2022-09-17 15:26:13 +03:00
|
|
|
r"""HTTP/1.1 client library
|
|
|
|
|
|
|
|
<intro stuff goes here>
|
|
|
|
<other stuff, too>
|
|
|
|
|
|
|
|
HTTPConnection goes through a number of "states", which define when a client
|
|
|
|
may legally make another request or fetch the response for a particular
|
|
|
|
request. This diagram details these state transitions:
|
|
|
|
|
|
|
|
(null)
|
|
|
|
|
|
|
|
|
| HTTPConnection()
|
|
|
|
v
|
|
|
|
Idle
|
|
|
|
|
|
|
|
|
| putrequest()
|
|
|
|
v
|
|
|
|
Request-started
|
|
|
|
|
|
|
|
|
| ( putheader() )* endheaders()
|
|
|
|
v
|
|
|
|
Request-sent
|
|
|
|
|\_____________________________
|
|
|
|
| | getresponse() raises
|
|
|
|
| response = getresponse() | ConnectionError
|
|
|
|
v v
|
|
|
|
Unread-response Idle
|
|
|
|
[Response-headers-read]
|
|
|
|
|\____________________
|
|
|
|
| |
|
|
|
|
| response.read() | putrequest()
|
|
|
|
v v
|
|
|
|
Idle Req-started-unread-response
|
|
|
|
______/|
|
|
|
|
/ |
|
|
|
|
response.read() | | ( putheader() )* endheaders()
|
|
|
|
v v
|
|
|
|
Request-started Req-sent-unread-response
|
|
|
|
|
|
|
|
|
| response.read()
|
|
|
|
v
|
|
|
|
Request-sent
|
|
|
|
|
|
|
|
This diagram presents the following rules:
|
|
|
|
-- a second request may not be started until {response-headers-read}
|
|
|
|
-- a response [object] cannot be retrieved until {request-sent}
|
|
|
|
-- there is no differentiation between an unread response body and a
|
|
|
|
partially read response body
|
|
|
|
|
|
|
|
Note: this enforcement is applied by the HTTPConnection class. The
|
|
|
|
HTTPResponse class does not enforce this state machine, which
|
|
|
|
implies sophisticated clients may accelerate the request/response
|
|
|
|
pipeline. Caution should be taken, though: accelerating the states
|
|
|
|
beyond the above pattern may imply knowledge of the server's
|
|
|
|
connection-close behavior for certain requests. For example, it
|
|
|
|
is impossible to tell whether the server will close the connection
|
|
|
|
UNTIL the response headers have been read; this means that further
|
|
|
|
requests cannot be placed into the pipeline until it is known that
|
|
|
|
the server will NOT be closing the connection.
|
|
|
|
|
|
|
|
Logical State __state __response
|
|
|
|
------------- ------- ----------
|
|
|
|
Idle _CS_IDLE None
|
|
|
|
Request-started _CS_REQ_STARTED None
|
|
|
|
Request-sent _CS_REQ_SENT None
|
|
|
|
Unread-response _CS_IDLE <response_class>
|
|
|
|
Req-started-unread-response _CS_REQ_STARTED <response_class>
|
|
|
|
Req-sent-unread-response _CS_REQ_SENT <response_class>
|
|
|
|
"""
|
|
|
|
|
|
|
|
import email.parser
|
|
|
|
import email.message
|
2022-10-09 16:27:10 +03:00
|
|
|
import errno
|
2022-09-17 15:26:13 +03:00
|
|
|
import http
|
|
|
|
import io
|
|
|
|
import re
|
|
|
|
import socket
|
2022-10-09 16:27:10 +03:00
|
|
|
import sys
|
2022-09-17 15:26:13 +03:00
|
|
|
import collections.abc
|
|
|
|
from urllib.parse import urlsplit
|
|
|
|
|
|
|
|
# HTTPMessage, parse_headers(), and the HTTP status code constants are
|
|
|
|
# intentionally omitted for simplicity
|
|
|
|
__all__ = ["HTTPResponse", "HTTPConnection",
|
|
|
|
"HTTPException", "NotConnected", "UnknownProtocol",
|
|
|
|
"UnknownTransferEncoding", "UnimplementedFileMode",
|
|
|
|
"IncompleteRead", "InvalidURL", "ImproperConnectionState",
|
|
|
|
"CannotSendRequest", "CannotSendHeader", "ResponseNotReady",
|
|
|
|
"BadStatusLine", "LineTooLong", "RemoteDisconnected", "error",
|
|
|
|
"responses"]
|
|
|
|
|
|
|
|
HTTP_PORT = 80
|
|
|
|
HTTPS_PORT = 443
|
|
|
|
|
|
|
|
_UNKNOWN = 'UNKNOWN'
|
|
|
|
|
|
|
|
# connection states
|
|
|
|
_CS_IDLE = 'Idle'
|
|
|
|
_CS_REQ_STARTED = 'Request-started'
|
|
|
|
_CS_REQ_SENT = 'Request-sent'
|
|
|
|
|
|
|
|
|
|
|
|
# hack to maintain backwards compatibility
|
|
|
|
globals().update(http.HTTPStatus.__members__)
|
|
|
|
|
|
|
|
# another hack to maintain backwards compatibility
|
|
|
|
# Mapping status codes to official W3C names
|
|
|
|
responses = {v: v.phrase for v in http.HTTPStatus.__members__.values()}
|
|
|
|
|
|
|
|
# maximal line length when calling readline().
|
|
|
|
_MAXLINE = 65536
|
|
|
|
_MAXHEADERS = 100
|
|
|
|
|
|
|
|
# Header name/value ABNF (http://tools.ietf.org/html/rfc7230#section-3.2)
|
|
|
|
#
|
|
|
|
# VCHAR = %x21-7E
|
|
|
|
# obs-text = %x80-FF
|
|
|
|
# header-field = field-name ":" OWS field-value OWS
|
|
|
|
# field-name = token
|
|
|
|
# field-value = *( field-content / obs-fold )
|
|
|
|
# field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]
|
|
|
|
# field-vchar = VCHAR / obs-text
|
|
|
|
#
|
|
|
|
# obs-fold = CRLF 1*( SP / HTAB )
|
|
|
|
# ; obsolete line folding
|
|
|
|
# ; see Section 3.2.4
|
|
|
|
|
|
|
|
# token = 1*tchar
|
|
|
|
#
|
|
|
|
# tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*"
|
|
|
|
# / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~"
|
|
|
|
# / DIGIT / ALPHA
|
|
|
|
# ; any VCHAR, except delimiters
|
|
|
|
#
|
|
|
|
# VCHAR defined in http://tools.ietf.org/html/rfc5234#appendix-B.1
|
|
|
|
|
|
|
|
# the patterns for both name and value are more lenient than RFC
|
|
|
|
# definitions to allow for backwards compatibility
|
|
|
|
_is_legal_header_name = re.compile(rb'[^:\s][^:\r\n]*').fullmatch
|
|
|
|
_is_illegal_header_value = re.compile(rb'\n(?![ \t])|\r(?![ \t\n])').search
|
|
|
|
|
|
|
|
# These characters are not allowed within HTTP URL paths.
|
|
|
|
# See https://tools.ietf.org/html/rfc3986#section-3.3 and the
|
|
|
|
# https://tools.ietf.org/html/rfc3986#appendix-A pchar definition.
|
|
|
|
# Prevents CVE-2019-9740. Includes control characters such as \r\n.
|
|
|
|
# We don't restrict chars above \x7f as putrequest() limits us to ASCII.
|
|
|
|
_contains_disallowed_url_pchar_re = re.compile('[\x00-\x20\x7f]')
|
|
|
|
# Arguably only these _should_ allowed:
|
|
|
|
# _is_allowed_url_pchars_re = re.compile(r"^[/!$&'()*+,;=:@%a-zA-Z0-9._~-]+$")
|
|
|
|
# We are more lenient for assumed real world compatibility purposes.
|
|
|
|
|
|
|
|
# These characters are not allowed within HTTP method names
|
|
|
|
# to prevent http header injection.
|
|
|
|
_contains_disallowed_method_pchar_re = re.compile('[\x00-\x1f]')
|
|
|
|
|
|
|
|
# We always set the Content-Length header for these methods because some
|
|
|
|
# servers will otherwise respond with a 411
|
|
|
|
_METHODS_EXPECTING_BODY = {'PATCH', 'POST', 'PUT'}
|
|
|
|
|
|
|
|
|
|
|
|
def _encode(data, name='data'):
|
|
|
|
"""Call data.encode("latin-1") but show a better error message."""
