##### Copyright 2000 by Timothy O'Malley <timo@alum.mit.edu>## All Rights Reserved## Permission to use, copy, modify, and distribute this software# and its documentation for any purpose and without fee is hereby# granted, provided that the above copyright notice appear in all# copies and that both that copyright notice and this permission# notice appear in supporting documentation, and that the name of# Timothy O'Malley not be used in advertising or publicity# pertaining to distribution of the software without specific, written# prior permission.## Timothy O'Malley DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS# SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY# AND FITNESS, IN NO EVENT SHALL Timothy O'Malley BE LIABLE FOR# ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR# PERFORMANCE OF THIS SOFTWARE.####### Id: Cookie.py,v 2.29 2000年08月23日 05:28:49 timo Exp# by Timothy O'Malley <timo@alum.mit.edu>## Cookie.py is a Python module for the handling of HTTP# cookies as a Python dictionary. See RFC 2109 for more# information on cookies.## The original idea to treat Cookies as a dictionary came from# Dave Mitchell (davem@magnet.com) in 1995, when he released the# first version of nscookie.py.#####r"""Here's a sample session to show how to use this module.At the moment, this is the only documentation.The Basics----------Importing is easy...>>> from http import cookiesMost of the time you start by creating a cookie.>>> C = cookies.SimpleCookie()Once you've created your Cookie, you can add values just as if it werea dictionary.>>> C = cookies.SimpleCookie()>>> C["fig"] = "newton">>> C["sugar"] = "wafer">>> C.output()'Set-Cookie: fig=newton\r\nSet-Cookie: sugar=wafer'Notice that the printable representation of a Cookie is theappropriate format for a Set-Cookie: header. This is thedefault behavior. You can change the header and printedattributes by using the .output() function>>> C = cookies.SimpleCookie()>>> C["rocky"] = "road">>> C["rocky"]["path"] = "/cookie">>> print(C.output(header="Cookie:"))Cookie: rocky=road; Path=/cookie>>> print(C.output(attrs=[], header="Cookie:"))Cookie: rocky=roadThe load() method of a Cookie extracts cookies from a string. In aCGI script, you would use this method to extract the cookies from theHTTP_COOKIE environment variable.>>> C = cookies.SimpleCookie()>>> C.load("chips=ahoy; vienna=finger")>>> C.output()'Set-Cookie: chips=ahoy\r\nSet-Cookie: vienna=finger'The load() method is darn-tootin smart about identifying cookieswithin a string. Escaped quotation marks, nested semicolons, and othersuch trickeries do not confuse it.>>> C = cookies.SimpleCookie()>>> C.load('keebler="E=everybody; L=\\"Loves\\"; fudge=\012円;";')>>> print(C)Set-Cookie: keebler="E=everybody; L=\"Loves\"; fudge=012円;"Each element of the Cookie also supports all of the RFC 2109Cookie attributes. Here's an example which sets the Pathattribute.>>> C = cookies.SimpleCookie()>>> C["oreo"] = "doublestuff">>> C["oreo"]["path"] = "/">>> print(C)Set-Cookie: oreo=doublestuff; Path=/Each dictionary element has a 'value' attribute, which gives youback the value associated with the key.>>> C = cookies.SimpleCookie()>>> C["twix"] = "none for you">>> C["twix"].value'none for you'The SimpleCookie expects that all values should be standard strings.Just to be sure, SimpleCookie invokes the str() builtin to convertthe value to a string, when the values are set dictionary-style.>>> C = cookies.SimpleCookie()>>> C["number"] = 7>>> C["string"] = "seven">>> C["number"].value'7'>>> C["string"].value'seven'>>> C.output()'Set-Cookie: number=7\r\nSet-Cookie: string=seven'Finis."""## Import our required modules#import reimport string__all__ = ["CookieError", "BaseCookie", "SimpleCookie"]_nulljoin = ''.join_semispacejoin = '; '.join_spacejoin = ' '.join## Define an exception visible to External modules#class CookieError(Exception):pass# These quoting routines conform to the RFC2109 specification, which in# turn references the character definitions from RFC2068. They provide# a two-way quoting algorithm. Any non-text character is translated# into a 4 character sequence: a forward-slash followed by the# three-digit octal equivalent of the character. Any '\' or '"' is# quoted with a preceding '\' slash.