3 v^]W@sRddlZddlZddlZddlZddlmZddlmZddlm Z m Z m Z m Z ddl mZddlmZddlmZmZmZddlmZdd lmZmZdd lmZmZmZdd lmZm Z dd l!m"Z"dd l#m$Z$m%Z%e&Z'ej(dZ)Gddde*Z+Gddde,Z-GdddZ.GdddeZ/GdddeZ0ddZ1ddZ2ddZ3dS)N)BytesIO)chain)quote urlencodeurljoinurlsplit)settings)signing)DisallowedHostImproperlyConfiguredRequestDataTooBig) uploadhandler)MultiPartParserMultiPartParserError)CaseInsensitiveMapping ImmutableListMultiValueDict)escape_uri_path iri_to_uri)cached_property)is_same_domainlimited_parse_qslz1^([a-z0-9.-]+|\[[a-f0-9]*:[a-f0-9\.:]+\])(:\d+)?$c@s eZdZdS)UnreadablePostErrorN)__name__ __module__ __qualname__rr7/usr/lib/python3.6/site-packages/django/http/request.pyrsrc@seZdZdZdS)RawPostDataExceptionz You cannot access raw_post_data from a request that has multipart/* POST data if it has been accessed via POST, FILES, etc.. N)rrr__doc__rrrrrsrc@sJeZdZdZdZgZddZddZeddZ d d Z d d Z d dZ ddZ dCddZdDddZddZeddfddZddZdEddZedd Zd!d"Zed#d$Zd%d&Zd'd(Zed)d*Zejd+d*Zd,d-Zed.d/Zejd0d/Zd1d2Zed3d4Z d5d6Z!d7d8Z"d9d:Z#d;d<Z$d=d>Z%d?d@Z&dAdBZ'dS)F HttpRequestzA basic HTTP request.NcCsTtdd|_tdd|_i|_i|_t|_d|_d|_d|_ d|_ d|_ d|_ dS)NT)mutable) QueryDictGETPOSTCOOKIESMETArZFILESpath path_infomethodresolver_match content_typecontent_params)selfrrr__init__/s  zHttpRequest.__init__cCs8|jdks|j r d|jjSd|jj|j|jfS)Nz<%s>z <%s: %s %r>)r* get_full_path __class__r)r.rrr__repr__As zHttpRequest.__repr__cCs t|jS)N) HttpHeadersr')r.rrrheadersFszHttpRequest.headersc Cs^tj|jdd\|_|_d|jkrZytj|jdWntk rLYnX|jd|_dS)z/Set content_type, content_params, and encoding. CONTENT_TYPEr"charsetN) cgiZ parse_headergetr,r-codecslookup LookupErrorencoding)r.metarrr_set_content_type_paramsJs z$HttpRequest._set_content_type_paramscCshtjrd|jkr|jd}nHd|jkr2|jd}n2|jd}|j}||jrRdndkrdd||f}|S)z Return the HTTP host using the environment or request headers. Skip allowed hosts protection, so may return an insecure host. ZHTTP_X_FORWARDED_HOSTZ HTTP_HOST SERVER_NAME44380z%s:%s)rUSE_X_FORWARDED_HOSTr'get_port is_secure)r.hostZ server_portrrr _get_raw_hostUs      zHttpRequest._get_raw_hostcCsp|j}tj}tjr$| r$dddg}t|\}}|rBt||rB|Sd|}|r\|d|7}n|d7}t|dS)z>Return the HTTP host using the environment or request headers. localhostz 127.0.0.1z[::1]zInvalid HTTP_HOST header: %r.z) You may need to add %r to ALLOWED_HOSTS.zB The domain name provided is not valid according to RFC 1034/1035.N)rFr ALLOWED_HOSTSDEBUGsplit_domain_port validate_hostr )r.rE allowed_hostsdomainportmsgrrrget_hosths   zHttpRequest.get_hostcCs.tjrd|jkr|jd}n |jd}t|S)z3Return the port number for the request as a string.ZHTTP_X_FORWARDED_PORT SERVER_PORT)rUSE_X_FORWARDED_PORTr'str)r.rNrrrrC|s  