|
|
|
|
try:
|
|
|
|
return data.encode("latin-1")
|
|
|
|
except UnicodeEncodeError as err:
|
|
|
|
raise UnicodeEncodeError(
|
|
|
|
err.encoding,
|
|
|
|
err.object,
|
|
|
|
err.start,
|
|
|
|
err.end,
|
|
|
|
"%s (%.20r) is not valid Latin-1. Use %s.encode('utf-8') "
|
|
|
|
"if you want to send it encoded in UTF-8." %
|
|
|
|
(name.title(), data[err.start:err.end], name)) from None
|
|
|
|
|
|
|
|
|
|
|
|
class HTTPMessage(email.message.Message):
|
|
|
|
# XXX The only usage of this method is in
|
|
|
|
# http.server.CGIHTTPRequestHandler. Maybe move the code there so
|
|
|
|
# that it doesn't need to be part of the public API. The API has
|
|
|
|
# never been defined so this could cause backwards compatibility
|
|
|
|
# issues.
|
|
|
|
|
|
|
|
def getallmatchingheaders(self, name):
|
|
|
|
"""Find all header lines matching a given header name.
|
|
|
|
|
|
|
|
Look through the list of headers and find all lines matching a given
|
|
|
|
header name (and their continuation lines). A list of the lines is
|
|
|
|
returned, without interpretation. If the header does not occur, an
|
|
|
|
empty list is returned. If the header occurs multiple times, all
|
|
|
|
occurrences are returned. Case is not important in the header name.
|
|
|
|
|
|
|
|
"""
|
|
|
|
name = name.lower() + ':'
|
|
|
|
n = len(name)
|
|
|
|
lst = []
|
|
|
|
hit = 0
|
|
|
|
for line in self.keys():
|
|
|
|
if line[:n].lower() == name:
|
|
|
|
hit = 1
|
|
|
|
elif not line[:1].isspace():
|
|
|
|
hit = 0
|
|
|
|
if hit:
|
|
|
|
lst.append(line)
|
|
|
|
return lst
|
|
|
|
|
|
|
|
def _read_headers(fp):
|
|
|
|
"""Reads potential header lines into a list from a file pointer.
|
|
|
|
|
|
|
|
Length of line is limited by _MAXLINE, and number of
|
|
|
|
headers is limited by _MAXHEADERS.
|
|
|
|
"""
|
|
|
|
headers = []
|
|
|
|
while True:
|
|
|
|
line = fp.readline(_MAXLINE + 1)
|
|
|
|
if len(line) > _MAXLINE:
|
|
|
|
raise LineTooLong("header line")
|
|
|
|
headers.append(line)
|
|
|
|
if len(headers) > _MAXHEADERS:
|
|
|
|
raise HTTPException("got more than %d headers" % _MAXHEADERS)
|
|
|
|
if line in (b'\r\n', b'\n', b''):
|
|
|
|
break
|
|
|
|
return headers
|
|
|
|
|
|
|
|
def parse_headers(fp, _class=HTTPMessage):
|
|
|
|
"""Parses only RFC2822 headers from a file pointer.
|
|
|
|
|
|
|
|
email Parser wants to see strings rather than bytes.
|
|
|
|
But a TextIOWrapper around self.rfile would buffer too many bytes
|
|
|
|
from the stream, bytes which we later need to read as bytes.
|
|
|
|
So we read the correct bytes here, as bytes, for email Parser
|
|
|
|
to parse.
|
|
|
|
|
|
|
|
"""
|
|
|
|
headers = _read_headers(fp)
|
|
|
|
hstring = b''.join(headers).decode('iso-8859-1')
|
|
|
|
return email.parser.Parser(_class=_class).parsestr(hstring)
|
|
|
|
|
|
|
|
|
|
|
|
class HTTPResponse(io.BufferedIOBase):
|
|
|
|
|
|
|
|
# See RFC 2616 sec 19.6 and RFC 1945 sec 6 for details.
|
|
|
|
|
|
|
|
# The bytes from the socket object are iso-8859-1 strings.
|
|
|
|
# See RFC 2616 sec 2.2 which notes an exception for MIME-encoded
|
|
|
|
# text following RFC 2047. The basic status line parsing only
|
|
|
|
# accepts iso-8859-1.
|
|
|
|
|
|
|
|
def __init__(self, sock, debuglevel=0, method=None, url=None):
|
|
|
|
# If the response includes a content-length header, we need to
|
|
|
|
# make sure that the client doesn't read more than the
|
|
|
|
# specified number of bytes. If it does, it will block until
|
|
|
|
# the server times out and closes the connection. This will
|
|
|
|
# happen if a self.fp.read() is done (without a size) whether
|
|
|
|
# self.fp is buffered or not. So, no self.fp.read() by
|
|
|
|
# clients unless they know what they are doing.
|
|
|
|
self.fp = sock.makefile("rb")
|
|
|
|
self.debuglevel = debuglevel
|
|
|
|
self._method = method
|
|
|
|
|
|
|
|
# The HTTPResponse object is returned via urllib. The clients
|
|
|
|
# of http and urllib expect different attributes for the
|
|
|
|
# headers. headers is used here and supports urllib. msg is
|
|
|
|
# provided as a backwards compatibility layer for http
|
|
|
|
# clients.
|
|
|
|
|
|
|
|
self.headers = self.msg = None
|
|
|
|
|
|
|
|
# from the Status-Line of the response
|
|
|
|
self.version = _UNKNOWN # HTTP-Version
|
|
|
|
self.status = _UNKNOWN # Status-Code
|
|
|
|
self.reason = _UNKNOWN # Reason-Phrase
|
|
|
|
|
|
|
|
self.chunked = _UNKNOWN # is "chunked" being used?
|
|
|
|
self.chunk_left = _UNKNOWN # bytes left to read in current chunk
|
|
|
|
self.length = _UNKNOWN # number of bytes left in response
|
|
|
|
self.will_close = _UNKNOWN # conn will close at end of response
|
|
|
|
|
|
|
|
def _read_status(self):
|
|
|
|
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
|
|
|
|
if len(line) > _MAXLINE:
|
|
|
|
raise LineTooLong("status line")
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
print("reply:", repr(line))
|
|
|
|
if not line:
|
|
|
|
# Presumably, the server closed the connection before
|
|
|
|
# sending a valid response.
|
|
|
|
raise RemoteDisconnected("Remote end closed connection without"
|
|
|
|
" response")
|
|
|
|
try:
|
|
|
|
version, status, reason = line.split(None, 2)
|
|
|
|
except ValueError:
|
|
|
|
try:
|
|
|
|
version, status = line.split(None, 1)
|
|
|
|
reason = ""
|
|
|
|
except ValueError:
|
|
|
|
# empty version will cause next test to fail.
|
|
|
|
version = ""
|
|
|
|
if not version.startswith("HTTP/"):
|
|
|
|
self._close_conn()
|
|
|
|
raise BadStatusLine(line)
|
|
|
|
|
|
|
|
# The status code is a three-digit number
|
|
|
|
try:
|
|
|
|
status = int(status)
|
|
|
|
if status < 100 or status > 999:
|
|
|
|
raise BadStatusLine(line)
|
|
|
|
except ValueError:
|
|
|
|
raise BadStatusLine(line)
|
|
|
|
return version, status, reason
|
|
|
|
|
|
|
|
def begin(self):
|
|
|
|
if self.headers is not None:
|
|
|
|
# we've already started reading the response
|
|
|
|
return
|
|
|
|
|
|
|
|
# read until we get a non-100 response
|
|
|
|
while True:
|
|
|
|
version, status, reason = self._read_status()
|
|
|
|
if status != CONTINUE:
|
|
|
|
break
|
|
|
|
# skip the header from the 100 response
|
|
|
|
skipped_headers = _read_headers(self.fp)
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
print("headers:", skipped_headers)
|
|
|
|
del skipped_headers
|
|
|
|
|
|
|
|
self.code = self.status = status
|
|
|
|
self.reason = reason.strip()
|
|
|
|
if version in ("HTTP/1.0", "HTTP/0.9"):
|
|
|
|
# Some servers might still return "0.9", treat it as 1.0 anyway
|
|
|
|
self.version = 10
|
|
|
|
elif version.startswith("HTTP/1."):
|
|
|
|
self.version = 11 # use HTTP/1.1 code for HTTP/1.x where x>=1
|
|
|
|
else:
|
|
|
|
raise UnknownProtocol(version)
|
|
|
|
|
|
|
|
self.headers = self.msg = parse_headers(self.fp)
|
|
|
|
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
for hdr, val in self.headers.items():
|
|
|
|
print("header:", hdr + ":", val)
|
|
|
|
|
|
|
|
# are we using the chunked-style of transfer encoding?
|
|
|
|
tr_enc = self.headers.get("transfer-encoding")
|
|
|
|
if tr_enc and tr_enc.lower() == "chunked":
|
|
|
|
self.chunked = True
|
|
|
|
self.chunk_left = None
|
|
|
|
else:
|
|
|
|
self.chunked = False
|
|
|
|
|
|
|
|
# will the connection close at the end of the response?
|
|
|
|
self.will_close = self._check_close()
