def cookies_to_dict(self, cookies):
"""
Converts a cookie string into python dict.
"""
ret = {}
cookie = SimpleCookie()
cookie.load(cookies)
for key, morsel in cookie.keys():
ret[key] = morsel.value
return ret
def start_response(status, headers):
ret["status"] = status
ret["headers"] = headers
ret["cookies"] = {}
cookies = SimpleCookie()
for k, v in headers:
if k == 'Set-Cookie':
cookies.load(v)
for key in cookies.keys():
ret["cookies"][key] = cookies[key]
def cookies_params(self):
cookies = self.get_raw_header("HTTP_COOKIES")
if cookies:
try:
cookie = SimpleCookie()
cookie.load(cookies)
return {key: cookie[key].coded_value for key in cookie.keys()}
except Exception:
LOGGER.debug("couldn't parse cookies", exc_info=True)
return {}
def parse_cookie(cookie):
if cookie == '':
return {}
try:
c = SimpleCookie()
c.load(cookie)
except CookieError:
# Invalid cookie
return {}
cookiedict = {}
for key in list(c.keys()):
cookiedict[key] = c.get(key).value
return cookiedict
def _scrub_headers(headers):
"""scrub auth info from headers"""
headers = dict(headers)
if 'Authorization' in headers:
auth = headers['Authorization']
if auth.startswith('token '):
headers['Authorization'] = 'token [secret]'
if 'Cookie' in headers:
c = SimpleCookie(headers['Cookie'])
redacted = []
for name in c.keys():
redacted.append("{}=[secret]".format(name))
headers['Cookie'] = '; '.join(redacted)
return headers
def parse_cookie(cookie):
if cookie == '':
return {}
try:
c = SimpleCookie()
c.load(cookie)
except CookieError:
# Invalid cookie
return {}
cookiedict = {}
for key in list(c.keys()):
cookiedict[key] = c.get(key).value
return cookiedict
def _scrub_headers(headers):
"""scrub auth info from headers"""
headers = dict(headers)
if 'Authorization' in headers:
auth = headers['Authorization']
if auth.startswith('token '):
headers['Authorization'] = 'token [secret]'
if 'Cookie' in headers:
c = SimpleCookie(headers['Cookie'])
redacted = []
for name in c.keys():
redacted.append("{}=[secret]".format(name))
headers['Cookie'] = '; '.join(redacted)
return headers
def _scrub_headers(headers):
"""scrub auth info from headers"""
headers = dict(headers)
if 'Authorization' in headers:
auth = headers['Authorization']
if ' ' in auth:
auth_type = auth.split(' ', 1)[0]
else:
# no space, hide the whole thing in case there was a mistake
auth_type = ''
headers['Authorization'] = f'{auth_type} [secret]'
if 'Cookie' in headers:
c = SimpleCookie(headers['Cookie'])
redacted = []
for name in c.keys():
redacted.append(f"{name}=[secret]")
headers['Cookie'] = '; '.join(redacted)
return headers
def _scrub_headers(headers):
"""scrub auth info from headers"""
headers = dict(headers)
if "Authorization" in headers:
auth = headers["Authorization"]
if " " in auth:
auth_type = auth.split(" ", 1)[0]
else:
# no space, hide the whole thing in case there was a mistake
auth_type = ""
headers["Authorization"] = "{} [secret]".format(auth_type)
if "Cookie" in headers:
c = SimpleCookie(headers["Cookie"])
redacted = []
for name in c.keys():
redacted.append("{}=[secret]".format(name))
headers["Cookie"] = "; ".join(redacted)
return headers
def get_cookies(self, video_url):
video_id_regex = re.compile('^https://player.hotmart.com/embed/([^/]+)/source/[^/]+=\\.m3u8$')
video_id = ''
match = video_id_regex.match(video_url)
if match:
video_id = match.group(1)
video_requests = list(filter(lambda x:x[0].path == video_url, request_history))
cookies = ''
if len(video_requests) > 0:
headers = video_requests[-1][0].headers
cookies = headers.get('Cookie')
token_requests = list(filter(HotmartBot.filter_token, request_history))
if len(token_requests) == 0:
return cookies
video_cookies = []
for request in token_requests:
simple_cookie = SimpleCookie()
headers = request[1].headers
raw_cookies = headers.get_all('Set-Cookie')
for c in raw_cookies:
simple_cookie.load(c)
for entry in simple_cookie.keys():
path = simple_cookie[entry]['path']
if video_id in path:
video_cookies.append(entry + '=' + simple_cookie[entry].coded_value)
if len(video_cookies) > 0:
video_cookies = list(set(video_cookies))
cookies = cookies.strip().strip(';')
cookies = cookies + '; ' + "; ".join(video_cookies)
return cookies
def parse_cookie(cookie):
'''Parse an `HTTP cookie`_ string.
Return a dictionary of cookie name/values.
'''
if not cookie:
return {}
if not isinstance(cookie, BaseCookie):
try:
c = SimpleCookie()
c.load(cookie)
except CookieError: # pragma nocover
# Invalid cookie
return {}
else:
c = cookie
cookiedict = {}
for key in c.keys():
cookiedict[key] = c.get(key).value
return cookiedict
def parse_cookie(cookie):
"""Parse an `HTTP cookie`_ string.
Return a dictionary of cookie name/values.
