/Lib/cgi.py
Python | 1051 lines | 1007 code | 14 blank | 30 comment | 12 complexity | 4c75c28d93f89168aeb2a26182ff71e2 MD5 | raw file
- #! /usr/local/bin/python
- # NOTE: the above "/usr/local/bin/python" is NOT a mistake. It is
- # intentionally NOT "/usr/bin/env python". On many systems
- # (e.g. Solaris), /usr/local/bin is not in $PATH as passed to CGI
- # scripts, and /usr/local/bin is the default directory where Python is
- # installed, so /usr/bin/env would be unable to find python. Granted,
- # binary installations by Linux vendors often install Python in
- # /usr/bin. So let those vendors patch cgi.py to match their choice
- # of installation.
- """Support module for CGI (Common Gateway Interface) scripts.
- This module defines a number of utilities for use by CGI scripts
- written in Python.
- """
- # XXX Perhaps there should be a slimmed version that doesn't contain
- # all those backwards compatible and debugging classes and functions?
- # History
- # -------
- #
- # Michael McLay started this module. Steve Majewski changed the
- # interface to SvFormContentDict and FormContentDict. The multipart
- # parsing was inspired by code submitted by Andreas Paepcke. Guido van
- # Rossum rewrote, reformatted and documented the module and is currently
- # responsible for its maintenance.
- #
- __version__ = "2.6"
- # Imports
- # =======
- from operator import attrgetter
- import sys
- import os
- import urllib
- import UserDict
- import urlparse
- from warnings import filterwarnings, catch_warnings, warn
- with catch_warnings():
- if sys.py3kwarning:
- filterwarnings("ignore", ".*mimetools has been removed",
- DeprecationWarning)
- import mimetools
- if sys.py3kwarning:
- filterwarnings("ignore", ".*rfc822 has been removed", DeprecationWarning)
- import rfc822
- try:
- from cStringIO import StringIO
- except ImportError:
- from StringIO import StringIO
- __all__ = ["MiniFieldStorage", "FieldStorage", "FormContentDict",
- "SvFormContentDict", "InterpFormContentDict", "FormContent",
- "parse", "parse_qs", "parse_qsl", "parse_multipart",
- "parse_header", "print_exception", "print_environ",
- "print_form", "print_directory", "print_arguments",
- "print_environ_usage", "escape"]
- # Logging support
- # ===============
- logfile = "" # Filename to log to, if not empty
- logfp = None # File object to log to, if not None
- def initlog(*allargs):
- """Write a log message, if there is a log file.
- Even though this function is called initlog(), you should always
- use log(); log is a variable that is set either to initlog
- (initially), to dolog (once the log file has been opened), or to
- nolog (when logging is disabled).
- The first argument is a format string; the remaining arguments (if
- any) are arguments to the % operator, so e.g.
- log("%s: %s", "a", "b")
- will write "a: b" to the log file, followed by a newline.
- If the global logfp is not None, it should be a file object to
- which log data is written.
- If the global logfp is None, the global logfile may be a string
- giving a filename to open, in append mode. This file should be
- world writable!!! If the file can't be opened, logging is
- silently disabled (since there is no safe place where we could
- send an error message).
- """
- global logfp, log
- if logfile and not logfp:
- try:
- logfp = open(logfile, "a")
- except IOError:
- pass
- if not logfp:
- log = nolog
- else:
- log = dolog
- log(*allargs)
- def dolog(fmt, *args):
- """Write a log message to the log file. See initlog() for docs."""
- logfp.write(fmt%args + "\n")
- def nolog(*allargs):
- """Dummy function, assigned to log when logging is disabled."""
- pass
- log = initlog # The current logging function
- # Parsing functions
- # =================
- # Maximum input we will accept when REQUEST_METHOD is POST
- # 0 ==> unlimited input
- maxlen = 0
- def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
- """Parse a query in the environment or from a file (default stdin)
- Arguments, all optional:
- fp : file pointer; default: sys.stdin
- environ : environment dictionary; default: os.environ
- keep_blank_values: flag indicating whether blank values in
- URL encoded forms should be treated as blank strings.
- A true value indicates that blanks should be retained as
- blank strings. The default false value indicates that
- blank values are to be ignored and treated as if they were
- not included.
- strict_parsing: flag indicating what to do with parsing errors.
- If false (the default), errors are silently ignored.