|
|
|
|
|
|
|
|
# do we have a Content-Length?
|
|
|
|
# NOTE: RFC 2616, S4.4, #3 says we ignore this if tr_enc is "chunked"
|
|
|
|
self.length = None
|
|
|
|
length = self.headers.get("content-length")
|
|
|
|
if length and not self.chunked:
|
|
|
|
try:
|
|
|
|
self.length = int(length)
|
|
|
|
except ValueError:
|
|
|
|
self.length = None
|
|
|
|
else:
|
|
|
|
if self.length < 0: # ignore nonsensical negative lengths
|
|
|
|
self.length = None
|
|
|
|
else:
|
|
|
|
self.length = None
|
|
|
|
|
|
|
|
# does the body have a fixed length? (of zero)
|
|
|
|
if (status == NO_CONTENT or status == NOT_MODIFIED or
|
|
|
|
100 <= status < 200 or # 1xx codes
|
|
|
|
self._method == "HEAD"):
|
|
|
|
self.length = 0
|
|
|
|
|
|
|
|
# if the connection remains open, and we aren't using chunked, and
|
|
|
|
# a content-length was not provided, then assume that the connection
|
|
|
|
# WILL close.
|
|
|
|
if (not self.will_close and
|
|
|
|
not self.chunked and
|
|
|
|
self.length is None):
|
|
|
|
self.will_close = True
|
|
|
|
|
|
|
|
def _check_close(self):
|
|
|
|
conn = self.headers.get("connection")
|
|
|
|
if self.version == 11:
|
|
|
|
# An HTTP/1.1 proxy is assumed to stay open unless
|
|
|
|
# explicitly closed.
|
|
|
|
if conn and "close" in conn.lower():
|
|
|
|
return True
|
|
|
|
return False
|
|
|
|
|
|
|
|
# Some HTTP/1.0 implementations have support for persistent
|
|
|
|
# connections, using rules different than HTTP/1.1.
|
|
|
|
|
|
|
|
# For older HTTP, Keep-Alive indicates persistent connection.
|
|
|
|
if self.headers.get("keep-alive"):
|
|
|
|
return False
|
|
|
|
|
|
|
|
# At least Akamai returns a "Connection: Keep-Alive" header,
|
|
|
|
# which was supposed to be sent by the client.
|
|
|
|
if conn and "keep-alive" in conn.lower():
|
|
|
|
return False
|
|
|
|
|
|
|
|
# Proxy-Connection is a netscape hack.
|
|
|
|
pconn = self.headers.get("proxy-connection")
|
|
|
|
if pconn and "keep-alive" in pconn.lower():
|
|
|
|
return False
|
|
|
|
|
|
|
|
# otherwise, assume it will close
|
|
|
|
return True
|
|
|
|
|
|
|
|
def _close_conn(self):
|
|
|
|
fp = self.fp
|
|
|
|
self.fp = None
|
|
|
|
fp.close()
|
|
|
|
|
|
|
|
def close(self):
|
|
|
|
try:
|
|
|
|
super().close() # set "closed" flag
|
|
|
|
finally:
|
|
|
|
if self.fp:
|
|
|
|
self._close_conn()
|
|
|
|
|
|
|
|
# These implementations are for the benefit of io.BufferedReader.
|
|
|
|
|
|
|
|
# XXX This class should probably be revised to act more like
|
|
|
|
# the "raw stream" that BufferedReader expects.
|
|
|
|
|
|
|
|
def flush(self):
|
|
|
|
super().flush()
|
|
|
|
if self.fp:
|
|
|
|
self.fp.flush()
|
|
|
|
|
|
|
|
def readable(self):
|
|
|
|
"""Always returns True"""
|
|
|
|
return True
|
|
|
|
|
|
|
|
# End of "raw stream" methods
|
|
|
|
|
|
|
|
def isclosed(self):
|
|
|
|
"""True if the connection is closed."""
|
|
|
|
# NOTE: it is possible that we will not ever call self.close(). This
|
|
|
|
# case occurs when will_close is TRUE, length is None, and we
|
|
|
|
# read up to the last byte, but NOT past it.
|
|
|
|
#
|
|
|
|
# IMPLIES: if will_close is FALSE, then self.close() will ALWAYS be
|
|
|
|
# called, meaning self.isclosed() is meaningful.
|
|
|
|
return self.fp is None
|
|
|
|
|
|
|
|
def read(self, amt=None):
|
|
|
|
if self.fp is None:
|
|
|
|
return b""
|
|
|
|
|
|
|
|
if self._method == "HEAD":
|
|
|
|
self._close_conn()
|
|
|
|
return b""
|
|
|
|
|
2022-10-09 16:27:10 +03:00
|
|
|
if self.chunked:
|
|
|
|
return self._read_chunked(amt)
|
|
|
|
|
2022-09-17 15:26:13 +03:00
|
|
|
if amt is not None:
|
2022-10-09 16:27:10 +03:00
|
|
|
if self.length is not None and amt > self.length:
|
|
|
|
# clip the read to the "end of response"
|
|
|
|
amt = self.length
|
|
|
|
s = self.fp.read(amt)
|
|
|
|
if not s and amt:
|
|
|
|
# Ideally, we would raise IncompleteRead if the content-length
|
|
|
|
# wasn't satisfied, but it might break compatibility.
|
|
|
|
self._close_conn()
|
|
|
|
elif self.length is not None:
|
|
|
|
self.length -= len(s)
|
|
|
|
if not self.length:
|
|
|
|
self._close_conn()
|
|
|
|
return s
|
2022-09-17 15:26:13 +03:00
|
|
|
else:
|
|
|
|
# Amount is not given (unbounded read) so we must check self.length
|
|
|
|
if self.length is None:
|
|
|
|
s = self.fp.read()
|
|
|
|
else:
|
|
|
|
try:
|
|
|
|
s = self._safe_read(self.length)
|
|
|
|
except IncompleteRead:
|
|
|
|
self._close_conn()
|
|
|
|
raise
|
|
|
|
self.length = 0
|
|
|
|
self._close_conn() # we read everything
|
|
|
|
return s
|
|
|
|
|
|
|
|
def readinto(self, b):
|
|
|
|
"""Read up to len(b) bytes into bytearray b and return the number
|
|
|
|
of bytes read.
|
|
|
|
"""
|
|
|
|
|
|
|
|
if self.fp is None:
|
|
|
|
return 0
|
|
|
|
|
|
|
|
if self._method == "HEAD":
|
|
|
|
self._close_conn()
|
|
|
|
return 0
|
|
|
|
|
|
|
|
if self.chunked:
|
|
|
|
return self._readinto_chunked(b)
|
|
|
|
|
|
|
|
if self.length is not None:
|
|
|
|
if len(b) > self.length:
|
|
|
|
# clip the read to the "end of response"
|
|
|
|
b = memoryview(b)[0:self.length]
|
|
|
|
|
|
|
|
# we do not use _safe_read() here because this may be a .will_close
|
|
|
|
# connection, and the user is reading more bytes than will be provided
|
|
|
|
# (for example, reading in 1k chunks)
|
|
|
|
n = self.fp.readinto(b)
|
|
|
|
if not n and b:
|
|
|
|
# Ideally, we would raise IncompleteRead if the content-length
|
|
|
|
# wasn't satisfied, but it might break compatibility.
|
|
|
|
self._close_conn()
|
|
|
|
elif self.length is not None:
|
|
|
|
self.length -= n
|
|
|
|
if not self.length:
|
|
|
|
self._close_conn()
|
|
|
|
return n
|
|
|
|
|
|
|
|
def _read_next_chunk_size(self):
|
|
|
|
# Read the next chunk size from the file
|
|
|
|
line = self.fp.readline(_MAXLINE + 1)
|
|
|
|
if len(line) > _MAXLINE:
|
|
|
|
raise LineTooLong("chunk size")
|
|
|
|
i = line.find(b";")
|
|
|
|
if i >= 0:
|
|
|
|
line = line[:i] # strip chunk-extensions
|
|
|
|
try:
|
|
|
|
return int(line, 16)
|
|
|
|
except ValueError:
|
|
|
|
# close the connection as protocol synchronisation is
|
|
|
|
# probably lost
|
|
|
|
self._close_conn()
|
|
|
|
raise
|
|
|
|
|
|
|
|
def _read_and_discard_trailer(self):
|
|
|
|
# read and discard trailer up to the CRLF terminator
|
|
|
|
### note: we shouldn't have any trailers!
|
|
|
|
while True:
|
|
|
|
line = self.fp.readline(_MAXLINE + 1)
|
|
|
|
if len(line) > _MAXLINE:
|
|
|
|
raise LineTooLong("trailer line")
|
|
|
|
if not line:
|
|
|
|
# a vanishingly small number of sites EOF without
|
|
|
|
# sending the trailer
|
|
|
|
break
|
|
|
|
if line in (b'\r\n', b'\n', b''):
|
|
|
|
break
|
|
|
|
|
|
|
|
def _get_chunk_left(self):
