Commit Graph

127 Commits

Author SHA1 Message Date
Siwon Kang 91daa9d722 bpo-38863: Improve is_cgi() in http.server (GH-17312)
is_cgi() function of http.server library does not currently handle a
cgi script if one of the cgi_directories is located at the
sub-directory of given path. Since is_cgi() in CGIHTTPRequestHandler
class separates given path into (dir, rest) based on the first seen
'/', multi-level directories like /sub/dir/cgi-bin/hello.py is divided
into head=/sub, rest=dir/cgi-bin/hello.py then check whether '/sub'
exists in cgi_directories = [..., '/sub/dir/cgi-bin'].
This patch makes the is_cgi() keep expanding dir part to the next '/'
then checking if that expanded path exists in the cgi_directories.

Signed-off-by: Siwon Kang <kkangshawn@gmail.com>





https://bugs.python.org/issue38863
2019-11-22 01:13:05 -08:00
Géry Ogam 781266ebb6 bpo-35640: Allow passing PathLike arguments to SimpleHTTPRequestHandler (GH-11398) 2019-09-11 14:03:46 +01:00
Jason R. Coombs f289084c83
bpo-24209: In http.server script, rely on getaddrinfo to bind to preferred address based on the bind parameter. (#11767)
In http.server script, rely on getaddrinfo to bind to preferred address based on the bind parameter.

As a result, now IPv6 is used as the default (including IPv4 on dual-stack systems). Enhanced tests.
2019-02-07 08:22:45 -05:00
Michael Felt 2062a20641 bpo-34711: Return HTTPStatus.NOT_FOUND if path.endswith('/') and not a directory (GH-9687)
AIX allows a trailing slash on local file system paths, which isn't what we want
in http.server. Accordingly, check explicitly for this case in the server code,
rather than relying on the OS raising an exception.

Patch by Michael Felt.
2018-12-26 15:43:42 +10:00
Lisa Roach 433433fa6d
Adds IPv6 support when invoking http.server directly. (GH-10595) 2018-11-26 10:43:38 -08:00
ValeriyaSinevich b36b0a3765 bpo-33663: Convert content length to string before putting to header (GH-7754) 2018-06-18 14:17:53 -07:00
Géry Ogam 1cee216cf3 bpo-31639: Change ThreadedHTTPServer to ThreadingHTTPServer class name (GH-7195) 2018-05-29 22:10:30 +02:00
Julien Palard 8bcfa02e4b
bpo-31639: Use threads in http.server module. (GH-5018) 2018-03-23 17:40:33 +01:00
Serhiy Storchaka 13ad3b7a82 bpo-31462: Remove trailing whitespaces. (#3564) 2017-09-14 09:38:36 +03:00
Stéphane Wirtel a17a2f52c4 bpo-28707: Add the directory parameter to http.server.SimpleHTTPRequestHandler and http.server module (#1776)
* bpo-28707: call the constructor of SimpleHTTPRequestHandler in the test with a mock object

* bpo-28707: Add the directory parameter to http.server.SimpleHTTPRequestHandler and http.server module
2017-05-24 00:29:06 -07:00
Serhiy Storchaka 7e4db2f253 bpo-30166: Import command-line parsing modules only when needed. (#1293) 2017-05-04 08:17:47 +03:00
Pierre Quentel 351adda54b bpo-29654 : Support If-Modified-Since HTTP header (browser cache) (#298)
Return 304 response if file was not modified.
2017-04-02 13:26:12 +03:00
Martin Panter e82338ddab Issue #28548: Parse HTTP request version even if too many words received 2016-11-19 01:06:37 +00:00
Martin Panter 40de69ac58 Issue #25738: Merge HTTP server from 3.5 2016-06-08 09:45:58 +00:00
Martin Panter e42e129ebe Issue #25738: Don’t send message body for 205 Reset Content
Patch by Susumu Koshiba.
2016-06-08 08:29:13 +00:00
Berker Peksag 3a31cca4ab Issue #24902: Print server URL on http.server startup
Initial patch by Felix Kaiser.
2016-04-29 16:48:11 +03:00
Martin Panter 791ac54a44 Issue #26657: Merge http.server fix from 3.5 2016-04-18 07:16:17 +00:00
Martin Panter d274b3f1f1 Issue #26657: Fix Windows directory traversal vulnerability with http.server
Based on patch by Philipp Hagemeister.  This fixes a regression caused by
revision f4377699fd47.
2016-04-18 03:45:18 +00:00
Martin Panter 0cab9c1eba Issue #26404: Add context manager to socketserver, by Aviv Palivoda 2016-04-13 00:36:52 +00:00
Martin Panter da3bb38452 Issue #26585: Eliminate _quote_html() and use html.escape(quote=False)
Patch by Xiang Zhang.
2016-04-11 00:40:08 +00:00
Martin Panter 50badad807 Issue #26586: Simple enhancements to BaseHTTPRequestHandler by Xiang Zhang 2016-04-03 01:28:53 +00:00
Martin Panter b93e4b2480 Issue #26586: Merge excessive HTTP header handling from 3.5 2016-04-03 01:28:49 +00:00
Martin Panter acc03195b0 Issue #26586: Handle excessive header fields in http.server, by Xiang Zhang 2016-04-03 00:45:46 +00:00
Berker Peksag 04bc5b9e48 Issue #747320: Use email.utils.formatdate() to avoid code duplication
in BaseHTTPRequestHandler

