def cookies_to_dict(self, cookies): """ Converts a cookie string into python dict. """ ret = {} cookie = SimpleCookie() cookie.load(cookies) for key, morsel in cookie.keys(): ret[key] = morsel.value return ret
def start_response(status, headers): ret["status"] = status ret["headers"] = headers ret["cookies"] = {} cookies = SimpleCookie() for k, v in headers: if k == 'Set-Cookie': cookies.load(v) for key in cookies.keys(): ret["cookies"][key] = cookies[key]
def cookies_params(self): cookies = self.get_raw_header("HTTP_COOKIES") if cookies: try: cookie = SimpleCookie() cookie.load(cookies) return {key: cookie[key].coded_value for key in cookie.keys()} except Exception: LOGGER.debug("couldn't parse cookies", exc_info=True) return {}
def parse_cookie(cookie): if cookie == '': return {} try: c = SimpleCookie() c.load(cookie) except CookieError: # Invalid cookie return {} cookiedict = {} for key in list(c.keys()): cookiedict[key] = c.get(key).value return cookiedict
def _scrub_headers(headers): """scrub auth info from headers""" headers = dict(headers) if 'Authorization' in headers: auth = headers['Authorization'] if auth.startswith('token '): headers['Authorization'] = 'token [secret]' if 'Cookie' in headers: c = SimpleCookie(headers['Cookie']) redacted = [] for name in c.keys(): redacted.append("{}=[secret]".format(name)) headers['Cookie'] = '; '.join(redacted) return headers
def _scrub_headers(headers): """scrub auth info from headers""" headers = dict(headers) if 'Authorization' in headers: auth = headers['Authorization'] if ' ' in auth: auth_type = auth.split(' ', 1)[0] else: # no space, hide the whole thing in case there was a mistake auth_type = '' headers['Authorization'] = f'{auth_type} [secret]' if 'Cookie' in headers: c = SimpleCookie(headers['Cookie']) redacted = [] for name in c.keys(): redacted.append(f"{name}=[secret]") headers['Cookie'] = '; '.join(redacted) return headers
def _scrub_headers(headers): """scrub auth info from headers""" headers = dict(headers) if "Authorization" in headers: auth = headers["Authorization"] if " " in auth: auth_type = auth.split(" ", 1)[0] else: # no space, hide the whole thing in case there was a mistake auth_type = "" headers["Authorization"] = "{} [secret]".format(auth_type) if "Cookie" in headers: c = SimpleCookie(headers["Cookie"]) redacted = [] for name in c.keys(): redacted.append("{}=[secret]".format(name)) headers["Cookie"] = "; ".join(redacted) return headers
def get_cookies(self, video_url): video_id_regex = re.compile('^https://player.hotmart.com/embed/([^/]+)/source/[^/]+=\\.m3u8$') video_id = '' match = video_id_regex.match(video_url) if match: video_id = match.group(1) video_requests = list(filter(lambda x:x[0].path == video_url, request_history)) cookies = '' if len(video_requests) > 0: headers = video_requests[-1][0].headers cookies = headers.get('Cookie') token_requests = list(filter(HotmartBot.filter_token, request_history)) if len(token_requests) == 0: return cookies video_cookies = [] for request in token_requests: simple_cookie = SimpleCookie() headers = request[1].headers raw_cookies = headers.get_all('Set-Cookie') for c in raw_cookies: simple_cookie.load(c) for entry in simple_cookie.keys(): path = simple_cookie[entry]['path'] if video_id in path: video_cookies.append(entry + '=' + simple_cookie[entry].coded_value) if len(video_cookies) > 0: video_cookies = list(set(video_cookies)) cookies = cookies.strip().strip(';') cookies = cookies + '; ' + "; ".join(video_cookies) return cookies
def parse_cookie(cookie): '''Parse an `HTTP cookie`_ string. Return a dictionary of cookie name/values. ''' if not cookie: return {} if not isinstance(cookie, BaseCookie): try: c = SimpleCookie() c.load(cookie) except CookieError: # pragma nocover # Invalid cookie return {} else: c = cookie cookiedict = {} for key in c.keys(): cookiedict[key] = c.get(key).value return cookiedict
def parse_cookie(cookie): """Parse an `HTTP cookie`_ string. Return a dictionary of cookie name/values. """ if not cookie: return {} if not isinstance(cookie, BaseCookie): try: c = SimpleCookie() c.load(cookie) except CookieError: # pragma nocover # Invalid cookie return {} else: c = cookie cookiedict = {} for key in c.keys(): cookiedict[key] = c.get(key).value return cookiedict
def parse_cookie(cookie): """ >>> parse_cookie('') {} >>> parse_cookie('foo=bar;') {'foo': 'bar'} >>> parse_cookie('foo=bar;foo=baz') {'foo': 'baz'} >>> parse_cookie('f1=v1;f2=v2') == {'f1': 'v1', 'f2': 'v2'} True """ if not cookie: return {} if not isinstance(cookie, BaseCookie): try: c = SimpleCookie() c.load(cookie) except CookieError: # Invalid cookie return {} else: c = cookie return {k: c.get(k).value for k in c.keys()}
class HTTPResponse( Plugin ): """Plugin to encapsulate HTTP response.""" implements( IHTTPResponse ) start_response = False """Response headers are already sent on the connection.""" write_buffer = [] """Either a list of byte-string buffered by write() method. Or a generator function created via chunk_generator() method.""" flush_callback = None """Flush callback subscribed using flush() method.""" finish_callback = None """Finish callback subscribed using set_finish_callback() method.""" finished = False """A request is considered finished when there is no more response data to be sent for the on-going request. This is typically indicated by flushing the response with finishing=True argument.""" def __init__( self, request ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.