|
|
|
|
# return self.chunk_left, reading a new chunk if necessary.
|
|
|
|
# chunk_left == 0: at the end of the current chunk, need to close it
|
|
|
|
# chunk_left == None: No current chunk, should read next.
|
|
|
|
# This function returns non-zero or None if the last chunk has
|
|
|
|
# been read.
|
|
|
|
chunk_left = self.chunk_left
|
|
|
|
if not chunk_left: # Can be 0 or None
|
|
|
|
if chunk_left is not None:
|
|
|
|
# We are at the end of chunk, discard chunk end
|
|
|
|
self._safe_read(2) # toss the CRLF at the end of the chunk
|
|
|
|
try:
|
|
|
|
chunk_left = self._read_next_chunk_size()
|
|
|
|
except ValueError:
|
|
|
|
raise IncompleteRead(b'')
|
|
|
|
if chunk_left == 0:
|
|
|
|
# last chunk: 1*("0") [ chunk-extension ] CRLF
|
|
|
|
self._read_and_discard_trailer()
|
|
|
|
# we read everything; close the "file"
|
|
|
|
self._close_conn()
|
|
|
|
chunk_left = None
|
|
|
|
self.chunk_left = chunk_left
|
|
|
|
return chunk_left
|
|
|
|
|
2022-10-09 16:27:10 +03:00
|
|
|
def _read_chunked(self, amt=None):
|
2022-09-17 15:26:13 +03:00
|
|
|
assert self.chunked != _UNKNOWN
|
|
|
|
value = []
|
|
|
|
try:
|
|
|
|
while True:
|
|
|
|
chunk_left = self._get_chunk_left()
|
|
|
|
if chunk_left is None:
|
|
|
|
break
|
2022-10-09 16:27:10 +03:00
|
|
|
|
|
|
|
if amt is not None and amt <= chunk_left:
|
|
|
|
value.append(self._safe_read(amt))
|
|
|
|
self.chunk_left = chunk_left - amt
|
|
|
|
break
|
|
|
|
|
2022-09-17 15:26:13 +03:00
|
|
|
value.append(self._safe_read(chunk_left))
|
2022-10-09 16:27:10 +03:00
|
|
|
if amt is not None:
|
|
|
|
amt -= chunk_left
|
2022-09-17 15:26:13 +03:00
|
|
|
self.chunk_left = 0
|
|
|
|
return b''.join(value)
|
|
|
|
except IncompleteRead:
|
|
|
|
raise IncompleteRead(b''.join(value))
|
|
|
|
|
|
|
|
def _readinto_chunked(self, b):
|
|
|
|
assert self.chunked != _UNKNOWN
|
|
|
|
total_bytes = 0
|
|
|
|
mvb = memoryview(b)
|
|
|
|
try:
|
|
|
|
while True:
|
|
|
|
chunk_left = self._get_chunk_left()
|
|
|
|
if chunk_left is None:
|
|
|
|
return total_bytes
|
|
|
|
|
|
|
|
if len(mvb) <= chunk_left:
|
|
|
|
n = self._safe_readinto(mvb)
|
|
|
|
self.chunk_left = chunk_left - n
|
|
|
|
return total_bytes + n
|
|
|
|
|
|
|
|
temp_mvb = mvb[:chunk_left]
|
|
|
|
n = self._safe_readinto(temp_mvb)
|
|
|
|
mvb = mvb[n:]
|
|
|
|
total_bytes += n
|
|
|
|
self.chunk_left = 0
|
|
|
|
|
|
|
|
except IncompleteRead:
|
|
|
|
raise IncompleteRead(bytes(b[0:total_bytes]))
|
|
|
|
|
|
|
|
def _safe_read(self, amt):
|
2022-10-09 16:27:10 +03:00
|
|
|
"""Read the number of bytes requested.
|
2022-09-17 15:26:13 +03:00
|
|
|
|
|
|
|
This function should be used when <amt> bytes "should" be present for
|
|
|
|
reading. If the bytes are truly not available (due to EOF), then the
|
|
|
|
IncompleteRead exception can be used to detect the problem.
|
|
|
|
"""
|
2022-10-09 16:27:10 +03:00
|
|
|
data = self.fp.read(amt)
|
|
|
|
if len(data) < amt:
|
|
|
|
raise IncompleteRead(data, amt-len(data))
|
|
|
|
return data
|
2022-09-17 15:26:13 +03:00
|
|
|
|
|
|
|
def _safe_readinto(self, b):
|
|
|
|
"""Same as _safe_read, but for reading into a buffer."""
|
2022-10-09 16:27:10 +03:00
|
|
|
amt = len(b)
|
|
|
|
n = self.fp.readinto(b)
|
|
|
|
if n < amt:
|
|
|
|
raise IncompleteRead(bytes(b[:n]), amt-n)
|
|
|
|
return n
|
2022-09-17 15:26:13 +03:00
|
|
|
|
|
|
|
def read1(self, n=-1):
|
|
|
|
"""Read with at most one underlying system call. If at least one
|
|
|
|
byte is buffered, return that instead.
|
|
|
|
"""
|
|
|
|
if self.fp is None or self._method == "HEAD":
|
|
|
|
return b""
|
|
|
|
if self.chunked:
|
|
|
|
return self._read1_chunked(n)
|
|
|
|
if self.length is not None and (n < 0 or n > self.length):
|
|
|
|
n = self.length
|
|
|
|
result = self.fp.read1(n)
|
|
|
|
if not result and n:
|
|
|
|
self._close_conn()
|
|
|
|
elif self.length is not None:
|
|
|
|
self.length -= len(result)
|
|
|
|
return result
|
|
|
|
|
|
|
|
def peek(self, n=-1):
|
|
|
|
# Having this enables IOBase.readline() to read more than one
|
|
|
|
# byte at a time
|
|
|
|
if self.fp is None or self._method == "HEAD":
|
|
|
|
return b""
|
|
|
|
if self.chunked:
|
|
|
|
return self._peek_chunked(n)
|
|
|
|
return self.fp.peek(n)
|
|
|
|
|
|
|
|
def readline(self, limit=-1):
|
|
|
|
if self.fp is None or self._method == "HEAD":
|
|
|
|
return b""
|
|
|
|
if self.chunked:
|
|
|
|
# Fallback to IOBase readline which uses peek() and read()
|
|
|
|
return super().readline(limit)
|
|
|
|
if self.length is not None and (limit < 0 or limit > self.length):
|
|
|
|
limit = self.length
|
|
|
|
result = self.fp.readline(limit)
|
|
|
|
if not result and limit:
|
|
|
|
self._close_conn()
|
|
|
|
elif self.length is not None:
|
|
|
|
self.length -= len(result)
|
|
|
|
return result
|
|
|
|
|
|
|
|
def _read1_chunked(self, n):
|
|
|
|
# Strictly speaking, _get_chunk_left() may cause more than one read,
|
|
|
|
# but that is ok, since that is to satisfy the chunked protocol.
|
|
|
|
chunk_left = self._get_chunk_left()
|
|
|
|
if chunk_left is None or n == 0:
|
|
|
|
return b''
|
|
|
|
if not (0 <= n <= chunk_left):
|
|
|
|
n = chunk_left # if n is negative or larger than chunk_left
|
|
|
|
read = self.fp.read1(n)
|
|
|
|
self.chunk_left -= len(read)
|
|
|
|
if not read:
|
|
|
|
raise IncompleteRead(b"")
|
|
|
|
return read
|
|
|
|
|
|
|
|
def _peek_chunked(self, n):
|
|
|
|
# Strictly speaking, _get_chunk_left() may cause more than one read,
|
|
|
|
# but that is ok, since that is to satisfy the chunked protocol.
|
|
|
|
try:
|
|
|
|
chunk_left = self._get_chunk_left()
|
|
|
|
except IncompleteRead:
|
|
|
|
return b'' # peek doesn't worry about protocol
|
|
|
|
if chunk_left is None:
|
|
|
|
return b'' # eof
|
|
|
|
# peek is allowed to return more than requested. Just request the
|
|
|
|
# entire chunk, and truncate what we get.
|
|
|
|
return self.fp.peek(chunk_left)[:chunk_left]
|
|
|
|
|
|
|
|
def fileno(self):
|
|
|
|
return self.fp.fileno()
|
|
|
|
|
|
|
|
def getheader(self, name, default=None):
|
|
|
|
'''Returns the value of the header matching *name*.
|
|
|
|
|
|
|
|
If there are multiple matching headers, the values are
|
|
|
|
combined into a single string separated by commas and spaces.
|
|
|
|
|
|
|
|
If no matching header is found, returns *default* or None if
|
|
|
|
the *default* is not specified.
|
|
|
|
|
|
|
|
If the headers are unknown, raises http.client.ResponseNotReady.
|
|
|
|
|
|
|
|
'''
|
|
|
|
if self.headers is None:
|
|
|
|
raise ResponseNotReady()
|
|
|
|
headers = self.headers.get_all(name) or default
|
|
|
|
if isinstance(headers, str) or not hasattr(headers, '__iter__'):
|
|
|
|
return headers
|
|
|
|
else:
|
|
|
|
return ', '.join(headers)
|
|
|
|
|
|
|
|
def getheaders(self):
|
|
|
|
"""Return list of (header, value) tuples."""
|
|
|
|
if self.headers is None:
|
|
|
|
raise ResponseNotReady()
|
|
|
|
return list(self.headers.items())
|
|
|
|
|
|
|
|
# We override IOBase.__iter__ so that it doesn't check for closed-ness
|
|
|
|
|
|
|
|
def __iter__(self):
|
|
|
|
return self
|
|
|
|
|
|
|
|
# For compatibility with old-style urllib responses.
|
|
|
|
|
|
|
|
def info(self):
|
|
|
|
'''Returns an instance of the class mimetools.Message containing
|
|
|
|
meta-information associated with the URL.