# Because of the way browsers really handle cookies (as opposed to what# the RFC says) we also encode "," and ";".## These are taken from RFC2068 and RFC2109.# _LegalChars is the list of chars which don't require "'s# _Translator hash-table for fast quoting#_LegalChars = string.ascii_letters + string.digits + "!#$%&'*+-.^_`|~:"_UnescapedChars = _LegalChars + ' ()/<=>?@[]{}'_Translator = {n: '\\%03o' % nfor n in set(range(256)) - set(map(ord, _UnescapedChars))}_Translator.update({ord('"'): '\\"',ord('\\'): '\\\\',})_is_legal_key = re.compile('[%s]+' % re.escape(_LegalChars)).fullmatchdef _quote(str):r"""Quote a string for use in a cookie header.If the string does not need to be double-quoted, then just return thestring. Otherwise, surround the string in doublequotes and quote(with a \) special characters."""if str is None or _is_legal_key(str):return strelse:return '"' + str.translate(_Translator) + '"'_OctalPatt = re.compile(r"\\[0-3][0-7][0-7]")_QuotePatt = re.compile(r"[\\].")def _unquote(str):# If there aren't any doublequotes,# then there can't be any special characters. See RFC 2109.if str is None or len(str) < 2:return strif str[0] != '"' or str[-1] != '"':return str# We have to assume that we must decode this string.# Down to work.# Remove the "sstr = str[1:-1]# Check for special sequences. Examples:# 012円 --> \n# \" --> "#i = 0n = len(str)res = []while 0 <= i < n:o_match = _OctalPatt.search(str, i)q_match = _QuotePatt.search(str, i)if not o_match and not q_match: # Neither matchedres.append(str[i:])break# else:j = k = -1if o_match:j = o_match.start(0)if q_match:k = q_match.start(0)if q_match and (not o_match or k < j): # QuotePatt matchedres.append(str[i:k])res.append(str[k+1])i = k + 2else: # OctalPatt matchedres.append(str[i:j])res.append(chr(int(str[j+1:j+4], 8)))i = j + 4return _nulljoin(res)# The _getdate() routine is used to set the expiration time in the cookie's HTTP# header. By default, _getdate() returns the current time in the appropriate# "expires" format for a Set-Cookie header. The one optional argument is an# offset from now, in seconds. For example, an offset of -3600 means "one hour# ago". The offset may be a floating point number.#_weekdayname = ['Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun']_monthname = [None,'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun','Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec']def _getdate(future=0, weekdayname=_weekdayname, monthname=_monthname):from time import gmtime, timenow = time()year, month, day, hh, mm, ss, wd, y, z = gmtime(now + future)return "%s, %02d %3s %4d %02d:%02d:%02d GMT" % \(weekdayname[wd], day, monthname[month], year, hh, mm, ss)class Morsel(dict):"""A class to hold ONE (key, value) pair.In a cookie, each such pair may have several attributes, so this class isused to keep the attributes associated with the appropriate key,value pair.This class also includes a coded_value attribute, which is used to holdthe network representation of the value."""# RFC 2109 lists these attributes as reserved:# path comment domain# max-age secure version## For historical reasons, these attributes are also reserved:# expires## This is an extension from Microsoft:# httponly## This dictionary provides a mapping from the lowercase# variant on the left to the appropriate traditional# formatting on the right._reserved = {"expires" : "expires","path" : "Path","comment" : "Comment","domain" : "Domain","max-age" : "Max-Age","secure" : "Secure","httponly" : "HttpOnly","version" : "Version","samesite" : "SameSite",}_flags = {'secure', 'httponly'}def __init__(self):# Set defaultsself._key = self._value = self._coded_value = None# Set default attributesfor key in self._reserved:dict.