__init__` interface method.""" # Initialize response attributes self.statuscode = b'200' self.reason = http.client.responses[ int(self.statuscode) ] self.version = request.httpconn.version self.headers = {} self.body = b'' self.chunk_generator = None self.trailers = {} self.setcookies = SimpleCookie() # Initialize framework attributes self.request = request self.context = h.Context() self.media_type = None self.content_coding = None self.charset = self.webapp['encoding'] self.language = self.webapp['language'] # Book keeping self.httpconn = request.httpconn self.start_response = False self.write_buffer = [] self.finished = False self.flush_callback = None self.finish_callback = None #---- IHTTPResponse APIs def set_status( self, code ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_status` interface method.""" if isinstance(code, int) : self.statuscode = str(code).encode('utf-8') elif isinstance(code, str) : self.statuscode = code.encode('utf-8') else : self.statuscode = code return self.statuscode def set_header( self, name, value ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_header` interface method.""" value = value if isinstance( value, bytes ) \ else str( value ).encode('utf-8') self.headers[ name ] = value return value def add_header( self, name, value ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.add_header` interface method.""" value = value if isinstance(value,bytes) else str(value).encode('utf-8') pvalue = self.headers.get( name, b'' ) self.headers[name] = b','.join([pvalue, value]) if pvalue else None return self.headers[name] def set_trailer( self, name, value ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_trailer` interface method.""" value = value if isinstance(value,bytes) else str(value).encode('utf=8') self.trailers[name] = value return value def add_trailer( self, name, value ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.add_trailer` interface method.""" value = value if isinstance(value,bytes) else str(value).encode('utf-8') pvalue = self.trailers.get(name, b'') self.trailers[name] = b','.join([pvalue, value]) if pvalue else None return self.trailers[name] def set_cookie( self, name, value, **kwargs ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_cookie` interface method.""" return self.request.cookie.set_cookie( self.setcookies, name, value, **kwargs ) def set_secure_cookie( self, name, value, expires_days=30, **kwargs ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_secure_cookie` interface method.""" cookie = self.request.cookie value = cookie.create_signed_value(name, value) return cookie.set_cookie( self.setcookies, name, value, **kwargs ) def clear_cookie( self, name, path="/", domain=None ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.clear_cookie` interface method.""" value = self.setcookies[ name ] expires = dt.datetime.utcnow() - dt.timedelta(days=365) self.request.cookie.set_cookie( self.setcookies, name, "", path=path, expires=expires, domain=domain ) return value def clear_all_cookies(self): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.clear_all_cookies` interface method.""" list( map( self.clear_cookie, self.setcookies.keys() )) return None def set_finish_callback(self, callback): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_finish_callback` interface method.""" self.finish_callback = callback def has_finished( self ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.has_finished` interface method.""" return self.finished def isstarted( self ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.isstarted` interface method.""" return self.start_response def ischunked( self ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.ischunked` interface method.""" vals = dict( h.parse_transfer_encoding( self.headers.get( 'transfer_encoding', b'' ))).keys() return b'chunked' in list( vals ) def write( self, data ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.write` interface method.""" if self.has_finished() : raise Exception( "Cannot write() after the response is finished." ) data = data.encode(self.charset) if isinstance(data, str) else data self.write_buffer = self.write_buffer or [] self.write_buffer.append( data ) def flush( self, finishing=False, callback=None ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.flush` interface method.""" if callback : self.flush_callback = callback self.finished = finishing if callable( self.write_buffer ) : self._flush_chunk( finishing ) else : self._flush_body( finishing ) def httperror( self, statuscode=b'500', message=b'' ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.httperror` interface method.""" self.statuscode = statuscode self.write( message ) if message else None self.flush( finishing=True ) _renderers = { '.ttl' : 'tayra.TTLCompiler', } _renderer_plugins = { } def render( self, *args, **kwargs ): """:meth:`pluggdapps.interfaces.IHTTPResponse.render` interface method. positional argument, ``request``, Instance of plugin implement :class:`pluggdapps.web.interfaces.IHTTPRequest` interface. ``context``, Dictionary of context information to be passed. keyword arguments, ``file``, Template file to be used for rendering. ``text``, Template text to be used for rendering. ``ITemplate``, :class:`ITemplate` plugin to use for rendering. This argument must be in canonical form of plugin's name. If ``file`` keyword argument is passed, this method will resolve the correct renderer plugin based on file-extension. if ``text`` keyword argument is passed, better pass the ``ITemplate`` argument as well. """ request, context = args[0], args[1] renderer = kwargs.get( 'ITemplate', None ) if renderer is