def parse(self, field_value: str, add_note: AddNoteMethodType) -> Tuple[str, ParamDictType]: try: media_type, param_str = field_value.split(";", 1) except ValueError: media_type, param_str = field_value, '' media_type = media_type.lower() param_dict = headers.parse_params(param_str, add_note, ['charset']) return media_type, param_dict
def test_parse_params(self): i = 0 for (instr, expected_pd, expected_notes, delim) in [ ('foo=bar', { 'foo': 'bar' }, [], ';'), ('foo="bar"', { 'foo': 'bar' }, [], ';'), ('foo="bar"; baz=bat', { 'foo': 'bar', 'baz': 'bat' }, [], ';'), ('foo="bar"; baz="b=t"; bam="boom"', { 'foo': 'bar', 'baz': 'b=t', 'bam': 'boom' }, [], ';'), (r'foo="b\"ar"', { 'foo': 'b"ar' }, [], ';'), (r'foo=bar; foo=baz', { 'foo': 'baz' }, [headers.PARAM_REPEATS], ';'), ('foo=bar; baz="b;at"', { 'foo': 'bar', 'baz': "b;at" }, [], ';'), ('foo=bar, baz="bat"', { 'foo': 'bar', 'baz': "bat" }, [], ','), ('foo=bar, baz="b,at"', { 'foo': 'bar', 'baz': "b,at" }, [], ','), ("foo=bar; baz='bat'", { 'foo': 'bar', 'baz': "'bat'" }, [headers.PARAM_SINGLE_QUOTED], ';'), ("foo*=\"UTF-8''a%cc%88.txt\"", { 'foo*': u'a\u0308.txt' }, [headers.PARAM_STAR_QUOTED], ';'), ("foo*=''a%cc%88.txt", {}, [headers.PARAM_STAR_NOCHARSET], ';'), ("foo*=utf-16''a%cc%88.txt", {}, [headers.PARAM_STAR_CHARSET], ';'), ("nostar*=utf-8''a%cc%88.txt", {}, [headers.PARAM_STAR_BAD], ';'), ("NOstar*=utf-8''a%cc%88.txt", {}, [headers.PARAM_STAR_BAD], ';') ]: self.red.__init__() param_dict = headers.parse_params( instr, partial(self.red.add_note, "test"), ['nostar'], delim) diff = set([n.__name__ for n in expected_notes ]).symmetric_difference(set(self.red.note_classes)) self.assertEqual(len(diff), 0, "[%s] Mismatched notes: %s" % (i, diff)) self.assertEqual( expected_pd, param_dict, "[%s] %s != %s" % (i, str(expected_pd), str(param_dict))) i += 1
def parse(subject, value, red): try: media_type, params = value.split(";", 1) except ValueError: media_type, params = value, '' media_type = media_type.lower() param_dict = rh.parse_params(red, subject, params, ['charset']) # TODO: check charset to see if it's known return (media_type, param_dict)
def parse(self, field_value: str, add_note: AddNoteMethodType) -> Tuple[str, ParamDictType]: try: media_type, param_str = field_value.split(";", 1) except ValueError: media_type, param_str = field_value, "" media_type = media_type.lower() param_dict = headers.parse_params(param_str, add_note, ["charset"]) # TODO: check charset to see if it's known return media_type, param_dict
def parse(subject, value, red): try: coding, params = value.split(";", 1) except ValueError: coding, params = value, "" coding = coding.lower() param_dict = rh.parse_params(red, subject, params, True) if param_dict: red.add_note(subject, rs.TRANSFER_CODING_PARAM) return coding
def parse(self, field_value: str, add_note: AddNoteMethodType) -> str: try: coding, param_str = field_value.split(";", 1) except ValueError: coding, param_str = field_value, "" coding = coding.lower() param_dict = headers.parse_params(param_str, add_note, True) if param_dict: add_note(TRANSFER_CODING_PARAM) return coding
def parse(subject, value, red): try: protect, param_str = value.split(';', 1) except ValueError: protect, param_str = value, "" protect = int(protect) params = rh.parse_params(red, subject, param_str, True) if protect == 0: red.add_note(subject, rs.XSS_PROTECTION_OFF) else: # 1 if params.get('mode', None) == "block": red.add_note(subject, rs.XSS_PROTECTION_BLOCK) else: red.add_note(subject, rs.XSS_PROTECTION_ON) return protect, params
