Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(89)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/google-endpoints/future/backports/http/server.py

Issue 2666783008: Add google-endpoints to third_party/. (Closed)
Patch Set: Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/google-endpoints/future/backports/http/cookies.py ('k') | third_party/google-endpoints/future/backports/misc.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 """HTTP server classes.
2
3 From Python 3.3
4
5 Note: BaseHTTPRequestHandler doesn't implement any HTTP request; see
6 SimpleHTTPRequestHandler for simple implementations of GET, HEAD and POST,
7 and CGIHTTPRequestHandler for CGI scripts.
8
9 It does, however, optionally implement HTTP/1.1 persistent connections,
10 as of version 0.3.
11
12 Notes on CGIHTTPRequestHandler
13 ------------------------------
14
15 This class implements GET and POST requests to cgi-bin scripts.
16
17 If the os.fork() function is not present (e.g. on Windows),
18 subprocess.Popen() is used as a fallback, with slightly altered semantics.
19
20 In all cases, the implementation is intentionally naive -- all
21 requests are executed synchronously.
22
23 SECURITY WARNING: DON'T USE THIS CODE UNLESS YOU ARE INSIDE A FIREWALL
24 -- it may execute arbitrary Python code or external programs.
25
26 Note that status code 200 is sent prior to execution of a CGI script, so
27 scripts cannot send other status codes such as 302 (redirect).
28
29 XXX To do:
30
31 - log requests even later (to capture byte count)
32 - log user-agent header and other interesting goodies
33 - send error log to separate file
34 """
35
36 from __future__ import (absolute_import, division,
37 print_function, unicode_literals)
38 from future import utils
39 from future.builtins import *
40
41
42 # See also:
43 #
44 # HTTP Working Group T. Berners-Lee
45 # INTERNET-DRAFT R. T. Fielding
46 # <draft-ietf-http-v10-spec-00.txt> H. Frystyk Nielsen
47 # Expires September 8, 1995 March 8, 1995
48 #
49 # URL: http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-v10-spec-00.txt
50 #
51 # and
52 #
53 # Network Working Group R. Fielding
54 # Request for Comments: 2616 et al
55 # Obsoletes: 2068 June 1999
56 # Category: Standards Track
57 #
58 # URL: http://www.faqs.org/rfcs/rfc2616.html
59
60 # Log files
61 # ---------
62 #
63 # Here's a quote from the NCSA httpd docs about log file format.
64 #
65 # | The logfile format is as follows. Each line consists of:
66 # |
67 # | host rfc931 authuser [DD/Mon/YYYY:hh:mm:ss] "request" ddd bbbb
68 # |
69 # | host: Either the DNS name or the IP number of the remote client
70 # | rfc931: Any information returned by identd for this person,
71 # | - otherwise.
72 # | authuser: If user sent a userid for authentication, the user name,
73 # | - otherwise.
74 # | DD: Day
75 # | Mon: Month (calendar name)
76 # | YYYY: Year
77 # | hh: hour (24-hour format, the machine's timezone)
78 # | mm: minutes
79 # | ss: seconds
80 # | request: The first line of the HTTP request as sent by the client.
81 # | ddd: the status code returned by the server, - if not available.
82 # | bbbb: the total number of bytes sent,
83 # | *not including the HTTP/1.0 header*, - if not available
84 # |
85 # | You can determine the name of the file accessed through request.
86 #
87 # (Actually, the latter is only true if you know the server configuration
88 # at the time the request was made!)
89
90 __version__ = "0.6"
91
92 __all__ = ["HTTPServer", "BaseHTTPRequestHandler"]
93
94 from future.backports import html
95 from future.backports.http import client as http_client
96 from future.backports.urllib import parse as urllib_parse
97 from future.backports import socketserver
98
99 import io
100 import mimetypes
101 import os
102 import posixpath
103 import select
104 import shutil
105 import socket # For gethostbyaddr()
106 import sys
107 import time
108 import copy
109 import argparse
110
111
112 # Default error message template
113 DEFAULT_ERROR_MESSAGE = """\
114 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
115 "http://www.w3.org/TR/html4/strict.dtd">
116 <html>
117 <head>
118 <meta http-equiv="Content-Type" content="text/html;charset=utf-8">
119 <title>Error response</title>
120 </head>
121 <body>
122 <h1>Error response</h1>
123 <p>Error code: %(code)d</p>
124 <p>Message: %(message)s.</p>
125 <p>Error code explanation: %(code)s - %(explain)s.</p>
126 </body>
127 </html>
128 """
129
130 DEFAULT_ERROR_CONTENT_TYPE = "text/html;charset=utf-8"
131
132 def _quote_html(html):
133 return html.replace("&", "&amp;").replace("<", "&lt;").replace(">", "&gt;")
134
135 class HTTPServer(socketserver.TCPServer):
136
137 allow_reuse_address = 1 # Seems to make sense in testing environment
138
139 def server_bind(self):
140 """Override server_bind to store the server name."""
141 socketserver.TCPServer.server_bind(self)
142 host, port = self.socket.getsockname()[:2]
143 self.server_name = socket.getfqdn(host)
144 self.server_port = port
145
146
147 class BaseHTTPRequestHandler(socketserver.StreamRequestHandler):
148
149 """HTTP request handler base class.
150
151 The following explanation of HTTP serves to guide you through the
152 code as well as to expose any misunderstandings I may have about
153 HTTP (so you don't need to read the code to figure out I'm wrong
154 :-).