None : tfile = kwargs.get( 'file', '' ) _, ext = splitext( tfile ) renderer = self._renderers.get( ext, None ) if ext else None # If in debug mode enable ttl file reloading. tfile = h.abspath_from_asset_spec( tfile ) if self['debug'] and isfile( tfile ): self.pa._monitoredfiles.append( tfile ) if renderer in self._renderer_plugins : plugin = self._renderer_plugins[ renderer ] elif renderer : plugin = self.qp( ITemplate, renderer ) else : plugin = None if plugin : self.media_type = 'text/html' self._renderer_plugins.setdefault( renderer, plugin ) return plugin.render( context, **kwargs ) else : raise Exception('Unknown renderer') def chunk_generator( self, callback, request, c ): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.chunk_generator` interface method.""" class ChunkGenerator( object ): def __iter__( self ): return self def next( self ): return callback( request, c ) return ChunkGenerator() #---- Local functions def _try_start_headers( self, finishing=True ) : """Generate default headers for this response. And return the byte-string of response header to write. This can be overriden by view callable attributes.""" if self.start_response : return b'' self.start_response = True stline = self._status_line() return self._header_data( self.headers, stline=stline ) def _status_line( self ): code = self.statuscode reason = http.client.responses[ int(code) ].encode( 'utf-8' ) return b' '.join([ self.version, code, reason ]) def _header_data( self, headers, stline=b'' ): # TODO : 3 header field types are specifically prohibited from # appearing as a trailer field: Transfer-Encoding, Content-Length and # Trailer. lines = [ stline ] if stline else [] for n, v in headers.items() : nC = h.hdr_str2camelcase.get( n, None ) if nC == None : n = n.encode('utf-8') nC = b'-'.join([ x.capitalize() for x in n.split('_') ]) lines.append( nC + b': ' + v ) [ lines.append( b"Set-Cookie: " + cookie.OutputString() ) for c in self.setcookies.values() ] return b"\r\n".join(lines) + b"\r\n\r\n" def _flush_body( self, finishing ): data = b''.join( self.write_buffer ) for tr in self.webapp.out_transformers : data = tr.transform( self.request, data, finishing=finishing ) if self._if_etag() : self.body = data else : self.body = b'' self.set_header( "content_length", len(self.body) ) data = self._try_start_headers( finishing=finishing ) if self.request.method == b'HEAD' : pass elif self.body : data += self.body self.httpconn.write( data, callback=self._onflush ) self.write_buffer = [] def _flush_chunk( self, finishing ): self.add_headers( 'transfer_encoding', 'chunked' ) data = self._try_start_headers( finishing=finishing ) chunk = self.write_buffer( self.request, self.c ) for tr in self.webapp.out_transformers : chunk = tr.transform( self.request, chunk, finishing=finishing ) if chunk : data += hex(len(chunk)).encode('utf-8') + b'\r\n' + chunk + b'\r\n' else : data += b'0\r\n' if self.trailers : data += self._header_data( self.trailers ) self.httpconn.write( data, callback=self._onflush ) def _if_etag( self ): etag = self.headers.get('etag', '') if self.ischunked() == False and etag : im = self.request.headers.get( "if_match", b'' ).strip() inm = self.request.headers.get( "if_none_match", b'' ).strip() if ( (im and im.find( etag ) == -1) or (inm and inm.find( etag ) != -1) ) : self.set_status( b'304' ) return False return True def _onflush( self ): if self.flush_callback : callback, self.flush_callback = self.flush_callback, None callback() if self.has_finished() : self._onfinish() def _onfinish( self ): if self.finish_callback : callback, self.finish_callback = self.finish_callback, None callback() self.request.onfinish() #---- ISettings interface methods @classmethod def default_settings( cls ): """:meth:`pluggdapps.plugin.interfaces.ISettings.default_settings` interface method.""" return _ds1
def do_GET(self): cookies = SimpleCookie(self.headers.get('Cookie')) # then use somewhat like a dict, e.g: # username = cookies['username'].value if "mainpassword" not in cookies.keys() and self.path.split( ".")[-1] not in ["css", "js", "png" ] and os.path.isfile(fileWallet): if not os.path.isfile(fileWallet): self.path = "/" else: self.path = "/login.htm" # page d'ajout if self.path == "/": self.path = "/index.htm" if not os.path.isfile(fileWallet): print("creation du wallet") self.send_response(302) self.send_header('Location', "/create.htm") self.end_headers() else: self._set_headers("text/" + self.path[1:].split(".")[-1]) with open("web_wallet/" + self.path[1:], "r") as f: self.wfile.write(f.read().encode("utf8")) # call a l'api pour un passwd aléatoire elif self.path == "/randompasswd": self._set_headers("text/plain") self.wfile.write(genRngPasswd.random_string(20).encode("utf8")) # Affichage elif self.path == "/view": if w.lock: w.unlock(cookies["mainpassword"].value) if not w.lock: self.do_HEAD() liste = [w.get_acount(a) for a in w.get_applications()] print(liste) liste_disp = "" with open("web_wallet/acount.template") as template: content = template.read() for e in liste: liste_disp += content.format(acount=e) with open("web_wallet/view.htm") as f: content = f.read() content = content.format(liste_acount=liste_disp) self.wfile.write(content.encode("utf8")) else: # page non spéciale if self.path.endswith(("woff", "woff2", "ttf")): self._set_headers("font/" + self.path.split(".")[-1]) if os.path.isfile("web_wallet/" + self.path[1:].split("?")[0]): with open("web_wallet/" + self.path[1:].split("?")[0], "rb") as f: self.wfile.write(f.read()) else: self._set_headers() if os.path.isfile("web_wallet/" + self.path[1:].split("?")[0]): with open("web_wallet/" + self.path[1:].split("?")[0], "r") as f: self.wfile.write(f.read().encode("utf8")) # 404 else: print(self.path) self.wfile.write( _html("<html><body><h1>404</h1></body></html>"))
