o 3a$E@sddlZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z m Z mZmZmZmZmZmZmZmZmZmZddlmZddlmZddlmZddlm Z e d ej!Z"d #Z$d Z%d Z&d Z'dZ(dZ)dZ*e de%e'e(e*fZ+e de%e'e)e*fZ,e de'e&e*e(fZ-dZ.dZ/edIddZ0edJddZ1eddZ2eddZ3dKd!d"ZdLd#d$Z4d%d&Z5d'd(Z6d)d*Z7d+d,Z8d-d.Z9d/d0Z:d1d2Z;d3d4ZdKd9d:Z?dMdd?ZAdKd@dAZB B DdNdEdFZCdGdHZDdS)ON)Error formatdate) ParseResult SplitResult _coerce_args _splitnetloc _splitparamsquote quote_plus scheme_charsunquote unquote_plus urlencode uses_params)MultiValueDict)RemovedInDjango40Warning)keep_lazy_text)_lazy_re_compilez \A( # start of string and capture group (?:W/)? # optional weak indicator " # opening quote [^"]* # any sequence of non-quote characters " # end quote )\Z # end of string and capture group z/jan feb mar apr may jun jul aug sep oct nov decz(?P\d{2})z(?P[ \d]\d)z(?P\w{3})z(?P\d{4})z(?P\d{2})z-(?P\d{2}):(?P\d{2}):(?P\d{2})z^\w{3}, %s %s %s %s GMT$z^\w{6,9}, %s-%s-%s %s GMT$z^\w{3} %s %s %s %s$z:/?#[]@z !$&'()*+,;=/cCtjdtddt||S)z A legacy compatibility wrapper to Python's urllib.parse.quote() function. (was used for unicode handling on Python 2) zLdjango.utils.http.urlquote() is deprecated in favor of urllib.parse.quote(). stacklevel)warningswarnrr urlsafer3/usr/lib/python3/dist-packages/django/utils/http.pyurlquote-  r!cCr)z A legacy compatibility wrapper to Python's urllib.parse.quote_plus() function. (was used for unicode handling on Python 2) zVdjango.utils.http.urlquote_plus() is deprecated in favor of urllib.parse.quote_plus(),rr)rrrr rrrr urlquote_plus;r"r$cCtjdtddt|S)z A legacy compatibility wrapper to Python's urllib.parse.unquote() function. (was used for unicode handling on Python 2) zPdjango.utils.http.urlunquote() is deprecated in favor of urllib.parse.unquote().rr)rrrr  quoted_urlrrr urlunquoteI r(cCr%)z A legacy compatibility wrapper to Python's urllib.parse.unquote_plus() function. (was used for unicode handling on Python 2) zZdjango.utils.http.urlunquote_plus() is deprecated in favor of urllib.parse.unquote_plus().rr)rrrrr&rrr urlunquote_plusWr)r*Fc Cst|tr |}n t|dr|}g}|D]R\}}|dur%td||r.t|ttfr1|}n1zt|}Wn tyB|}Yn wg}|D]}|durStd|t|ts\t|}| |qG| ||fqt ||S)z A version of Python's urllib.parse.urlencode() function that can operate on MultiValueDict and non-string values. itemsNzjCannot encode None for key '%s' in a query string. Did you mean to pass an empty string or omit the value?) isinstancerlistshasattrr+ TypeErrorstrbytesiterappendoriginal_urlencode)querydoseq query_paramskeyvalue query_valitritemrrr res@         rcCs t|ddS)ao Format the time to match the RFC1123 date format as specified by HTTP RFC7231 section 7.1.1.1. `epoch_seconds` is a floating point number expressed in seconds since the epoch, in UTC - such as that outputted by time.time(). If set to None, it defaults to the current time. Output a string in the format 'Wdy, DD Mon YYYY HH:MM:SS GMT'. T)usegmtr) epoch_secondsrrr http_dates r?c CstttfD] }||}|durnqtd|z^t|d}|dkrCtjj}||d}||ddkr?