|
|
|
|
|
|
|
|
When the method is HTTP, these headers are those returned by
|
|
|
|
the server at the head of the retrieved HTML page (including
|
|
|
|
Content-Length and Content-Type).
|
|
|
|
|
|
|
|
When the method is FTP, a Content-Length header will be
|
|
|
|
present if (as is now usual) the server passed back a file
|
|
|
|
length in response to the FTP retrieval request. A
|
|
|
|
Content-Type header will be present if the MIME type can be
|
|
|
|
guessed.
|
|
|
|
|
|
|
|
When the method is local-file, returned headers will include
|
|
|
|
a Date representing the file's last-modified time, a
|
|
|
|
Content-Length giving file size, and a Content-Type
|
|
|
|
containing a guess at the file's type. See also the
|
|
|
|
description of the mimetools module.
|
|
|
|
|
|
|
|
'''
|
|
|
|
return self.headers
|
|
|
|
|
|
|
|
def geturl(self):
|
|
|
|
'''Return the real URL of the page.
|
|
|
|
|
|
|
|
In some cases, the HTTP server redirects a client to another
|
|
|
|
URL. The urlopen() function handles this transparently, but in
|
|
|
|
some cases the caller needs to know which URL the client was
|
|
|
|
redirected to. The geturl() method can be used to get at this
|
|
|
|
redirected URL.
|
|
|
|
|
|
|
|
'''
|
|
|
|
return self.url
|
|
|
|
|
|
|
|
def getcode(self):
|
|
|
|
'''Return the HTTP status code that was sent with the response,
|
|
|
|
or None if the URL is not an HTTP URL.
|
|
|
|
|
|
|
|
'''
|
|
|
|
return self.status
|
|
|
|
|
|
|
|
class HTTPConnection:
|
|
|
|
|
|
|
|
_http_vsn = 11
|
|
|
|
_http_vsn_str = 'HTTP/1.1'
|
|
|
|
|
|
|
|
response_class = HTTPResponse
|
|
|
|
default_port = HTTP_PORT
|
|
|
|
auto_open = 1
|
|
|
|
debuglevel = 0
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def _is_textIO(stream):
|
|
|
|
"""Test whether a file-like object is a text or a binary stream.
|
|
|
|
"""
|
|
|
|
return isinstance(stream, io.TextIOBase)
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def _get_content_length(body, method):
|
|
|
|
"""Get the content-length based on the body.
|
|
|
|
|
|
|
|
If the body is None, we set Content-Length: 0 for methods that expect
|
|
|
|
a body (RFC 7230, Section 3.3.2). We also set the Content-Length for
|
|
|
|
any method if the body is a str or bytes-like object and not a file.
|
|
|
|
"""
|
|
|
|
if body is None:
|
|
|
|
# do an explicit check for not None here to distinguish
|
|
|
|
# between unset and set but empty
|
|
|
|
if method.upper() in _METHODS_EXPECTING_BODY:
|
|
|
|
return 0
|
|
|
|
else:
|
|
|
|
return None
|
|
|
|
|
|
|
|
if hasattr(body, 'read'):
|
|
|
|
# file-like object.
|
|
|
|
return None
|
|
|
|
|
|
|
|
try:
|
|
|
|
# does it implement the buffer protocol (bytes, bytearray, array)?
|
|
|
|
mv = memoryview(body)
|
|
|
|
return mv.nbytes
|
|
|
|
except TypeError:
|
|
|
|
pass
|
|
|
|
|
|
|
|
if isinstance(body, str):
|
|
|
|
return len(body)
|
|
|
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
def __init__(self, host, port=None, timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
|
|
|
|
source_address=None, blocksize=8192):
|
|
|
|
self.timeout = timeout
|
|
|
|
self.source_address = source_address
|
|
|
|
self.blocksize = blocksize
|
|
|
|
self.sock = None
|
|
|
|
self._buffer = []
|
|
|
|
self.__response = None
|
|
|
|
self.__state = _CS_IDLE
|
|
|
|
self._method = None
|
|
|
|
self._tunnel_host = None
|
|
|
|
self._tunnel_port = None
|
|
|
|
self._tunnel_headers = {}
|
|
|
|
|
|
|
|
(self.host, self.port) = self._get_hostport(host, port)
|
|
|
|
|
|
|
|
self._validate_host(self.host)
|
|
|
|
|
|
|
|
# This is stored as an instance variable to allow unit
|
|
|
|
# tests to replace it with a suitable mockup
|
|
|
|
self._create_connection = socket.create_connection
|
|
|
|
|
|
|
|
def set_tunnel(self, host, port=None, headers=None):
|
|
|
|
"""Set up host and port for HTTP CONNECT tunnelling.
|
|
|
|
|
|
|
|
In a connection that uses HTTP CONNECT tunneling, the host passed to the
|
|
|
|
constructor is used as a proxy server that relays all communication to
|
|
|
|
the endpoint passed to `set_tunnel`. This done by sending an HTTP
|
|
|
|
CONNECT request to the proxy server when the connection is established.
|
|
|
|
|
|
|
|
This method must be called before the HTTP connection has been
|
|
|
|
established.
|
|
|
|
|
|
|
|
The headers argument should be a mapping of extra HTTP headers to send
|
|
|
|
with the CONNECT request.
|
|
|
|
"""
|
|
|
|
|
|
|
|
if self.sock:
|
|
|
|
raise RuntimeError("Can't set up tunnel for established connection")
|
|
|
|
|
|
|
|
self._tunnel_host, self._tunnel_port = self._get_hostport(host, port)
|
|
|
|
if headers:
|
|
|
|
self._tunnel_headers = headers
|
|
|
|
else:
|
|
|
|
self._tunnel_headers.clear()
|
|
|
|
|
|
|
|
def _get_hostport(self, host, port):
|
|
|
|
if port is None:
|
|
|
|
i = host.rfind(':')
|
|
|
|
j = host.rfind(']') # ipv6 addresses have [...]
|
|
|
|
if i > j:
|
|
|
|
try:
|
|
|
|
port = int(host[i+1:])
|
|
|
|
except ValueError:
|
|
|
|
if host[i+1:] == "": # http://foo.com:/ == http://foo.com/
|
|
|
|
port = self.default_port
|
|
|
|
else:
|
|
|
|
raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])
|
|
|
|
host = host[:i]
|
|
|
|
else:
|
|
|
|
port = self.default_port
|
|
|
|
if host and host[0] == '[' and host[-1] == ']':
|
|
|
|
host = host[1:-1]
|
|
|
|
|
|
|
|
return (host, port)
|
|
|
|
|
|
|
|
def set_debuglevel(self, level):
|
|
|
|
self.debuglevel = level
|
|
|
|
|
|
|
|
def _tunnel(self):
|
|
|
|
connect = b"CONNECT %s:%d HTTP/1.0\r\n" % (
|
|
|
|
self._tunnel_host.encode("ascii"), self._tunnel_port)
|
|
|
|
headers = [connect]
|
|
|
|
for header, value in self._tunnel_headers.items():
|
|
|
|
headers.append(f"{header}: {value}\r\n".encode("latin-1"))
|
|
|
|
headers.append(b"\r\n")
|
|
|
|
# Making a single send() call instead of one per line encourages
|
|
|
|
# the host OS to use a more optimal packet size instead of
|
|
|
|
# potentially emitting a series of small packets.
|
|
|
|
self.send(b"".join(headers))
|
|
|
|
del headers
|
|
|
|
|
|
|
|
response = self.response_class(self.sock, method=self._method)
|
|
|
|
(version, code, message) = response._read_status()
|
|
|
|
|
|
|
|
if code != http.HTTPStatus.OK:
|
|
|
|
self.close()
|
|
|
|
raise OSError(f"Tunnel connection failed: {code} {message.strip()}")
|
|
|
|
while True:
|
|
|
|
line = response.fp.readline(_MAXLINE + 1)
|
|
|
|
if len(line) > _MAXLINE:
|
|
|
|
raise LineTooLong("header line")
|
|
|
|
if not line:
|
|
|
|
# for sites which EOF without sending a trailer
|
|
|
|
break
|
|
|
|
if line in (b'\r\n', b'\n', b''):
|
|
|
|
break
|
|
|
|
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
print('header:', line.decode())
|
|
|
|
|
|
|
|
def connect(self):
|
|
|
|
"""Connect to the host and port specified in __init__."""
|
2022-10-09 16:27:10 +03:00
|
|
|
sys.audit("http.client.connect", self, self.host, self.port)
|
2022-09-17 15:26:13 +03:00
|
|
|
self.sock = self._create_connection(
|
|
|
|
(self.host,self.port), self.timeout, self.source_address)
|
2022-10-09 16:27:10 +03:00
|
|
|
# Might fail in OSs that don't implement TCP_NODELAY
|
|
|
|
try:
|
|
|
|
self.sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
|
|
|
|
except OSError as e:
|
|
|
|
if e.errno != errno.ENOPROTOOPT:
|
|
|
|
raise
|
2022-09-17 15:26:13 +03:00
|
|
|
|
|
|
|
if self._tunnel_host:
|
|
|
|
self._tunnel()
|
|
|
|
|
|
|
|
def close(self):
|
|
|
|
"""Close the connection to the HTTP server."""
