Python code coverage for Lib/wsgiref/validate.py

#	count	content
1	n/a	# (c) 2005 Ian Bicking and contributors; written for Paste (http://pythonpaste.org)
2	n/a	# Licensed under the MIT license: http://www.opensource.org/licenses/mit-license.php
3	n/a	# Also licenced under the Apache License, 2.0: http://opensource.org/licenses/apache2.0.php
4	n/a	# Licensed to PSF under a Contributor Agreement
5	n/a	"""
6	n/a	Middleware to check for obedience to the WSGI specification.
7	n/a
8	n/a	Some of the things this checks:
9	n/a
10	n/a	* Signature of the application and start_response (including that
11	n/a	keyword arguments are not used).
12	n/a
13	n/a	* Environment checks:
14	n/a
15	n/a	- Environment is a dictionary (and not a subclass).
16	n/a
17	n/a	- That all the required keys are in the environment: REQUEST_METHOD,
18	n/a	SERVER_NAME, SERVER_PORT, wsgi.version, wsgi.input, wsgi.errors,
19	n/a	wsgi.multithread, wsgi.multiprocess, wsgi.run_once
20	n/a
21	n/a	- That HTTP_CONTENT_TYPE and HTTP_CONTENT_LENGTH are not in the
22	n/a	environment (these headers should appear as CONTENT_LENGTH and
23	n/a	CONTENT_TYPE).
24	n/a
25	n/a	- Warns if QUERY_STRING is missing, as the cgi module acts
26	n/a	unpredictably in that case.
27	n/a
28	n/a	- That CGI-style variables (that don't contain a .) have
29	n/a	(non-unicode) string values
30	n/a
31	n/a	- That wsgi.version is a tuple
32	n/a
33	n/a	- That wsgi.url_scheme is 'http' or 'https' (@@: is this too
34	n/a	restrictive?)
35	n/a
36	n/a	- Warns if the REQUEST_METHOD is not known (@@: probably too
37	n/a	restrictive).
38	n/a
39	n/a	- That SCRIPT_NAME and PATH_INFO are empty or start with /
40	n/a
41	n/a	- That at least one of SCRIPT_NAME or PATH_INFO are set.
42	n/a
43	n/a	- That CONTENT_LENGTH is a positive integer.
44	n/a
45	n/a	- That SCRIPT_NAME is not '/' (it should be '', and PATH_INFO should
46	n/a	be '/').
47	n/a
48	n/a	- That wsgi.input has the methods read, readline, readlines, and
49	n/a	__iter__
50	n/a
51	n/a	- That wsgi.errors has the methods flush, write, writelines
52	n/a
53	n/a	* The status is a string, contains a space, starts with an integer,
54	n/a	and that integer is in range (> 100).
55	n/a
56	n/a	* That the headers is a list (not a subclass, not another kind of
57	n/a	sequence).
58	n/a
59	n/a	* That the items of the headers are tuples of strings.
60	n/a
61	n/a	* That there is no 'status' header (that is used in CGI, but not in
62	n/a	WSGI).
63	n/a
64	n/a	* That the headers don't contain newlines or colons, end in _ or -, or
65	n/a	contain characters codes below 037.
66	n/a
67	n/a	* That Content-Type is given if there is content (CGI often has a
68	n/a	default content type, but WSGI does not).
69	n/a
70	n/a	* That no Content-Type is given when there is no content (@@: is this
71	n/a	too restrictive?)
72	n/a
73	n/a	* That the exc_info argument to start_response is a tuple or None.
74	n/a
75	n/a	* That all calls to the writer are with strings, and no other methods
76	n/a	on the writer are accessed.
77	n/a
78	n/a	* That wsgi.input is used properly:
79	n/a
80	n/a	- .read() is called with zero or one argument
81	n/a
82	n/a	- That it returns a string
83	n/a
84	n/a	- That readline, readlines, and __iter__ return strings
85	n/a
86	n/a	- That .close() is not called
87	n/a
88	n/a	- No other methods are provided
89	n/a
90	n/a	* That wsgi.errors is used properly:
91	n/a
92	n/a	- .write() and .writelines() is called with a string
93	n/a
94	n/a	- That .close() is not called, and no other methods are provided.