def parse(self, field_value: str, add_note: AddNoteMethodType) -> Tuple[str, ParamDictType]: try: disposition, param_str = field_value.split(";", 1) except ValueError: disposition, param_str = field_value, '' disposition = disposition.lower() param_dict = headers.parse_params(param_str, add_note) if disposition not in ['inline', 'attachment']: add_note(DISPOSITION_UNKNOWN, disposition=disposition) if 'filename' not in param_dict: add_note(DISPOSITION_OMITS_FILENAME) if "%" in param_dict.get('filename', ''): add_note(DISPOSITION_FILENAME_PERCENT) if "/" in param_dict.get('filename', '') or r"\\" in param_dict.get('filename*', ''): add_note(DISPOSITION_FILENAME_PATH_CHAR) return disposition, param_dict
def parse(self, field_value: str, add_note: AddNoteMethodType) -> Tuple[str, ParamDictType]: try: link_value, param_str = field_value.split(";", 1) except ValueError: link_value, param_str = field_value, '' link_value = link_value.strip()[1:-1] # trim the angle brackets param_dict = headers.parse_params(param_str, add_note, ['rel', 'rev', 'anchor', 'hreflang', 'type', 'media']) if 'rel' in param_dict: # relation_types pass if 'rev' in param_dict: add_note(LINK_REV, link=link_value, rev=param_dict['rev']) if 'anchor' in param_dict: # URI-Reference if not re.match(r"^\s*%s\s*$" % rfc3986.URI_reference, param_dict['anchor'], re.VERBOSE): add_note(LINK_BAD_ANCHOR, link=link_value, anchor=param_dict['anchor']) return link_value, param_dict
def parse(self, field_value: str, add_note: AddNoteMethodType) -> Tuple[int, ParamDictType]: try: protect, param_str = field_value.split(';', 1) except ValueError: protect, param_str = field_value, "" try: protect_int = int(protect) except ValueError: raise params = headers.parse_params(param_str, add_note, True) if protect_int == 0: add_note(XSS_PROTECTION_OFF) else: # 1 if params.get('mode', None) == "block": add_note(XSS_PROTECTION_BLOCK) else: add_note(XSS_PROTECTION_ON) return protect_int, params
def parse(self, field_value: str, add_note: AddNoteMethodType) -> Tuple[str, ParamDictType]: try: link_value, param_str = field_value.split(";", 1) except ValueError: link_value, param_str = field_value, '' link_value = link_value.strip()[1:-1] # trim the angle brackets param_dict = headers.parse_params(param_str, add_note, ['rel', 'rev', 'anchor', 'hreflang', 'type', 'media']) if 'rel' in param_dict: # relation_types pass # TODO: check relation type if 'rev' in param_dict: add_note(LINK_REV, link=link_value, rev=param_dict['rev']) if 'anchor' in param_dict: # URI-Reference if not re.match(r"^\s*%s\s*$" % rfc3986.URI_reference, param_dict['anchor'], re.VERBOSE): add_note(LINK_BAD_ANCHOR, link=link_value, anchor=param_dict['anchor']) # TODO: check media-type in 'type' # TODO: check language tag in 'hreflang' return link_value, param_dict
