◐ Shell
clean mode source ↗

bpo-5054: CGIHTTPRequestHandler.run_cgi() HTTP_ACCEPT improperly parsed by orsenthil · Pull Request #23638 · python/cpython

python

Expand Up @@ -3,7 +3,7 @@ Written by Cody A.W. Somerville <cody-somerville@ubuntu.com>, Josip Dzolonga, and Michael Otteneder for the 2007/08 GHOP contest. """
from collections import OrderedDict from http.server import BaseHTTPRequestHandler, HTTPServer, \ SimpleHTTPRequestHandler, CGIHTTPRequestHandler from http import server, HTTPStatus Expand All @@ -19,7 +19,7 @@ import email.message import email.utils import html import http.client import http, http.client import urllib.parse import tempfile import time Expand Down Expand Up @@ -588,6 +588,15 @@ def test_html_escape_filename(self): print(os.environ["%s"]) """
cgi_file6 = """\ #!%s import os
print("Content-type: text/plain") print() print(repr(os.environ)) """

@unittest.skipIf(hasattr(os, 'geteuid') and os.geteuid() == 0, "This test can't be run reliably as root (issue #13308).") Expand Down Expand Up @@ -666,6 +675,11 @@ def setUp(self): file5.write(cgi_file1 % self.pythonexe) os.chmod(self.file5_path, 0o777)
self.file6_path = os.path.join(self.cgi_dir, 'file6.py') with open(self.file6_path, 'w', encoding='utf-8') as file6: file6.write(cgi_file6 % self.pythonexe) os.chmod(self.file6_path, 0o777)
os.chdir(self.parent_dir)
def tearDown(self): Expand All @@ -685,6 +699,8 @@ def tearDown(self): os.remove(self.file4_path) if self.file5_path: os.remove(self.file5_path) if self.file6_path: os.remove(self.file6_path) os.rmdir(self.cgi_child_dir) os.rmdir(self.cgi_dir) os.rmdir(self.cgi_dir_in_sub_dir) Expand Down Expand Up @@ -818,6 +834,23 @@ def test_cgi_path_in_sub_directories(self): finally: CGIHTTPRequestHandler.cgi_directories.remove('/sub/dir/cgi-bin')
def test_accept(self): browser_accept = \ 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' tests = ( ((('Accept', browser_accept),), browser_accept), ((), ''), # Hack case to get two values for the one header ((('Accept', 'text/html'), ('ACCEPT', 'text/plain')), 'text/html,text/plain'), ) for headers, expected in tests: headers = OrderedDict(headers) with self.subTest(headers): res = self.request('/cgi-bin/file6.py', 'GET', headers=headers) self.assertEqual(http.HTTPStatus.OK, res.status) expected = f"'HTTP_ACCEPT': {expected!r}" self.assertIn(expected.encode('ascii'), res.read())

class SocketlessRequestHandler(SimpleHTTPRequestHandler): Expand Down