155
156 HTTP (HyperText Transfer Protocol) is an extensible protocol on
157 top of a reliable stream transport (e.g. TCP/IP). The protocol
158 recognizes three parts to a request:
159
160 1. One line identifying the request type and path
161 2. An optional set of RFC-822-style headers
162 3. An optional data part
163
164 The headers and data are separated by a blank line.
165
166 The first line of the request has the form
167
168 <command> <path> <version>
169
170 where <command> is a (case-sensitive) keyword such as GET or POST,
171 <path> is a string containing path information for the request,
172 and <version> should be the string "HTTP/1.0" or "HTTP/1.1".
173 <path> is encoded using the URL encoding scheme (using %xx to signify
174 the ASCII character with hex code xx).
175
176 The specification specifies that lines are separated by CRLF but
177 for compatibility with the widest range of clients recommends
178 servers also handle LF. Similarly, whitespace in the request line
179 is treated sensibly (allowing multiple spaces between components
180 and allowing trailing whitespace).
181
182 Similarly, for output, lines ought to be separated by CRLF pairs
183 but most clients grok LF characters just fine.
184
185 If the first line of the request has the form
186
187 <command> <path>
188
189 (i.e. <version> is left out) then this is assumed to be an HTTP
190 0.9 request; this form has no optional headers and data part and
191 the reply consists of just the data.
192
193 The reply form of the HTTP 1.x protocol again has three parts:
194
195 1. One line giving the response code
196 2. An optional set of RFC-822-style headers
197 3. The data
198
199 Again, the headers and data are separated by a blank line.
200
201 The response code line has the form
202
203 <version> <responsecode> <responsestring>
204
205 where <version> is the protocol version ("HTTP/1.0" or "HTTP/1.1"),
206 <responsecode> is a 3-digit response code indicating success or
207 failure of the request, and <responsestring> is an optional
208 human-readable string explaining what the response code means.
209
210 This server parses the request and the headers, and then calls a
211 function specific to the request type (<command>). Specifically,
212 a request SPAM will be handled by a method do_SPAM(). If no
213 such method exists the server sends an error response to the
214 client. If it exists, it is called with no arguments:
215
216 do_SPAM()
217
218 Note that the request name is case sensitive (i.e. SPAM and spam
219 are different requests).
220
221 The various request details are stored in instance variables:
222
223 - client_address is the client IP address in the form (host,
224 port);
225
226 - command, path and version are the broken-down request line;
227
228 - headers is an instance of email.message.Message (or a derived
229 class) containing the header information;
230
231 - rfile is a file object open for reading positioned at the
232 start of the optional input data part;
233
234 - wfile is a file object open for writing.
235
236 IT IS IMPORTANT TO ADHERE TO THE PROTOCOL FOR WRITING!
237
238 The first thing to be written must be the response line. Then
239 follow 0 or more header lines, then a blank line, and then the
240 actual data (if any). The meaning of the header lines depends on
241 the command executed by the server; in most cases, when data is
242 returned, there should be at least one header line of the form
243
244 Content-type: <type>/<subtype>
245
246 where <type> and <subtype> should be registered MIME types,
247 e.g. "text/html" or "text/plain".
248
249 """
250
251 # The Python system version, truncated to its first component.
252 sys_version = "Python/" + sys.version.split()[0]
253
254 # The server software version. You may want to override this.
255 # The format is multiple whitespace-separated strings,
256 # where each string is of the form name[/version].
257 server_version = "BaseHTTP/" + __version__
258
259 error_message_format = DEFAULT_ERROR_MESSAGE
260 error_content_type = DEFAULT_ERROR_CONTENT_TYPE
261
262 # The default request version. This only affects responses up until
263 # the point where the request line is parsed, so it mainly decides what
264 # the client gets back when sending a malformed request line.
265 # Most web servers default to HTTP 0.9, i.e. don't send a status line.
266 default_request_version = "HTTP/0.9"
267
268 def parse_request(self):
269 """Parse a request (internal).
270
271 The request should be stored in self.raw_requestline; the results
272 are in self.command, self.path, self.request_version and
273 self.headers.
274
275 Return True for success, False for failure; on failure, an
276 error is sent back.
277
278 """
279 self.command = None # set in case of error on the first line
280 self.request_version = version = self.default_request_version
281 self.close_connection = 1
282 requestline = str(self.raw_requestline, 'iso-8859-1')
283 requestline = requestline.rstrip('\r\n')
284 self.requestline = requestline
285 words = requestline.split()
286 if len(words) == 3:
287 command, path, version = words
288 if version[:5] != 'HTTP/':
289 self.send_error(400, "Bad request version (%r)" % version)
290 return False
291 try:
292 base_version_number = version.split('/', 1)[1]
293 version_number = base_version_number.split(".")
294 # RFC 2145 section 3.1 says there can be only one "." and
295 # - major and minor numbers MUST be treated as
296 # separate integers;
297 # - HTTP/2.4 is a lower version than HTTP/2.13, which in
298 # turn is lower than HTTP/12.3;
299 # - Leading zeros MUST be ignored by recipients.