Initial patch by karlcow.
2016-03-14 06:06:03 +02:00
Martin Panter 3f930dcd87 Merge typo fixes from 3.4 into 3.5 2015-10-07 11:01:47 +00:00
Martin Panter 9955a373a8 Various minor typos in documentation and comments 2015-10-07 10:26:23 +00:00
Martin Panter 56b76d25dd Issues #25232, #24657: Merge two CGI server fixes from 3.4 into 3.5 2015-10-03 06:03:25 +00:00
Martin Panter cb29e8c0e5 Issue #24657: Prevent CGIRequestHandler from collapsing the URL query
Initial patch from Xiang Zhang. Also fix out-of-date _url_collapse_path() doc
string.
2015-10-03 05:55:46 +00:00
Martin Panter a02e18a43f Issue #25232: Fix CGIRequestHandler's splitting of URL query
Patch from Xiang Zhang.
2015-10-03 05:38:07 +00:00
Robert Collins 5409177b62 Issue #24774: Fix docstring in http.server.test.
Patch from Chiu-Hsiang Hsu.
2015-08-17 12:19:19 +12:00
Robert Collins 9644f2450d Issue #24774: Fix docstring in http.server.test.
Patch from Chiu-Hsiang Hsu.
2015-08-17 12:18:35 +12:00
Serhiy Storchaka c0a23e6320 Issue #21793: BaseHTTPRequestHandler again logs response code as numeric,
not as stringified enum.  Patch by Demian Brecht.
2015-03-07 11:51:37 +02:00
Benjamin Peterson 1130c7f693 merge 3.4 (#23410) 2015-02-17 21:13:30 -05:00
Benjamin Peterson 70e2847347 document the requestline and close_connection attributes, use real booleans, and add tests (closes #23410)
Patch by Martin Panter.
2015-02-17 21:11:10 -05:00
Berker Peksag 6767757589 Issue #23418: Add missing entries to http.server.__all__.
Patch by Martin Panter.
2015-02-13 20:48:41 +02:00
Berker Peksag 366c570d1f Issue #23418: Add missing entries to http.server.__all__.
Patch by Martin Panter.
2015-02-13 20:48:15 +02:00
Benjamin Peterson fe975a234f merge 3.4 (#23112) 2014-12-26 10:56:51 -06:00
Benjamin Peterson 94cb7a2429 fix behavior of trailing slash redirection when a query string is involved (closes #23112) 2014-12-26 10:53:43 -06:00
Serhiy Storchaka e4db76967d Issue #21793: Added http.HTTPStatus enums (i.e. HTTPStatus.OK,
HTTPStatus.NOT_FOUND).  Patch by Demian Brecht.
2014-12-23 16:28:28 +02:00
Serhiy Storchaka cb5bc408ad Issue #22165: SimpleHTTPRequestHandler now supports undecodable file names. 2014-08-17 08:22:11 +03:00
Ned Deily 5d0d2e6ed6 Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:16:56 -07:00
Ned Deily 217f4cd7ee Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:12:39 -07:00
Ned Deily 915a30fb0d Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435.  Patch by Zach Byrne.
2014-07-12 22:06:26 -07:00
Benjamin Peterson a8c75fe31a merge 3.3 (#21766) 2014-06-14 18:41:13 -07:00
Benjamin Peterson 6cd1954c5c merge 3.2 (#21766) 2014-06-14 18:40:10 -07:00
Benjamin Peterson 73b8b1cdb8 url unquote the path before checking if it refers to a CGI script (closes #21766) 2014-06-14 18:36:29 -07:00
Victor Stinner 7fa767e517 Issue #20976: pyflakes: Remove unused imports 2014-03-20 09:16:38 +01:00
Serhiy Storchaka c0b0bb6e01 Issue #20331: Fixed possible FD leaks in various modules:
http.server, imghdr, mailcap, mimetypes, xml.etree.
2014-01-25 19:43:56 +02:00
Serhiy Storchaka 91b0bc237c Issue #20331: Fixed possible FD leaks in various modules:
http.server, imghdr, mailcap, mimetypes, xml.etree.
2014-01-25 19:43:02 +02:00
Benjamin Peterson c28ab08887 merge 3.3 (#18574) 2014-01-18 21:51:11 -05:00