__setitem__(self, key, "")@propertydef key(self):return self._key@propertydef value(self):return self._value@propertydef coded_value(self):return self._coded_valuedef __setitem__(self, K, V):K = K.lower()if not K in self._reserved:raise CookieError("Invalid attribute %r" % (K,))dict.__setitem__(self, K, V)def setdefault(self, key, val=None):key = key.lower()if key not in self._reserved:raise CookieError("Invalid attribute %r" % (key,))return dict.setdefault(self, key, val)def __eq__(self, morsel):if not isinstance(morsel, Morsel):return NotImplementedreturn (dict.__eq__(self, morsel) andself._value == morsel._value andself._key == morsel._key andself._coded_value == morsel._coded_value)__ne__ = object.__ne__def copy(self):morsel = Morsel()dict.update(morsel, self)morsel.__dict__.update(self.__dict__)return morseldef update(self, values):data = {}for key, val in dict(values).items():key = key.lower()if key not in self._reserved:raise CookieError("Invalid attribute %r" % (key,))data[key] = valdict.update(self, data)def isReservedKey(self, K):return K.lower() in self._reserveddef set(self, key, val, coded_val):if key.lower() in self._reserved:raise CookieError('Attempt to set a reserved key %r' % (key,))if not _is_legal_key(key):raise CookieError('Illegal key %r' % (key,))# It's a good key, so save it.self._key = keyself._value = valself._coded_value = coded_valdef __getstate__(self):return {'key': self._key,'value': self._value,'coded_value': self._coded_value,}def __setstate__(self, state):self._key = state['key']self._value = state['value']self._coded_value = state['coded_value']def output(self, attrs=None, header="Set-Cookie:"):return "%s %s" % (header, self.OutputString(attrs))__str__ = outputdef __repr__(self):return '<%s: %s>' % (self.__class__.__name__, self.OutputString())def js_output(self, attrs=None):# Print javascriptreturn """<script type="text/javascript"><!-- begin hidingdocument.cookie = \"%s\";// end hiding --></script>""" % (self.OutputString(attrs).replace('"', r'\"'))def OutputString(self, attrs=None):# Build up our result#result = []append = result.append# First, the key=value pairappend("%s=%s" % (self.key, self.coded_value))# Now add any defined attributesif attrs is None:attrs = self._reserveditems = sorted(self.items())for key, value in items:if value == "":continueif key not in attrs:continueif key == "expires" and isinstance(value, int):append("%s=%s" % (self._reserved[key], _getdate(value)))elif key == "max-age" and isinstance(value, int):append("%s=%d" % (self._reserved[key], value))elif key == "comment" and isinstance(value, str):append("%s=%s" % (self._reserved[key], _quote(value)))elif key in self._flags:if value:append(str(self._reserved[key]))else:append("%s=%s" % (self._reserved[key], value))# Return the resultreturn _semispacejoin(result)## Pattern for finding cookie## This used to be strict parsing based on the RFC2109 and RFC2068# specifications. I have since discovered that MSIE 3.0x doesn't# follow the character rules outlined in those specs. As a# result, the parsing rules here are less strict.#_LegalKeyChars = r"\w\d!#%&'~_`><@,:/\$\*\+\-\.\^\|\)\(\?\}\{\="_LegalValueChars = _LegalKeyChars + r'\[\]'_CookiePattern = re.compile(r"""\s* # Optional whitespace at start of cookie(?P<key> # Start of group 'key'[""" + _LegalKeyChars + r"""]+? # Any word of at least one letter) # End of group 'key'( # Optional group: there may not be a value.\s*=\s* # Equal Sign(?P<val> # Start of group 'val'"(?:[^\\"]|\\.)*" # Any doublequoted string| # or\w{3},\s[\w\d\s-]{9,11}\s[\d:]{8}\sGMT # Special case for "expires" attr| # or[""" + _LegalValueChars + r"""]* # Any word or empty string) # End of group 'val')? # End of optional value group\s* # Any number of spaces.(\s+|;|$) # Ending either at space, semicolon, or EOS.""", re.ASCII | re.VERBOSE) # re.ASCII may be removed if safe.# At long last, here is the cookie class. Using this class is almost just like# using a dictionary. See this module's docstring for example usage.