def cookie_from_string(cookie_string, strict_cookies=False): """Parser for HTTP header set-cookie The return from this function will be used as parameters for django's response.set_cookie method. Because set_cookie doesn't have parameter comment, this cookie attribute will be ignored. :param cookie_string: A string representing a valid cookie :param strict_cookies: Whether to only accept RFC-compliant cookies :returns: A dictionary containing the cookie_string attributes """ if strict_cookies: cookies = SimpleCookie(COOKIE_PREFIX + cookie_string) if not cookies.keys(): return None cookie_name, = cookies.keys() cookie_dict = {k: v for k, v in cookies[cookie_name].items() if v and k != 'comment'} cookie_dict['key'] = cookie_name cookie_dict['value'] = cookies[cookie_name].value return cookie_dict else: valid_attrs = ('path', 'domain', 'comment', 'expires', 'max_age', 'httponly', 'secure') cookie_dict = {} cookie_parts = cookie_string.split(';') try: key, value = cookie_parts[0].split('=', 1) cookie_dict['key'], cookie_dict['value'] = key, unquote(value) except ValueError: logger.warning('Invalid cookie: `%s`', cookie_string) return None if cookie_dict['value'].startswith('='): logger.warning('Invalid cookie: `%s`', cookie_string) return None for part in cookie_parts[1:]: if '=' in part: attr, value = part.split('=', 1) value = value.strip() else: attr = part value = '' attr = attr.strip().lower() if not attr: continue if attr in valid_attrs: if attr in ('httponly', 'secure'): cookie_dict[attr] = True elif attr in 'comment': # ignoring comment attr as explained in the # function docstring continue else: cookie_dict[attr] = unquote(value) else: logger.warning('Unknown cookie attribute %s', attr) return cookie_dict
def cookie_from_string(cookie_string, strict_cookies=False): """Parser for HTTP header set-cookie The return from this function will be used as parameters for django's response.set_cookie method. Because set_cookie doesn't have parameter comment, this cookie attribute will be ignored. :param cookie_string: A string representing a valid cookie :param strict_cookies: Whether to only accept RFC-compliant cookies :returns: A dictionary containing the cookie_string attributes """ if strict_cookies: cookies = SimpleCookie(COOKIE_PREFIX + cookie_string) if not cookies.keys(): return None cookie_name, = cookies.keys() cookie_dict = { k: v for k, v in cookies[cookie_name].items() if v and k != 'comment' } cookie_dict['key'] = cookie_name cookie_dict['value'] = cookies[cookie_name].value return cookie_dict else: valid_attrs = ('path', 'domain', 'comment', 'expires', 'max-age', 'httponly', 'secure', 'samesite') cookie_dict = {} cookie_parts = cookie_string.split(';') try: key, value = cookie_parts[0].split('=', 1) cookie_dict['key'], cookie_dict['value'] = key, unquote(value) except ValueError: logger.warning('Invalid cookie: `%s`', cookie_string) return None if cookie_dict['value'].startswith('='): logger.warning('Invalid cookie: `%s`', cookie_string) return None for part in cookie_parts[1:]: if '=' in part: attr, value = part.split('=', 1) value = value.strip() else: attr = part value = '' attr = attr.strip().lower() if not attr: continue if attr in valid_attrs: if attr in ('httponly', 'secure'): cookie_dict[attr] = True elif attr in 'comment': # ignoring comment attr as explained in the # function docstring continue elif attr == 'max-age': # The cookie uses 'max-age' but django's # set_cookie uses 'max_age' cookie_dict['max_age'] = unquote(value) else: cookie_dict[attr] = unquote(value) else: logger.warning('Unknown cookie attribute %s', attr) return cookie_dict
class HTTPResponse(Plugin): """Plugin to encapsulate HTTP response.""" implements(IHTTPResponse) start_response = False """Response headers are already sent on the connection.""" write_buffer = [] """Either a list of byte-string buffered by write() method. Or a generator function created via chunk_generator() method.""" flush_callback = None """Flush callback subscribed using flush() method.""" finish_callback = None """Finish callback subscribed using set_finish_callback() method.""" finished = False """A request is considered finished when there is no more response data to be sent for the on-going request. This is typically indicated by flushing the response with finishing=True argument.""" def __init__(self, request): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.__init__` interface method.""" # Initialize response attributes self.statuscode = b'200' self.reason = http.client.responses[int(self.statuscode)] self.version = request.httpconn.version self.headers = {} self.body = b'' self.chunk_generator = None self.trailers = {} self.setcookies = SimpleCookie() # Initialize framework attributes self.request = request self.context = h.Context() self.media_type = None self.content_coding = None self.charset = self.webapp['encoding'] self.language = self.webapp['language'] # Book keeping self.httpconn = request.httpconn self.start_response = False self.write_buffer = [] self.finished = False self.flush_callback = None self.finish_callback = None #---- IHTTPResponse APIs def set_status(self, code): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_status` interface method.""" if isinstance(code, int): self.statuscode = str(code).encode('utf-8') elif