"""
if not cookie:
return {}
if not isinstance(cookie, BaseCookie):
try:
c = SimpleCookie()
c.load(cookie)
except CookieError: # pragma nocover
# Invalid cookie
return {}
else:
c = cookie
cookiedict = {}
for key in c.keys():
cookiedict[key] = c.get(key).value
return cookiedict
def parse_cookie(cookie):
"""
>>> parse_cookie('')
{}
>>> parse_cookie('foo=bar;')
{'foo': 'bar'}
>>> parse_cookie('foo=bar;foo=baz')
{'foo': 'baz'}
>>> parse_cookie('f1=v1;f2=v2') == {'f1': 'v1', 'f2': 'v2'}
True
"""
if not cookie:
return {}
if not isinstance(cookie, BaseCookie):
try:
c = SimpleCookie()
c.load(cookie)
except CookieError:
# Invalid cookie
return {}
else:
c = cookie
return {k: c.get(k).value for k in c.keys()}
class HTTPResponse( Plugin ):
"""Plugin to encapsulate HTTP response."""
implements( IHTTPResponse )
start_response = False
"""Response headers are already sent on the connection."""
write_buffer = []
"""Either a list of byte-string buffered by write() method. Or a generator
function created via chunk_generator() method."""
flush_callback = None
"""Flush callback subscribed using flush() method."""
finish_callback = None
"""Finish callback subscribed using set_finish_callback() method."""
finished = False
"""A request is considered finished when there is no more response data to
be sent for the on-going request. This is typically indicated by flushing
the response with finishing=True argument."""
def __init__( self, request ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.__init__`
interface method."""
# Initialize response attributes
self.statuscode = b'200'
self.reason = http.client.responses[ int(self.statuscode) ]
self.version = request.httpconn.version
self.headers = {}
self.body = b''
self.chunk_generator = None
self.trailers = {}
self.setcookies = SimpleCookie()
# Initialize framework attributes
self.request = request
self.context = h.Context()
self.media_type = None
self.content_coding = None
self.charset = self.webapp['encoding']
self.language = self.webapp['language']
# Book keeping
self.httpconn = request.httpconn
self.start_response = False
self.write_buffer = []
self.finished = False
self.flush_callback = None
self.finish_callback = None
#---- IHTTPResponse APIs
def set_status( self, code ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_status`
interface method."""
if isinstance(code, int) :
self.statuscode = str(code).encode('utf-8')
elif isinstance(code, str) :
self.statuscode = code.encode('utf-8')
else :
self.statuscode = code
return self.statuscode
def set_header( self, name, value ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_header`
interface method."""
value = value if isinstance( value, bytes ) \
else str( value ).encode('utf-8')
self.headers[ name ] = value
return value
def add_header( self, name, value ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.add_header`
interface method."""
value = value if isinstance(value,bytes) else str(value).encode('utf-8')
pvalue = self.headers.get( name, b'' )
self.headers[name] = b','.join([pvalue, value]) if pvalue else None
return self.headers[name]
def set_trailer( self, name, value ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_trailer`
interface method."""
value = value if isinstance(value,bytes) else str(value).encode('utf=8')
self.trailers[name] = value
return value
def add_trailer( self, name, value ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.add_trailer`
interface method."""
value = value if isinstance(value,bytes) else str(value).encode('utf-8')
pvalue = self.trailers.get(name, b'')
self.trailers[name] = b','.join([pvalue, value]) if pvalue else None
return self.trailers[name]
def set_cookie( self, name, value, **kwargs ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_cookie`
interface method."""
return self.request.cookie.set_cookie(
self.setcookies, name, value, **kwargs )
def set_secure_cookie( self, name, value, expires_days=30, **kwargs ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_secure_cookie`
interface method."""
cookie = self.request.cookie
value = cookie.create_signed_value(name, value)
return cookie.set_cookie( self.setcookies, name, value, **kwargs )
def clear_cookie( self, name, path="/", domain=None ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.clear_cookie`
interface method."""
value = self.setcookies[ name ]
expires = dt.datetime.utcnow() - dt.timedelta(days=365)
self.request.cookie.set_cookie(
self.setcookies, name, "", path=path, expires=expires,
domain=domain )
return value
def clear_all_cookies(self):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.clear_all_cookies`
interface method."""
list( map( self.clear_cookie, self.setcookies.keys() ))
return None
def set_finish_callback(self, callback):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_finish_callback`
interface method."""
self.finish_callback = callback
def has_finished( self ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.has_finished`
interface method."""
return self.finished
def isstarted( self ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.isstarted`
interface method."""
return self.start_response
def ischunked( self ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.ischunked`
interface method."""
vals = dict( h.parse_transfer_encoding(
self.headers.get( 'transfer_encoding', b'' ))).keys()
return b'chunked' in list( vals )
def write( self, data ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.write`
interface method."""
if self.has_finished() :
raise Exception( "Cannot write() after the response is finished." )
data = data.encode(self.charset) if isinstance(data, str) else data
self.write_buffer = self.write_buffer or []
self.write_buffer.append( data )
def flush( self, finishing=False, callback=None ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.flush`
interface method."""
if callback :
self.flush_callback = callback
self.finished = finishing
if callable( self.write_buffer ) :
self._flush_chunk( finishing )
else :
self._flush_body( finishing )
def httperror( self, statuscode=b'500', message=b'' ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.httperror`
interface method."""
self.statuscode = statuscode
self.write( message ) if message else None
self.flush( finishing=True )
_renderers = {
'.ttl' : 'tayra.TTLCompiler',
}
_renderer_plugins = {
}
def render( self, *args, **kwargs ):
""":meth:`pluggdapps.interfaces.IHTTPResponse.render`
interface method.
positional argument,
``request``,
Instance of plugin implement
:class:`pluggdapps.web.interfaces.IHTTPRequest` interface.
``context``,
Dictionary of context information to be passed.
keyword arguments,
``file``,
Template file to be used for rendering.
``text``,
Template text to be used for rendering.
``ITemplate``,
:class:`ITemplate` plugin to use for rendering. This argument
must be in canonical form of plugin's name.
If ``file`` keyword argument is passed, this method will resolve the
correct renderer plugin based on file-extension. if ``text`` keyword
argument is passed, better pass the ``ITemplate`` argument as
well.
