upstream/mercurial-mirror Commit - r36872:1f7d9024

hgweb: make parsedrequest part of wsgirequest...

Gregory Szorc -

r36872:1f7d9024 default

parent child

mercurial/hgweb/hgweb_mod.py

0 +1 -1

             # hgweb/hgweb_mod.py - Web interface for a repository.
             #
             # Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
             # Copyright 2005-2007 Matt Mackall <mpm@selenic.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             from __future__ import absolute_import
             import contextlib
             import os
             from .common import (
                 ErrorResponse,
                 HTTP_BAD_REQUEST,
                 HTTP_NOT_FOUND,
                 HTTP_NOT_MODIFIED,
                 HTTP_OK,
                 HTTP_SERVER_ERROR,
                 caching,
                 cspvalues,
                 permhooks,
             )
             from .. import (
                 encoding,
                 error,
                 formatter,
                 hg,
                 hook,
                 profiling,
                 pycompat,
                 repoview,
                 templatefilters,
                 templater,
                 ui as uimod,
                 util,
                 wireprotoserver,
             )
             from . import (
                 request as requestmod,
                 webcommands,
                 webutil,
                 wsgicgi,
             )
             archivespecs = util.sortdict((
                 ('zip', ('application/zip', 'zip', '.zip', None)),
                 ('gz', ('application/x-gzip', 'tgz', '.tar.gz', None)),
                 ('bz2', ('application/x-bzip2', 'tbz2', '.tar.bz2', None)),
             ))
             def getstyle(req, configfn, templatepath):
                 fromreq = req.form.get('style', [None])[0]
                 styles = (
                     fromreq,
                     configfn('web', 'style'),
                     'paper',
                 )
                 return styles, templater.stylemap(styles, templatepath)
             def makebreadcrumb(url, prefix=''):
                 '''Return a 'URL breadcrumb' list
                 A 'URL breadcrumb' is a list of URL-name pairs,
                 corresponding to each of the path items on a URL.
                 This can be used to create path navigation entries.
                 '''
                 if url.endswith('/'):
                     url = url[:-1]
                 if prefix:
                     url = '/' + prefix + url
                 relpath = url
                 if relpath.startswith('/'):
                     relpath = relpath[1:]
                 breadcrumb = []
                 urlel = url
                 pathitems = [''] + relpath.split('/')
                 for pathel in reversed(pathitems):
                     if not pathel or not urlel:
                         break
                     breadcrumb.append({'url': urlel, 'name': pathel})
                     urlel = os.path.dirname(urlel)
                 return reversed(breadcrumb)
             class requestcontext(object):
                 """Holds state/context for an individual request.
                 Servers can be multi-threaded. Holding state on the WSGI application
                 is prone to race conditions. Instances of this class exist to hold
                 mutable and race-free state for requests.
                 """
                 def __init__(self, app, repo):
                     self.repo = repo
                     self.reponame = app.reponame
                     self.archivespecs = archivespecs
                     self.maxchanges = self.configint('web', 'maxchanges')
                     self.stripecount = self.configint('web', 'stripes')
                     self.maxshortchanges = self.configint('web', 'maxshortchanges')
                     self.maxfiles = self.configint('web', 'maxfiles')
                     self.allowpull = self.configbool('web', 'allow-pull')
                     # we use untrusted=False to prevent a repo owner from using
                     # web.templates in .hg/hgrc to get access to any file readable
                     # by the user running the CGI script
                     self.templatepath = self.config('web', 'templates', untrusted=False)
                     # This object is more expensive to build than simple config values.
                     # It is shared across requests. The app will replace the object
                     # if it is updated. Since this is a reference and nothing should
                     # modify the underlying object, it should be constant for the lifetime
                     # of the request.
                     self.websubtable = app.websubtable
                     self.csp, self.nonce = cspvalues(self.repo.ui)
                 # Trust the settings from the .hg/hgrc files by default.
                 def config(self, section, name, default=uimod._unset, untrusted=True):
                     return self.repo.ui.config(section, name, default,
                                                untrusted=untrusted)
                 def configbool(self, section, name, default=uimod._unset, untrusted=True):
                     return self.repo.ui.configbool(section, name, default,
                                                    untrusted=untrusted)
                 def configint(self, section, name, default=uimod._unset, untrusted=True):
                     return self.repo.ui.configint(section, name, default,
                                                   untrusted=untrusted)
                 def configlist(self, section, name, default=uimod._unset, untrusted=True):
                     return self.repo.ui.configlist(section, name, default,
                                                    untrusted=untrusted)
