o xgwc@sddlZddlZddlZddlZddlmZddlmZddlm Z m Z m Z m Z m Z ddlmZddlmZddlmZmZmZmZddlmZdd lmZmZmZdd lmZmZm Z dd l!m"Z"dd l#m$Z$m%Z%dd l&m'Z'ddl(m)Z)ddl*m+Z+ddl,m-Z-ddl.m/Z/e+e dre+e dsddl(m Z e0Z1e-dZ2Gddde3Z4Gddde5Z6GdddZ7GdddeZ8Gdd d e Z9Gd!d"d"Z:d#d$Z;d%d&ZdS)+N)BytesIO)chain) parse_qslquote urlencodeurljoinurlsplit)settings)signing)DisallowedHostImproperlyConfiguredRequestDataTooBigTooManyFieldsSent) uploadhandler)MultiPartParserMultiPartParserErrorTooManyFilesSent)CaseInsensitiveMapping ImmutableListMultiValueDict)RemovedInDjango40Warning)escape_uri_path iri_to_uri)cached_propertyis_same_domain)func_supports_parameter)_lazy_re_compile) parse_headermax_num_fields separator)rz1^([a-z0-9.-]+|\[[a-f0-9]*:[a-f0-9\.:]+\])(:\d+)?$c@s eZdZdS)UnreadablePostErrorN)__name__ __module__ __qualname__r&r&5/usr/lib/python3/dist-packages/django/http/request.pyr"-sr"c@seZdZdZdS)RawPostDataExceptionz You cannot access raw_post_data from a request that has multipart/* POST data if it has been accessed via POST, FILES, etc.. N)r#r$r%__doc__r&r&r&r'r(1sr(c@s^eZdZdZdZgZddZddZeddZ ed d Z d d Z d dZ ddZ ddZddZdGddZdGddZddZeddfddZdd ZdHd!d"Zed#d$Zd%d&Zed'd(Zd)d*Zd+d,Zed-d.Zejd/d.Zd0d1Zed2d3Z e jd4d3Z d5d6Z!ed7d8Z"d9d:Z#d;d<Z$d=d>Z%d?d@Z&dAdBZ'dCdDZ(dEdFZ)dS)I HttpRequestzA basic HTTP request.NcCsTtdd|_tdd|_i|_i|_t|_d|_d|_d|_ d|_ d|_ d|_ dS)NT)mutable) QueryDictGETPOSTCOOKIESMETArFILESpath path_infomethodresolver_match content_typecontent_paramsselfr&r&r'__init__As   zHttpRequest.__init__cCs6|jdus |sd|jjSd|jj|j|fS)Nz<%s>z <%s: %s %r>)r5 get_full_path __class__r#r9r&r&r'__repr__Ss zHttpRequest.__repr__cCs t|jSN) HttpHeadersr1r9r&r&r'headersX zHttpRequest.headerscCst|jddS)z%Return a list of MediaType instances.Acceptz*/*)parse_accept_headerrAgetr9r&r&r'accepted_types\szHttpRequest.accepted_typescstfdd|jDS)Nc3s|]}|VqdSr?)match).0 accepted_type media_typer&r' bs  z&HttpRequest.accepts..)anyrF)r:rKr&rJr'acceptsas zHttpRequest.acceptscCsbt|dd\|_|_d|jvr/z t|jdWn ty&YdSw|jd|_dSdS)z/Set content_type, content_params, and encoding. CONTENT_TYPEr,charsetN) cgirrEr7r8codecslookup LookupErrorencoding)r:metar&r&r'_set_content_type_paramsgs  z$HttpRequest._set_content_type_paramscCsltjrd|jvr|jd}|Sd|jvr|jd}|S|jd}|}||r+dndkr4d||f}|S)z Return the HTTP host using the environment or request headers. Skip allowed hosts protection, so may return an insecure host. HTTP_X_FORWARDED_HOST HTTP_HOST SERVER_NAME44380z%s:%s)r USE_X_FORWARDED_HOSTr1get_port is_secure)r:host server_portr&r&r' _get_raw_hostrs     zHttpRequest._get_raw_hostcCsn|}tj}tjr|sgd}t|\}}|rt||r|Sd|}|r/|d|7}t||d7}t|)z>Return the HTTP host using the environment or request headers.)z .localhostz 127.0.0.1z[::1]zInvalid HTTP_HOST header: %r.z) You may need to add %r to ALLOWED_HOSTS.zB The domain name provided is not valid according to RFC 1034/1035.)rbr ALLOWED_HOSTSDEBUGsplit_domain_port validate_hostr )r:r` allowed_hostsdomainportmsgr&r&r'get_hosts   zHttpRequest.get_hostcCs4tjrd|jvr|jd}t|S|jd}t|S)z3Return the port number for the request as a string.HTTP_X_FORWARDED_PORT SERVER_PORT)r USE_X_FORWARDED_PORTr1str)r:rir&r&r'r^s   zHttpRequest.get_portFcC||j|Sr?)