|
|
|
|
self.__state = _CS_IDLE
|
|
|
|
try:
|
|
|
|
sock = self.sock
|
|
|
|
if sock:
|
|
|
|
self.sock = None
|
|
|
|
sock.close() # close it manually... there may be other refs
|
|
|
|
finally:
|
|
|
|
response = self.__response
|
|
|
|
if response:
|
|
|
|
self.__response = None
|
|
|
|
response.close()
|
|
|
|
|
|
|
|
def send(self, data):
|
|
|
|
"""Send `data' to the server.
|
|
|
|
``data`` can be a string object, a bytes object, an array object, a
|
|
|
|
file-like object that supports a .read() method, or an iterable object.
|
|
|
|
"""
|
|
|
|
|
|
|
|
if self.sock is None:
|
|
|
|
if self.auto_open:
|
|
|
|
self.connect()
|
|
|
|
else:
|
|
|
|
raise NotConnected()
|
|
|
|
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
print("send:", repr(data))
|
|
|
|
if hasattr(data, "read") :
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
print("sendIng a read()able")
|
|
|
|
encode = self._is_textIO(data)
|
|
|
|
if encode and self.debuglevel > 0:
|
|
|
|
print("encoding file using iso-8859-1")
|
|
|
|
while 1:
|
|
|
|
datablock = data.read(self.blocksize)
|
|
|
|
if not datablock:
|
|
|
|
break
|
|
|
|
if encode:
|
|
|
|
datablock = datablock.encode("iso-8859-1")
|
2022-10-09 16:27:10 +03:00
|
|
|
sys.audit("http.client.send", self, datablock)
|
2022-09-17 15:26:13 +03:00
|
|
|
self.sock.sendall(datablock)
|
|
|
|
return
|
2022-10-09 16:27:10 +03:00
|
|
|
sys.audit("http.client.send", self, data)
|
2022-09-17 15:26:13 +03:00
|
|
|
try:
|
|
|
|
self.sock.sendall(data)
|
|
|
|
except TypeError:
|
|
|
|
if isinstance(data, collections.abc.Iterable):
|
|
|
|
for d in data:
|
|
|
|
self.sock.sendall(d)
|
|
|
|
else:
|
|
|
|
raise TypeError("data should be a bytes-like object "
|
|
|
|
"or an iterable, got %r" % type(data))
|
|
|
|
|
|
|
|
def _output(self, s):
|
|
|
|
"""Add a line of output to the current request buffer.
|
|
|
|
|
|
|
|
Assumes that the line does *not* end with \\r\\n.
|
|
|
|
"""
|
|
|
|
self._buffer.append(s)
|
|
|
|
|
|
|
|
def _read_readable(self, readable):
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
print("sendIng a read()able")
|
|
|
|
encode = self._is_textIO(readable)
|
|
|
|
if encode and self.debuglevel > 0:
|
|
|
|
print("encoding file using iso-8859-1")
|
|
|
|
while True:
|
|
|
|
datablock = readable.read(self.blocksize)
|
|
|
|
if not datablock:
|
|
|
|
break
|
|
|
|
if encode:
|
|
|
|
datablock = datablock.encode("iso-8859-1")
|
|
|
|
yield datablock
|
|
|
|
|
|
|
|
def _send_output(self, message_body=None, encode_chunked=False):
|
|
|
|
"""Send the currently buffered request and clear the buffer.
|
|
|
|
|
|
|
|
Appends an extra \\r\\n to the buffer.
|
|
|
|
A message_body may be specified, to be appended to the request.
|
|
|
|
"""
|
|
|
|
self._buffer.extend((b"", b""))
|
|
|
|
msg = b"\r\n".join(self._buffer)
|
|
|
|
del self._buffer[:]
|
|
|
|
self.send(msg)
|
|
|
|
|
|
|
|
if message_body is not None:
|
|
|
|
|
|
|
|
# create a consistent interface to message_body
|
|
|
|
if hasattr(message_body, 'read'):
|
|
|
|
# Let file-like take precedence over byte-like. This
|
|
|
|
# is needed to allow the current position of mmap'ed
|
|
|
|
# files to be taken into account.
|
|
|
|
chunks = self._read_readable(message_body)
|
|
|
|
else:
|
|
|
|
try:
|
|
|
|
# this is solely to check to see if message_body
|
|
|
|
# implements the buffer API. it /would/ be easier
|
|
|
|
# to capture if PyObject_CheckBuffer was exposed
|
|
|
|
# to Python.
|
|
|
|
memoryview(message_body)
|
|
|
|
except TypeError:
|
|
|
|
try:
|
|
|
|
chunks = iter(message_body)
|
|
|
|
except TypeError:
|
|
|
|
raise TypeError("message_body should be a bytes-like "
|
|
|
|
"object or an iterable, got %r"
|
|
|
|
% type(message_body))
|
|
|
|
else:
|
|
|
|
# the object implements the buffer interface and
|
|
|
|
# can be passed directly into socket methods
|
|
|
|
chunks = (message_body,)
|
|
|
|
|
|
|
|
for chunk in chunks:
|
|
|
|
if not chunk:
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
print('Zero length chunk ignored')
|
|
|
|
continue
|
|
|
|
|
|
|
|
if encode_chunked and self._http_vsn == 11:
|
|
|
|
# chunked encoding
|
|
|
|
chunk = f'{len(chunk):X}\r\n'.encode('ascii') + chunk \
|
|
|
|
+ b'\r\n'
|
|
|
|
self.send(chunk)
|
|
|
|
|
|
|
|
if encode_chunked and self._http_vsn == 11:
|
|
|
|
# end chunked transfer
|
|
|
|
self.send(b'0\r\n\r\n')
|
|
|
|
|
|
|
|
def putrequest(self, method, url, skip_host=False,
|
|
|
|
skip_accept_encoding=False):
|
|
|
|
"""Send a request to the server.
|
|
|
|
|
|
|
|
`method' specifies an HTTP request method, e.g. 'GET'.
|
|
|
|
`url' specifies the object being requested, e.g. '/index.html'.
|
|
|
|
`skip_host' if True does not add automatically a 'Host:' header
|
|
|
|
`skip_accept_encoding' if True does not add automatically an
|
|
|
|
'Accept-Encoding:' header
|
|
|
|
"""
|
|
|
|
|
|
|
|
# if a prior response has been completed, then forget about it.
|
|
|
|
if self.__response and self.__response.isclosed():
|
|
|
|
self.__response = None
|
|
|
|
|
|
|
|
|
|
|
|
# in certain cases, we cannot issue another request on this connection.
|
|
|
|
# this occurs when:
|
|
|
|
# 1) we are in the process of sending a request. (_CS_REQ_STARTED)
|
|
|
|
# 2) a response to a previous request has signalled that it is going
|
|
|
|
# to close the connection upon completion.
|
|
|
|
# 3) the headers for the previous response have not been read, thus
|
|
|
|
# we cannot determine whether point (2) is true. (_CS_REQ_SENT)
|
|
|
|
#
|
|
|
|
# if there is no prior response, then we can request at will.
|
|
|
|
#
|
|
|
|
# if point (2) is true, then we will have passed the socket to the
|
|
|
|
# response (effectively meaning, "there is no prior response"), and
|
|
|
|
# will open a new one when a new request is made.
|
|
|
|
#
|
|
|
|
# Note: if a prior response exists, then we *can* start a new request.
|
|
|
|
# We are not allowed to begin fetching the response to this new
|
|
|
|
# request, however, until that prior response is complete.
|
|
|
|
#
|
|
|
|
if self.__state == _CS_IDLE:
|
|
|
|
self.__state = _CS_REQ_STARTED
|
|
|
|
else:
|
|
|
|
raise CannotSendRequest(self.__state)
|
|
|
|
|
|
|
|
self._validate_method(method)
|
|
|
|
|
|
|
|
# Save the method for use later in the response phase
|
|
|
|
self._method = method
|
|
|
|
|
|
|
|
url = url or '/'
|
|
|
|
self._validate_path(url)
|
|
|
|
|
|
|
|
request = '%s %s %s' % (method, url, self._http_vsn_str)
|
|
|
|
|
|
|
|
self._output(self._encode_request(request))
|
|
|
|
|
|
|
|
if self._http_vsn == 11:
|
|
|
|
# Issue some standard headers for better HTTP/1.1 compliance
|
|
|
|
|
|
|
|
if not skip_host:
|
|
|
|
# this header is issued *only* for HTTP/1.1
|
|
|
|
# connections. more specifically, this means it is
|
|
|
|
# only issued when the client uses the new
|
|
|
|
# HTTPConnection() class. backwards-compat clients
|
|
|
|
# will be using HTTP/1.0 and those clients may be
|
|
|
|
# issuing this header themselves. we should NOT issue
|
|
|
|
# it twice; some web servers (such as Apache) barf
|
|
|
|
# when they see two Host: headers
|
|
|
|
|
|
|
|
# If we need a non-standard port,include it in the
|
|
|
|
# header. If the request is going through a proxy,
|
|
|
|
# but the host of the actual URL, not the host of the
|
|
|
|
# proxy.
|
|
|
|
|
|
|
|
netloc = ''
|
|
|
|
if url.startswith('http'):
|
|
|
|
nil, netloc, nil, nil, nil = urlsplit(url)
|
|
|
|
|
|
|
|
if netloc:
|
|
|
|
try:
|
|
|
|
netloc_enc = netloc.encode("ascii")
|
|
|
|
except UnicodeEncodeError:
|
|
|
|
netloc_enc = netloc.encode("idna")
|
|
|
|
self.putheader('Host', netloc_enc)
|
|
|
|
else:
|
|
|
|
if self._tunnel_host:
|
|
|
|
host = self._tunnel_host
|
|
|
|
port = self._tunnel_port
|
|
|
|
else:
|
|
|
|
host = self.host
|
|
|
|
port = self.port
|
|
|
|
|
|
|
|
try:
|
|
|
|
host_enc = host.encode("ascii")
|
|
|
|
except UnicodeEncodeError:
|
|
|
|
host_enc = host.encode("idna")
|
|
|
|
|
|
|
|
# As per RFC 273, IPv6 address should be wrapped with []
|
|
|
|
# when used as Host header
|
|
|
|
|
|
|
|
if host.find(':') >= 0:
|
|
|
|
host_enc = b'[' + host_enc + b']'
|
|
|
|
|
|
|
|
if port == self.default_port:
|
|
|
|
self.putheader('Host', host_enc)
|
|
|
|
else:
|
|
|
|
host_enc = host_enc.decode("ascii")
|
|
|
|
self.putheader('Host', "%s:%s" % (host_enc, port))
|
|
|
|
|
|
|
|
# note: we are assuming that clients will not attempt to set these
|
|
|
|
# headers since *this* library must deal with the
|
|
|
|
# consequences. this also means that when the supporting
|
|
|
|
# libraries are updated to recognize other forms, then this
|
|
|
|
# code should be changed (removed or updated).
|
|
|
|
|
|
|
|
# we only want a Content-Encoding of "identity" since we don't
|
|
|
|
# support encodings such as x-gzip or x-deflate.
|
|
|
|
if not skip_accept_encoding:
|
|
|
|
self.putheader('Accept-Encoding', 'identity')
|
|
|
|
|
|
|
|
# we can accept "chunked" Transfer-Encodings, but no others
|
|
|
|
# NOTE: no TE header implies *only* "chunked"
|
|
|
|
#self.putheader('TE', 'chunked')
|
|
|
|
|
|
|
|
# if TE is supplied in the header, then it must appear in a
|
|
|
|
# Connection header.
|
|
|
|
#self.putheader('Connection', 'TE')
|
|
|
|
|
|
|
|
else:
|
|
|
|
# For HTTP/1.0, the server will assume "not chunked"
|
|
|
|
pass
|
|
|
|
|
|
|
|
def _encode_request(self, request):
|
|
|
|
# ASCII also helps prevent CVE-2019-9740.
|
|
|
|
return request.encode('ascii')
|
|
|
|
|
|
|
|
def _validate_method(self, method):
|
|
|
|
"""Validate a method name for putrequest."""
|
|
|
|
# prevent http header injection
|
|
|
|
match = _contains_disallowed_method_pchar_re.search(method)
|
|
|
|
if match:
|
|
|
|
raise ValueError(
|
|
|
|
f"method can't contain control characters. {method!r} "
|
|
|
|
f"(found at least {match.group()!r})")
|
|
|
|
|
|
|
|
def _validate_path(self, url):
|
|
|
|
"""Validate a url for putrequest."""
|
|
|
|
# Prevent CVE-2019-9740.
|
|
|
|
match = _contains_disallowed_url_pchar_re.search(url)
|
|
|
|
if match:
|
|
|
|
raise InvalidURL(f"URL can't contain control characters. {url!r} "
|
|
|
|
f"(found at least {match.group()!r})")
|
|
|
|
|
|
|
|
def _validate_host(self, host):
|
|
|
|
"""Validate a host so it doesn't contain control characters."""
|
|
|
|
# Prevent CVE-2019-18348.
|
|
|
|
match = _contains_disallowed_url_pchar_re.search(host)
|
|
|
|
if match:
|
|
|
|
raise InvalidURL(f"URL can't contain control characters. {host!r} "
|
|
|
|
f"(found at least {match.group()!r})")
|
|
|
|
|
|
|
|
def putheader(self, header, *values):
|
|
|
|
"""Send a request header line to the server.
|
|
|
|
|
|
|
|
For example: h.putheader('Accept', 'text/html')
|
|
|
|
"""
|
|
|
|
if self.__state != _CS_REQ_STARTED:
|
|
|
|
raise CannotSendHeader()
|
|
|
|
|
|
|
|
if hasattr(header, 'encode'):
|
|
|
|
header = header.encode('ascii')
|
|
|
|
|
|
|
|
if not _is_legal_header_name(header):
|
|
|
|
raise ValueError('Invalid header name %r' % (header,))
|
|
|
|
|
|
|
|
values = list(values)
|
|
|
|
for i, one_value in enumerate(values):
|
|
|
|
if hasattr(one_value, 'encode'):
|
|
|
|
values[i] = one_value.encode('latin-1')
|
|
|
|
elif isinstance(one_value, int):
|
|
|
|
values[i] = str(one_value).encode('ascii')
|
|
|
|
|
|
|
|
if _is_illegal_header_value(values[i]):
|
|
|
|
raise ValueError('Invalid header value %r' % (values[i],))
|
|
|
|
|
|
|
|
value = b'\r\n\t'.join(values)
|
|
|
|
header = header + b': ' + value
|
|
|
|
self._output(header)
|
|
|
|
|
|
|
|
def endheaders(self, message_body=None, *, encode_chunked=False):
|
|
|
|
"""Indicate that the last header line has been sent to the server.
|
|
|
|
|
|
|
|
This method sends the request to the server. The optional message_body
|
|
|
|
argument can be used to pass a message body associated with the
|
|
|
|
request.
|
|
|
|
"""
|
|
|
|
if self.__state == _CS_REQ_STARTED:
|
|
|
|
self.__state = _CS_REQ_SENT
|
|
|
|
else:
|
|
|
|
raise CannotSendHeader()
|
|
|
|
self._send_output(message_body, encode_chunked=encode_chunked)
|
|
|
|
|
|
|
|
def request(self, method, url, body=None, headers={}, *,
|
|
|
|
encode_chunked=False):
|
|
|
|
"""Send a complete request to the server."""
|
|
|
|
self._send_request(method, url, body, headers, encode_chunked)
|
|
|
|
|
|
|
|
def _send_request(self, method, url, body, headers, encode_chunked):
|
|
|
|
# Honor explicitly requested Host: and Accept-Encoding: headers.
|
|
|
|
header_names = frozenset(k.lower() for k in headers)
|
|
|
|
skips = {}
|
|
|
|
if 'host' in header_names:
|
|
|
|
skips['skip_host'] = 1
|
|
|
|
if 'accept-encoding' in header_names:
|
|
|
|
skips['skip_accept_encoding'] = 1
|
|
|
|
|
|
|
|
self.putrequest(method, url, **skips)
|
|
|
|
|
|
|
|
# chunked encoding will happen if HTTP/1.1 is used and either
|
|
|
|
# the caller passes encode_chunked=True or the following
|
|
|
|
# conditions hold:
|
|
|
|
# 1. content-length has not been explicitly set
|
|
|
|
# 2. the body is a file or iterable, but not a str or bytes-like
|
|
|
|
# 3. Transfer-Encoding has NOT been explicitly set by the caller
|
|
|
|
|
|
|
|
if 'content-length' not in header_names:
|
|
|
|
# only chunk body if not explicitly set for backwards
|
|
|
|
# compatibility, assuming the client code is already handling the
|
|
|
|
# chunking
|
|
|
|
if 'transfer-encoding' not in header_names:
|
|
|
|
# if content-length cannot be automatically determined, fall
|
|
|
|
# back to chunked encoding
|
|
|
|
encode_chunked = False
|
|
|
|
content_length = self._get_content_length(body, method)
|
|
|
|
if content_length is None:
|
|
|
|
if body is not None:
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
print('Unable to determine size of %r' % body)
|
|
|
|
encode_chunked = True
|
|
|
|
self.putheader('Transfer-Encoding', 'chunked')
|
|
|
|
else:
|
|
|
|
self.putheader('Content-Length', str(content_length))
|
|
|
|
else:
|
|
|
|
encode_chunked = False
|
|
|
|
|
|
|
|
for hdr, value in headers.items():
|
|
|
|
self.putheader(hdr, value)
|
|
|
|
if isinstance(body, str):
|
|
|
|
# RFC 2616 Section 3.7.1 says that text default has a
|
|
|
|
# default charset of iso-8859-1.
|
|
|
|
body = _encode(body, 'body')
|
|
|
|
self.endheaders(body, encode_chunked=encode_chunked)
|
|
|
|
|
|
|
|
def getresponse(self):
|
|
|
|
"""Get the response from the server.