"""
request, context = args[0], args[1]
renderer = kwargs.get( 'ITemplate', None )
if renderer is None :
tfile = kwargs.get( 'file', '' )
_, ext = splitext( tfile )
renderer = self._renderers.get( ext, None ) if ext else None
# If in debug mode enable ttl file reloading.
tfile = h.abspath_from_asset_spec( tfile )
if self['debug'] and isfile( tfile ):
self.pa._monitoredfiles.append( tfile )
if renderer in self._renderer_plugins :
plugin = self._renderer_plugins[ renderer ]
elif renderer :
plugin = self.qp( ITemplate, renderer )
else :
plugin = None
if plugin :
self.media_type = 'text/html'
self._renderer_plugins.setdefault( renderer, plugin )
return plugin.render( context, **kwargs )
else :
raise Exception('Unknown renderer')
def chunk_generator( self, callback, request, c ):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.chunk_generator`
interface method."""
class ChunkGenerator( object ):
def __iter__( self ):
return self
def next( self ):
return callback( request, c )
return ChunkGenerator()
#---- Local functions
def _try_start_headers( self, finishing=True ) :
"""Generate default headers for this response. And return the
byte-string of response header to write. This can be overriden
by view callable attributes."""
if self.start_response : return b''
self.start_response = True
stline = self._status_line()
return self._header_data( self.headers, stline=stline )
def _status_line( self ):
code = self.statuscode
reason = http.client.responses[ int(code) ].encode( 'utf-8' )
return b' '.join([ self.version, code, reason ])
def _header_data( self, headers, stline=b'' ):
# TODO : 3 header field types are specifically prohibited from
# appearing as a trailer field: Transfer-Encoding, Content-Length and
# Trailer.
lines = [ stline ] if stline else []
for n, v in headers.items() :
nC = h.hdr_str2camelcase.get( n, None )
if nC == None :
n = n.encode('utf-8')
nC = b'-'.join([ x.capitalize() for x in n.split('_') ])
lines.append( nC + b': ' + v )
[ lines.append( b"Set-Cookie: " + cookie.OutputString() )
for c in self.setcookies.values() ]
return b"\r\n".join(lines) + b"\r\n\r\n"
def _flush_body( self, finishing ):
data = b''.join( self.write_buffer )
for tr in self.webapp.out_transformers :
data = tr.transform( self.request, data, finishing=finishing )
if self._if_etag() :
self.body = data
else :
self.body = b''
self.set_header( "content_length", len(self.body) )
data = self._try_start_headers( finishing=finishing )
if self.request.method == b'HEAD' :
pass
elif self.body :
data += self.body
self.httpconn.write( data, callback=self._onflush )
self.write_buffer = []
def _flush_chunk( self, finishing ):
self.add_headers( 'transfer_encoding', 'chunked' )
data = self._try_start_headers( finishing=finishing )
chunk = self.write_buffer( self.request, self.c )
for tr in self.webapp.out_transformers :
chunk = tr.transform( self.request, chunk, finishing=finishing )
if chunk :
data += hex(len(chunk)).encode('utf-8') + b'\r\n' + chunk + b'\r\n'
else :
data += b'0\r\n'
if self.trailers :
data += self._header_data( self.trailers )
self.httpconn.write( data, callback=self._onflush )
def _if_etag( self ):
etag = self.headers.get('etag', '')
if self.ischunked() == False and etag :
im = self.request.headers.get( "if_match", b'' ).strip()
inm = self.request.headers.get( "if_none_match", b'' ).strip()
if ( (im and im.find( etag ) == -1) or
(inm and inm.find( etag ) != -1) ) :
self.set_status( b'304' )
return False
return True
def _onflush( self ):
if self.flush_callback :
callback, self.flush_callback = self.flush_callback, None
callback()
if self.has_finished() : self._onfinish()
def _onfinish( self ):
if self.finish_callback :
callback, self.finish_callback = self.finish_callback, None
callback()
self.request.onfinish()
#---- ISettings interface methods
@classmethod
def default_settings( cls ):
""":meth:`pluggdapps.plugin.interfaces.ISettings.default_settings`
interface method."""
return _ds1
def do_GET(self):
cookies = SimpleCookie(self.headers.get('Cookie'))
# then use somewhat like a dict, e.g:
# username = cookies['username'].value
if "mainpassword" not in cookies.keys() and self.path.split(
".")[-1] not in ["css", "js", "png"
] and os.path.isfile(fileWallet):
if not os.path.isfile(fileWallet):
self.path = "/"
else:
self.path = "/login.htm"
# page d'ajout
if self.path == "/":
self.path = "/index.htm"
if not os.path.isfile(fileWallet):
print("creation du wallet")
self.send_response(302)
self.send_header('Location', "/create.htm")
self.end_headers()
else:
self._set_headers("text/" + self.path[1:].split(".")[-1])
with open("web_wallet/" + self.path[1:], "r") as f:
self.wfile.write(f.read().encode("utf8"))
# call a l'api pour un passwd aléatoire
elif self.path == "/randompasswd":
self._set_headers("text/plain")
self.wfile.write(genRngPasswd.random_string(20).encode("utf8"))
# Affichage
elif self.path == "/view":
if w.lock:
w.unlock(cookies["mainpassword"].value)
if not w.lock:
self.do_HEAD()
liste = [w.get_acount(a) for a in w.get_applications()]
print(liste)
liste_disp = ""
with open("web_wallet/acount.template") as template:
content = template.read()
for e in liste:
liste_disp += content.format(acount=e)
with open("web_wallet/view.htm") as f:
content = f.read()
content = content.format(liste_acount=liste_disp)
self.wfile.write(content.encode("utf8"))
else:
# page non spéciale
if self.path.endswith(("woff", "woff2", "ttf")):
self._set_headers("font/" + self.path.split(".")[-1])
if os.path.isfile("web_wallet/" + self.path[1:].split("?")[0]):
with open("web_wallet/" + self.path[1:].split("?")[0],
"rb") as f:
self.wfile.write(f.read())
else:
self._set_headers()
if os.path.isfile("web_wallet/" + self.path[1:].split("?")[0]):
with open("web_wallet/" + self.path[1:].split("?")[0],
"r") as f:
self.wfile.write(f.read().encode("utf8"))
# 404
else:
print(self.path)
self.wfile.write(
_html("<html><body><h1>404</h1></body></html>"))
def cookie_from_string(cookie_string, strict_cookies=False):
"""Parser for HTTP header set-cookie
The return from this function will be used as parameters for
django's response.set_cookie method. Because set_cookie doesn't
have parameter comment, this cookie attribute will be ignored.
