|
Server : Apache/2.2.2 (Fedora) System : Linux App1.pathumtani.go.th 2.6.20-1.2320.fc5smp #1 SMP Tue Jun 12 19:40:16 EDT 2007 i686 User : apache ( 48) PHP Version : 5.2.9 Disable Function : NONE Directory : /proc/self/root/usr/lib/python2.4/site-packages/mod_python/ |
Upload File : |
mò
A™áCc�����������@���sÕ���d��Z��d�k�Z�d�k�Z�d�k�Z�d�k�Z�d�k�Z�d�e�f�d�„��ƒ��YZ�d�e�f�d�„��ƒ��YZ �d�e
�f�d�„��ƒ��YZ
�d�e
�f�d �„��ƒ��YZ
�d
�e
�f�d
�„��ƒ��YZ
�e�i�d
�ƒ�Z�d
�„��Z�d�d�„�Z�e
�d�„�Z�d�S(���s™��
This module contains classes to support HTTP State Management
Mechanism, also known as Cookies. The classes provide simple
ways for creating, parsing and digitally signing cookies, as
well as the ability to store simple Python objects in Cookies
(using marshalling).
The behaviour of the classes is designed to be most useful
within mod_python applications.
The current state of HTTP State Management standardization is
rather unclear. It appears that the de-facto standard is the
original Netscape specification, even though already two RFC's
have been put out (RFC2109 (1997) and RFC2965 (2000)). The
RFC's add a couple of useful features (e.g. using Max-Age instead
of Expires, but my limited tests show that Max-Age is ignored
by the two browsers tested (IE and Safari). As a result of this,
perhaps trying to be RFC-compliant (by automatically providing
Max-Age and Version) could be a waste of cookie space...
Nt
���CookieErrorc�����������B���s���t��Z�RS(���N(���t���__name__t
���__module__(����(����(����t5���/usr/lib/python2.4/site-packages/mod_python/Cookie.pyR����3���s���t
���metaCookiec�����������B���s���t��Z�d�„��Z�RS(���Nc������
���C���se���d�}�|�d�}�|�|�d�<|�|�d�<d�„��}�d�„��}�t�d�|�d�|�ƒ�|�d�<t�i�|��|�|�|�ƒ�S(���Nt���versiont���patht���domaint���securet���commentt���expirest���max_aget
���commentURLt���discardt���portt���namet���valuet���_valuet���_expirest���__data__t
���_valid_attrt ���__slots__c���������C���s—���t��|�ƒ�t��d�ƒ�j�oL�y�t�i�|�d�ƒ�}�Wn �t�j
�o�t�d�|�‚�n�Xt�i�|�ƒ�}�n"�|�}�t�i�d�t�i�|�ƒ�ƒ�}�d�|�|��_
�d��S(���Nt����s���%a, %d-%b-%Y %H:%M:%S GMTs���Invalid expires time: %ss���%s(
���t���typeR���t���timet���strptimet���tt
���ValueErrort���mktimet���strftimet���gmtimet���selfR���(���R ���R���R���(����(����R���t
���set_expiresI���s���� c���������C���s���|��i�S(���N(���R ���R���(���R ���(����(����R���t
���get_expires\���s����t���fgett���fset(
���s���versions���pathR���R���R ���R
���R
���R
���s���discardR���(���s���names���valueR���s���_expiresR���(
���R���R���t���clsdictR ���R!���t���propertyR���t���__new__t���clst���clsnamet���bases(���R'���R(���R)���R$���R ���R���R���R!���(����(����R���R&���8���s����
(���R���R���R&���(����(����(����R���R���6���s���t���Cookiec�����������B���sD���t��Z�d��Z�e�Z�d�„��Z�e�e�ƒ�Z�d�„��Z�d�„��Z�d�„��Z �RS(���sÁ���
This class implements the basic Cookie functionality. Note that
unlike the Python Standard Library Cookie class, this class represents
a single cookie (not a list of Morsels).
c���������C���s���t��|�|��ƒ�}�|�S(���s¯���
Parse a Cookie or Set-Cookie header value, and return
a dict of Cookies. Note: the string should NOT include the
header name, only the value.
N(���t
���_parse_cookiet���strt���Classt���dict(���R-���R,���R.���(����(����R���t���parsel���s�����c���������K���sK���|�|�|��_��|��_�x(�|�D] �}�t�|��|�i�ƒ��|�|�ƒ�q�Wh��|��_�d�S(���sÉ���
This constructor takes at least a name and value as the
arguments, as well as optionally any of allowed cookie attributes
as defined in the existing cookie standards.