isinstance(code, str): self.statuscode = code.encode('utf-8') else: self.statuscode = code return self.statuscode def set_header(self, name, value): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_header` interface method.""" value = value if isinstance( value, bytes ) \ else str( value ).encode('utf-8') self.headers[name] = value return value def add_header(self, name, value): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.add_header` interface method.""" value = value if isinstance(value, bytes) else str(value).encode('utf-8') pvalue = self.headers.get(name, b'') self.headers[name] = b','.join([pvalue, value]) if pvalue else None return self.headers[name] def set_trailer(self, name, value): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_trailer` interface method.""" value = value if isinstance(value, bytes) else str(value).encode('utf=8') self.trailers[name] = value return value def add_trailer(self, name, value): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.add_trailer` interface method.""" value = value if isinstance(value, bytes) else str(value).encode('utf-8') pvalue = self.trailers.get(name, b'') self.trailers[name] = b','.join([pvalue, value]) if pvalue else None return self.trailers[name] def set_cookie(self, name, value, **kwargs): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_cookie` interface method.""" return self.request.cookie.set_cookie(self.setcookies, name, value, **kwargs) def set_secure_cookie(self, name, value, expires_days=30, **kwargs): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_secure_cookie` interface method.""" cookie = self.request.cookie value = cookie.create_signed_value(name, value) return cookie.set_cookie(self.setcookies, name, value, **kwargs) def clear_cookie(self, name, path="/", domain=None): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.clear_cookie` interface method.""" value = self.setcookies[name] expires = dt.datetime.utcnow() - dt.timedelta(days=365) self.request.cookie.set_cookie(self.setcookies, name, "", path=path, expires=expires, domain=domain) return value def clear_all_cookies(self): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.clear_all_cookies` interface method.""" list(map(self.clear_cookie, self.setcookies.keys())) return None def set_finish_callback(self, callback): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.set_finish_callback` interface method.""" self.finish_callback = callback def has_finished(self): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.has_finished` interface method.""" return self.finished def isstarted(self): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.isstarted` interface method.""" return self.start_response def ischunked(self): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.ischunked` interface method.""" vals = dict( h.parse_transfer_encoding( self.headers.get('transfer_encoding', b''))).keys() return b'chunked' in list(vals) def write(self, data): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.write` interface method.""" if self.has_finished(): raise Exception("Cannot write() after the response is finished.") data = data.encode(self.charset) if isinstance(data, str) else data self.write_buffer = self.write_buffer or [] self.write_buffer.append(data) def flush(self, finishing=False, callback=None): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.flush` interface method.""" if callback: self.flush_callback = callback self.finished = finishing if callable(self.write_buffer): self._flush_chunk(finishing) else: self._flush_body(finishing) def httperror(self, statuscode=b'500', message=b''): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.httperror` interface method.""" self.statuscode = statuscode self.write(message) if message else None self.flush(finishing=True) _renderers = { '.ttl': 'tayra.TTLCompiler', } _renderer_plugins = {} def render(self, *args, **kwargs): """:meth:`pluggdapps.interfaces.IHTTPResponse.render` interface method. positional argument, ``request``, Instance of plugin implement :class:`pluggdapps.web.interfaces.IHTTPRequest` interface. ``context``, Dictionary of context information to be passed. keyword arguments, ``file``, Template file to be used for rendering. ``text``, Template text to be used for rendering. ``ITemplate``, :class:`ITemplate` plugin to use for rendering. This argument must be in canonical form of plugin's name. If ``file`` keyword argument is passed, this method will resolve the correct renderer plugin based on file-extension. if ``text`` keyword argument is passed, better pass the ``ITemplate`` argument as well. """ request, context = args[0], args[1] renderer = kwargs.get('ITemplate', None) if renderer is None: tfile = kwargs.get('file', '') _, ext = splitext(tfile) renderer = self._renderers.get(ext, None) if ext else None # If in debug mode enable ttl file reloading. tfile = h.abspath_from_asset_spec(tfile) if self['debug'] and isfile(tfile): self.pa._monitoredfiles.append(tfile) if renderer in self._renderer_plugins: plugin = self._renderer_plugins[renderer] elif renderer: plugin = self.qp(ITemplate, renderer) else: plugin = None if plugin: self.media_type = 'text/html' self._renderer_plugins.setdefault(renderer, plugin) return plugin.render(context, **kwargs) else: raise Exception('Unknown renderer') def chunk_generator(self, callback, request, c): """:meth:`pluggdapps.web.webinterfaces.IHTTPResponse.chunk_generator` interface method.""" class ChunkGenerator(object): def __iter__(self): return self def next(self): return callback(request, c) return ChunkGenerator() #---- Local