:param cookie_string: A string representing a valid cookie
:param strict_cookies: Whether to only accept RFC-compliant cookies
:returns: A dictionary containing the cookie_string attributes
"""
if strict_cookies:
cookies = SimpleCookie(COOKIE_PREFIX + cookie_string)
if not cookies.keys():
return None
cookie_name, = cookies.keys()
cookie_dict = {k: v for k, v in cookies[cookie_name].items()
if v and k != 'comment'}
cookie_dict['key'] = cookie_name
cookie_dict['value'] = cookies[cookie_name].value
return cookie_dict
else:
valid_attrs = ('path', 'domain', 'comment', 'expires',
'max_age', 'httponly', 'secure')
cookie_dict = {}
cookie_parts = cookie_string.split(';')
try:
key, value = cookie_parts[0].split('=', 1)
cookie_dict['key'], cookie_dict['value'] = key, unquote(value)
except ValueError:
logger.warning('Invalid cookie: `%s`', cookie_string)
return None
if cookie_dict['value'].startswith('='):
logger.warning('Invalid cookie: `%s`', cookie_string)
return None
for part in cookie_parts[1:]:
if '=' in part:
attr, value = part.split('=', 1)
value = value.strip()
else:
attr = part
value = ''
attr = attr.strip().lower()
if not attr:
continue
if attr in valid_attrs:
if attr in ('httponly', 'secure'):
cookie_dict[attr] = True
elif attr in 'comment':
# ignoring comment attr as explained in the
# function docstring
continue
else:
cookie_dict[attr] = unquote(value)
else:
logger.warning('Unknown cookie attribute %s', attr)
return cookie_dict
def cookie_from_string(cookie_string, strict_cookies=False):
"""Parser for HTTP header set-cookie
The return from this function will be used as parameters for
django's response.set_cookie method. Because set_cookie doesn't
have parameter comment, this cookie attribute will be ignored.
:param cookie_string: A string representing a valid cookie
:param strict_cookies: Whether to only accept RFC-compliant cookies
:returns: A dictionary containing the cookie_string attributes
"""
if strict_cookies:
cookies = SimpleCookie(COOKIE_PREFIX + cookie_string)
if not cookies.keys():
return None
cookie_name, = cookies.keys()
cookie_dict = {
k: v
for k, v in cookies[cookie_name].items() if v and k != 'comment'
}
cookie_dict['key'] = cookie_name
cookie_dict['value'] = cookies[cookie_name].value
return cookie_dict
else:
valid_attrs = ('path', 'domain', 'comment', 'expires', 'max-age',
'httponly', 'secure', 'samesite')
cookie_dict = {}
cookie_parts = cookie_string.split(';')
try:
key, value = cookie_parts[0].split('=', 1)
cookie_dict['key'], cookie_dict['value'] = key, unquote(value)
except ValueError:
logger.warning('Invalid cookie: `%s`', cookie_string)
return None
if cookie_dict['value'].startswith('='):
logger.warning('Invalid cookie: `%s`', cookie_string)
return None
for part in cookie_parts[1:]:
if '=' in part:
attr, value = part.split('=', 1)
value = value.strip()
else:
attr = part
value = ''
attr = attr.strip().lower()
if not attr:
continue
if attr in valid_attrs:
if attr in ('httponly', 'secure'):
cookie_dict[attr] = True
elif attr in 'comment':
# ignoring comment attr as explained in the
# function docstring
continue
elif attr == 'max-age':
# The cookie uses 'max-age' but django's
# set_cookie uses 'max_age'
cookie_dict['max_age'] = unquote(value)
else:
cookie_dict[attr] = unquote(value)
else:
logger.warning('Unknown cookie attribute %s', attr)
return cookie_dict
class HTTPResponse(Plugin):
"""Plugin to encapsulate HTTP response."""
implements(IHTTPResponse)
start_response = False
"""Response headers are already sent on the connection."""
write_buffer = []
"""Either a list of byte-string buffered by write() method. Or a generator
function created via chunk_generator() method."""
flush_callback = None
"""Flush callback subscribed using flush() method."""
finish_callback = None
"""Finish callback subscribed using set_finish_callback() method."""
finished = False
"""A request is considered finished when there is no more response data to
be sent for the on-going request. This is typically indicated by flushing
the response with finishing=True argument."""
def __init__(self, request):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.__init__`
interface method."""