300 if len(version_number) != 2:
301 raise ValueError
302 version_number = int(version_number[0]), int(version_number[1])
303 except (ValueError, IndexError):
304 self.send_error(400, "Bad request version (%r)" % version)
305 return False
306 if version_number >= (1, 1) and self.protocol_version >= "HTTP/1.1":
307 self.close_connection = 0
308 if version_number >= (2, 0):
309 self.send_error(505,
310 "Invalid HTTP Version (%s)" % base_version_number)
311 return False
312 elif len(words) == 2:
313 command, path = words
314 self.close_connection = 1
315 if command != 'GET':
316 self.send_error(400,
317 "Bad HTTP/0.9 request type (%r)" % command)
318 return False
319 elif not words:
320 return False
321 else:
322 self.send_error(400, "Bad request syntax (%r)" % requestline)
323 return False
324 self.command, self.path, self.request_version = command, path, version
325
326 # Examine the headers and look for a Connection directive.
327 try:
328 self.headers = http_client.parse_headers(self.rfile,
329 _class=self.MessageClass)
330 except http_client.LineTooLong:
331 self.send_error(400, "Line too long")
332 return False
333
334 conntype = self.headers.get('Connection', "")
335 if conntype.lower() == 'close':
336 self.close_connection = 1
337 elif (conntype.lower() == 'keep-alive' and
338 self.protocol_version >= "HTTP/1.1"):
339 self.close_connection = 0
340 # Examine the headers and look for an Expect directive
341 expect = self.headers.get('Expect', "")
342 if (expect.lower() == "100-continue" and
343 self.protocol_version >= "HTTP/1.1" and
344 self.request_version >= "HTTP/1.1"):
345 if not self.handle_expect_100():
346 return False
347 return True
348
349 def handle_expect_100(self):
350 """Decide what to do with an "Expect: 100-continue" header.
351
352 If the client is expecting a 100 Continue response, we must
353 respond with either a 100 Continue or a final response before
354 waiting for the request body. The default is to always respond
355 with a 100 Continue. You can behave differently (for example,
356 reject unauthorized requests) by overriding this method.
357
358 This method should either return True (possibly after sending
359 a 100 Continue response) or send an error response and return
360 False.
361
362 """
363 self.send_response_only(100)
364 self.flush_headers()
365 return True
366
367 def handle_one_request(self):
368 """Handle a single HTTP request.
369
370 You normally don't need to override this method; see the class
371 __doc__ string for information on how to handle specific HTTP
372 commands such as GET and POST.
373
374 """
375 try:
376 self.raw_requestline = self.rfile.readline(65537)
377 if len(self.raw_requestline) > 65536:
378 self.requestline = ''
379 self.request_version = ''
380 self.command = ''
381 self.send_error(414)
382 return
383 if not self.raw_requestline:
384 self.close_connection = 1
385 return
386 if not self.parse_request():
387 # An error code has been sent, just exit
388 return
389 mname = 'do_' + self.command
390 if not hasattr(self, mname):
391 self.send_error(501, "Unsupported method (%r)" % self.command)
392 return
393 method = getattr(self, mname)
394 method()
395 self.wfile.flush() #actually send the response if not already done.
396 except socket.timeout as e:
397 #a read or a write timed out. Discard this connection
398 self.log_error("Request timed out: %r", e)
399 self.close_connection = 1
400 return
401
402 def handle(self):
403 """Handle multiple requests if necessary."""
404 self.close_connection = 1
405
406 self.handle_one_request()
407 while not self.close_connection:
408 self.handle_one_request()
409
410 def send_error(self, code, message=None):
411 """Send and log an error reply.
412
413 Arguments are the error code, and a detailed message.
414 The detailed message defaults to the short entry matching the
415 response code.
416
417 This sends an error response (so it must be called before any
418 output has been generated), logs the error, and finally sends
419 a piece of HTML explaining the error to the user.
420
421 """
422
423 try:
424 shortmsg, longmsg = self.responses[code]
425 except KeyError:
426 shortmsg, longmsg = '???', '???'
427 if message is None:
428 message = shortmsg
429 explain = longmsg
430 self.log_error("code %d, message %s", code, message)
431 # using _quote_html to prevent Cross Site Scripting attacks (see bug #11 00201)
432 content = (self.error_message_format %
433 {'code': code, 'message': _quote_html(message), 'explain': ex plain})
434 self.send_response(code, message)
435 self.send_header("Content-Type", self.error_content_type)
436 self.send_header('Connection', 'close')
437 self.end_headers()
438 if self.command != 'HEAD' and code >= 200 and code not in (204, 304):
439 self.wfile.write(content.encode('UTF-8', 'replace'))
440
441 def send_response(self, code, message=None):
442 """Add the response header to the headers buffer and log the
443 response code.
444
445 Also send two standard headers with the server software
446 version and the current date.
447
448 """
449 self.log_request(code)
450 self.send_response_only(code, message)
451 self.send_header('Server', self.version_string())
452 self.send_header('Date', self.date_time_string())
453
454 def send_response_only(self, code, message=None):
455 """Send the response header only."""
456 if message is None:
457 if code in self.responses:
458 message = self.responses[code][0]
459 else:
460 message = ''
461 if self.request_version != 'HTTP/0.9':
462 if not hasattr(self, '_headers_buffer'):
463 self._headers_buffer = []
464 self._headers_buffer.append(("%s %d %s\r\n" %
465 (self.protocol_version, code, message)).encode(
466 'latin-1', 'strict'))
467
468 def send_header(self, keyword, value):
469 """Send a MIME header to the headers buffer."""