- If true, errors raise a ValueError exception.
- """
- if fp is None:
- fp = sys.stdin
- if not 'REQUEST_METHOD' in environ:
- environ['REQUEST_METHOD'] = 'GET' # For testing stand-alone
- if environ['REQUEST_METHOD'] == 'POST':
- ctype, pdict = parse_header(environ['CONTENT_TYPE'])
- if ctype == 'multipart/form-data':
- return parse_multipart(fp, pdict)
- elif ctype == 'application/x-www-form-urlencoded':
- clength = int(environ['CONTENT_LENGTH'])
- if maxlen and clength > maxlen:
- raise ValueError, 'Maximum content length exceeded'
- qs = fp.read(clength)
- else:
- qs = '' # Unknown content-type
- if 'QUERY_STRING' in environ:
- if qs: qs = qs + '&'
- qs = qs + environ['QUERY_STRING']
- elif sys.argv[1:]:
- if qs: qs = qs + '&'
- qs = qs + sys.argv[1]
- environ['QUERY_STRING'] = qs # XXX Shouldn't, really
- elif 'QUERY_STRING' in environ:
- qs = environ['QUERY_STRING']
- else:
- if sys.argv[1:]:
- qs = sys.argv[1]
- else:
- qs = ""
- environ['QUERY_STRING'] = qs # XXX Shouldn't, really
- return parse_qs(qs, keep_blank_values, strict_parsing)
- # parse query string function called from urlparse,
- # this is done in order to maintain backward compatiblity.
- def parse_qs(qs, keep_blank_values=0, strict_parsing=0):
- """Parse a query given as a string argument."""
- warn("cgi.parse_qs is deprecated, use urlparse.parse_qs \
- instead",PendingDeprecationWarning)
- return urlparse.parse_qs(qs, keep_blank_values, strict_parsing)
- def parse_qsl(qs, keep_blank_values=0, strict_parsing=0):
- """Parse a query given as a string argument."""
- warn("cgi.parse_qsl is deprecated, use urlparse.parse_qsl instead",
- PendingDeprecationWarning)
- return urlparse.parse_qsl(qs, keep_blank_values, strict_parsing)
- def parse_multipart(fp, pdict):
- """Parse multipart input.
- Arguments:
- fp : input file
- pdict: dictionary containing other parameters of content-type header
- Returns a dictionary just like parse_qs(): keys are the field names, each
- value is a list of values for that field. This is easy to use but not
- much good if you are expecting megabytes to be uploaded -- in that case,
- use the FieldStorage class instead which is much more flexible. Note
- that content-type is the raw, unparsed contents of the content-type
- header.
- XXX This does not parse nested multipart parts -- use FieldStorage for
- that.
- XXX This should really be subsumed by FieldStorage altogether -- no
- point in having two implementations of the same parsing algorithm.
- Also, FieldStorage protects itself better against certain DoS attacks
- by limiting the size of the data read in one chunk. The API here
- does not support that kind of protection. This also affects parse()
- since it can call parse_multipart().
- """
- boundary = ""
- if 'boundary' in pdict:
- boundary = pdict['boundary']
- if not valid_boundary(boundary):
- raise ValueError, ('Invalid boundary in multipart form: %r'
- % (boundary,))
- nextpart = "--" + boundary
- lastpart = "--" + boundary + "--"
- partdict = {}
- terminator = ""
- while terminator != lastpart:
- bytes = -1
- data = None
- if terminator:
- # At start of next part. Read headers first.
- headers = mimetools.Message(fp)
- clength = headers.getheader('content-length')
- if clength:
- try:
- bytes = int(clength)
- except ValueError:
- pass
- if bytes > 0:
- if maxlen and bytes > maxlen:
- raise ValueError, 'Maximum content length exceeded'
- data = fp.read(bytes)
- else:
- data = ""
- # Read lines until end of part.
- lines = []
- while 1:
- line = fp.readline()
- if not line:
- terminator = lastpart # End outer loop
- break
- if line[:2] == "--":
- terminator = line.strip()
- if terminator in (nextpart, lastpart):
- break
- lines.append(line)
- # Done with part.