# Initialize response attributes
self.statuscode = b'200'
self.reason = http.client.responses[int(self.statuscode)]
self.version = request.httpconn.version
self.headers = {}
self.body = b''
self.chunk_generator = None
self.trailers = {}
self.setcookies = SimpleCookie()
# Initialize framework attributes
self.request = request
self.context = h.Context()
self.media_type = None
self.content_coding = None
self.charset = self.webapp['encoding']
self.language = self.webapp['language']
# Book keeping
self.httpconn = request.httpconn
self.start_response = False
self.write_buffer = []
self.finished = False
self.flush_callback = None
self.finish_callback = None
#---- IHTTPResponse APIs
def set_status(self, code):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_status`
interface method."""
if isinstance(code, int):
self.statuscode = str(code).encode('utf-8')
elif isinstance(code, str):
self.statuscode = code.encode('utf-8')
else:
self.statuscode = code
return self.statuscode
def set_header(self, name, value):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_header`
interface method."""
value = value if isinstance( value, bytes ) \
else str( value ).encode('utf-8')
self.headers[name] = value
return value
def add_header(self, name, value):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.add_header`
interface method."""
value = value if isinstance(value,
bytes) else str(value).encode('utf-8')
pvalue = self.headers.get(name, b'')
self.headers[name] = b','.join([pvalue, value]) if pvalue else None
return self.headers[name]
def set_trailer(self, name, value):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_trailer`
interface method."""
value = value if isinstance(value,
bytes) else str(value).encode('utf=8')
self.trailers[name] = value
return value
def add_trailer(self, name, value):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.add_trailer`
interface method."""
value = value if isinstance(value,
bytes) else str(value).encode('utf-8')
pvalue = self.trailers.get(name, b'')
self.trailers[name] = b','.join([pvalue, value]) if pvalue else None
return self.trailers[name]
def set_cookie(self, name, value, **kwargs):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_cookie`
interface method."""
return self.request.cookie.set_cookie(self.setcookies, name, value,
**kwargs)
def set_secure_cookie(self, name, value, expires_days=30, **kwargs):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_secure_cookie`
interface method."""
cookie = self.request.cookie
value = cookie.create_signed_value(name, value)
return cookie.set_cookie(self.setcookies, name, value, **kwargs)
def clear_cookie(self, name, path="/", domain=None):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.clear_cookie`
interface method."""
value = self.setcookies[name]
expires = dt.datetime.utcnow() - dt.timedelta(days=365)
self.request.cookie.set_cookie(self.setcookies,
name,
"",
path=path,
expires=expires,
domain=domain)
return value
def clear_all_cookies(self):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.clear_all_cookies`
interface method."""
list(map(self.clear_cookie, self.setcookies.keys()))
return None
def set_finish_callback(self, callback):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_finish_callback`
interface method."""
self.finish_callback = callback
def has_finished(self):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.has_finished`
interface method."""
return self.finished
def isstarted(self):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.isstarted`
interface method."""
return self.start_response
def ischunked(self):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.ischunked`
interface method."""
vals = dict(
h.parse_transfer_encoding(
self.headers.get('transfer_encoding', b''))).keys()
return b'chunked' in list(vals)
def write(self, data):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.write`
interface method."""
if self.has_finished():
raise Exception("Cannot write() after the response is finished.")
data = data.encode(self.charset) if isinstance(data, str) else data
self.write_buffer = self.write_buffer or []
self.write_buffer.append(data)
def flush(self, finishing=False, callback=None):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.flush`
interface method."""
if callback:
self.flush_callback = callback
self.finished = finishing
if callable(self.write_buffer):
self._flush_chunk(finishing)
else:
self._flush_body(finishing)
def httperror(self, statuscode=b'500', message=b''):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.httperror`
interface method."""
self.statuscode = statuscode
self.write(message) if message else None
self.flush(finishing=True)
_renderers = {
'.ttl': 'tayra.TTLCompiler',
}
_renderer_plugins = {}
def render(self, *args, **kwargs):
""":meth:`pluggdapps.interfaces.IHTTPResponse.render`
interface method.
positional argument,
``request``,
Instance of plugin implement
:class:`pluggdapps.web.interfaces.IHTTPRequest` interface.
``context``,
Dictionary of context information to be passed.
keyword arguments,
``file``,
Template file to be used for rendering.
``text``,
Template text to be used for rendering.
``ITemplate``,
:class:`ITemplate` plugin to use for rendering. This argument
must be in canonical form of plugin's name.
If ``file`` keyword argument is passed, this method will resolve the
correct renderer plugin based on file-extension. if ``text`` keyword
argument is passed, better pass the ``ITemplate`` argument as
well.
"""
request, context = args[0], args[1]
renderer = kwargs.get('ITemplate', None)
if renderer is None:
tfile = kwargs.get('file', '')
_, ext = splitext(tfile)
renderer = self._renderers.get(ext, None) if ext else None
# If in debug mode enable ttl file reloading.
tfile = h.abspath_from_asset_spec(tfile)
if self['debug'] and isfile(tfile):
self.pa._monitoredfiles.append(tfile)
if renderer in self._renderer_plugins:
plugin = self._renderer_plugins[renderer]
elif renderer:
plugin = self.qp(ITemplate, renderer)
else:
plugin = None
if plugin:
self.media_type = 'text/html'
self._renderer_plugins.setdefault(renderer, plugin)
return plugin.render(context, **kwargs)
else:
raise Exception('Unknown renderer')
def chunk_generator(self, callback, request, c):
""":meth:`pluggdapps.web.webinterfaces.IHTTPResponse.chunk_generator`
interface method."""
class ChunkGenerator(object):
def __iter__(self):
return self
def next(self):
return callback(request, c)
return ChunkGenerator()
#---- Local functions
def _try_start_headers(self, finishing=True):
"""Generate default headers for this response. And return the
byte-string of response header to write. This can be overriden
by view callable attributes."""