470 if self.request_version != 'HTTP/0.9':
471 if not hasattr(self, '_headers_buffer'):
472 self._headers_buffer = []
473 self._headers_buffer.append(
474 ("%s: %s\r\n" % (keyword, value)).encode('latin-1', 'strict'))
475
476 if keyword.lower() == 'connection':
477 if value.lower() == 'close':
478 self.close_connection = 1
479 elif value.lower() == 'keep-alive':
480 self.close_connection = 0
481
482 def end_headers(self):
483 """Send the blank line ending the MIME headers."""
484 if self.request_version != 'HTTP/0.9':
485 self._headers_buffer.append(b"\r\n")
486 self.flush_headers()
487
488 def flush_headers(self):
489 if hasattr(self, '_headers_buffer'):
490 self.wfile.write(b"".join(self._headers_buffer))
491 self._headers_buffer = []
492
493 def log_request(self, code='-', size='-'):
494 """Log an accepted request.
495
496 This is called by send_response().
497
498 """
499
500 self.log_message('"%s" %s %s',
501 self.requestline, str(code), str(size))
502
503 def log_error(self, format, *args):
504 """Log an error.
505
506 This is called when a request cannot be fulfilled. By
507 default it passes the message on to log_message().
508
509 Arguments are the same as for log_message().
510
511 XXX This should go to the separate error log.
512
513 """
514
515 self.log_message(format, *args)
516
517 def log_message(self, format, *args):
518 """Log an arbitrary message.
519
520 This is used by all other logging functions. Override
521 it if you have specific logging wishes.
522
523 The first argument, FORMAT, is a format string for the
524 message to be logged. If the format string contains
525 any % escapes requiring parameters, they should be
526 specified as subsequent arguments (it's just like
527 printf!).
528
529 The client ip and current date/time are prefixed to
530 every message.
531
532 """
533
534 sys.stderr.write("%s - - [%s] %s\n" %
535 (self.address_string(),
536 self.log_date_time_string(),
537 format%args))
538
539 def version_string(self):
540 """Return the server software version string."""
541 return self.server_version + ' ' + self.sys_version
542
543 def date_time_string(self, timestamp=None):
544 """Return the current date and time formatted for a message header."""
545 if timestamp is None:
546 timestamp = time.time()
547 year, month, day, hh, mm, ss, wd, y, z = time.gmtime(timestamp)
548 s = "%s, %02d %3s %4d %02d:%02d:%02d GMT" % (
549 self.weekdayname[wd],
550 day, self.monthname[month], year,
551 hh, mm, ss)
552 return s
553
554 def log_date_time_string(self):
555 """Return the current time formatted for logging."""
556 now = time.time()
557 year, month, day, hh, mm, ss, x, y, z = time.localtime(now)
558 s = "%02d/%3s/%04d %02d:%02d:%02d" % (
559 day, self.monthname[month], year, hh, mm, ss)
560 return s
561
562 weekdayname = ['Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun']
563
564 monthname = [None,
565 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',
566 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec']
567
568 def address_string(self):
569 """Return the client address."""
570
571 return self.client_address[0]
572
573 # Essentially static class variables
574
575 # The version of the HTTP protocol we support.
576 # Set this to HTTP/1.1 to enable automatic keepalive
577 protocol_version = "HTTP/1.0"
578
579 # MessageClass used to parse headers
580 MessageClass = http_client.HTTPMessage
581
582 # Table mapping response codes to messages; entries have the
583 # form {code: (shortmessage, longmessage)}.
584 # See RFC 2616 and 6585.
585 responses = {
586 100: ('Continue', 'Request received, please continue'),
587 101: ('Switching Protocols',
588 'Switching to new protocol; obey Upgrade header'),
589
590 200: ('OK', 'Request fulfilled, document follows'),
591 201: ('Created', 'Document created, URL follows'),
592 202: ('Accepted',
593 'Request accepted, processing continues off-line'),
594 203: ('Non-Authoritative Information', 'Request fulfilled from cache'),
595 204: ('No Content', 'Request fulfilled, nothing follows'),
596 205: ('Reset Content', 'Clear input form for further input.'),
597 206: ('Partial Content', 'Partial content follows.'),
598
599 300: ('Multiple Choices',
600 'Object has several resources -- see URI list'),
601 301: ('Moved Permanently', 'Object moved permanently -- see URI list'),
602 302: ('Found', 'Object moved temporarily -- see URI list'),
603 303: ('See Other', 'Object moved -- see Method and URL list'),
604 304: ('Not Modified',
605 'Document has not changed since given time'),
606 305: ('Use Proxy',
607 'You must use proxy specified in Location to access this '
608 'resource.'),
609 307: ('Temporary Redirect',
610 'Object moved temporarily -- see URI list'),
611
612 400: ('Bad Request',
613 'Bad request syntax or unsupported method'),
614 401: ('Unauthorized',
615 'No permission -- see authorization schemes'),
616 402: ('Payment Required',
617 'No payment -- see charging schemes'),
618 403: ('Forbidden',
619 'Request forbidden -- authorization will not help'),
620 404: ('Not Found', 'Nothing matches the given URI'),
621 405: ('Method Not Allowed',
622 'Specified method is invalid for this resource.'),
623 406: ('Not Acceptable', 'URI not available in preferred format.'),
624 407: ('Proxy Authentication Required', 'You must authenticate with '
625 'this proxy before proceeding.'),
626 408: ('Request Timeout', 'Request timed out; try again later.'),
627 409: ('Conflict', 'Request conflict.'),
628 410: ('Gone',
629 'URI no longer exists and has been permanently removed.'),