- if data is None:
- continue
- if bytes < 0:
- if lines:
- # Strip final line terminator
- line = lines[-1]
- if line[-2:] == "\r\n":
- line = line[:-2]
- elif line[-1:] == "\n":
- line = line[:-1]
- lines[-1] = line
- data = "".join(lines)
- line = headers['content-disposition']
- if not line:
- continue
- key, params = parse_header(line)
- if key != 'form-data':
- continue
- if 'name' in params:
- name = params['name']
- else:
- continue
- if name in partdict:
- partdict[name].append(data)
- else:
- partdict[name] = [data]
- return partdict
- def _parseparam(s):
- while s[:1] == ';':
- s = s[1:]
- end = s.find(';')
- while end > 0 and s.count('"', 0, end) % 2:
- end = s.find(';', end + 1)
- if end < 0:
- end = len(s)
- f = s[:end]
- yield f.strip()
- s = s[end:]
- def parse_header(line):
- """Parse a Content-type like header.
- Return the main content-type and a dictionary of options.
- """
- parts = _parseparam(';' + line)
- key = parts.next()
- pdict = {}
- for p in parts:
- i = p.find('=')
- if i >= 0:
- name = p[:i].strip().lower()
- value = p[i+1:].strip()
- if len(value) >= 2 and value[0] == value[-1] == '"':
- value = value[1:-1]
- value = value.replace('\\\\', '\\').replace('\\"', '"')
- pdict[name] = value
- return key, pdict
- # Classes for field storage
- # =========================
- class MiniFieldStorage:
- """Like FieldStorage, for use when no file uploads are possible."""
- # Dummy attributes
- filename = None
- list = None
- type = None
- file = None
- type_options = {}
- disposition = None
- disposition_options = {}
- headers = {}
- def __init__(self, name, value):
- """Constructor from field name and value."""
- self.name = name
- self.value = value
- # self.file = StringIO(value)
- def __repr__(self):
- """Return printable representation."""
- return "MiniFieldStorage(%r, %r)" % (self.name, self.value)
- class FieldStorage:
- """Store a sequence of fields, reading multipart/form-data.
- This class provides naming, typing, files stored on disk, and
- more. At the top level, it is accessible like a dictionary, whose
- keys are the field names. (Note: None can occur as a field name.)
- The items are either a Python list (if there's multiple values) or
- another FieldStorage or MiniFieldStorage object. If it's a single
- object, it has the following attributes:
- name: the field name, if specified; otherwise None
- filename: the filename, if specified; otherwise None; this is the
- client side filename, *not* the file name on which it is
- stored (that's a temporary file you don't deal with)
- value: the value as a *string*; for file uploads, this
- transparently reads the file every time you request the value
- file: the file(-like) object from which you can read the data;
- None if the data is stored a simple string
- type: the content-type, or None if not specified
- type_options: dictionary of options specified on the content-type
- line
- disposition: content-disposition, or None if not specified
- disposition_options: dictionary of corresponding options
- headers: a dictionary(-like) object (sometimes rfc822.Message or a
- subclass thereof) containing *all* headers
- The class is subclassable, mostly for the purpose of overriding
- the make_file() method, which is called internally to come up with
- a file open for reading and writing. This makes it possible to
- override the default choice of storing all files in a temporary
- directory and unlinking them as soon as they have been opened.
- """
- def __init__(self, fp=None, headers=None, outerboundary="",
- environ=os.environ, keep_blank_values=0, strict_parsing=0):
- """Constructor. Read multipart/* until last part.
- Arguments, all optional:
- fp : file pointer; default: sys.stdin
- (not used when the request method is GET)
- headers : header dictionary-like object; default:
- taken from environ as per CGI spec
- outerboundary : terminating multipart boundary
- (for internal use only)
- environ : environment dictionary; default: os.environ
- keep_blank_values: flag indicating whether blank values in
- URL encoded forms should be treated as blank strings.
- A true value indicates that blanks should be retained as
- blank strings. The default false value indicates that
- blank values are to be ignored and treated as if they were
- not included.
- strict_parsing: flag indicating what to do with parsing errors.
- If false (the default), errors are silently ignored.
- If true, errors raise a ValueError exception.
