:00
Moshe Zadka a1a4b5916b Closing patch #101120 -- After everyone agreed. 2000-08-25 21:47:56 +00:00
Jeremy Hylton c253d9a623 Remove very long doc string (it's all in the docs)
Modify parse_qsl to interpret 'a=b=c' as key 'a' and value 'b=c'
(which matches Perl's CGI.pm)
2000-08-03 20:57:44 +00:00
Thomas Wouters 7e47402264 Spelling fixes supplied by Rob W. W. Hooft. All these are fixes in either
comments, docstrings or error messages. I fixed two minor things in
test_winreg.py ("didn't" -> "Didn't" and "Didnt" -> "Didn't").

There is a minor style issue involved: Guido seems to have preferred English
grammar (behaviour, honour) in a couple places. This patch changes that to
American, which is the more prominent style in the source. I prefer English
myself, so if English is preferred, I'd be happy to supply a patch myself ;)
2000-07-16 12:04:32 +00:00
Guido van Rossum 98d9fd3e68 Simple changes by Gerrit Holl - move author acknowledgements out of
docstrings into comments.
2000-02-28 15:12:25 +00:00
Guido van Rossum 3af7b050a3 Fix a broken r.append(name, value) call, spotted by Tim. 2000-02-25 11:44:03 +00:00
Guido van Rossum 60a3bd8130 After more discussion with Jim, change the behavior so that only a
*missing* content-type at the outer level of a POST defaults to
urlencoded.  In all other circumstances, the default is read_singe().
1999-06-11 18:26:09 +00:00
Guido van Rossum 1946f0d6f2 Patch by Jim Fulton: new function parse_qsl(), which is like
parse_qs() but returns a list of (name, value) pairs -- which is
actually more correct.  Use this where it makes sense.
1999-06-04 17:54:39 +00:00