630 411: ('Length Required', 'Client must specify Content-Length.'),
631 412: ('Precondition Failed', 'Precondition in headers is false.'),
632 413: ('Request Entity Too Large', 'Entity is too large.'),
633 414: ('Request-URI Too Long', 'URI is too long.'),
634 415: ('Unsupported Media Type', 'Entity body in unsupported format.'),
635 416: ('Requested Range Not Satisfiable',
636 'Cannot satisfy request range.'),
637 417: ('Expectation Failed',
638 'Expect condition could not be satisfied.'),
639 428: ('Precondition Required',
640 'The origin server requires the request to be conditional.'),
641 429: ('Too Many Requests', 'The user has sent too many requests '
642 'in a given amount of time ("rate limiting").'),
643 431: ('Request Header Fields Too Large', 'The server is unwilling to '
644 'process the request because its header fields are too large.'),
645
646 500: ('Internal Server Error', 'Server got itself in trouble'),
647 501: ('Not Implemented',
648 'Server does not support this operation'),
649 502: ('Bad Gateway', 'Invalid responses from another server/proxy.'),
650 503: ('Service Unavailable',
651 'The server cannot process the request due to a high load'),
652 504: ('Gateway Timeout',
653 'The gateway server did not receive a timely response'),
654 505: ('HTTP Version Not Supported', 'Cannot fulfill request.'),
655 511: ('Network Authentication Required',
656 'The client needs to authenticate to gain network access.'),
657 }
658
659
660 class SimpleHTTPRequestHandler(BaseHTTPRequestHandler):
661
662 """Simple HTTP request handler with GET and HEAD commands.
663
664 This serves files from the current directory and any of its
665 subdirectories. The MIME type for files is determined by
666 calling the .guess_type() method.
667
668 The GET and HEAD requests are identical except that the HEAD
669 request omits the actual contents of the file.
670
671 """
672
673 server_version = "SimpleHTTP/" + __version__
674
675 def do_GET(self):
676 """Serve a GET request."""
677 f = self.send_head()
678 if f:
679 self.copyfile(f, self.wfile)
680 f.close()
681
682 def do_HEAD(self):
683 """Serve a HEAD request."""
684 f = self.send_head()
685 if f:
686 f.close()
687
688 def send_head(self):
689 """Common code for GET and HEAD commands.
690
691 This sends the response code and MIME headers.
692
693 Return value is either a file object (which has to be copied
694 to the outputfile by the caller unless the command was HEAD,
695 and must be closed by the caller under all circumstances), or
696 None, in which case the caller has nothing further to do.
697
698 """
699 path = self.translate_path(self.path)
700 f = None
701 if os.path.isdir(path):
702 if not self.path.endswith('/'):
703 # redirect browser - doing basically what apache does
704 self.send_response(301)
705 self.send_header("Location", self.path + "/")
706 self.end_headers()
707 return None
708 for index in "index.html", "index.htm":
709 index = os.path.join(path, index)
710 if os.path.exists(index):
711 path = index
712 break
713 else:
714 return self.list_directory(path)
715 ctype = self.guess_type(path)
716 try:
717 f = open(path, 'rb')
718 except IOError:
719 self.send_error(404, "File not found")
720 return None
721 self.send_response(200)
722 self.send_header("Content-type", ctype)
723 fs = os.fstat(f.fileno())
724 self.send_header("Content-Length", str(fs[6]))
725 self.send_header("Last-Modified", self.date_time_string(fs.st_mtime))
726 self.end_headers()
727 return f
728
729 def list_directory(self, path):
730 """Helper to produce a directory listing (absent index.html).
731
732 Return value is either a file object, or None (indicating an
733 error). In either case, the headers are sent, making the
734 interface the same as for send_head().
735
736 """
737 try:
738 list = os.listdir(path)
739 except os.error:
740 self.send_error(404, "No permission to list directory")
741 return None
742 list.sort(key=lambda a: a.lower())
743 r = []
744 displaypath = html.escape(urllib_parse.unquote(self.path))
745 enc = sys.getfilesystemencoding()
746 title = 'Directory listing for %s' % displaypath
747 r.append('<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" '
748 '"http://www.w3.org/TR/html4/strict.dtd">')
749 r.append('<html>\n<head>')
750 r.append('<meta http-equiv="Content-Type" '
751 'content="text/html; charset=%s">' % enc)
752 r.append('<title>%s</title>\n</head>' % title)
753 r.append('<body>\n<h1>%s</h1>' % title)
754 r.append('<hr>\n<ul>')
755 for name in list:
756 fullname = os.path.join(path, name)
757 displayname = linkname = name
758 # Append / for directories or @ for symbolic links
759 if os.path.isdir(fullname):
760 displayname = name + "/"
761 linkname = name + "/"
762 if os.path.islink(fullname):
763 displayname = name + "@"
764 # Note: a link to a directory displays with @ and links with /
765 r.append('<li><a href="%s">%s</a></li>'
766 % (urllib_parse.quote(linkname), html.escape(displayname)))
767 # # Use this instead:
768 # r.append('<li><a href="%s">%s</a></li>'
769 # % (urllib.quote(linkname), cgi.escape(displayname)))
770 r.append('</ul>\n<hr>\n</body>\n</html>\n')
771 encoded = '\n'.join(r).encode(enc)
772 f = io.BytesIO()
773 f.write(encoded)
774 f.seek(0)
775 self.send_response(200)
776 self.send_header("Content-type", "text/html; charset=%s" % enc)
777 self.send_header("Content-Length", str(len(encoded)))
778 self.end_headers()
779 return f
780
781 def translate_path(self, path):
782 """Translate a /-separated PATH to the local filename syntax.