- """
- method = 'GET'
- self.keep_blank_values = keep_blank_values
- self.strict_parsing = strict_parsing
- if 'REQUEST_METHOD' in environ:
- method = environ['REQUEST_METHOD'].upper()
- self.qs_on_post = None
- if method == 'GET' or method == 'HEAD':
- if 'QUERY_STRING' in environ:
- qs = environ['QUERY_STRING']
- elif sys.argv[1:]:
- qs = sys.argv[1]
- else:
- qs = ""
- fp = StringIO(qs)
- if headers is None:
- headers = {'content-type':
- "application/x-www-form-urlencoded"}
- if headers is None:
- headers = {}
- if method == 'POST':
- # Set default content-type for POST to what's traditional
- headers['content-type'] = "application/x-www-form-urlencoded"
- if 'CONTENT_TYPE' in environ:
- headers['content-type'] = environ['CONTENT_TYPE']
- if 'QUERY_STRING' in environ:
- self.qs_on_post = environ['QUERY_STRING']
- if 'CONTENT_LENGTH' in environ:
- headers['content-length'] = environ['CONTENT_LENGTH']
- self.fp = fp or sys.stdin
- self.headers = headers
- self.outerboundary = outerboundary
- # Process content-disposition header
- cdisp, pdict = "", {}
- if 'content-disposition' in self.headers:
- cdisp, pdict = parse_header(self.headers['content-disposition'])
- self.disposition = cdisp
- self.disposition_options = pdict
- self.name = None
- if 'name' in pdict:
- self.name = pdict['name']
- self.filename = None
- if 'filename' in pdict:
- self.filename = pdict['filename']
- # Process content-type header
- #
- # Honor any existing content-type header. But if there is no
- # content-type header, use some sensible defaults. Assume
- # outerboundary is "" at the outer level, but something non-false
- # inside a multi-part. The default for an inner part is text/plain,
- # but for an outer part it should be urlencoded. This should catch
- # bogus clients which erroneously forget to include a content-type
- # header.
- #
- # See below for what we do if there does exist a content-type header,
- # but it happens to be something we don't understand.
- if 'content-type' in self.headers:
- ctype, pdict = parse_header(self.headers['content-type'])
- elif self.outerboundary or method != 'POST':
- ctype, pdict = "text/plain", {}
- else:
- ctype, pdict = 'application/x-www-form-urlencoded', {}
- self.type = ctype
- self.type_options = pdict
- self.innerboundary = ""
- if 'boundary' in pdict:
- self.innerboundary = pdict['boundary']
- clen = -1
- if 'content-length' in self.headers:
- try:
- clen = int(self.headers['content-length'])
- except ValueError:
- pass
- if maxlen and clen > maxlen:
- raise ValueError, 'Maximum content length exceeded'
- self.length = clen
- self.list = self.file = None
- self.done = 0
- if ctype == 'application/x-www-form-urlencoded':
- self.read_urlencoded()
- elif ctype[:10] == 'multipart/':
- self.read_multi(environ, keep_blank_values, strict_parsing)
- else:
- self.read_single()
- def __repr__(self):
- """Return a printable representation."""
- return "FieldStorage(%r, %r, %r)" % (
- self.name, self.filename, self.value)
- def __iter__(self):
- return iter(self.keys())
- def __getattr__(self, name):
- if name != 'value':
- raise AttributeError, name
- if self.file:
- self.file.seek(0)
- value = self.file.read()
- self.file.seek(0)
- elif self.list is not None:
- value = self.list
- else:
- value = None
- return value
- def __getitem__(self, key):
- """Dictionary style indexing."""
- if self.list is None:
- raise TypeError, "not indexable"
- found = []
- for item in self.list:
- if item.name == key: found.append(item)
- if not found:
- raise KeyError, key
- if len(found) == 1:
- return found[0]
- else:
- return found
- def getvalue(self, key, default=None):
- """Dictionary style get() method, including 'value' lookup."""
- if key in self:
- value = self[key]
- if type(value) is type([]):
- return map(attrgetter('value'), value)
- else:
- return value.value
- else:
- return default
- def getfirst(self, key, default=None):
- """ Return the first value received."""
- if key in self:
- value = self[key]
- if type(value) is type([]):
- return value[0].value
- else:
- return value.value
- else:
- return default
- def getlist(self, key):
- """ Return list of received values."""
- if key in self:
- value = self[key]
- if type(value) is type([]):
- return map(attrgetter('value'), value)
- else:
- return [value.value]
- else:
- return []
- def keys(self):
- """Dictionary style keys() method."""
- if self.list is None:
- raise TypeError, "not indexable"
- return list(set(item.name for item in self.list))
- def has_key(self, key):
- """Dictionary style has_key() method."""