if self.start_response: return b''
self.start_response = True
stline = self._status_line()
return self._header_data(self.headers, stline=stline)
def _status_line(self):
code = self.statuscode
reason = http.client.responses[int(code)].encode('utf-8')
return b' '.join([self.version, code, reason])
def _header_data(self, headers, stline=b''):
# TODO : 3 header field types are specifically prohibited from
# appearing as a trailer field: Transfer-Encoding, Content-Length and
# Trailer.
lines = [stline] if stline else []
for n, v in headers.items():
nC = h.hdr_str2camelcase.get(n, None)
if nC == None:
n = n.encode('utf-8')
nC = b'-'.join([x.capitalize() for x in n.split('_')])
lines.append(nC + b': ' + v)
[
lines.append(b"Set-Cookie: " + cookie.OutputString())
for c in self.setcookies.values()
]
return b"\r\n".join(lines) + b"\r\n\r\n"
def _flush_body(self, finishing):
data = b''.join(self.write_buffer)
for tr in self.webapp.out_transformers:
data = tr.transform(self.request, data, finishing=finishing)
if self._if_etag():
self.body = data
else:
self.body = b''
self.set_header("content_length", len(self.body))
data = self._try_start_headers(finishing=finishing)
if self.request.method == b'HEAD':
pass
elif self.body:
data += self.body
self.httpconn.write(data, callback=self._onflush)
self.write_buffer = []
def _flush_chunk(self, finishing):
self.add_headers('transfer_encoding', 'chunked')
data = self._try_start_headers(finishing=finishing)
chunk = self.write_buffer(self.request, self.c)
for tr in self.webapp.out_transformers:
chunk = tr.transform(self.request, chunk, finishing=finishing)
if chunk:
data += hex(len(chunk)).encode('utf-8') + b'\r\n' + chunk + b'\r\n'
else:
data += b'0\r\n'
if self.trailers:
data += self._header_data(self.trailers)
self.httpconn.write(data, callback=self._onflush)
def _if_etag(self):
etag = self.headers.get('etag', '')
if self.ischunked() == False and etag:
im = self.request.headers.get("if_match", b'').strip()
inm = self.request.headers.get("if_none_match", b'').strip()
if ((im and im.find(etag) == -1)
or (inm and inm.find(etag) != -1)):
self.set_status(b'304')
return False
return True
def _onflush(self):
if self.flush_callback:
callback, self.flush_callback = self.flush_callback, None
callback()
if self.has_finished(): self._onfinish()
def _onfinish(self):
if self.finish_callback:
callback, self.finish_callback = self.finish_callback, None
callback()
self.request.onfinish()
#---- ISettings interface methods
@classmethod
def default_settings(cls):
""":meth:`pluggdapps.plugin.interfaces.ISettings.default_settings`
interface method."""
return _ds1
</form>
</div>
</div>
<script src="../js-dir/createInput.js">
</script>
</body>
</html>
"""
cook = SimpleCookie()
cook.load(os.environ.get("HTTP_COOKIE", ""))
req = Request()
user = None
family = None
first = None
if "user" in cook.keys():
user = str(cook.get("user")).split("=")[1]
if user is None:
raise Exception("username is Bad")
db = db_exe()
info = db.account_get_check(user)
first = info[3]
family = info[2]
html = html_ % (family, first, user)
res = Response()
res.set_body(html)
print(cook.output())
class CookieJar:
"""Implements cookie storage adhering to RFC 6265."""
DATE_TOKENS_RE = re.compile(
"[\x09\x20-\x2F\x3B-\x40\x5B-\x60\x7B-\x7E]*"
"(?P<token>[\x00-\x08\x0A-\x1F\d:a-zA-Z\x7F-\xFF]+)")
DATE_HMS_TIME_RE = re.compile("(\d{1,2}):(\d{1,2}):(\d{1,2})")
DATE_DAY_OF_MONTH_RE = re.compile("(\d{1,2})")
DATE_MONTH_RE = re.compile(
"(jan|feb|mar|apr|may|jun|jul|aug|sep|oct|nov|dec)", re.I)
DATE_YEAR_RE = re.compile("(\d{2,4})")
def __init__(self, cookies=None, loop=None):
self._cookies = SimpleCookie()
self._loop = loop or asyncio.get_event_loop()
self._host_only_cookies = set()
if cookies is not None:
self.update_cookies(cookies)
@property
def cookies(self):
"""The session cookies."""
return self._cookies
def _expire_cookie(self, name):
if name in self._cookies:
del self._cookies[name]
def update_cookies(self, cookies, response_url=None):
"""Update cookies."""
url_parsed = urlsplit(response_url or "")
hostname = url_parsed.hostname
if is_ip_address(hostname):
# Don't accept cookies from IPs
return
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, Morsel):
if not self._add_morsel(name, value, hostname):
continue
else:
self._cookies[name] = value
cookie = self._cookies[name]
if not cookie["domain"] and hostname is not None:
# Set the cookie's domain to the response hostname
# and set its host-only-flag
self._host_only_cookies.add(name)
cookie["domain"] = hostname
if not cookie["path"] or not cookie["path"].startswith("/"):
# Set the cookie's path to the response path
path = url_parsed.path
if not path.startswith("/"):
path = "/"
else:
# Cut everything from the last slash to the end
path = "/" + path[1:path.rfind("/")]
cookie["path"] = path
max_age = cookie["max-age"]
if max_age:
try:
delta_seconds = int(max_age)
self._loop.call_later(delta_seconds, self._expire_cookie,
name)
except ValueError:
cookie["max-age"] = ""
expires = cookie["expires"]
if not cookie["max-age"] and expires:
expire_time = self._parse_date(expires)
if expire_time:
self._loop.call_at(expire_time.timestamp(),
self._expire_cookie, name)
else:
cookie["expires"] = ""
# Remove the host-only flags of nonexistent cookies
self._host_only_cookies -= (self._host_only_cookies.difference(
self._cookies.keys()))
def _add_morsel(self, name, value, hostname):
"""Add a Morsel to the cookie jar."""
cookie_domain = value["domain"]
if cookie_domain.startswith("."):
# Remove leading dot
cookie_domain = cookie_domain[1:]
value["domain"] = cookie_domain
if not cookie_domain or not hostname:
dict.__setitem__(self._cookies, name, value)
return True
if not self._is_domain_match(cookie_domain, hostname):
# Setting cookies for different domains is not allowed
return False
# use dict method because SimpleCookie class modifies value
# before Python 3.4
dict.__setitem__(self._cookies, name, value)
return True
def filter_cookies(self, request_url):
"""Returns this jar's cookies filtered by their attributes."""