_get_full_pathr3r:force_append_slashr&r&r'r<zHttpRequest.get_full_pathcCrpr?)rqr4rrr&r&r'get_full_path_infortzHttpRequest.get_full_path_infoc CsLdt||r |ds dnd|jddr"dt|jddfSdfS)N%s%s%s/r, QUERY_STRING?)rendswithr1rEr)r:r3rsr&r&r'rqs"zHttpRequest._get_full_pathr,cCstz|j|}Wnty|tur|YSwztj||dj||d}W|Stjy9|tur8|YSw)z Attempt to return a signed cookie. If the signature fails or the cookie has expired, raise an exception, unless the `default` argument is provided, in which case return that value. )salt)max_age)r0KeyError RAISE_ERRORr get_cookie_signerunsign BadSignature)r:keydefaultr{r| cookie_valuevaluer&r&r'get_signed_cookies" zHttpRequest.get_signed_cookiecCsdj|j||dS)z Return an absolute URI from variables available in this request. Skip allowed hosts protection, so may return insecure URI. z{scheme}://{host}{path})schemer`r3)formatrrbr<r9r&r&r' get_raw_uris zHttpRequest.get_raw_uricCs|dur d|}nt|}t|}|jr|jsL|jdrC|jsC|jsCd|jvrCd|jvrC|dr:|dd}|j|}t |St|j|j|}t |S)a Build an absolute URI from the location and the variables available in this request. If no ``location`` is specified, build the absolute URI using request.get_full_path(). If the location is absolute, convert it to an RFC 3987 compliant URI and return it. If location is relative or is scheme-relative (i.e., ``//example.com/``), urljoin() it to a base URL constructed from the request variables. Nz//%srwz/./z/../z//) r<rorrnetlocr3 startswith_current_scheme_hostrr)r:locationbitsr&r&r'build_absolute_uris     zHttpRequest.build_absolute_uricCsd|j|S)Nz{}://{})rrrkr9r&r&r'rsz HttpRequest._current_scheme_hostcCsdS)zf Hook for subclasses like WSGIRequest to implement. Return 'http' by default. httpr&r9r&r&r' _get_schemeszHttpRequest._get_schemecCsXtjr(ztj\}}Wn tytdw|j|}|dur(||kr&dSdS|S)NzJThe SECURE_PROXY_SSL_HEADER setting must be a tuple containing two values.httpsr)r SECURE_PROXY_SSL_HEADER ValueErrorr r1rEr)r:header secure_value header_valuer&r&r'rs  zHttpRequest.schemecCs |jdkS)Nr)rr9r&r&r'r_s zHttpRequest.is_securecCs tjdtdd|jddkS)Nzfrequest.is_ajax() is deprecated. See Django 3.1 release notes for more details about this deprecation.r) stacklevelHTTP_X_REQUESTED_WITHXMLHttpRequest)warningswarnrr1rEr9r&r&r'is_ajaxs zHttpRequest.is_ajaxcCs|jSr? _encodingr9r&r&r'rUszHttpRequest.encodingcCs*||_t|dr |`t|dr|`dSdS)z Set the encoding used for GET/POST accesses. If the GET or POST dictionary has already been created, remove and recreate it on