functions def _try_start_headers(self, finishing=True): """Generate default headers for this response. And return the byte-string of response header to write. This can be overriden by view callable attributes.""" if self.start_response: return b'' self.start_response = True stline = self._status_line() return self._header_data(self.headers, stline=stline) def _status_line(self): code = self.statuscode reason = http.client.responses[int(code)].encode('utf-8') return b' '.join([self.version, code, reason]) def _header_data(self, headers, stline=b''): # TODO : 3 header field types are specifically prohibited from # appearing as a trailer field: Transfer-Encoding, Content-Length and # Trailer. lines = [stline] if stline else [] for n, v in headers.items(): nC = h.hdr_str2camelcase.get(n, None) if nC == None: n = n.encode('utf-8') nC = b'-'.join([x.capitalize() for x in n.split('_')]) lines.append(nC + b': ' + v) [ lines.append(b"Set-Cookie: " + cookie.OutputString()) for c in self.setcookies.values() ] return b"\r\n".join(lines) + b"\r\n\r\n" def _flush_body(self, finishing): data = b''.join(self.write_buffer) for tr in self.webapp.out_transformers: data = tr.transform(self.request, data, finishing=finishing) if self._if_etag(): self.body = data else: self.body = b'' self.set_header("content_length", len(self.body)) data = self._try_start_headers(finishing=finishing) if self.request.method == b'HEAD': pass elif self.body: data += self.body self.httpconn.write(data, callback=self._onflush) self.write_buffer = [] def _flush_chunk(self, finishing): self.add_headers('transfer_encoding', 'chunked') data = self._try_start_headers(finishing=finishing) chunk = self.write_buffer(self.request, self.c) for tr in self.webapp.out_transformers: chunk = tr.transform(self.request, chunk, finishing=finishing) if chunk: data += hex(len(chunk)).encode('utf-8') + b'\r\n' + chunk + b'\r\n' else: data += b'0\r\n' if self.trailers: data += self._header_data(self.trailers) self.httpconn.write(data, callback=self._onflush) def _if_etag(self): etag = self.headers.get('etag', '') if self.ischunked() == False and etag: im = self.request.headers.get("if_match", b'').strip() inm = self.request.headers.get("if_none_match", b'').strip() if ((im and im.find(etag) == -1) or (inm and inm.find(etag) != -1)): self.set_status(b'304') return False return True def _onflush(self): if self.flush_callback: callback, self.flush_callback = self.flush_callback, None callback() if self.has_finished(): self._onfinish() def _onfinish(self): if self.finish_callback: callback, self.finish_callback = self.finish_callback, None callback() self.request.onfinish() #---- ISettings interface methods @classmethod def default_settings(cls): """:meth:`pluggdapps.plugin.interfaces.ISettings.default_settings` interface method.""" return _ds1
</form> </div> </div> <script src="../js-dir/createInput.js"> </script> </body> </html> """ cook = SimpleCookie() cook.load(os.environ.get("HTTP_COOKIE", "")) req = Request() user = None family = None first = None if "user" in cook.keys(): user = str(cook.get("user")).split("=")[1] if user is None: raise Exception("username is Bad") db = db_exe() info = db.account_get_check(user) first = info[3] family = info[2] html = html_ % (family, first, user) res = Response() res.set_body(html) print(cook.output())
class CookieJar: """Implements cookie storage adhering to RFC 6265.""" DATE_TOKENS_RE = re.compile( "[\x09\x20-\x2F\x3B-\x40\x5B-\x60\x7B-\x7E]*" "(?P<token>[\x00-\x08\x0A-\x1F\d:a-zA-Z\x7F-\xFF]+)") DATE_HMS_TIME_RE = re.compile("(\d{1,2}):(\d{1,2}):(\d{1,2})") DATE_DAY_OF_MONTH_RE = re.compile("(\d{1,2})") DATE_MONTH_RE = re.compile( "(jan|feb|mar|apr|may|jun|jul|aug|sep|oct|nov|dec)", re.I) DATE_YEAR_RE = re.compile("(\d{2,4})") def __init__(self, cookies=None, loop=None): self._cookies = SimpleCookie() self._loop = loop or asyncio.get_event_loop() self._host_only_cookies = set() if cookies is not None: self.update_cookies(cookies) @property def cookies(self): """The session cookies.""" return self._cookies def _expire_cookie(self, name): if name in self._cookies: del self._cookies[name] def update_cookies(self, cookies, response_url=None): """Update cookies.""" url_parsed = urlsplit(response_url or "") hostname = url_parsed.hostname if is_ip_address(hostname): # Don't accept cookies from IPs return if isinstance(cookies, dict): cookies = cookies.items() for name, value in cookies: if isinstance(value, Morsel): if not self._add_morsel(name, value, hostname): continue else: self._cookies[name] = value cookie = self._cookies[name] if not cookie["domain"] and hostname is not None: # Set the cookie's domain to the response hostname # and set its host-only-flag self._host_only_cookies.add(name) cookie["domain"] = hostname if not cookie["path"] or not cookie["path"].startswith("/"): # Set the cookie's path to the response path path = url_parsed.path if not path.startswith("/"): path = "/" else: # Cut everything from the last slash to the end path = "/" + path[1:path.rfind("/")] cookie["path"] = path max_age = cookie["max-age"] if max_age: try: delta_seconds = int(max_age) self._loop.call_later(delta_seconds, self._expire_cookie, name) except ValueError: cookie["max-age"] = "" expires = cookie["expires"] if not cookie["max-age"] and expires: expire_time = self._parse_date(expires) if expire_time: self._loop.call_at(expire_time.timestamp(), self._expire_cookie, name) else: cookie["expires"] = "" # Remove the host-only flags of nonexistent cookies self._host_only_cookies -= (self._host_only_cookies.difference( self._cookies.keys())) def _add_morsel(self, name, value, hostname): """Add a Morsel to the cookie jar.""" cookie_domain = value["domain"] if cookie_domain.startswith("."): # Remove leading dot cookie_domain = cookie_domain[1:] value["domain"] = cookie_domain if not cookie_domain or not hostname: dict.