||d7}n||7}t |d d}t|d}t|d }t|d } t|d } t||||| | } t | WSty} ztd || d} ~ ww) a Parse a date format as specified by HTTP RFC7231 section 7.1.1.1. The three formats allowed by the RFC are accepted, even if only the first one is still in widespread use. Return an integer expressed in seconds since the epoch, in UTC. Nz%%r is not in a valid HTTP date formatyeard2mondayhourminsecz%r is not a valid date) RFC1123_DATE RFC850_DATE ASCTIME_DATEmatch ValueErrorintdatetimeutcnowr@MONTHSindexlowercalendartimegm utctimetuple Exception) dateregexmr@ current_yearcurrent_centurymonthrErFrGrHresultexcrrr parse_http_dates2         r`cCs zt|WStyYdSw)zK Same as parse_http_date, but return None if the input is invalid. N)r`rW)rXrrr parse_http_date_safes   racCst|dkr tdt|dS)zf Convert a base 36 string to an int. Raise ValueError if the input won't fit into an int. zBase36 input too large$)lenrMrNsrrr base36_to_ints  rgcCsVd}|dkr td|dkr||Sd}|dkr)t|d\}}|||}|dks|S)z&Convert an integer to a base36 string.$0123456789abcdefghijklmnopqrstuvwxyzrz!Negative base36 conversion input.rcr#)rMdivmod)ichar_setb36nrrr int_to_base36s rncCst|ddS)ze Encode a bytestring to a base64 string for use in URLs. Strip any trailing equal signs. s =ascii)base64urlsafe_b64encoderstripdecodererrr urlsafe_base64_encodesrtc CsR|}zt|t|t|ddWSttfy(}zt|d}~ww)zn Decode a base64 encoded string. Add back any trailing equal signs that might have been stripped. =N)encoderpurlsafe_b64decodeljustrd LookupError BinasciiErrorrM)rferrr urlsafe_base64_decodes$r}cCs4|dkr dgSdd|dD}dd|DS)z Parse a string of ETags given in an If-None-Match or If-Match header as defined by RFC 7232. Return a list of quoted ETags, or ['*'] if all ETags should be matched. *css|] }t|VqdSN) ETAG_MATCHrLstrip).0etagrrr szparse_etags..,cSsg|]}|r|dqS)rDr)rrLrrr szparse_etags..)rsplit)etag_str etag_matchesrrr parse_etagss rcCst|r|Sd|S)z If the provided string is already a quoted ETag, return it. Otherwise, wrap the string in quotes, making it a strong ETag. z"%s")rrL)rrrr quote_etag s rcCs>|sdS|}|ddkr||p||ddkp||kS)a4 Return ``True`` if the host is either an exact match or a match to the wildcard pattern. Any pattern beginning with a period matches a domain and all of its subdomains. (e.g. ``.example.com`` matches ``example.com`` and ``foo.example.com``). Anything else is an exact string match. Fr.rDN)rSendswith)hostpatternrrr is_same_domains  &rcCs\|dur|}|s dS|durt}nt|tr|h}t|||do-t|dd||dS)a Return ``True`` if the url uses an allowed host and a safe scheme. Always return ``False`` on an empty url. If ``require_https`` is ``True``, only 'https' will be considered a valid scheme, as opposed to 'http' and 'https' with the default, ``False``. Note: "True" doesn't entail that a URL is "safe". It may still be e.g. quoted incorrectly. Ensure to also use django.utils.encoding.iri_to_uri() on the path component of untrusted URLs. NF) require_https\r)rsetr,r0 _url_has_allowed_host_and_schemereplacer allowed_hostsrrrr url_has_allowed_host_and_scheme+s  rcCstjdtddt|||S)Nz\django.utils.http.is_safe_url() is deprecated in favor of url_has_allowed_host_and_scheme().rr)rrrrrrrr is_safe_urlHs  rTc Csft||\}}}t|||}|\}}}}}|tvr$d|vr$t|\}}nd}t||||||} || S)a#Parse a URL into 6 components: :///;?