url_parsed = urlsplit(request_url)
filtered = SimpleCookie()
for name, cookie in self._cookies.items():
cookie_domain = cookie["domain"]
# Send shared cookies
if not cookie_domain:
dict.__setitem__(filtered, name, cookie)
continue
hostname = url_parsed.hostname or ""
if is_ip_address(hostname):
continue
if name in self._host_only_cookies:
if cookie_domain != hostname:
continue
elif not self._is_domain_match(cookie_domain, hostname):
continue
if not self._is_path_match(url_parsed.path, cookie["path"]):
continue
is_secure = url_parsed.scheme in ("https", "wss")
if cookie["secure"] and not is_secure:
continue
dict.__setitem__(filtered, name, cookie)
return filtered
@staticmethod
def _is_domain_match(domain, hostname):
"""Implements domain matching adhering to RFC 6265."""
if hostname == domain:
return True
if not hostname.endswith(domain):
return False
non_matching = hostname[:-len(domain)]
if not non_matching.endswith("."):
return False
return not is_ip_address(hostname)
@staticmethod
def _is_path_match(req_path, cookie_path):
"""Implements path matching adhering to RFC 6265."""
if req_path == cookie_path:
return True
if not req_path.startswith(cookie_path):
return False
if cookie_path.endswith("/"):
return True
non_matching = req_path[len(cookie_path):]
return non_matching.startswith("/")
@classmethod
def _parse_date(cls, date_str):
"""Implements date string parsing adhering to RFC 6265."""
if not date_str:
return
found_time = False
found_day_of_month = False
found_month = False
found_year = False
hour = minute = second = 0
day_of_month = 0
month = ""
year = 0
for token_match in cls.DATE_TOKENS_RE.finditer(date_str):
token = token_match.group("token")
if not found_time:
time_match = cls.DATE_HMS_TIME_RE.match(token)
if time_match:
found_time = True
hour, minute, second = [
int(s) for s in time_match.groups()
]
continue
if not found_day_of_month:
day_of_month_match = cls.DATE_DAY_OF_MONTH_RE.match(token)
if day_of_month_match:
found_day_of_month = True
day_of_month = int(day_of_month_match.group())
continue
if not found_month:
month_match = cls.DATE_MONTH_RE.match(token)
if month_match:
found_month = True
month = month_match.group()
continue
if not found_year:
year_match = cls.DATE_YEAR_RE.match(token)
if year_match:
found_year = True
year = int(year_match.group())
if 70 <= year <= 99:
year += 1900
elif 0 <= year <= 69:
year += 2000
if False in (found_day_of_month, found_month, found_year, found_time):
return
if not 1 <= day_of_month <= 31:
return
if year < 1601 or hour > 23 or minute > 59 or second > 59:
return
dt = datetime.datetime.strptime(
"%s %d %d:%d:%d %d" %
(month, day_of_month, hour, minute, second, year),
"%b %d %H:%M:%S %Y")
return dt.replace(tzinfo=datetime.timezone.utc)
class CookieJar:
"""Implements cookie storage adhering to RFC 6265."""
DATE_TOKENS_RE = re.compile(
"[\x09\x20-\x2F\x3B-\x40\x5B-\x60\x7B-\x7E]*"
"(?P<token>[\x00-\x08\x0A-\x1F\d:a-zA-Z\x7F-\xFF]+)")
DATE_HMS_TIME_RE = re.compile("(\d{1,2}):(\d{1,2}):(\d{1,2})")
DATE_DAY_OF_MONTH_RE = re.compile("(\d{1,2})")
DATE_MONTH_RE = re.compile(
"(jan|feb|mar|apr|may|jun|jul|aug|sep|oct|nov|dec)", re.I)
DATE_YEAR_RE = re.compile("(\d{2,4})")
def __init__(self, cookies=None, loop=None):
self._cookies = SimpleCookie()
self._loop = loop or asyncio.get_event_loop()
self._host_only_cookies = set()
if cookies is not None:
self.update_cookies(cookies)
@property
def cookies(self):
"""The session cookies."""
return self._cookies
def _expire_cookie(self, name):
if name in self._cookies:
del self._cookies[name]
def update_cookies(self, cookies, response_url=None):
"""Update cookies."""
url_parsed = urlsplit(response_url or "")
hostname = url_parsed.hostname
if is_ip_address(hostname):
# Don't accept cookies from IPs
return
if isinstance(cookies, dict):
cookies = cookies.items()
for name, value in cookies:
if isinstance(value, Morsel):
if not self._add_morsel(name, value, hostname):
continue
else:
self._cookies[name] = value
cookie = self._cookies[name]
if not cookie["domain"] and hostname is not None:
# Set the cookie's domain to the response hostname
# and set its host-only-flag
self._host_only_cookies.add(name)
cookie["domain"] = hostname
if not cookie["path"] or not cookie["path"].startswith("/"):
# Set the cookie's path to the response path
path = url_parsed.path
if not path.startswith("/"):
path = "/"
else:
# Cut everything from the last slash to the end
path = "/" + path[1:path.rfind("/")]
cookie["path"] = path
max_age = cookie["max-age"]
if max_age:
try:
delta_seconds = int(max_age)
self._loop.call_later(
delta_seconds, self._expire_cookie, name)
except ValueError:
cookie["max-age"] = ""
expires = cookie["expires"]
if not cookie["max-age"] and expires:
expire_time = self._parse_date(expires)
if expire_time:
self._loop.call_at(
expire_time.timestamp(),
self._expire_cookie, name)
else:
cookie["expires"] = ""
# Remove the host-only flags of nonexistent cookies
self._host_only_cookies -= (
self._host_only_cookies.difference(self._cookies.keys()))
def _add_morsel(self, name, value, hostname):
"""Add a Morsel to the cookie jar."""