__setitem__(self._cookies, name, value) return True if not self._is_domain_match(cookie_domain, hostname): # Setting cookies for different domains is not allowed return False # use dict method because SimpleCookie class modifies value # before Python 3.4 dict.__setitem__(self._cookies, name, value) return True def filter_cookies(self, request_url): """Returns this jar's cookies filtered by their attributes.""" url_parsed = urlsplit(request_url) filtered = SimpleCookie() for name, cookie in self._cookies.items(): cookie_domain = cookie["domain"] # Send shared cookies if not cookie_domain: dict.__setitem__(filtered, name, cookie) continue hostname = url_parsed.hostname or "" if is_ip_address(hostname): continue if name in self._host_only_cookies: if cookie_domain != hostname: continue elif not self._is_domain_match(cookie_domain, hostname): continue if not self._is_path_match(url_parsed.path, cookie["path"]): continue is_secure = url_parsed.scheme in ("https", "wss") if cookie["secure"] and not is_secure: continue dict.__setitem__(filtered, name, cookie) return filtered @staticmethod def _is_domain_match(domain, hostname): """Implements domain matching adhering to RFC 6265.""" if hostname == domain: return True if not hostname.endswith(domain): return False non_matching = hostname[:-len(domain)] if not non_matching.endswith("."): return False return not is_ip_address(hostname) @staticmethod def _is_path_match(req_path, cookie_path): """Implements path matching adhering to RFC 6265.""" if req_path == cookie_path: return True if not req_path.startswith(cookie_path): return False if cookie_path.endswith("/"): return True non_matching = req_path[len(cookie_path):] return non_matching.startswith("/") @classmethod def _parse_date(cls, date_str): """Implements date string parsing adhering to RFC 6265.""" if not date_str: return found_time = False found_day_of_month = False found_month = False found_year = False hour = minute = second = 0 day_of_month = 0 month = "" year = 0 for token_match in cls.DATE_TOKENS_RE.finditer(date_str): token = token_match.group("token") if not found_time: time_match = cls.DATE_HMS_TIME_RE.match(token) if time_match: found_time = True hour, minute, second = [ int(s) for s in time_match.groups() ] continue if not found_day_of_month: day_of_month_match = cls.DATE_DAY_OF_MONTH_RE.match(token) if day_of_month_match: found_day_of_month = True day_of_month = int(day_of_month_match.group()) continue if not found_month: month_match = cls.DATE_MONTH_RE.match(token) if month_match: found_month = True month = month_match.group() continue if not found_year: year_match = cls.DATE_YEAR_RE.match(token) if year_match: found_year = True year = int(year_match.group()) if 70 <= year <= 99: year += 1900 elif 0 <= year <= 69: year += 2000 if False in (found_day_of_month, found_month, found_year, found_time): return if not 1 <= day_of_month <= 31: return if year < 1601 or hour > 23 or minute > 59 or second > 59: return dt = datetime.datetime.strptime( "%s %d %d:%d:%d %d" % (month, day_of_month, hour, minute, second, year), "%b %d %H:%M:%S %Y") return dt.replace(tzinfo=datetime.timezone.utc)
class CookieJar: """Implements cookie storage adhering to RFC 6265.""" DATE_TOKENS_RE = re.compile( "[\x09\x20-\x2F\x3B-\x40\x5B-\x60\x7B-\x7E]*" "(?P<token>[\x00-\x08\x0A-\x1F\d:a-zA-Z\x7F-\xFF]+)") DATE_HMS_TIME_RE = re.compile("(\d{1,2}):(\d{1,2}):(\d{1,2})") DATE_DAY_OF_MONTH_RE = re.compile("(\d{1,2})") DATE_MONTH_RE = re.compile( "(jan|feb|mar|apr|may|jun|jul|aug|sep|oct|nov|dec)", re.I) DATE_YEAR_RE = re.compile("(\d{2,4})") def __init__(self, cookies=None, loop=None): self._cookies = SimpleCookie() self._loop = loop or asyncio.get_event_loop() self._host_only_cookies = set() if cookies is not None: self.update_cookies(cookies) @property def cookies(self): """The session cookies.""" return self._cookies def _expire_cookie(self, name): if name in self._cookies: del self._cookies[name] def update_cookies(self, cookies, response_url=None): """Update cookies.""" url_parsed = urlsplit(response_url or "") hostname = url_parsed.hostname if is_ip_address(hostname): # Don't accept cookies from IPs return if isinstance(cookies, dict): cookies = cookies.items() for name, value in cookies: if isinstance(value, Morsel): if not self._add_morsel(name, value, hostname): continue else: self._cookies[name] = value cookie = self._cookies[name] if not cookie["domain"] and hostname is not None: # Set the cookie's domain to the response hostname # and set its host-only-flag self._host_only_cookies.add(name) cookie["domain"] = hostname if not cookie["path"] or not cookie["path"].startswith("/"): # Set the cookie's path to the response path path = url_parsed.path if not path.startswith("/"): path = "/" else: # Cut everything from the last slash to the end path = "/" + path[1:path.rfind("/")] cookie["path"] = path max_age = cookie["max-age"] if max_age: try: delta_seconds = int(max_age) self._loop.call_later( delta_seconds, self._expire_cookie, name) except ValueError: cookie["max-age"] = "" expires = cookie["expires"] if not cookie["max-age"] and expires: expire_time = self._parse_date(expires) if expire_time: self._loop.call_at( expire_time.timestamp(), self._expire_cookie, name) else: cookie["expires"] = "" # Remove the host-only flags of nonexistent cookies self._host_only_cookies -= ( self._host_only_cookies.difference(self._cookies.keys())) def _add_morsel(self, name, value, hostname): """Add a Morsel to the cookie jar.""" cookie_domain = value["domain"] if cookie_domain.startswith("."): # Remove leading dot cookie_domain = cookie_domain[1:] value["domain"] = cookie_domain if not cookie_domain or not hostname: dict.