# Return a 6-tuple: (scheme, netloc, path, params, query, fragment). Note that we don't break the components up in smaller bits (e.g. netloc is a single string) and we don't expand % escapes.;r#)r _urlsplitrr r) rschemeallow_fragments_coerce_result splitresultnetlocr5fragmentparamsr^rrr _urlparseRs rc Cst||\}}}d}}}|d}|dkr7|d|D]}|tvr%nq|d|||dd}}|dddkrZt|d\}}d|vrNd |vsVd |vrZd|vrZtd |rhd |vrh|d d\}}d |vrt|d d\}}t|||||} || S) aParse a URL into 5 components: :///?# Return a 5-tuple: (scheme, netloc, path, query, fragment). Note that we don't break the components up in smaller bits (e.g. netloc is a single string) and we don't expand % escapes.r#:rNrDr//[]zInvalid IPv6 URL#?)rfindr rSrrMrr) rrrrrr5rrjcvrrr res(  " rcCs|drdSzt|}Wn tyYdSw|js |jr dSt|dddkr-dS|j}|js8|jr8d}|r=dgnddg}|j sJ|j|voP| pP||vS)Nz///FrChttphttps) startswithrrMrr unicodedatacategory)rrrurl_infor valid_schemesrrr rs$      rutf-8r&cCs"t|\}}|rt|ttfstd|dur&d||}||kr&tddd||D} g} | D]Z} | s;|s;q4| dd} t| dkrY|rPtd | f|rX| d nq4t| dsa|r| d  d d } t | ||d} || } | d d d }t |||d}||}| | |fq4| S)a Return a list of key/value tuples parsed from query string. Backport of urllib.parse.parse_qsl() from Python 3.8.8. Copyright (C) 2021 Python Software Foundation (see LICENSE.python). ---- Parse a query given as a string argument. Arguments: qs: percent-encoded query string to be parsed keep_blank_values: flag indicating whether blank values in percent-encoded queries should be treated as blank strings. A true value indicates that blanks should be retained as blank strings. The default false value indicates that blank values are to be ignored and treated as if they were not included. strict_parsing: flag indicating what to do with parsing errors. If false (the default), errors are silently ignored. If true, errors raise a ValueError exception. encoding and errors: specify how to decode percent-encoded sequences into Unicode characters, as accepted by the bytes.decode() method. max_num_fields: int. If set, then throws a ValueError if there are more than n fields read by parse_qsl(). separator: str. The symbol to use for separating the query arguments. Defaults to &. Returns a list, as G-d intended. z*Separator must be of type string or bytes.NrDzMax number of fields exceededcSsg|]}|qSrr)rs1rrr rszparse_qsl..=rzbad query field: %rr#r+ )encodingerrors) rr,r0r1rMcountrrdr3rr )qskeep_blank_valuesstrict_parsingrrmax_num_fields separatorr num_fieldspairsr name_valuenvnamer9rrr parse_qsls: '   rcCs |drd|dd}|S)z If redirecting to an absolute path (two leading slashes), a slash must be escaped to prevent browsers from handling the path as schemaless and redirecting to another host. rz/%2F{}rN)rformat)rrrr escape_leading_slashess r)r)r#)Fr)r#T)FFrrNr)ErprTrOrerrbinasciirr{ email.utilsr urllib.parserrrrr r r r r rrr4rdjango.utils.datastructuresrdjango.utils.deprecationrdjango.utils.functionalrdjango.utils.regex_helperrXrrrQ__D__D2__M__Y__Y2__TrIrJrKRFC3986_GENDELIMSRFC3986_SUBDELIMSr!r$r(r*r?r`rargrnrtr}rrrrrrrrrrrrrr sp  8          )(        M