the next access (so that it is decoded correctly). r._postN)rhasattrr.r)r:valr&r&r'rUs   csfddtjD_dS)Ncsg|]}t|qSr&)r load_handler)rHhandlerr9r&r' -sz4HttpRequest._initialize_handlers..)r FILE_UPLOAD_HANDLERS_upload_handlersr9r&r9r'_initialize_handlers,s  z HttpRequest._initialize_handlerscCs|js||jSr?)rrr9r&r&r'upload_handlers0szHttpRequest.upload_handlerscCst|dr td||_dS)N_fileszGYou cannot set the upload handlers after the upload has been processed.)rAttributeErrorr)r:rr&r&r'r7s  cCs*t|jdd|_t|||j|j}|S)z9Return a tuple of (POST QueryDict, FILES MultiValueDict).zEYou cannot alter upload handlers after the upload has been processed.)warning)rrrrUparse)r:r1 post_dataparserr&r&r'parse_file_upload=s zHttpRequest.parse_file_uploadc Cst|dsB|jr tdtjdur"t|jdpdtjkr"tdz| |_ Wnt y;}zt |j |d}~wwt|j |_|j S)N_bodyz?You cannot access body after reading from request's data streamCONTENT_LENGTHrz;Request body exceeded settings.DATA_UPLOAD_MAX_MEMORY_SIZE.)r _read_startedr(r DATA_UPLOAD_MAX_MEMORY_SIZEintr1rEr readrOSErrorr"argsr_stream)r:er&r&r'bodyFs    zHttpRequest.bodycCst|_t|_dSr?)r-rrrr9r&r&r'_mark_post_parse_errorXs z"HttpRequest._mark_post_parse_errorc Cs|jdkrt|jdt|_|_dS|jr!t|ds!|dS|j dkrPt|dr1t |j }n|}z| |j |\|_|_WdSttfyO|w|j dkret|j|jdt|_|_dSt|jdt|_|_dS)zFPopulate self._post and self._files if the content-type is a form typer/)rUNrzmultipart/form-dataz!application/x-www-form-urlencoded)r5r-rrrrrrrr7rrrr1rrr)r:datar&r&r'_load_post_and_files\s&      z HttpRequest._load_post_and_filescCs:t|drtdd|jDD]}|qdSdS)Nrcss|]}|dVqdS)rNr&)rHlist_r&r&r'rL{sz$HttpRequest.close..)rr from_iterablerlistsclose)r:fr&r&r'rys  zHttpRequest.closec O@d|_z |jj|i|WSty}zt|j|d}~wwNT)rrrrr"rr:rkwargsrr&r&r'r zHttpRequest.readc Orr)rrreadlinerr"rrr&r&r'rrzHttpRequest.readlinecCs t|jdS)N)iterrr9r&r&r'__iter__ zHttpRequest.__iter__cCst|Sr?)listr9r&r&r' readlinesszHttpRequest.readlines)Fr?)*r#r$r%r)rrr;r>rrArFrNrWrbrkr^r<rurqr~rrrrrpropertyrr_rrUsetterrrrrrrrrrrrr&r&r&r'r*:s^       $           r*cs@eZdZdZddhZfddZfddZedd ZZ S) r@HTTP_rOrcs<i}|D]\}}||}|r|||<qt|dSr?)itemsparse_header_namesuperr;)r:environrArrnamer=r&r'r;s zHttpHeaders.__init__cst|ddS)z:Allow header lookup using underscores in place of hyphens._-)r __getitem__replacer:rrr&r'rzHttpHeaders.__getitem__cCs>||jr|t|jd}n||jvrdS|ddS)Nrr)r HTTP_PREFIXlenUNPREFIXED_HEADERSrtitle)clsrr&r&r'rs  zHttpHeaders.parse_header_name) r#r$r%rrr;r classmethodr __classcell__r&r&rr'r@s  r@cseZdZdZdZdZd)fdd Zed*dd Ze d d Z e j d d Z d dZ fddZ fddZddZddZfddZd+fdd ZfddZfddZfdd Zfd!d"Zd+fd#d$ Zd%d&Zd+d'd(ZZS),r-a A specialized MultiValueDict which represents a query string. A QueryDict can be used to represent GET or POST data. It subclasses MultiValueDict since keys in such data can be repeated, for instance in the data from a form with a