zHttpRequest.get_portFcCs|j|j|S)N)_get_full_pathr()r.force_append_slashrrrr0szHttpRequest.get_full_pathcCs|j|j|S)N)rTr))r.rUrrrget_full_path_infoszHttpRequest.get_full_path_infocCsJdt||r|jd rdnd|jjddrBdt|jjddndfS)Nz%s%s%s/r" QUERY_STRING?)rendswithr'r8r)r.r(rUrrrrTszHttpRequest._get_full_pathr"cCszy|j|}Wn"tk r0|tk r*|SYnXytj||dj||d}Wn$tjk rt|tk rn|SYnX|S)z Attempt to return a signed cookie. If the signature fails or the cookie has expired, raise an exception, unless the `default` argument is provided, in which case return that value. )salt)max_age)r&KeyError RAISE_ERRORr Zget_cookie_signerZunsignZ BadSignature)r.keydefaultr[r\Z cookie_valuevaluerrrget_signed_cookieszHttpRequest.get_signed_cookiecCsdj|j|j|jdS)z Return an absolute URI from variables available in this request. Skip allowed hosts protection, so may return insecure URI. z{scheme}://{host}{path})schemerEr()formatrcrFr0)r.rrr get_raw_uriszHttpRequest.get_raw_uricCs|dkrd|j}t|}|jo&|js|jjdrz|j rz|j rzd|jkrzd|jkrz|jdrn|dd}|j|}nt|j|j|}t|S)a Build an absolute URI from the location and the variables available in this request. If no ``location`` is specified, build the absolute URI using request.get_full_path(). If the location is absolute, convert it to an RFC 3987 compliant URI and return it. If location is relative or is scheme-relative (i.e., ``//example.com/``), urljoin() it to a base URL constructed from the request variables. Nz//%srWz/./z/../z//) r0rrcnetlocr( startswith_current_scheme_hostrr)r.locationbitsrrrbuild_absolute_uris      zHttpRequest.build_absolute_uricCsdj|j|jS)Nz{}://{})rdrcrP)r.rrrrisz HttpRequest._current_scheme_hostcCsdS)zf Hook for subclasses like WSGIRequest to implement. Return 'http' by default. httpr)r.rrr _get_schemeszHttpRequest._get_schemec Cs^tjrVytj\}}Wntk r0tdYnX|jj|}|dk rV||krRdSdS|jS)NzJThe SECURE_PROXY_SSL_HEADER setting must be a tuple containing two values.httpsrm)rSECURE_PROXY_SSL_HEADER ValueErrorr r'r8rn)r.headerZ secure_valueZ header_valuerrrrcs  zHttpRequest.schemecCs |jdkS)Nro)rc)r.rrrrDszHttpRequest.is_securecCs|jjddkS)NZHTTP_X_REQUESTED_WITHZXMLHttpRequest)r'r8)r.rrris_ajaxszHttpRequest.is_ajaxcCs|jS)N) _encoding)r.rrrr<szHttpRequest.encodingcCs&||_t|dr|`t|dr"|`dS)z Set the encoding used for GET/POST accesses. If the GET or POST dictionary has already been created, remove and recreate it on the next access (so that it is decoded correctly). r$_postN)rthasattrr$ru)r.valrrrr<s   csfddtjD_dS)Ncsg|]}tj|qSr)r Z load_handler).0handler)r.rr sz4HttpRequest._initialize_handlers..)rFILE_UPLOAD_HANDLERS_upload_handlers)r.r)r.r_initialize_handlerss