95	n/a
96	n/a	* The response iterator:
97	n/a
98	n/a	- That it is not a string (it should be a list of a single string; a
99	n/a	string will work, but perform horribly).
100	n/a
101	n/a	- That .__next__() returns a string
102	n/a
103	n/a	- That the iterator is not iterated over until start_response has
104	n/a	been called (that can signal either a server or application
105	n/a	error).
106	n/a
107	n/a	- That .close() is called (doesn't raise exception, only prints to
108	n/a	sys.stderr, because we only know it isn't called when the object
109	n/a	is garbage collected).
110	n/a	"""
111	n/a	__all__ = ['validator']
112	n/a
113	n/a
114	n/a	import re
115	n/a	import sys
116	n/a	import warnings
117	n/a
118	n/a	header_re = re.compile(r'^[a-zA-Z][a-zA-Z0-9\-_]*$')
119	n/a	bad_header_value_re = re.compile(r'[\000-\037]')
120	n/a
121	n/a	class WSGIWarning(Warning):
122	n/a	"""
123	n/a	Raised in response to WSGI-spec-related warnings
124	n/a	"""
125	n/a
126	n/a	def assert_(cond, *args):
127	n/a	if not cond:
128	n/a	raise AssertionError(*args)
129	n/a
130	n/a	def check_string_type(value, title):
131	n/a	if type (value) is str:
132	n/a	return value
133	n/a	raise AssertionError(
134	n/a	"{0} must be of type str (got {1})".format(title, repr(value)))
135	n/a
136	n/a	def validator(application):
137	n/a
138	n/a	"""
139	n/a	When applied between a WSGI server and a WSGI application, this
140	n/a	middleware will check for WSGI compliancy on a number of levels.
141	n/a	This middleware does not modify the request or response in any
142	n/a	way, but will raise an AssertionError if anything seems off
143	n/a	(except for a failure to close the application iterator, which
144	n/a	will be printed to stderr -- there's no way to raise an exception
145	n/a	at that point).
146	n/a	"""
147	n/a
148	n/a	def lint_app(args, *kw):
149	n/a	assert_(len(args) == 2, "Two arguments required")
150	n/a	assert_(not kw, "No keyword arguments allowed")
151	n/a	environ, start_response = args
152	n/a
153	n/a	check_environ(environ)
154	n/a
155	n/a	# We use this to check if the application returns without
156	n/a	# calling start_response:
157	n/a	start_response_started = []
158	n/a
159	n/a	def start_response_wrapper(args, *kw):
160	n/a	assert_(len(args) == 2 or len(args) == 3, (
161	n/a	"Invalid number of arguments: %s" % (args,)))
162	n/a	assert_(not kw, "No keyword arguments allowed")
163	n/a	status = args[0]
164	n/a	headers = args[1]
165	n/a	if len(args) == 3:
166	n/a	exc_info = args[2]
167	n/a	else:
168	n/a	exc_info = None
169	n/a
170	n/a	check_status(status)
171	n/a	check_headers(headers)
172	n/a	check_content_type(status, headers)
173	n/a	check_exc_info(exc_info)
174	n/a
175	n/a	start_response_started.append(None)
176	n/a	return WriteWrapper(start_response(*args))
177	n/a
178	n/a	environ['wsgi.input'] = InputWrapper(environ['wsgi.input'])
179	n/a	environ['wsgi.errors'] = ErrorWrapper(environ['wsgi.errors'])
180	n/a
181	n/a	iterator = application(environ, start_response_wrapper)
182	n/a	assert_(iterator is not None and iterator != False,
183	n/a	"The application must return an iterator, if only an empty list")
184	n/a
185	n/a	check_iterator(iterator)
186	n/a
187	n/a	return IteratorWrapper(iterator, start_response_started)