- if self.list is None:
- raise TypeError, "not indexable"
- return any(item.name == key for item in self.list)
- def __contains__(self, key):
- """Dictionary style __contains__ method."""
- if self.list is None:
- raise TypeError, "not indexable"
- return any(item.name == key for item in self.list)
- def __len__(self):
- """Dictionary style len(x) support."""
- return len(self.keys())
- def __nonzero__(self):
- return bool(self.list)
- def read_urlencoded(self):
- """Internal: read data in query string format."""
- qs = self.fp.read(self.length)
- if self.qs_on_post:
- qs += '&' + self.qs_on_post
- self.list = list = []
- for key, value in urlparse.parse_qsl(qs, self.keep_blank_values,
- self.strict_parsing):
- list.append(MiniFieldStorage(key, value))
- self.skip_lines()
- FieldStorageClass = None
- def read_multi(self, environ, keep_blank_values, strict_parsing):
- """Internal: read a part that is itself multipart."""
- ib = self.innerboundary
- if not valid_boundary(ib):
- raise ValueError, 'Invalid boundary in multipart form: %r' % (ib,)
- self.list = []
- if self.qs_on_post:
- for key, value in urlparse.parse_qsl(self.qs_on_post,
- self.keep_blank_values, self.strict_parsing):
- self.list.append(MiniFieldStorage(key, value))
- FieldStorageClass = None
- klass = self.FieldStorageClass or self.__class__
- part = klass(self.fp, {}, ib,
- environ, keep_blank_values, strict_parsing)
- # Throw first part away
- while not part.done:
- headers = rfc822.Message(self.fp)
- part = klass(self.fp, headers, ib,
- environ, keep_blank_values, strict_parsing)
- self.list.append(part)
- self.skip_lines()
- def read_single(self):
- """Internal: read an atomic part."""
- if self.length >= 0:
- self.read_binary()
- self.skip_lines()
- else:
- self.read_lines()
- self.file.seek(0)
- bufsize = 8*1024 # I/O buffering size for copy to file
- def read_binary(self):
- """Internal: read binary data."""
- self.file = self.make_file('b')
- todo = self.length
- if todo >= 0:
- while todo > 0:
- data = self.fp.read(min(todo, self.bufsize))
- if not data:
- self.done = -1
- break
- self.file.write(data)
- todo = todo - len(data)
- def read_lines(self):
- """Internal: read lines until EOF or outerboundary."""
- self.file = self.__file = StringIO()
- if self.outerboundary:
- self.read_lines_to_outerboundary()
- else:
- self.read_lines_to_eof()
- def __write(self, line):
- if self.__file is not None:
- if self.__file.tell() + len(line) > 1000:
- self.file = self.make_file('')
- self.file.write(self.__file.getvalue())
- self.__file = None
- self.file.write(line)
- def read_lines_to_eof(self):
- """Internal: read lines until EOF."""
- while 1:
- line = self.fp.readline(1<<16)
- if not line:
- self.done = -1
- break
- self.__write(line)
- def read_lines_to_outerboundary(self):
- """Internal: read lines until outerboundary."""
- next = "--" + self.outerboundary
- last = next + "--"
- delim = ""
- last_line_lfend = True
- while 1:
- line = self.fp.readline(1<<16)
- if not line:
- self.done = -1
- break
- if line[:2] == "--" and last_line_lfend:
- strippedline = line.strip()
- if strippedline == next:
- break
- if strippedline == last:
- self.done = 1
- break
- odelim = delim
- if line[-2:] == "\r\n":
- delim = "\r\n"
- line = line[:-2]
- last_line_lfend = True
- elif line[-1] == "\n":
- delim = "\n"
- line = line[:-1]
- last_line_lfend = True
- else:
- delim = ""
- last_line_lfend = False
- self.__write(odelim + line)
- def skip_lines(self):
- """Internal: skip lines until outer boundary if defined."""
- if not self.outerboundary or self.done:
- return
- next = "--" + self.outerboundary
- last = next + "--"
- last_line_lfend = True
- while 1:
- line = self.fp.readline(1<<16)
- if not line:
- self.done = -1
- break
- if line[:2] == "--" and last_line_lfend:
- strippedline = line.strip()
- if strippedline == next:
- break
- if strippedline == last:
- self.done = 1
- break
- last_line_lfend = line.endswith('\n')
- def make_file(self, binary=None):
- """Overridable: return a readable & writable file.
