def url_fix(s, charset='utf-8'): if isinstance(s, unicode): s = s.encode(charset, 'ignore') scheme, netloc, path, qs, anchor = urlparse.urlsplit(s) path = urllib.quote(path, '/%') qs = urllib.quote_plus(qs, ':&=') return urlparse.urlunsplit((scheme, netloc, path, qs, anchor))
def YATSServer(): if hasattr(settings, 'SSO_SERVER'): parts = list(urlparse.urlsplit(settings.SSO_SERVER)) parts[2] = '' return urlparse.urlunsplit(parts) else: return ''
def referrer_path(meta, default=None): referrer = meta.get("HTTP_REFERER") if not referrer: return default parsed = urlparse.urlsplit(referrer) next_domain = drop_subdomain(parsed.netloc) cur_domain = drop_subdomain(meta.get("HTTP_HOST", "")) if next_domain != cur_domain: return default return urlparse.urlunsplit(('', '') + parsed[2:])
def url_fix( s, charset='utf-8' ): #UTF-8 is one of the most commonly used encodings. UTF stands for “Unicode Transformation Format”, and the '8' means that 8-bit numbers are used in the encoding. if isinstance(s, unicode): s = s.encode(charset, 'ignore') scheme, netloc, path, qs, anchor = urlparse.urlsplit(s) path = urllib.quote(path, '/%') #for delimeter qs = urllib.quote_plus(qs, ':&=') #python data structures key-value pairs return urlparse.urlunsplit((scheme, netloc, path, qs, anchor))
def audit(arg): Ii1iI = arg Oo = urlparse(Ii1iI) I1Ii11I1Ii1i = urlparse.urlunsplit((Oo.scheme, Oo.netloc, Oo.path, "", "")) Oo0Ooo = urllib.parse.parse_qsl(Oo.query) oo = ["__VIEWSTATE", "IbtnEnter.x", "IbtnEnter.y"] for O0O0OO0O0O0, iiiii in Oo0Ooo: if O0O0OO0O0O0 in oo: continue debug("[RDB] %s %s-", O0O0OO0O0O0, I1Ii11I1Ii1i) IiII1I1i1i1ii = iI1(I1Ii11I1Ii1i, Oo0Ooo, O0O0OO0O0O0, iiiii) if IiII1I1i1i1ii: security_info(IiII1I1i1i1ii[1]) return
def XigniteGlobalRealTime_GetBar(token, identifier, identifierType, endDateTime, precision, period, secureRequest=None): if dt.datetime_is_naive(endDateTime): raise Exception("endDateTime must have a timezone") # Parse the exchange from the identifier. instrument, exchange = parse_instrument_exchange(identifier) if secureRequest is None: secureRequest = USE_SECURE_REQUESTS if secureRequest: scheme = "https" else: scheme = "http" # print datetime_to_string(endDateTime, exchange) params = { "_Token": token, "Identifier": identifier, "IdentifierType": identifierType, "EndTime": datetime_to_string(endDateTime, exchange), "Precision": precision, "Period": period, } parts = (scheme, "globalrealtime.xignite.com", "v3/xGlobalRealTime.json/GetBar", urllib.urlencode(params), "") url = urlparse.urlunsplit(parts) ret = json_http_request(url) if ret.get("Outcome") != "Success": msg = ret.get("Message") if msg is None: msg = "Error %s" % (ret.get("Outcome")) raise XigniteError(msg, ret) return ret
def goto(self, href, method='get', **args): """ Monkeypatch the TestResponse.goto method so that it doesn't wipe out the scheme and host. """ scheme, host, path, query, fragment = urlparse.urlsplit(href) # We fragment = '' href = urlparse.urlunsplit((scheme, host, path, query, fragment)) href = urlparse.urljoin(self.request.url, href) method = method.lower() assert method in ('get', 'post'), ( 'Only "get" or "post" are allowed for method (you gave %r)' % method) if method == 'get': method = self.test_app.get else: method = self.test_app.post return method(href, **args)