783
784 Components that mean special things to the local file system
785 (e.g. drive or directory names) are ignored. (XXX They should
786 probably be diagnosed.)
787
788 """
789 # abandon query parameters
790 path = path.split('?',1)[0]
791 path = path.split('#',1)[0]
792 path = posixpath.normpath(urllib_parse.unquote(path))
793 words = path.split('/')
794 words = filter(None, words)
795 path = os.getcwd()
796 for word in words:
797 drive, word = os.path.splitdrive(word)
798 head, word = os.path.split(word)
799 if word in (os.curdir, os.pardir): continue
800 path = os.path.join(path, word)
801 return path
802
803 def copyfile(self, source, outputfile):
804 """Copy all data between two file objects.
805
806 The SOURCE argument is a file object open for reading
807 (or anything with a read() method) and the DESTINATION
808 argument is a file object open for writing (or
809 anything with a write() method).
810
811 The only reason for overriding this would be to change
812 the block size or perhaps to replace newlines by CRLF
813 -- note however that this the default server uses this
814 to copy binary data as well.
815
816 """
817 shutil.copyfileobj(source, outputfile)
818
819 def guess_type(self, path):
820 """Guess the type of a file.
821
822 Argument is a PATH (a filename).
823
824 Return value is a string of the form type/subtype,
825 usable for a MIME Content-type header.
826
827 The default implementation looks the file's extension
828 up in the table self.extensions_map, using application/octet-stream
829 as a default; however it would be permissible (if
830 slow) to look inside the data to make a better guess.
831
832 """
833
834 base, ext = posixpath.splitext(path)
835 if ext in self.extensions_map:
836 return self.extensions_map[ext]
837 ext = ext.lower()
838 if ext in self.extensions_map:
839 return self.extensions_map[ext]
840 else:
841 return self.extensions_map['']
842
843 if not mimetypes.inited:
844 mimetypes.init() # try to read system mime.types
845 extensions_map = mimetypes.types_map.copy()
846 extensions_map.update({
847 '': 'application/octet-stream', # Default
848 '.py': 'text/plain',
849 '.c': 'text/plain',
850 '.h': 'text/plain',
851 })
852
853
854 # Utilities for CGIHTTPRequestHandler
855
856 def _url_collapse_path(path):
857 """
858 Given a URL path, remove extra '/'s and '.' path elements and collapse
859 any '..' references and returns a colllapsed path.
860
861 Implements something akin to RFC-2396 5.2 step 6 to parse relative paths.
862 The utility of this function is limited to is_cgi method and helps
863 preventing some security attacks.
864
865 Returns: A tuple of (head, tail) where tail is everything after the final /
866 and head is everything before it. Head will always start with a '/' and,
867 if it contains anything else, never have a trailing '/'.
868
869 Raises: IndexError if too many '..' occur within the path.
870
871 """
872 # Similar to os.path.split(os.path.normpath(path)) but specific to URL
873 # path semantics rather than local operating system semantics.
874 path_parts = path.split('/')
875 head_parts = []
876 for part in path_parts[:-1]:
877 if part == '..':
878 head_parts.pop() # IndexError if more '..' than prior parts
879 elif part and part != '.':
880 head_parts.append( part )
881 if path_parts:
882 tail_part = path_parts.pop()
883 if tail_part:
884 if tail_part == '..':
885 head_parts.pop()
886 tail_part = ''
887 elif tail_part == '.':
888 tail_part = ''
889 else:
890 tail_part = ''
891
892 splitpath = ('/' + '/'.join(head_parts), tail_part)
893 collapsed_path = "/".join(splitpath)
894
895 return collapsed_path
896
897
898
899 nobody = None
900
901 def nobody_uid():
902 """Internal routine to get nobody's uid"""
903 global nobody
904 if nobody:
905 return nobody
906 try:
907 import pwd
908 except ImportError:
909 return -1
910 try:
911 nobody = pwd.getpwnam('nobody')[2]
912 except KeyError:
913 nobody = 1 + max(x[2] for x in pwd.getpwall())
914 return nobody
915
916
917 def executable(path):
918 """Test for executable file."""
919 return os.access(path, os.X_OK)
920
921
922 class CGIHTTPRequestHandler(SimpleHTTPRequestHandler):
923
924 """Complete HTTP server with GET, HEAD and POST commands.
925
926 GET and HEAD also support running CGI scripts.
927
928 The POST command is *only* implemented for CGI scripts.
929
930 """
931
932 # Determine platform specifics
933 have_fork = hasattr(os, 'fork')
934
935 # Make rfile unbuffered -- we need to read one line and then pass
936 # the rest to a subprocess, so we can't use buffered input.
937 rbufsize = 0
938
939 def do_POST(self):
940 """Serve a POST request.