- The file will be used as follows:
- - data is written to it
- - seek(0)
- - data is read from it
- The 'binary' argument is unused -- the file is always opened
- in binary mode.
- This version opens a temporary file for reading and writing,
- and immediately deletes (unlinks) it. The trick (on Unix!) is
- that the file can still be used, but it can't be opened by
- another process, and it will automatically be deleted when it
- is closed or when the current process terminates.
- If you want a more permanent file, you derive a class which
- overrides this method. If you want a visible temporary file
- that is nevertheless automatically deleted when the script
- terminates, try defining a __del__ method in a derived class
- which unlinks the temporary files you have created.
- """
- import tempfile
- return tempfile.TemporaryFile("w+b")
- # Backwards Compatibility Classes
- # ===============================
- class FormContentDict(UserDict.UserDict):
- """Form content as dictionary with a list of values per field.
- form = FormContentDict()
- form[key] -> [value, value, ...]
- key in form -> Boolean
- form.keys() -> [key, key, ...]
- form.values() -> [[val, val, ...], [val, val, ...], ...]
- form.items() -> [(key, [val, val, ...]), (key, [val, val, ...]), ...]
- form.dict == {key: [val, val, ...], ...}
- """
- def __init__(self, environ=os.environ, keep_blank_values=0, strict_parsing=0):
- self.dict = self.data = parse(environ=environ,
- keep_blank_values=keep_blank_values,
- strict_parsing=strict_parsing)
- self.query_string = environ['QUERY_STRING']
- class SvFormContentDict(FormContentDict):
- """Form content as dictionary expecting a single value per field.
- If you only expect a single value for each field, then form[key]
- will return that single value. It will raise an IndexError if
- that expectation is not true. If you expect a field to have
- possible multiple values, than you can use form.getlist(key) to
- get all of the values. values() and items() are a compromise:
- they return single strings where there is a single value, and
- lists of strings otherwise.
- """
- def __getitem__(self, key):
- if len(self.dict[key]) > 1:
- raise IndexError, 'expecting a single value'
- return self.dict[key][0]
- def getlist(self, key):
- return self.dict[key]
- def values(self):
- result = []
- for value in self.dict.values():
- if len(value) == 1:
- result.append(value[0])
- else: result.append(value)
- return result
- def items(self):
- result = []
- for key, value in self.dict.items():
- if len(value) == 1:
- result.append((key, value[0]))
- else: result.append((key, value))
- return result
- class InterpFormContentDict(SvFormContentDict):
- """This class is present for backwards compatibility only."""
- def __getitem__(self, key):
- v = SvFormContentDict.__getitem__(self, key)
- if v[0] in '0123456789+-.':
- try: return int(v)
- except ValueError:
- try: return float(v)
- except ValueError: pass
- return v.strip()
- def values(self):
- result = []
- for key in self.keys():
- try:
- result.append(self[key])
- except IndexError:
- result.append(self.dict[key])
- return result
- def items(self):
- result = []
- for key in self.keys():
- try:
- result.append((key, self[key]))
- except IndexError:
- result.append((key, self.dict[key]))
- return result
- class FormContent(FormContentDict):
- """This class is present for backwards compatibility only."""
- def values(self, key):
- if key in self.dict :return self.dict[key]
- else: return None
- def indexed_value(self, key, location):
- if key in self.dict:
- if len(self.dict[key]) > location:
- return self.dict[key][location]
- else: return None
- else: return None
- def value(self, key):
- if key in self.dict: return self.dict[key][0]
- else: return None
- def length(self, key):
- return len(self.dict[key])
- def stripped(self, key):
- if key in self.dict: return self.dict[key][0].strip()
- else: return None
- def pars(self):
- return self.dict
- # Test/debug code
- # ===============
- def test(environ=os.environ):
- """Robust test CGI script, usable as main program.
- Write minimal HTTP headers and dump all information provided to
- the script in HTML form.
