class FieldStorage: this patch changes read_lines() and co. to use a
StringIO() instead of a real file. The write() calls are redirected
to a private method that replaces it with a real, external file only
when it gets too big (> 1000 bytes).
This avoids problems in forms using the multipart/form-data encoding
with many fields. The original code created a temporary file for
*every* field (not just for file upload fields), thereby sometimes
exceeding the open file limit of some systems.
Note that the simpler solution "use a real file only for file uploads"
can't be used because the form field parser has no way to tell which
fields correspond to file uploads.
It's *possible* but extremely unlikely that this would break someone's
code; they would have to be stepping way outside the documented
interface for FieldStorage and use f.file.fileno(), or depend on
overriding make_file() to return a file-like object with additional
known properties.
added test script and expected output file as well
this closes patch 103297.
__all__ attributes will be added to other modules without first submitting
a patch, just adding the necessary line to the test script to verify
more-or-less correct implementation.
file uploads.
In response to SF bugs 110674 and 119806, and discussions on
python-dev, we are removing the self.lines attribute from the
FieldStorage class. Specifically touched where methods __init__(),
read_lines_to_eof(), and skip_lines().
No one can remember why self.lines was added. Technically, it's part
of the public interface for the class, but it was never documented.
It's possible clever or nosy code will break because of this, but it
was decided to remove it and see who complains.
This resolution also closes the second half of the cgi.py entry in PEP
42. The first half of that PEP concerns specifically binary file
uploads, where there may be no end-of-line marker for a very long
time. This patch does not address that issue.
CGI scripts should *not* use /usr/bin/env, since on systems that don't
come standard with Python installed, Python isn't on the default $PATH.
Too bad that this breaks on Linux, where Python is in /usr/bin which
is on the default path -- the point is that you must manually edit
your CGI scripts when you install them.
style conventions. (Ping has checkin privileges but apparently
ignores them at the moment.)
Ping improves a few doc strings and fixes style violations like foo ( bar ).
An addition of my own: rearrange the printing of various items in
test() so that the (long) environment comes at the end. This avoids
having to scroll if you want to see the current directory or command
line arguments.
comments, docstrings or error messages. I fixed two minor things in
test_winreg.py ("didn't" -> "Didn't" and "Didnt" -> "Didn't").
There is a minor style issue involved: Guido seems to have preferred English
grammar (behaviour, honour) in a couple places. This patch changes that to
American, which is the more prominent style in the source. I prefer English
myself, so if English is preferred, I'd be happy to supply a patch myself ;)
content-type to application/x-www-form-urlencoded only when the method
is POST. Ditto for when the content-type is unrecognized -- only
fall back to urlencoded with POST.
text/plain for inner parts, but application/x-www-form-urlencoded
for outer parts. Honor any existing content-type header.
Lower down, if the content-type header is something we don't
understand (say because it there was a typo in the header coming from
the client), default to text/plain for inner parts, but
application/x-www-form-urlencoded for outer parts.
when we create a recursive instance, by setting the class variable
'FieldStorageClass' to the desired class. By default, this is set to
None, in which case we use self.__class__ (as before).
"""
The FieldStorage constructor calls the read_multi method. The read_multi
method creates new FieldStorage objects, re-invoking the constructor
(on the new objects). The problem is that the 'environ', 'keep_blank_values',
and 'strict_parsing' arguments originally passed to the constructor are not
propigated to the new object constructors. This causes os.environ to be used,
leading to a miss-handling of the parts.
I fixed this by passing these arguments to read_multi and then on to the
constructor. See the context diff below.
"""
should only be set to application/x-www-form-urlencoded when the
method is POST. E.g. for PUT, an empty default (defaulting to
text/plain later) makes more sense.
Raymond Hettinger
Tim Peters
Skip Montanaro
Neal Norwitz
Fred Drake
Guido van Rossum
Eric S. Raymond
Barry Warsaw
Ka-Ping Yee
Jeremy Hylton
Moshe Zadka
Thomas Wouters