cookie_domain = value["domain"]
if cookie_domain.startswith("."):
# Remove leading dot
cookie_domain = cookie_domain[1:]
value["domain"] = cookie_domain
if not cookie_domain or not hostname:
dict.__setitem__(self._cookies, name, value)
return True
if not self._is_domain_match(cookie_domain, hostname):
# Setting cookies for different domains is not allowed
return False
# use dict method because SimpleCookie class modifies value
# before Python 3.4
dict.__setitem__(self._cookies, name, value)
return True
def filter_cookies(self, request_url):
"""Returns this jar's cookies filtered by their attributes."""
url_parsed = urlsplit(request_url)
filtered = SimpleCookie()
for name, cookie in self._cookies.items():
cookie_domain = cookie["domain"]
# Send shared cookies
if not cookie_domain:
dict.__setitem__(filtered, name, cookie)
continue
hostname = url_parsed.hostname or ""
if is_ip_address(hostname):
continue
if name in self._host_only_cookies:
if cookie_domain != hostname:
continue
elif not self._is_domain_match(cookie_domain, hostname):
continue
if not self._is_path_match(url_parsed.path, cookie["path"]):
continue
is_secure = url_parsed.scheme in ("https", "wss")
if cookie["secure"] and not is_secure:
continue
dict.__setitem__(filtered, name, cookie)
return filtered
@staticmethod
def _is_domain_match(domain, hostname):
"""Implements domain matching adhering to RFC 6265."""
if hostname == domain:
return True
if not hostname.endswith(domain):
return False
non_matching = hostname[:-len(domain)]
if not non_matching.endswith("."):
return False
return not is_ip_address(hostname)
@staticmethod
def _is_path_match(req_path, cookie_path):
"""Implements path matching adhering to RFC 6265."""
if req_path == cookie_path:
return True
if not req_path.startswith(cookie_path):
return False
if cookie_path.endswith("/"):
return True
non_matching = req_path[len(cookie_path):]
return non_matching.startswith("/")
@classmethod
def _parse_date(cls, date_str):
"""Implements date string parsing adhering to RFC 6265."""
if not date_str:
return
found_time = False
found_day_of_month = False
found_month = False
found_year = False
hour = minute = second = 0
day_of_month = 0
month = ""
year = 0
for token_match in cls.DATE_TOKENS_RE.finditer(date_str):
token = token_match.group("token")
if not found_time:
time_match = cls.DATE_HMS_TIME_RE.match(token)
if time_match:
found_time = True
hour, minute, second = [
int(s) for s in time_match.groups()]
continue
if not found_day_of_month:
day_of_month_match = cls.DATE_DAY_OF_MONTH_RE.match(token)
if day_of_month_match:
found_day_of_month = True
day_of_month = int(day_of_month_match.group())
continue
if not found_month:
month_match = cls.DATE_MONTH_RE.match(token)
if month_match:
found_month = True
month = month_match.group()
continue
if not found_year:
year_match = cls.DATE_YEAR_RE.match(token)
if year_match:
found_year = True
year = int(year_match.group())
if 70 <= year <= 99:
year += 1900
elif 0 <= year <= 69:
year += 2000
if False in (found_day_of_month, found_month, found_year, found_time):
return
if not 1 <= day_of_month <= 31:
return
if year < 1601 or hour > 23 or minute > 59 or second > 59:
return
dt = datetime.datetime.strptime(
"%s %d %d:%d:%d %d" % (
month, day_of_month, hour, minute, second, year
), "%b %d %H:%M:%S %Y")
return dt.replace(tzinfo=datetime.timezone.utc)
def parse_cookies(self):
cookie_data = self.environ.get('HTTP_COOKIE', '')
cookies = SimpleCookie()
if cookie_data:
cookies.load(cookie_data)
return {key: cookies.get(key).value for key in cookies.keys()}
class Request(object):
"""Provide a consistent way to treat a Request."""
def __init__(self):
self.post = {}
self.get = {}
self.url = ''
self.path_info = ''
self.remote_address = ''
self.remove_base_url = False # needed for WSGI
self.headers = {'Content-Type': 'text/html'}
self._incookies = SimpleCookie()
self._outcookies = SimpleCookie()
def setHeader(self, header, value):
if not hasattr(self, 'headers'):
self.headers = dict()
self.headers[header] = value
def setHeaders(self, headers={}):
for header, value in headers.items():
self.setHeader(header, value)
def cookieHeaders(self):
for name in self._outcookies.keys():
path = self._outcookies[name].get('path')
if path:
path = path.replace(' ', '%20') \
.replace(';', '%3B') \
.replace(',', '%3C')
self._outcookies[name]['path'] = path
cookies = self._outcookies.output(header='')
for cookie in cookies.splitlines():
self.setHeader('Set-Cookie', cookie.strip())
# XXX overwrite header 'Set-Cookie' :S
return self.headers['Set-Cookie']
def write(self, content):
raise NotImplementedError
def writeResponse(self, response):
self.write('Status: %d\r\n' % response.status_code)
for header, value in response.headers.items():
self.write('%s: %s\r\n' % (header, value))
self.write('\r\n')
self.write(response.content)
def setCookie(self, key, value, path='/', expires=None):
self._outcookies[key] = value
# make sure path does not contain trailing slash (#334)
if path != '/':
path = path.rstrip('/')
self._outcookies[key]['path'] = path
if expires:
self._outcookies[key]['expires'] = expires
def getCookie(self, key, default=None):
try:
value = self._incookies[key]
except KeyError:
return default
if not value.value:
return default
return value.value
def is_ajax(self):
return 'ajax' in self.post or 'ajax' in self.get