def audit(arg): I1I11I1I1I = arg I1IiI = urlparse(I1I11I1I1I) Oo000 = urlparse.urlunsplit((I1IiI.scheme, I1IiI.netloc, I1IiI.path, "", "")) o0OOO = urllib.parse.parse_qsl(I1IiI.query) IIiIi11i1 = ["__VIEWSTATE", "IbtnEnter.x", "IbtnEnter.y"] iIii1, oOOoO0, o0O0o0Oo, iiI1IiI, iiI1IiI = curl.curl(Oo000) for iIiiiI, Iii1ii1II11i in o0OOO: if iIiiiI in IIiIi11i1: continue if OOoIi1IIii11(Oo000, o0OOO, iIiiiI, Iii1ii1II11i, o0O0o0Oo): return iIii1, oOOoO0, O0OoO000O0OO, iiI1IiI, iiI1IiI = curl.curl(I1I11I1I1I) iI1I111Ii111i = [] for OoOo in ["<\?[\r\n\s=]", "<\?php[\r\n\s=]", "<%[\r\n\s@]"]: if not re.search(OoOo, O0OoO000O0OO): iI1I111Ii111i.append(OoOo) if not iI1I111Ii111i: return oOo0oooo00o = [".", "..", "../..", "../../..", "../../../..", "../../../../.."] iIi1iIiii111 = [] oOoOO0 = I1IiI.path.split("/")[-1] iIi1iIiii111.append(oOoOO0) for IIi1i11111 in oOo0oooo00o: iIi1iIiii111.append(IIi1i11111 + "/" + oOoOO0) for IIi1i11111 in oOo0oooo00o: iIi1iIiii111.append(IIi1i11111 + I1IiI.path) for iIiiiI, Iii1ii1II11i in o0OOO: if iIiiiI in IIiIi11i1: continue i11i1I1 = "" if Iii1ii1II11i.find(".") != -1: i11i1I1 = Iii1ii1II11i.split(".")[-1] if oo(Oo000, o0OOO, iIiiiI, Iii1ii1II11i, set(iIi1iIiii111), i11i1I1, iI1I111Ii111i): return
def run_validators(self, value): if self.allow_plain_hostname: try: url_parts = urlparse.urlsplit(value) if url_parts.hostname and '.' not in url_parts.hostname: netloc = '{}.local'.format(url_parts.hostname) if url_parts.port: netloc = '{}:{}'.format(netloc, url_parts.port) if url_parts.username: if url_parts.password: netloc = '{}:{}@{}' % (url_parts.username, url_parts.password, netloc) else: netloc = '{}@{}' % (url_parts.username, netloc) value = urlparse.urlunsplit([ url_parts.scheme, netloc, url_parts.path, url_parts.query, url_parts.fragment ]) except Exception: raise # If something fails here, just fall through and let the validators check it. super(URLField, self).run_validators(value)
def read_url_post(url): '''Transform a JSON contained in a file into an equivalent nested python dict. Parameters ---------- url : string where to get the json. Returns ------- dict Python version of the input Note: if the input is a bare array or literal, for example, the output will be of the corresponding type. ''' urlp = urlparse.urlparse(url) main_url = urlparse.urlunsplit( (urlp.scheme, urlp.netloc, urlp.path, '', '')) data = json.dumps(dict(urlparse.parse_qsl(urlp.query))) handler = urllib_request.HTTPHandler() opener = urllib_request.build_opener(handler) request = urllib_request.Request(main_url, data) request.add_header("Content-Type", 'application/json') request.get_method = lambda: 'POST' try: response = opener.open(request) except Exception as e: response = e if response.code == 200: json_string = response.read() else: json_string = response.read() return json.loads(json_string)
def audit(arg): ooO0oooOoO0 = arg II11i = urlparse(ooO0oooOoO0) i1oOOoo00O0O = urlparse.urlunsplit((II11i.scheme, II11i.netloc, II11i.path, "", "")) Oo0Ooo = urllib.parse.parse_qsl(II11i.query) i1111 = ['__VIEWSTATE', 'IbtnEnter.x', 'IbtnEnter.y'] i11 = ["GET", "POST"] for I11 in i11: for O0O0OO0O0O0, iiiii in Oo0Ooo: if O0O0OO0O0O0 in i1111: continue debug('[XSS] <%s> %s %s', I11, O0O0OO0O0O0, i1oOOoo00O0O) Oo0o0000o0o0 = iI1(I11, i1oOOoo00O0O, Oo0Ooo, O0O0OO0O0O0, iiiii) if Oo0o0000o0o0: security_info('<%s> %s' % (I11, Oo0o0000o0o0[1])) return