N(���R���R���R ���t���kwt���kt���setattrt���lowerR���(���R ���R���R���R0���R1���(����(����R���t���__init__x���s
������
c���������C���sŒ���d�|��i�|��i�f�g�}�xc�|��i�D]X�}�t�|��|�ƒ�oB�|�d�j�o�|�i�|�ƒ�q{�|�i�d�|�t�|��|�ƒ�f�ƒ�q#�q#�Wd�i�|�ƒ�S(���s¤��
Provides the string representation of the Cookie suitable for
sending to the browser. Note that the actual header name will
not be part of the string.
This method makes no attempt to automatically double-quote
strings that contain special characters, even though the RFC's
dictate this. This is because doing so seems to confuse most
browsers out there.
s���%s=%sR���R
���s���; N(���s���secures���discard( ���R ���R���R���t���resultR���t���hasattrt���appendt���getattrt���join(���R ���R5���R���(����(����R���t���__str__ˆ���s����
�
�
(c���������C���s���d�|��i�i�t�|��ƒ�f�S(���Ns���<%s: %s>(���R ���t ���__class__R���R,���(���R ���(����(����R���t���__repr__ž���s����(
���R���R���t���__doc__R���t
���__metaclass__R/���t
���classmethodR4���R:���R<���(����(����(����R���R*���c���s���
�
t
���SignedCookiec�����������B���sJ���t��Z�d��Z�d�„��Z�e�e�ƒ�Z�e�d�„�Z�d�„��Z�d�„��Z�d�„��Z �RS(���sx��
This is a variation of Cookie that provides automatic
cryptographic signing of cookies and verification. It uses
the HMAC support in the Python standard library. This ensures
that the cookie has not been tamprered with on the client side.
Note that this class does not encrypt cookie data, thus it
is still plainly visible as part of the cookie.
c���������C���su���t��|�|��ƒ�}�x_�|�D]W�}�|�|�}�y�|�i�|�ƒ�Wq�t�j
�o'�t �i
�t �i
�|�ƒ�ƒ�|�|�|�<q�Xq�W|�S(���N(
���R+���t���sR-���R.���R1���t���ct���unsignt���secretR����R*���R/���R:���(���R-���RA���RD���RB���R1���R.���(����(����R���R/���®���s�����
)c���������K���s'���t��i�|��|�|�|��|�|��i�d�<d��S(���NRD���(���R*���R4���R ���R���R���R0���RD���R���(���R ���R���R���RD���R0���(����(����R���R4���¾���s����c���������C���sN���|��i�d�p
�t�d�‚�n�t�i�|��i�d�|��i�ƒ�}�|�i�|�ƒ�|�i �ƒ��S(���NRD���s
���Cannot sign without a secret(
���R ���R���R����t���hmact���newR���t���_hmact���updateR,���t ���hexdigest(���R ���R,���RG���(����(����R���RI������s
����
c���������C���s›���d�|��i�|��i�|��i�ƒ�|��i�f�g�}�xc�|��i�D]X�}�t�|��|�ƒ�oB�|�d�j�o�|�i�|�ƒ�qŠ�|�i�d�|�t�|��|�ƒ�f�ƒ�q2�q2�Wd�i �|�ƒ�S(���Ns���%s=%s%sR���R
���s���%s=%ss���; (���s���secures���discard(
���R ���R���RI���R���R5���R���R6���R7���R8���R9���(���R ���R5���R���(����(����R���R:������s����(
�
(c���������C���s‡���|��i�d� |��i�d� }�}�t�i�|�|��i�ƒ�}�|�i �|�ƒ�|�i
�ƒ��|�j�o�|�|��_�|�|��i
�d�<n�t
�d�|��i�|��i�f�‚�d��S(���Ni ���RD���s ���Incorrectly Signed Cookie: %s=%s(
���R ���R���t���sigt���valRE���RF���RD���R���t���macRH���RI���R���R����(���R ���RD���RK���RL���RJ���(����(����R���RC������s����
(
���R���R���R=���R/���R?���t���NoneR4���RI���R:���RC���(����(����(����R���R@���£���s���
�
t
���MarshalCookiec�����������B���s5���t��Z�d��Z�d�„��Z�e�e�ƒ�Z�d�„��Z�d�„��Z�RS(���sä��
This is a variation of SignedCookie that can store more than
just strings. It will automatically marshal the cookie value,
therefore any marshallable object can be used as value.