- """
- print "Content-type: text/html"
- print
- sys.stderr = sys.stdout
- try:
- form = FieldStorage() # Replace with other classes to test those
- print_directory()
- print_arguments()
- print_form(form)
- print_environ(environ)
- print_environ_usage()
- def f():
- exec "testing print_exception() -- <I>italics?</I>"
- def g(f=f):
- f()
- print "<H3>What follows is a test, not an actual exception:</H3>"
- g()
- except:
- print_exception()
- print "<H1>Second try with a small maxlen...</H1>"
- global maxlen
- maxlen = 50
- try:
- form = FieldStorage() # Replace with other classes to test those
- print_directory()
- print_arguments()
- print_form(form)
- print_environ(environ)
- except:
- print_exception()
- def print_exception(type=None, value=None, tb=None, limit=None):
- if type is None:
- type, value, tb = sys.exc_info()
- import traceback
- print
- print "<H3>Traceback (most recent call last):</H3>"
- list = traceback.format_tb(tb, limit) + \
- traceback.format_exception_only(type, value)
- print "<PRE>%s<B>%s</B></PRE>" % (
- escape("".join(list[:-1])),
- escape(list[-1]),
- )
- del tb
- def print_environ(environ=os.environ):
- """Dump the shell environment as HTML."""
- keys = environ.keys()
- keys.sort()
- print
- print "<H3>Shell Environment:</H3>"
- print "<DL>"
- for key in keys:
- print "<DT>", escape(key), "<DD>", escape(environ[key])
- print "</DL>"
- print
- def print_form(form):
- """Dump the contents of a form as HTML."""
- keys = form.keys()
- keys.sort()
- print
- print "<H3>Form Contents:</H3>"
- if not keys:
- print "<P>No form fields."
- print "<DL>"
- for key in keys:
- print "<DT>" + escape(key) + ":",
- value = form[key]
- print "<i>" + escape(repr(type(value))) + "</i>"
- print "<DD>" + escape(repr(value))
- print "</DL>"
- print
- def print_directory():
- """Dump the current directory as HTML."""
- print
- print "<H3>Current Working Directory:</H3>"
- try:
- pwd = os.getcwd()
- except os.error, msg:
- print "os.error:", escape(str(msg))
- else:
- print escape(pwd)
- print
- def print_arguments():
- print
- print "<H3>Command Line Arguments:</H3>"
- print
- print sys.argv
- print
- def print_environ_usage():
- """Dump a list of environment variables used by CGI as HTML."""
- print """
- <H3>These environment variables could have been set:</H3>
- <UL>
- <LI>AUTH_TYPE
- <LI>CONTENT_LENGTH
- <LI>CONTENT_TYPE
- <LI>DATE_GMT
- <LI>DATE_LOCAL
- <LI>DOCUMENT_NAME
- <LI>DOCUMENT_ROOT
- <LI>DOCUMENT_URI
- <LI>GATEWAY_INTERFACE
- <LI>LAST_MODIFIED
- <LI>PATH
- <LI>PATH_INFO
- <LI>PATH_TRANSLATED
- <LI>QUERY_STRING
- <LI>REMOTE_ADDR
- <LI>REMOTE_HOST
- <LI>REMOTE_IDENT
- <LI>REMOTE_USER
- <LI>REQUEST_METHOD
- <LI>SCRIPT_NAME
- <LI>SERVER_NAME
- <LI>SERVER_PORT
- <LI>SERVER_PROTOCOL
- <LI>SERVER_ROOT
- <LI>SERVER_SOFTWARE
- </UL>
- In addition, HTTP headers sent by the server may be passed in the
- environment as well. Here are some common variable names:
- <UL>
- <LI>HTTP_ACCEPT
- <LI>HTTP_CONNECTION
- <LI>HTTP_HOST
- <LI>HTTP_PRAGMA
- <LI>HTTP_REFERER
- <LI>HTTP_USER_AGENT
- </UL>
- """
- # Utilities
- # =========
- def escape(s, quote=None):
- '''Replace special characters "&", "<" and ">" to HTML-safe sequences.
- If the optional flag quote is true, the quotation mark character (")
- is also translated.'''
- s = s.replace("&", "&") # Must be done first!
- s = s.replace("<", "<")
- s = s.replace(">", ">")
- if quote:
- s = s.replace('"', """)
- return s
- def valid_boundary(s, _vb_pattern="^[ -~]{0,200}[!-~]$"):
- import re
- return re.match(_vb_pattern, s)
- # Invoke mainline
- # ===============
- # Call test() when this file is run as a script (not imported as a module)
- if __name__ == '__main__':
- test()