941
942 This is only implemented for CGI scripts.
943
944 """
945
946 if self.is_cgi():
947 self.run_cgi()
948 else:
949 self.send_error(501, "Can only POST to CGI scripts")
950
951 def send_head(self):
952 """Version of send_head that support CGI scripts"""
953 if self.is_cgi():
954 return self.run_cgi()
955 else:
956 return SimpleHTTPRequestHandler.send_head(self)
957
958 def is_cgi(self):
959 """Test whether self.path corresponds to a CGI script.
960
961 Returns True and updates the cgi_info attribute to the tuple
962 (dir, rest) if self.path requires running a CGI script.
963 Returns False otherwise.
964
965 If any exception is raised, the caller should assume that
966 self.path was rejected as invalid and act accordingly.
967
968 The default implementation tests whether the normalized url
969 path begins with one of the strings in self.cgi_directories
970 (and the next character is a '/' or the end of the string).
971
972 """
973 collapsed_path = _url_collapse_path(self.path)
974 dir_sep = collapsed_path.find('/', 1)
975 head, tail = collapsed_path[:dir_sep], collapsed_path[dir_sep+1:]
976 if head in self.cgi_directories:
977 self.cgi_info = head, tail
978 return True
979 return False
980
981
982 cgi_directories = ['/cgi-bin', '/htbin']
983
984 def is_executable(self, path):
985 """Test whether argument path is an executable file."""
986 return executable(path)
987
988 def is_python(self, path):
989 """Test whether argument path is a Python script."""
990 head, tail = os.path.splitext(path)
991 return tail.lower() in (".py", ".pyw")
992
993 def run_cgi(self):
994 """Execute a CGI script."""
995 path = self.path
996 dir, rest = self.cgi_info
997
998 i = path.find('/', len(dir) + 1)
999 while i >= 0:
1000 nextdir = path[:i]
1001 nextrest = path[i+1:]
1002
1003 scriptdir = self.translate_path(nextdir)
1004 if os.path.isdir(scriptdir):
1005 dir, rest = nextdir, nextrest
1006 i = path.find('/', len(dir) + 1)
1007 else:
1008 break
1009
1010 # find an explicit query string, if present.
1011 i = rest.rfind('?')
1012 if i >= 0:
1013 rest, query = rest[:i], rest[i+1:]
1014 else:
1015 query = ''
1016
1017 # dissect the part after the directory name into a script name &
1018 # a possible additional path, to be stored in PATH_INFO.
1019 i = rest.find('/')
1020 if i >= 0:
1021 script, rest = rest[:i], rest[i:]
1022 else:
1023 script, rest = rest, ''
1024
1025 scriptname = dir + '/' + script
1026 scriptfile = self.translate_path(scriptname)
1027 if not os.path.exists(scriptfile):
1028 self.send_error(404, "No such CGI script (%r)" % scriptname)
1029 return
1030 if not os.path.isfile(scriptfile):
1031 self.send_error(403, "CGI script is not a plain file (%r)" %
1032 scriptname)
1033 return
1034 ispy = self.is_python(scriptname)
1035 if self.have_fork or not ispy:
1036 if not self.is_executable(scriptfile):
1037 self.send_error(403, "CGI script is not executable (%r)" %
1038 scriptname)
1039 return
1040
1041 # Reference: http://hoohoo.ncsa.uiuc.edu/cgi/env.html
1042 # XXX Much of the following could be prepared ahead of time!
1043 env = copy.deepcopy(os.environ)
1044 env['SERVER_SOFTWARE'] = self.version_string()
1045 env['SERVER_NAME'] = self.server.server_name
1046 env['GATEWAY_INTERFACE'] = 'CGI/1.1'
1047 env['SERVER_PROTOCOL'] = self.protocol_version
1048 env['SERVER_PORT'] = str(self.server.server_port)
1049 env['REQUEST_METHOD'] = self.command
1050 uqrest = urllib_parse.unquote(rest)
1051 env['PATH_INFO'] = uqrest
1052 env['PATH_TRANSLATED'] = self.translate_path(uqrest)
1053 env['SCRIPT_NAME'] = scriptname
1054 if query:
1055 env['QUERY_STRING'] = query
1056 env['REMOTE_ADDR'] = self.client_address[0]
1057 authorization = self.headers.get("authorization")
1058 if authorization:
1059 authorization = authorization.split()
1060 if len(authorization) == 2:
1061 import base64, binascii
1062 env['AUTH_TYPE'] = authorization[0]
1063 if authorization[0].lower() == "basic":
1064 try:
1065 authorization = authorization[1].encode('ascii')
1066 if utils.PY3:
1067 # In Py3.3, was:
1068 authorization = base64.decodebytes(authorization).\
1069 decode('ascii')
1070 else:
1071 # Backport to Py2.7:
1072 authorization = base64.decodestring(authorization).\
1073 decode('ascii')
1074 except (binascii.Error, UnicodeError):
1075 pass
1076 else:
1077 authorization = authorization.split(':')
1078 if len(authorization) == 2:
1079 env['REMOTE_USER'] = authorization[0]
1080 # XXX REMOTE_IDENT
1081 if self.headers.get('content-type') is None:
1082 env['CONTENT_TYPE'] = self.headers.get_content_type()
1083 else:
1084 env['CONTENT_TYPE'] = self.headers['content-type']