z HttpRequest._initialize_handlerscCs|js|j|jS)N)r|r})r.rrrupload_handlers szHttpRequest.upload_handlerscCst|drtd||_dS)N_fileszGYou cannot set the upload handlers after the upload has been processed.)rvAttributeErrorr|)r.r~rrrr~s cCs*t|jdd|_t|||j|j}|jS)z9Return a tuple of (POST QueryDict, FILES MultiValueDict).zEYou cannot alter upload handlers after the upload has been processed.)warning)rr~rr<parse)r.r' post_dataparserrrrparse_file_uploads  zHttpRequest.parse_file_uploadcCst|ds|jrtdtjdk rDt|jjdp2dtjkrDtdy|j |_ Wn.t k r}zt |j |WYdd}~XnXt|j |_|j S)N_bodyz?You cannot access body after reading from request's data streamCONTENT_LENGTHrz;Request body exceeded settings.DATA_UPLOAD_MAX_MEMORY_SIZE.)rv _read_startedrrDATA_UPLOAD_MAX_MEMORY_SIZEintr'r8r readrOSErrorrargsr_stream)r.errrbody s   zHttpRequest.bodycCst|_t|_dS)N)r#rurr)r.rrr_mark_post_parse_error2sz"HttpRequest._mark_post_parse_errorc Cs|jdkr&t|jdt|_|_dS|jrDt|d rD|jdS|j dkrt|drdt |j }n|}y|j |j |\|_|_Wqtk r|jYqXn@|j dkrt|j|jdt|_|_nt|jdt|_|_dS)zFPopulate self._post and self._files if the content-type is a form typer%)r<Nrzmultipart/form-dataz!application/x-www-form-urlencoded)r*r#rtrrurrrvrr,rrrr'rr)r.datarrr_load_post_and_files6s$      z HttpRequest._load_post_and_filescCs:t|dr6x*tjdd|jjDD] }|jq&WdS)Nrcss|]}|dVqdS)Nr)rxlrrr Usz$HttpRequest.close..)rvr from_iterablerlistsclose)r.frrrrSs  zHttpRequest.closecOsHd|_y|jj||Stk rB}zt|j|WYdd}~XnXdS)NT)rrrrrr)r.rkwargsrrrrr`s zHttpRequest.readcOsHd|_y|jj||Stk rB}zt|j|WYdd}~XnXdS)NT)rrreadlinerrr)r.rrrrrrrgs zHttpRequest.readlinecCs t|jdS)N)iterr)r.rrr__iter__nszHttpRequest.__iter__cCst|S)N)list)r.rrr readlinesqszHttpRequest.readlines)F)F)N)(rrrrrtr|r/r2rr4r>rFrPrCr0rVrTr^rbrerlrirnpropertyrcrDrsr<setterr}r~rrrrrrrrrrrrrr (sF      !       r cs@eZdZdZddhZfddZfddZedd ZZ S) r3ZHTTP_r5rcs@i}x*|jD]\}}|j|}|r|||<qWtj|dS)N)itemsparse_header_namesuperr/)r.environr4rrraname)r1rrr/zs   zHttpHeaders.__init__cstj|jddS)z:Allow header lookup using underscores in place of hyphens._-)r __getitem__replace)r.r_)r1rrrszHttpHeaders.__getitem__cCs>|j|jr |t|jd}n||jkr.dS|jddjS)Nrr)rh HTTP_PREFIXlenUNPREFIXED_HEADERSrtitle)clsrrrrrrs   zHttpHeaders.parse_header_name) rrrrrr/r classmethodr __classcell__rr)r1rr3us   r3cseZdZdZdZdZd)fdd Zed*dd Ze d d Z e j d d Z d dZ fddZ fddZddZddZfddZd+fdd ZfddZfddZfdd Zfd!d"Zd,fd#d$ Zd%d&Zd-d'd(ZZS).r#a A specialized MultiValueDict which represents a query string. A QueryDict can be used to represent GET or POST data. It subclasses MultiValueDict since keys in such data can be repeated, for instance in the data from a form with a