def parse(subject, value, red): try: disposition, params = value.split(";", 1) except ValueError: disposition, params = value, '' disposition = disposition.lower() param_dict = rh.parse_params(red, subject, params) if disposition not in ['inline', 'attachment']: red.add_note(subject, rs.DISPOSITION_UNKNOWN, disposition=disposition ) if not param_dict.has_key('filename'): red.add_note(subject, rs.DISPOSITION_OMITS_FILENAME) if "%" in param_dict.get('filename', ''): red.add_note(subject, rs.DISPOSITION_FILENAME_PERCENT) if "/" in param_dict.get('filename', '') or \ r"\\" in param_dict.get('filename*', ''): red.add_note(subject, rs.DISPOSITION_FILENAME_PATH_CHAR) return disposition, param_dict
def parse(self, field_value: str, add_note: AddNoteMethodType) -> Tuple[str, ParamDictType]: try: link_value, param_str = field_value.split(";", 1) except ValueError: link_value, param_str = field_value, "" link_value = link_value.strip()[1:-1] # trim the angle brackets param_dict = headers.parse_params( param_str, add_note, ["rel", "rev", "anchor", "hreflang", "type", "media"]) if "rel" in param_dict: # relation_types pass if "rev" in param_dict: add_note(LINK_REV, link=link_value, rev=param_dict["rev"]) if "anchor" in param_dict: # URI-Reference if not re.match(r"^\s*%s\s*$" % rfc3986.URI_reference, param_dict["anchor"], re.VERBOSE): add_note(LINK_BAD_ANCHOR, link=link_value, anchor=param_dict["anchor"]) return link_value, param_dict
def parse(subject, value, red): try: link, params = value.split(";", 1) except ValueError: link, params = value, '' link = link[1:-1] # trim the angle brackets param_dict = rh.parse_params(red, subject, params, ['rel', 'rev', 'anchor', 'hreflang', 'type', 'media']) if param_dict.has_key('rel'): # relation_types pass # TODO: check relation type if param_dict.has_key('rev'): red.add_note(subject, rs.LINK_REV, link=link, rev=param_dict['rev']) if param_dict.has_key('anchor'): # URI-Reference if not re.match(r"^\s*%s\s*$" % syntax.URI_reference, param_dict['anchor'], re.VERBOSE): red.add_note(subject, rs.LINK_BAD_ANCHOR, link=link, anchor=param_dict['anchor']) # TODO: check media-type in 'type' # TODO: check language tag in 'hreflang' return link, param_dict
def test_parse_params(self): i = 0 for (instr, expected_pd, expected_notes, delim) in [ ('foo=bar', {'foo': 'bar'}, [], ';'), ('foo="bar"', {'foo': 'bar'}, [], ';'), ('foo="bar"; baz=bat', {'foo': 'bar', 'baz': 'bat'}, [], ';'), ('foo="bar"; baz="b=t"; bam="boom"', {'foo': 'bar', 'baz': 'b=t', 'bam': 'boom'}, [], ';' ), (r'foo="b\"ar"', {'foo': 'b"ar'}, [], ';'), (r'foo=bar; foo=baz', {'foo': 'baz'}, [rs.PARAM_REPEATS], ';' ), ('foo=bar; baz="b;at"', {'foo': 'bar', 'baz': "b;at"}, [], ';' ), ('foo=bar, baz="bat"', {'foo': 'bar', 'baz': "bat"}, [], ',' ), ('foo=bar, baz="b,at"', {'foo': 'bar', 'baz': "b,at"}, [], ',' ), ("foo=bar; baz='bat'", {'foo': 'bar', 'baz': "'bat'"}, [rs.PARAM_SINGLE_QUOTED], ';' ), ("foo*=\"UTF-8''a%cc%88.txt\"", {'foo*': u'a\u0308.txt'}, [rs.PARAM_STAR_QUOTED], ';' ), ("foo*=''a%cc%88.txt", {}, [rs.PARAM_STAR_NOCHARSET], ';' ), ("foo*=utf-16''a%cc%88.txt", {}, [rs.PARAM_STAR_CHARSET], ';' ), ("nostar*=utf-8''a%cc%88.txt", {}, [rs.PARAM_STAR_BAD], ';' ), ("NOstar*=utf-8''a%cc%88.txt", {}, [rs.PARAM_STAR_BAD], ';' ) ]: self.red.__init__() param_dict = headers.parse_params( self.red, 'test', instr, ['nostar'], delim ) diff = set( [n.__name__ for n in expected_notes]).symmetric_difference( set(self.red.note_classes) ) self.assertEqual(len(diff), 0, "[%s] Mismatched notes: %s" % (i, diff) ) self.assertEqual(expected_pd, param_dict, "[%s] %s != %s" % (i, str(expected_pd), str(param_dict))) i += 1