The standard library Cookie module provides the ability to pickle
data, which is a major security problem. It is believed that unmarshalling
(as opposed to unpickling) is safe, yet we still err on the side of caution
which is why this class is a subclass of SignedCooke making sure what
we are about to unmarshal passes the digital signature test.
Here is a link to a sugesstion that marshalling is safer than unpickling
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=7xn0hcugmy.fsf%40ruckus.brouhaha.com
c���������C���s{���t��|�|��ƒ�}�xe�|�D]]�}�|�|�}�y�|�i�|�ƒ�Wq�t�t �f�j
�o'�t
�i
�t
�i
�|�ƒ�ƒ�|�|�|�<q�Xq�W|�S(���N(
���R+���RA���R-���R.���R1���RB���t ���unmarshalRD���R����R���R*���R/���R:���(���R-���RA���RD���RB���R1���R.���(����(����R���R/���õ���s�����
)c���������C���sÅ���t��i�t�i�|��i�ƒ�ƒ�}�d�i�|�i�ƒ��ƒ�}�d�|��i �|��i
�|�ƒ�|�f�g�}�xc�|��i
�D]X�}�t
�|��|�ƒ�oB�|�d�j�o�|�i�|�ƒ�q´�|�i�d�|�t�|��|�ƒ�f�ƒ�q\�q\�Wd�i�|�ƒ�S(���NR���s���%s=%s%sR���R
���s���%s=%ss���; (���s���secures���discard(���t���base64t
���encodestringt���marshalt���dumpsR ���R���t���mR9���t���splitR���RI���R5���R���R6���R7���R8���(���R ���R���RT���R5���(����(����R���R:�����s����"
�
(c���������C���s/���|��i�|�ƒ�t�i�t�i�|��i�ƒ�ƒ�|��_�d��S(���N(���R ���RC���RD���RR���t���loadsRP���t
���decodestringR���(���R ���RD���(����(����R���RO�����s����
(���R���R���R=���R/���R?���R:���RO���(����(����(����R���RN�����s
���
�
sJ���(?x)[,\ ]*(?P<key>[^;\ =]+)\ *(=\ *)?(?P<val>"(?:[^\\"]|\\.)*"|[^;]*)\s*;?c���������C���sq���h��}�t�i�|��ƒ�}�xU�|�D]M�}�|�i�d�ƒ�|�i�d�ƒ�}�}�|�d�d�j�o�|�|�|�ƒ�|�|�<q
�q
�W|�S(���Nt���keyRK���i����t���$(
���R5���t���_cookiePatternt���finditerR,���t ���matchItert���matcht���groupRX���RK���R-���(���R,���R-���RX���RK���R\���R5���R]���(����(����R���R+���.��s����� R���c���������K���sm���t��|�t�ƒ�p�t�|�|�|��}�n�|��i�i�d�ƒ�p�|��i�i�d�d�ƒ�n�|��i�i�d�t �|�ƒ�ƒ�d�S(���sq���
Sets a cookie in outgoing headers and adds a cache
directive so that caches don't cache the cookie.
s
���Set-Cookies
���Cache-Controls���no-cache="set-cookie"N(
���t
���isinstancet���cookieR*���R���R0���t���reqt
���headers_outt���has_keyt���addR,���(���Ra���R`���R���R0���(����(����R���t
���add_cookie?��s
�����c���������K���sd���|��i�i�d�ƒ�p�h��Sn�|��i�d�}�t�|�ƒ�t�g��ƒ�j�o�d�i�|�ƒ�}�n�|�i�|�|��S(���sŽ���
A shorthand for retrieveing and parsing cookies given
a Cookie class. The class must be one of the classes from
this module.
R`���s���; N( ���Ra���t
���headers_inRc���t���cookiesR���R9���R-���R/���R0���(���Ra���R-���R0���Rg���(����(����R���t
���get_cookiesP��s�����
(���R=���R���t���reRE���RR���RP���t ���ExceptionR����R���R���t���objectR*���R@���RN���t���compileRZ���R+���Re���Rh���(���RN���Rh���Re���RP���R+���R���RE���Ri���RZ���R*���R@���R���R����RR���(����(����R���t���?)���s
��� -@A;