|
|
|
|
|
|
|
|
If the HTTPConnection is in the correct state, returns an
|
|
|
|
instance of HTTPResponse or of whatever object is returned by
|
|
|
|
the response_class variable.
|
|
|
|
|
|
|
|
If a request has not been sent or if a previous response has
|
|
|
|
not be handled, ResponseNotReady is raised. If the HTTP
|
|
|
|
response indicates that the connection should be closed, then
|
|
|
|
it will be closed before the response is returned. When the
|
|
|
|
connection is closed, the underlying socket is closed.
|
|
|
|
"""
|
|
|
|
|
|
|
|
# if a prior response has been completed, then forget about it.
|
|
|
|
if self.__response and self.__response.isclosed():
|
|
|
|
self.__response = None
|
|
|
|
|
|
|
|
# if a prior response exists, then it must be completed (otherwise, we
|
|
|
|
# cannot read this response's header to determine the connection-close
|
|
|
|
# behavior)
|
|
|
|
#
|
|
|
|
# note: if a prior response existed, but was connection-close, then the
|
|
|
|
# socket and response were made independent of this HTTPConnection
|
|
|
|
# object since a new request requires that we open a whole new
|
|
|
|
# connection
|
|
|
|
#
|
|
|
|
# this means the prior response had one of two states:
|
|
|
|
# 1) will_close: this connection was reset and the prior socket and
|
|
|
|
# response operate independently
|
|
|
|
# 2) persistent: the response was retained and we await its
|
|
|
|
# isclosed() status to become true.
|
|
|
|
#
|
|
|
|
if self.__state != _CS_REQ_SENT or self.__response:
|
|
|
|
raise ResponseNotReady(self.__state)
|
|
|
|
|
|
|
|
if self.debuglevel > 0:
|
|
|
|
response = self.response_class(self.sock, self.debuglevel,
|
|
|
|
method=self._method)
|
|
|
|
else:
|
|
|
|
response = self.response_class(self.sock, method=self._method)
|
|
|
|
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
response.begin()
|
|
|
|
except ConnectionError:
|
|
|
|
self.close()
|
|
|
|
raise
|
|
|
|
assert response.will_close != _UNKNOWN
|
|
|
|
self.__state = _CS_IDLE
|
|
|
|
|
|
|
|
if response.will_close:
|
|
|
|
# this effectively passes the connection to the response
|
|
|
|
self.close()
|
|
|
|
else:
|
|
|
|
# remember this, so we can tell when it is complete
|
|
|
|
self.__response = response
|
|
|
|
|
|
|
|
return response
|
|
|
|
except:
|
|
|
|
response.close()
|
|
|
|
raise
|
|
|
|
|
|
|
|
try:
|
|
|
|
import ssl
|
|
|
|
except ImportError:
|
|
|
|
pass
|
|
|
|
else:
|
|
|
|
class HTTPSConnection(HTTPConnection):
|
|
|
|
"This class allows communication via SSL."
|
|
|
|
|
|
|
|
default_port = HTTPS_PORT
|
|
|
|
|
|
|
|
# XXX Should key_file and cert_file be deprecated in favour of context?
|
|
|
|
|
|
|
|
def __init__(self, host, port=None, key_file=None, cert_file=None,
|
|
|
|
timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
|
|
|
|
source_address=None, *, context=None,
|
|
|
|
check_hostname=None, blocksize=8192):
|
|
|
|
super(HTTPSConnection, self).__init__(host, port, timeout,
|
|
|
|
source_address,
|
|
|
|
blocksize=blocksize)
|
|
|
|
if (key_file is not None or cert_file is not None or
|
|
|
|
check_hostname is not None):
|
|
|
|
import warnings
|
|
|
|
warnings.warn("key_file, cert_file and check_hostname are "
|
|
|
|
"deprecated, use a custom context instead.",
|
|
|
|
DeprecationWarning, 2)
|
|
|
|
self.key_file = key_file
|
|
|
|
self.cert_file = cert_file
|
|
|
|
if context is None:
|
|
|
|
context = ssl._create_default_https_context()
|
2022-10-09 16:27:10 +03:00
|
|
|
# send ALPN extension to indicate HTTP/1.1 protocol
|
|
|
|
if self._http_vsn == 11:
|
|
|
|
context.set_alpn_protocols(['http/1.1'])
|
2022-09-17 15:26:13 +03:00
|
|
|
# enable PHA for TLS 1.3 connections if available
|
|
|
|
if context.post_handshake_auth is not None:
|
|
|
|
context.post_handshake_auth = True
|
|
|
|
will_verify = context.verify_mode != ssl.CERT_NONE
|
|
|
|
if check_hostname is None:
|
|
|
|
check_hostname = context.check_hostname
|
|
|
|
if check_hostname and not will_verify:
|
|
|
|
raise ValueError("check_hostname needs a SSL context with "
|
|
|
|
"either CERT_OPTIONAL or CERT_REQUIRED")
|
|
|
|
if key_file or cert_file:
|
|
|
|
context.load_cert_chain(cert_file, key_file)
|
|
|
|
# cert and key file means the user wants to authenticate.
|
|
|
|
# enable TLS 1.3 PHA implicitly even for custom contexts.
|
|
|
|
if context.post_handshake_auth is not None:
|
|
|
|
context.post_handshake_auth = True
|
|
|
|
self._context = context
|
|
|
|
if check_hostname is not None:
|
|
|
|
self._context.check_hostname = check_hostname
|
|
|
|
|
|
|
|
def connect(self):
|
|
|
|
"Connect to a host on a given (SSL) port."
|
|
|
|
|
|
|
|
super().connect()
|
|
|
|
|
|
|
|
if self._tunnel_host:
|
|
|
|
server_hostname = self._tunnel_host
|
|
|
|
else:
|
|
|
|
server_hostname = self.host
|
|
|
|
|
|
|
|
self.sock = self._context.wrap_socket(self.sock,
|
|
|
|
server_hostname=server_hostname)
|
|
|
|
|
|
|
|
__all__.append("HTTPSConnection")
|
|
|
|
|
|
|
|
class HTTPException(Exception):
|
|
|
|
# Subclasses that define an __init__ must call Exception.__init__
|
|
|
|
# or define self.args. Otherwise, str() will fail.
|
|
|
|
pass
|
|
|
|
|
|
|
|
class NotConnected(HTTPException):
|
|
|
|
pass
|
|
|
|
|
|
|
|
class InvalidURL(HTTPException):
|
|
|
|
pass
|
|
|
|
|
|
|
|
class UnknownProtocol(HTTPException):
|
|
|
|
def __init__(self, version):
|
|
|
|
self.args = version,
|
|
|
|
self.version = version
|
|
|
|
|
|
|
|
class UnknownTransferEncoding(HTTPException):
|
|
|
|
pass
|
|
|
|
|
|
|
|
class UnimplementedFileMode(HTTPException):
|
|
|
|
pass
|
|
|
|
|
|
|
|
class IncompleteRead(HTTPException):
|
|
|
|
def __init__(self, partial, expected=None):
|
|
|
|
self.args = partial,
|
|
|
|
self.partial = partial
|
|
|
|
self.expected = expected
|
|
|
|
def __repr__(self):
|
|
|
|
if self.expected is not None:
|
|
|
|
e = ', %i more expected' % self.expected
|
|
|
|
else:
|
|
|
|
e = ''
|
|
|
|
return '%s(%i bytes read%s)' % (self.__class__.__name__,
|
|
|
|
len(self.partial), e)
|
|
|
|
__str__ = object.__str__
|
|
|
|
|
|
|
|
class ImproperConnectionState(HTTPException):
|
|
|
|
pass
|
|
|
|
|
|
|
|
class CannotSendRequest(ImproperConnectionState):
|
|
|
|
pass
|
|
|
|
|
|
|
|
class CannotSendHeader(ImproperConnectionState):
|
|
|
|
pass
|
|
|
|
|
|
|
|
class ResponseNotReady(ImproperConnectionState):
|
|
|
|
pass
|
|
|
|
|
|
|
|
class BadStatusLine(HTTPException):
|
|
|
|
def __init__(self, line):
|
|
|
|
if not line:
|
|
|
|
line = repr(line)
|
|
|
|
self.args = line,
|
|
|
|
self.line = line
|
|
|
|
|
|
|
|
class LineTooLong(HTTPException):
|
|
|
|
def __init__(self, line_type):
|
|
|
|
HTTPException.__init__(self, "got more than %d bytes when reading %s"
|
|
|
|
% (_MAXLINE, line_type))
|
|
|
|
|
|
|
|
class RemoteDisconnected(ConnectionResetError, BadStatusLine):
|
|
|
|
def __init__(self, *pos, **kw):
|
|
|
|
BadStatusLine.__init__(self, "")
|
|
|
|
ConnectionResetError.__init__(self, *pos, **kw)
|
|
|
|
|
|
|
|
# for backwards compatibility
|
|
|
|
error = HTTPException
|