1085 length = self.headers.get('content-length')
1086 if length:
1087 env['CONTENT_LENGTH'] = length
1088 referer = self.headers.get('referer')
1089 if referer:
1090 env['HTTP_REFERER'] = referer
1091 accept = []
1092 for line in self.headers.getallmatchingheaders('accept'):
1093 if line[:1] in "\t\n\r ":
1094 accept.append(line.strip())
1095 else:
1096 accept = accept + line[7:].split(',')
1097 env['HTTP_ACCEPT'] = ','.join(accept)
1098 ua = self.headers.get('user-agent')
1099 if ua:
1100 env['HTTP_USER_AGENT'] = ua
1101 co = filter(None, self.headers.get_all('cookie', []))
1102 cookie_str = ', '.join(co)
1103 if cookie_str:
1104 env['HTTP_COOKIE'] = cookie_str
1105 # XXX Other HTTP_* headers
1106 # Since we're setting the env in the parent, provide empty
1107 # values to override previously set values
1108 for k in ('QUERY_STRING', 'REMOTE_HOST', 'CONTENT_LENGTH',
1109 'HTTP_USER_AGENT', 'HTTP_COOKIE', 'HTTP_REFERER'):
1110 env.setdefault(k, "")
1111
1112 self.send_response(200, "Script output follows")
1113 self.flush_headers()
1114
1115 decoded_query = query.replace('+', ' ')
1116
1117 if self.have_fork:
1118 # Unix -- fork as we should
1119 args = [script]
1120 if '=' not in decoded_query:
1121 args.append(decoded_query)
1122 nobody = nobody_uid()
1123 self.wfile.flush() # Always flush before forking
1124 pid = os.fork()
1125 if pid != 0:
1126 # Parent
1127 pid, sts = os.waitpid(pid, 0)
1128 # throw away additional data [see bug #427345]
1129 while select.select([self.rfile], [], [], 0)[0]:
1130 if not self.rfile.read(1):
1131 break
1132 if sts:
1133 self.log_error("CGI script exit status %#x", sts)
1134 return
1135 # Child
1136 try:
1137 try:
1138 os.setuid(nobody)
1139 except os.error:
1140 pass
1141 os.dup2(self.rfile.fileno(), 0)
1142 os.dup2(self.wfile.fileno(), 1)
1143 os.execve(scriptfile, args, env)
1144 except:
1145 self.server.handle_error(self.request, self.client_address)
1146 os._exit(127)
1147
1148 else:
1149 # Non-Unix -- use subprocess
1150 import subprocess
1151 cmdline = [scriptfile]
1152 if self.is_python(scriptfile):
1153 interp = sys.executable
1154 if interp.lower().endswith("w.exe"):
1155 # On Windows, use python.exe, not pythonw.exe
1156 interp = interp[:-5] + interp[-4:]
1157 cmdline = [interp, '-u'] + cmdline
1158 if '=' not in query:
1159 cmdline.append(query)
1160 self.log_message("command: %s", subprocess.list2cmdline(cmdline))
1161 try:
1162 nbytes = int(length)
1163 except (TypeError, ValueError):
1164 nbytes = 0
1165 p = subprocess.Popen(cmdline,
1166 stdin=subprocess.PIPE,
1167 stdout=subprocess.PIPE,
1168 stderr=subprocess.PIPE,
1169 env = env
1170 )
1171 if self.command.lower() == "post" and nbytes > 0:
1172 data = self.rfile.read(nbytes)
1173 else:
1174 data = None
1175 # throw away additional data [see bug #427345]
1176 while select.select([self.rfile._sock], [], [], 0)[0]:
1177 if not self.rfile._sock.recv(1):
1178 break
1179 stdout, stderr = p.communicate(data)
1180 self.wfile.write(stdout)
1181 if stderr:
1182 self.log_error('%s', stderr)
1183 p.stderr.close()
1184 p.stdout.close()
1185 status = p.returncode
1186 if status:
1187 self.log_error("CGI script exit status %#x", status)
1188 else:
1189 self.log_message("CGI script exited OK")
1190
1191
1192 def test(HandlerClass = BaseHTTPRequestHandler,
1193 ServerClass = HTTPServer, protocol="HTTP/1.0", port=8000):
1194 """Test the HTTP request handler class.
1195
1196 This runs an HTTP server on port 8000 (or the first command line
1197 argument).
1198
1199 """
1200 server_address = ('', port)
1201
1202 HandlerClass.protocol_version = protocol
1203 httpd = ServerClass(server_address, HandlerClass)
1204
1205 sa = httpd.socket.getsockname()
1206 print("Serving HTTP on", sa[0], "port", sa[1], "...")
1207 try:
1208 httpd.serve_forever()
1209 except KeyboardInterrupt:
1210 print("\nKeyboard interrupt received, exiting.")
1211 httpd.server_close()
1212 sys.exit(0)
1213
1214 if __name__ == '__main__':
1215 parser = argparse.ArgumentParser()
1216 parser.add_argument('--cgi', action='store_true',
1217 help='Run as CGI Server')
1218 parser.add_argument('port', action='store',
1219 default=8000, type=int,
1220 nargs='?',
1221 help='Specify alternate port [default: 8000]')
1222 args = parser.parse_args()
1223 if args.cgi:
1224 test(HandlerClass=CGIHTTPRequestHandler, port=args.port)
1225 else:
1226 test(HandlerClass=SimpleHTTPRequestHandler, port=args.port)
OLDNEW
« no previous file with comments | « third_party/google-endpoints/future/backports/http/cookies.py ('k') | third_party/google-endpoints/future/backports/misc.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698