188	n/a
189	n/a	return lint_app
190	n/a
191	n/a	class InputWrapper:
192	n/a
193	n/a	def __init__(self, wsgi_input):
194	n/a	self.input = wsgi_input
195	n/a
196	n/a	def read(self, *args):
197	n/a	assert_(len(args) == 1)
198	n/a	v = self.input.read(*args)
199	n/a	assert_(type(v) is bytes)
200	n/a	return v
201	n/a
202	n/a	def readline(self, *args):
203	n/a	assert_(len(args) <= 1)
204	n/a	v = self.input.readline(*args)
205	n/a	assert_(type(v) is bytes)
206	n/a	return v
207	n/a
208	n/a	def readlines(self, *args):
209	n/a	assert_(len(args) <= 1)
210	n/a	lines = self.input.readlines(*args)
211	n/a	assert_(type(lines) is list)
212	n/a	for line in lines:
213	n/a	assert_(type(line) is bytes)
214	n/a	return lines
215	n/a
216	n/a	def __iter__(self):
217	n/a	while 1:
218	n/a	line = self.readline()
219	n/a	if not line:
220	n/a	return
221	n/a	yield line
222	n/a
223	n/a	def close(self):
224	n/a	assert_(0, "input.close() must not be called")
225	n/a
226	n/a	class ErrorWrapper:
227	n/a
228	n/a	def __init__(self, wsgi_errors):
229	n/a	self.errors = wsgi_errors
230	n/a
231	n/a	def write(self, s):
232	n/a	assert_(type(s) is str)
233	n/a	self.errors.write(s)
234	n/a
235	n/a	def flush(self):
236	n/a	self.errors.flush()
237	n/a
238	n/a	def writelines(self, seq):
239	n/a	for line in seq:
240	n/a	self.write(line)
241	n/a
242	n/a	def close(self):
243	n/a	assert_(0, "errors.close() must not be called")
244	n/a
245	n/a	class WriteWrapper:
246	n/a
247	n/a	def __init__(self, wsgi_writer):
248	n/a	self.writer = wsgi_writer
249	n/a
250	n/a	def __call__(self, s):
251	n/a	assert_(type(s) is bytes)
252	n/a	self.writer(s)
253	n/a
254	n/a	class PartialIteratorWrapper:
255	n/a
256	n/a	def __init__(self, wsgi_iterator):
257	n/a	self.iterator = wsgi_iterator
258	n/a
259	n/a	def __iter__(self):
260	n/a	# We want to make sure __iter__ is called
261	n/a	return IteratorWrapper(self.iterator, None)
262	n/a
263	n/a	class IteratorWrapper:
264	n/a
265	n/a	def __init__(self, wsgi_iterator, check_start_response):
266	n/a	self.original_iterator = wsgi_iterator
267	n/a	self.iterator = iter(wsgi_iterator)
268	n/a	self.closed = False
269	n/a	self.check_start_response = check_start_response
270	n/a
271	n/a	def __iter__(self):
272	n/a	return self
273	n/a
274	n/a	def __next__(self):
275	n/a	assert_(not self.closed,
276	n/a	"Iterator read after closed")
277	n/a	v = next(self.iterator)
278	n/a	if type(v) is not bytes:
279	n/a	assert_(False, "Iterator yielded non-bytestring (%r)" % (v,))
280	n/a	if self.check_start_response is not None:
281	n/a	assert_(self.check_start_response,
282	n/a	"The application returns and we started iterating over its body, but start_response has not yet been called")
283	n/a	self.check_start_response = None
284	n/a	return v
285	n/a
286	n/a	def close(self):
287	n/a	self.closed = True
288	n/a	if hasattr(self.original_iterator, 'close'):
289	n/a	self.original_iterator.close()
290	n/a
291	n/a	def __del__(self):
292	n/a	if not self.closed:
293	n/a	sys.stderr.write(
294	n/a	"Iterator garbage collected without being closed")
295	n/a	assert_(self.closed,
296	n/a	"Iterator garbage collected without being closed")
297	n/a
298	n/a	def check_environ(environ):
299	n/a	assert_(type(environ) is dict,