#class BaseCookie(dict):"""A container class for a set of Morsels."""def value_decode(self, val):"""real_value, coded_value = value_decode(STRING)Called prior to setting a cookie's value from the networkrepresentation. The VALUE is the value read from HTTPheader.Override this function to modify the behavior of cookies."""return val, valdef value_encode(self, val):"""real_value, coded_value = value_encode(VALUE)Called prior to setting a cookie's value from the dictionaryrepresentation. The VALUE is the value being assigned.Override this function to modify the behavior of cookies."""strval = str(val)return strval, strvaldef __init__(self, input=None):if input:self.load(input)def __set(self, key, real_value, coded_value):"""Private method for setting a cookie's value"""M = self.get(key, Morsel())M.set(key, real_value, coded_value)dict.__setitem__(self, key, M)def __setitem__(self, key, value):"""Dictionary style assignment."""if isinstance(value, Morsel):# allow assignment of constructed Morsels (e.g. for pickling)dict.__setitem__(self, key, value)else:rval, cval = self.value_encode(value)self.__set(key, rval, cval)def output(self, attrs=None, header="Set-Cookie:", sep="015円012円"):"""Return a string suitable for HTTP."""result = []items = sorted(self.items())for key, value in items:result.append(value.output(attrs, header))return sep.join(result)__str__ = outputdef __repr__(self):l = []items = sorted(self.items())for key, value in items:l.append('%s=%s' % (key, repr(value.value)))return '<%s: %s>' % (self.__class__.__name__, _spacejoin(l))def js_output(self, attrs=None):"""Return a string suitable for JavaScript."""result = []items = sorted(self.items())for key, value in items:result.append(value.js_output(attrs))return _nulljoin(result)def load(self, rawdata):"""Load cookies from a string (presumably HTTP_COOKIE) orfrom a dictionary. Loading cookies from a dictionary 'd'is equivalent to calling:map(Cookie.__setitem__, d.keys(), d.values())"""if isinstance(rawdata, str):self.__parse_string(rawdata)else:# self.update() wouldn't call our custom __setitem__for key, value in rawdata.items():self[key] = valuereturndef __parse_string(self, str, patt=_CookiePattern):i = 0 # Our starting pointn = len(str) # Length of stringparsed_items = [] # Parsed (type, key, value) triplesmorsel_seen = False # A key=value pair was previously encounteredTYPE_ATTRIBUTE = 1TYPE_KEYVALUE = 2# We first parse the whole cookie string and reject it if it's# syntactically invalid (this helps avoid some classes of injection# attacks).while 0 <= i < n:# Start looking for a cookiematch = patt.match(str, i)if not match:# No more cookiesbreakkey, value = match.group("key"), match.group("val")i = match.end(0)if key[0] == "$":if not morsel_seen:# We ignore attributes which pertain to the cookie# mechanism as a whole, such as "$Version".# See RFC 2965. (Does anyone care?)continueparsed_items.append((TYPE_ATTRIBUTE, key[1:], value))elif key.lower() in Morsel._reserved:if not morsel_seen:# Invalid cookie stringreturnif value is None:if key.lower() in Morsel._flags:parsed_items.append((TYPE_ATTRIBUTE, key, True))else:# Invalid cookie stringreturnelse:parsed_items.append((TYPE_ATTRIBUTE, key, _unquote(value)))elif value is not None:parsed_items.append((TYPE_KEYVALUE, key, self.value_decode(value)))morsel_seen = Trueelse:# Invalid cookie stringreturn# The cookie string is valid, apply it.M = None # current morselfor tp, key, value in parsed_items:if tp == TYPE_ATTRIBUTE:assert M is not NoneM[key] = valueelse:assert tp == TYPE_KEYVALUErval, cval = valueself.__set(key, rval, cval)M = self[key]class SimpleCookie(BaseCookie):"""SimpleCookie supports strings as cookie values. When settingthe value using the dictionary assignment notation, SimpleCookiecalls the builtin str() to convert the value to a string. Valuesreceived from HTTP are kept as strings."""def value_decode(self, val):return _unquote(val), valdef value_encode(self, val):strval = str(val)return strval, _quote(strval)
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。