Guido van Rossum
9568b738ec
Chris McDonough's patch to defend against certain DoS attacks on FieldStorage.
...
SF bug #1112549 .
2006-08-10 17:41:07 +00:00
Armin Rigo
3a703b6059
Reverted revision 1.83, which introduced a bug and subtle incompatibility
...
issues. See bug #1112856 .
2005-09-19 09:11:04 +00:00
Skip Montanaro
97b2fa229c
Bring cgi.escape docstring slightly more in line with the library ref
...
manual. Closes #1243553 .
2005-08-02 02:50:25 +00:00
Johannes Gijsbers
c7fc10a418
Patch #1079734 : remove dependencies on (deprecated) rfc822 and mimetools
...
modules, replacing with email. Thanks to Josh Hoyt for the patch!
2005-01-08 13:56:36 +00:00
Raymond Hettinger
f871d833dd
Remove some lambdas.
2004-12-31 21:59:02 +00:00
Raymond Hettinger
a617271dbd
Use cStringIO where available.
2004-12-31 19:15:26 +00:00
Johannes Gijsbers
9e15dd6861
Let cgi.parse_header() properly unquote headers (patch #1008597 ).
2004-08-14 15:39:34 +00:00
Neil Schemenauer
66edb6295f
Don't return spurious empty fields if 'keep_empty_values' is True.
...
Fixes SF bug #990307 .
2004-07-19 15:38:11 +00:00
Brett Cannon
8d9b60f102
Change parse_qsl() to accept control-name's with no equal sign (e.g., "name")
...
when keep_blank_values is true.
2004-03-21 22:16:15 +00:00
Walter Dörwald
70a6b49821
Replace backticks with repr() or "%r"
...
From SF patch #852334 .
2004-02-12 17:35:32 +00:00
Guido van Rossum
68468eba63
Get rid of many apply() calls.
2003-02-27 20:14:51 +00:00
Guido van Rossum
4061cbee9c
Patch suggested by Hamish Lawson: add an __iter__() that returns
...
iter(self.keys()).
2002-09-11 18:20:34 +00:00
Raymond Hettinger
46ac8eb3c8
Code modernization. Replace v=s[i]; del s[i] with single lookup v=s.pop(i)
2002-06-30 03:39:14 +00:00
Raymond Hettinger
54f0222547
SF 563203. Replaced 'has_key()' with 'in'.
2002-06-01 14:18:47 +00:00
Raymond Hettinger
a144900b86
Use is None rather than general boolean
2002-05-31 23:54:44 +00:00
Tim Peters
bc0e910826
Convert a pile of obvious "yes/no" functions to return bool.
2002-04-04 22:55:58 +00:00
Skip Montanaro
db5d1444a1
tighten up except - only ValueError can be raised in this situation
2002-03-23 05:50:17 +00:00
Neal Norwitz
7fd41ccdb1
SF #515006 , remove unnecessary import
2002-02-11 17:57:55 +00:00
Fred Drake
4c85da4d16
"ib" should be "boundary"; reported by Neal Norwitz.
2001-10-13 18:38:53 +00:00
Guido van Rossum
1bfb388d86
Class FieldStorage: add two new methods, getfirst() and getlist(),
...
that provide a somewhat more uniform interface to getting values.
This is from SF patch #453691 .
2001-09-05 19:45:34 +00:00
Tim Peters
ab9ba27dc0
Whitespace normalization.
2001-08-09 21:40:30 +00:00
Guido van Rossum
2e441f7836
Fix a denial-of-service attack, SF bug #443120 .
...
Code by Evan Simpson.
2001-07-25 21:00:19 +00:00
Guido van Rossum
52b8c29ca7
Solve SF bug #231249 : cgi.py opens too many (temporary) files.
...
class FieldStorage: this patch changes read_lines() and co. to use a
StringIO() instead of a real file. The write() calls are redirected
to a private method that replaces it with a real, external file only
when it gets too big (> 1000 bytes).
This avoids problems in forms using the multipart/form-data encoding
with many fields. The original code created a temporary file for
*every* field (not just for file upload fields), thereby sometimes
exceeding the open file limit of some systems.
Note that the simpler solution "use a real file only for file uploads"
can't be used because the form field parser has no way to tell which
fields correspond to file uploads.
It's *possible* but extremely unlikely that this would break someone's
code; they would have to be stepping way outside the documented
interface for FieldStorage and use f.file.fileno(), or depend on
overriding make_file() to return a file-like object with additional
known properties.
2001-06-29 13:06:06 +00:00
Guido van Rossum
a8423a95b8
Add a whole lot of stuff to __all__.
...
(Excluding the logging stuff, which doesn't lend itself to use via
"from cgi import *" -- it manipulates globals.)
2001-03-19 13:40:44 +00:00
Skip Montanaro
ff443a51eb
added missing element to __all__
2001-02-28 01:03:48 +00:00