300	n/a	"Environment is not of the right type: %r (environment: %r)"
301	n/a	% (type(environ), environ))
302	n/a
303	n/a	for key in ['REQUEST_METHOD', 'SERVER_NAME', 'SERVER_PORT',
304	n/a	'wsgi.version', 'wsgi.input', 'wsgi.errors',
305	n/a	'wsgi.multithread', 'wsgi.multiprocess',
306	n/a	'wsgi.run_once']:
307	n/a	assert_(key in environ,
308	n/a	"Environment missing required key: %r" % (key,))
309	n/a
310	n/a	for key in ['HTTP_CONTENT_TYPE', 'HTTP_CONTENT_LENGTH']:
311	n/a	assert_(key not in environ,
312	n/a	"Environment should not have the key: %s "
313	n/a	"(use %s instead)" % (key, key[5:]))
314	n/a
315	n/a	if 'QUERY_STRING' not in environ:
316	n/a	warnings.warn(
317	n/a	'QUERY_STRING is not in the WSGI environment; the cgi '
318	n/a	'module will use sys.argv when this variable is missing, '
319	n/a	'so application errors are more likely',
320	n/a	WSGIWarning)
321	n/a
322	n/a	for key in environ.keys():
323	n/a	if '.' in key:
324	n/a	# Extension, we don't care about its type
325	n/a	continue
326	n/a	assert_(type(environ[key]) is str,
327	n/a	"Environmental variable %s is not a string: %r (value: %r)"
328	n/a	% (key, type(environ[key]), environ[key]))
329	n/a
330	n/a	assert_(type(environ['wsgi.version']) is tuple,
331	n/a	"wsgi.version should be a tuple (%r)" % (environ['wsgi.version'],))
332	n/a	assert_(environ['wsgi.url_scheme'] in ('http', 'https'),
333	n/a	"wsgi.url_scheme unknown: %r" % environ['wsgi.url_scheme'])
334	n/a
335	n/a	check_input(environ['wsgi.input'])
336	n/a	check_errors(environ['wsgi.errors'])
337	n/a
338	n/a	# @@: these need filling out:
339	n/a	if environ['REQUEST_METHOD'] not in (
340	n/a	'GET', 'HEAD', 'POST', 'OPTIONS', 'PATCH', 'PUT', 'DELETE', 'TRACE'):
341	n/a	warnings.warn(
342	n/a	"Unknown REQUEST_METHOD: %r" % environ['REQUEST_METHOD'],
343	n/a	WSGIWarning)
344	n/a
345	n/a	assert_(not environ.get('SCRIPT_NAME')
346	n/a	or environ['SCRIPT_NAME'].startswith('/'),
347	n/a	"SCRIPT_NAME doesn't start with /: %r" % environ['SCRIPT_NAME'])
348	n/a	assert_(not environ.get('PATH_INFO')
349	n/a	or environ['PATH_INFO'].startswith('/'),
350	n/a	"PATH_INFO doesn't start with /: %r" % environ['PATH_INFO'])
351	n/a	if environ.get('CONTENT_LENGTH'):
352	n/a	assert_(int(environ['CONTENT_LENGTH']) >= 0,
353	n/a	"Invalid CONTENT_LENGTH: %r" % environ['CONTENT_LENGTH'])
354	n/a
355	n/a	if not environ.get('SCRIPT_NAME'):
356	n/a	assert_('PATH_INFO' in environ,
357	n/a	"One of SCRIPT_NAME or PATH_INFO are required (PATH_INFO "
358	n/a	"should at least be '/' if SCRIPT_NAME is empty)")
359	n/a	assert_(environ.get('SCRIPT_NAME') != '/',
360	n/a	"SCRIPT_NAME cannot be '/'; it should instead be '', and "
361	n/a	"PATH_INFO should be '/'")
362	n/a
363	n/a	def check_input(wsgi_input):
364	n/a	for attr in ['read', 'readline', 'readlines', '__iter__']:
365	n/a	assert_(hasattr(wsgi_input, attr),
366	n/a	"wsgi.input (%r) doesn't have the attribute %s"
367	n/a	% (wsgi_input, attr))
368	n/a
369	n/a	def check_errors(wsgi_errors):
370	n/a	for attr in ['flush', 'write', 'writelines']:
371	n/a	assert_(hasattr(wsgi_errors, attr),
372	n/a	"wsgi.errors (%r) doesn't have the attribute %s"
373	n/a	% (wsgi_errors, attr))
374	n/a
375	n/a	def check_status(status):