__setitem__(self._cookies, name, value) return True if not self._is_domain_match(cookie_domain, hostname): # Setting cookies for different domains is not allowed return False # use dict method because SimpleCookie class modifies value # before Python 3.4 dict.__setitem__(self._cookies, name, value) return True def filter_cookies(self, request_url): """Returns this jar's cookies filtered by their attributes.""" url_parsed = urlsplit(request_url) filtered = SimpleCookie() for name, cookie in self._cookies.items(): cookie_domain = cookie["domain"] # Send shared cookies if not cookie_domain: dict.__setitem__(filtered, name, cookie) continue hostname = url_parsed.hostname or "" if is_ip_address(hostname): continue if name in self._host_only_cookies: if cookie_domain != hostname: continue elif not self._is_domain_match(cookie_domain, hostname): continue if not self._is_path_match(url_parsed.path, cookie["path"]): continue is_secure = url_parsed.scheme in ("https", "wss") if cookie["secure"] and not is_secure: continue dict.__setitem__(filtered, name, cookie) return filtered @staticmethod def _is_domain_match(domain, hostname): """Implements domain matching adhering to RFC 6265.""" if hostname == domain: return True if not hostname.endswith(domain): return False non_matching = hostname[:-len(domain)] if not non_matching.endswith("."): return False return not is_ip_address(hostname) @staticmethod def _is_path_match(req_path, cookie_path): """Implements path matching adhering to RFC 6265.""" if req_path == cookie_path: return True if not req_path.startswith(cookie_path): return False if cookie_path.endswith("/"): return True non_matching = req_path[len(cookie_path):] return non_matching.startswith("/") @classmethod def _parse_date(cls, date_str): """Implements date string parsing adhering to RFC 6265.""" if not date_str: return found_time = False found_day_of_month = False found_month = False found_year = False hour = minute = second = 0 day_of_month = 0 month = "" year = 0 for token_match in cls.DATE_TOKENS_RE.finditer(date_str): token = token_match.group("token") if not found_time: time_match = cls.DATE_HMS_TIME_RE.match(token) if time_match: found_time = True hour, minute, second = [ int(s) for s in time_match.groups()] continue if not found_day_of_month: day_of_month_match = cls.DATE_DAY_OF_MONTH_RE.match(token) if day_of_month_match: found_day_of_month = True day_of_month = int(day_of_month_match.group()) continue if not found_month: month_match = cls.DATE_MONTH_RE.match(token) if month_match: found_month = True month = month_match.group() continue if not found_year: year_match = cls.DATE_YEAR_RE.match(token) if year_match: found_year = True year = int(year_match.group()) if 70 <= year <= 99: year += 1900 elif 0 <= year <= 69: year += 2000 if False in (found_day_of_month, found_month, found_year, found_time): return if not 1 <= day_of_month <= 31: return if year < 1601 or hour > 23 or minute > 59 or second > 59: return dt = datetime.datetime.strptime( "%s %d %d:%d:%d %d" % ( month, day_of_month, hour, minute, second, year ), "%b %d %H:%M:%S %Y") return dt.replace(tzinfo=datetime.timezone.utc)
def parse_cookies(self): cookie_data = self.environ.get('HTTP_COOKIE', '') cookies = SimpleCookie() if cookie_data: cookies.load(cookie_data) return {key: cookies.get(key).value for key in cookies.keys()}
class Request(object): """Provide a consistent way to treat a Request.""" def __init__(self): self.post = {} self.get = {} self.url = '' self.path_info = '' self.remote_address = '' self.remove_base_url = False # needed for WSGI self.headers = {'Content-Type': 'text/html'} self._incookies = SimpleCookie() self._outcookies = SimpleCookie() def setHeader(self, header, value): if not hasattr(self, 'headers'): self.headers = dict() self.headers[header] = value def setHeaders(self, headers={}): for header, value in headers.items(): self.setHeader(header, value) def cookieHeaders(self): for name in self._outcookies.keys(): path = self._outcookies[name].get('path') if path: path = path.replace(' ', '%20') \ .replace(';', '%3B') \ .replace(',', '%3C') self._outcookies[name]['path'] = path cookies = self._outcookies.output(header='') for cookie in cookies.splitlines(): self.setHeader('Set-Cookie', cookie.strip()) # XXX overwrite header 'Set-Cookie' :S return self.headers['Set-Cookie'] def write(self, content): raise NotImplementedError def writeResponse(self, response): self.write('Status: %d\r\n' % response.status_code) for header, value in response.headers.items(): self.write('%s: %s\r\n' % (header, value)) self.write('\r\n') self.write(response.content) def setCookie(self, key, value, path='/', expires=None): self._outcookies[key] = value # make sure path does not contain trailing slash (#334) if path != '/': path = path.rstrip('/') self._outcookies[key]['path'] = path if expires: self._outcookies[key]['expires'] = expires def getCookie(self, key, default=None): try: value = self._incookies[key] except KeyError: return default if not value.value: return default return value.value def is_ajax(self): return 'ajax' in self.post or 'ajax' in self.get