376	n/a	status = check_string_type(status, "Status")
377	n/a	# Implicitly check that we can turn it into an integer:
378	n/a	status_code = status.split(None, 1)[0]
379	n/a	assert_(len(status_code) == 3,
380	n/a	"Status codes must be three characters: %r" % status_code)
381	n/a	status_int = int(status_code)
382	n/a	assert_(status_int >= 100, "Status code is invalid: %r" % status_int)
383	n/a	if len(status) < 4 or status[3] != ' ':
384	n/a	warnings.warn(
385	n/a	"The status string (%r) should be a three-digit integer "
386	n/a	"followed by a single space and a status explanation"
387	n/a	% status, WSGIWarning)
388	n/a
389	n/a	def check_headers(headers):
390	n/a	assert_(type(headers) is list,
391	n/a	"Headers (%r) must be of type list: %r"
392	n/a	% (headers, type(headers)))
393	n/a	header_names = {}
394	n/a	for item in headers:
395	n/a	assert_(type(item) is tuple,
396	n/a	"Individual headers (%r) must be of type tuple: %r"
397	n/a	% (item, type(item)))
398	n/a	assert_(len(item) == 2)
399	n/a	name, value = item
400	n/a	name = check_string_type(name, "Header name")
401	n/a	value = check_string_type(value, "Header value")
402	n/a	assert_(name.lower() != 'status',
403	n/a	"The Status header cannot be used; it conflicts with CGI "
404	n/a	"script, and HTTP status is not given through headers "
405	n/a	"(value: %r)." % value)
406	n/a	header_names[name.lower()] = None
407	n/a	assert_('\n' not in name and ':' not in name,
408	n/a	"Header names may not contain ':' or '\\n': %r" % name)
409	n/a	assert_(header_re.search(name), "Bad header name: %r" % name)
410	n/a	assert_(not name.endswith('-') and not name.endswith('_'),
411	n/a	"Names may not end in '-' or '_': %r" % name)
412	n/a	if bad_header_value_re.search(value):
413	n/a	assert_(0, "Bad header value: %r (bad char: %r)"
414	n/a	% (value, bad_header_value_re.search(value).group(0)))
415	n/a
416	n/a	def check_content_type(status, headers):
417	n/a	status = check_string_type(status, "Status")
418	n/a	code = int(status.split(None, 1)[0])
419	n/a	# @@: need one more person to verify this interpretation of RFC 2616
420	n/a	# http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
421	n/a	NO_MESSAGE_BODY = (204, 304)
422	n/a	for name, value in headers:
423	n/a	name = check_string_type(name, "Header name")
424	n/a	if name.lower() == 'content-type':
425	n/a	if code not in NO_MESSAGE_BODY:
426	n/a	return
427	n/a	assert_(0, ("Content-Type header found in a %s response, "
428	n/a	"which must not return content.") % code)
429	n/a	if code not in NO_MESSAGE_BODY:
430	n/a	assert_(0, "No Content-Type header found in headers (%s)" % headers)
431	n/a
432	n/a	def check_exc_info(exc_info):
433	n/a	assert_(exc_info is None or type(exc_info) is tuple,
434	n/a	"exc_info (%r) is not a tuple: %r" % (exc_info, type(exc_info)))
435	n/a	# More exc_info checks?
436	n/a
437	n/a	def check_iterator(iterator):
438	n/a	# Technically a bytestring is legal, which is why it's a really bad
439	n/a	# idea, because it may cause the response to be returned
440	n/a	# character-by-character
441	n/a	assert_(not isinstance(iterator, (str, bytes)),
442	n/a	"You should not return a string as your application iterator, "
443	n/a	"instead return a single-item list containing a bytestring.")