                 def archivelist(self, nodeid):
                     allowed = self.configlist('web', 'allow_archive')
                     for typ, spec in self.archivespecs.iteritems():
                         if typ in allowed or self.configbool('web', 'allow%s' % typ):
                             yield {'type': typ, 'extension': spec[2], 'node': nodeid}
                 def templater(self, wsgireq, req):
                     # determine scheme, port and server name
                     # this is needed to create absolute urls
                     logourl = self.config('web', 'logourl')
                     logoimg = self.config('web', 'logoimg')
                     staticurl = (self.config('web', 'staticurl')
                                  or req.apppath + '/static/')
                     if not staticurl.endswith('/'):
                         staticurl += '/'
                     # some functions for the templater
                     def motd(**map):
                         yield self.config('web', 'motd')
                     # figure out which style to use
                     vars = {}
                     styles, (style, mapfile) = getstyle(wsgireq, self.config,
                                                         self.templatepath)
                     if style == styles[0]:
                         vars['style'] = style
                     sessionvars = webutil.sessionvars(vars, '?')
                     if not self.reponame:
                         self.reponame = (self.config('web', 'name', '')
                                          or wsgireq.env.get('REPO_NAME')
                                          or req.apppath or self.repo.root)
                     def websubfilter(text):
                         return templatefilters.websub(text, self.websubtable)
                     # create the templater
                     # TODO: export all keywords: defaults = templatekw.keywords.copy()
                     defaults = {
                         'url': req.apppath + '/',
                         'logourl': logourl,
                         'logoimg': logoimg,
                         'staticurl': staticurl,
                         'urlbase': req.advertisedbaseurl,
                         'repo': self.reponame,
                         'encoding': encoding.encoding,
                         'motd': motd,
                         'sessionvars': sessionvars,
                         'pathdef': makebreadcrumb(req.apppath),
                         'style': style,
                         'nonce': self.nonce,
                     }
                     tres = formatter.templateresources(self.repo.ui, self.repo)
                     tmpl = templater.templater.frommapfile(mapfile,
                                                            filters={'websub': websubfilter},
                                                            defaults=defaults,
                                                            resources=tres)
                     return tmpl
             class hgweb(object):
                 """HTTP server for individual repositories.
                 Instances of this class serve HTTP responses for a particular
                 repository.
                 Instances are typically used as WSGI applications.
                 Some servers are multi-threaded. On these servers, there may
                 be multiple active threads inside __call__.
                 """
                 def __init__(self, repo, name=None, baseui=None):
                     if isinstance(repo, str):
                         if baseui:
                             u = baseui.copy()
                         else:
                             u = uimod.ui.load()
                         r = hg.repository(u, repo)
                     else:
                         # we trust caller to give us a private copy
                         r = repo
                     r.ui.setconfig('ui', 'report_untrusted', 'off', 'hgweb')
                     r.baseui.setconfig('ui', 'report_untrusted', 'off', 'hgweb')
                     r.ui.setconfig('ui', 'nontty', 'true', 'hgweb')
                     r.baseui.setconfig('ui', 'nontty', 'true', 'hgweb')
                     # resolve file patterns relative to repo root
                     r.ui.setconfig('ui', 'forcecwd', r.root, 'hgweb')
                     r.baseui.setconfig('ui', 'forcecwd', r.root, 'hgweb')
                     # displaying bundling progress bar while serving feel wrong and may
                     # break some wsgi implementation.
                     r.ui.setconfig('progress', 'disable', 'true', 'hgweb')
                     r.baseui.setconfig('progress', 'disable', 'true', 'hgweb')
                     self._repos = [hg.cachedlocalrepo(self._webifyrepo(r))]
                     self._lastrepo = self._repos[0]
                     hook.redirect(True)
                     self.reponame = name
                 def _webifyrepo(self, repo):
                     repo = getwebview(repo)
                     self.websubtable = webutil.getwebsubs(repo)
                     return repo
                 @contextlib.contextmanager
                 def _obtainrepo(self):
                     """Obtain a repo unique to the caller.
                     Internally we maintain a stack of cachedlocalrepo instances
                     to be handed out. If one is available, we pop it and return it,
                     ensuring it is up to date in the process. If one is not available,
                     we clone the most recently used repo instance and return it.
                     It is currently possible for the stack to grow without bounds
                     if the server allows infinite threads. However, servers should
                     have a thread limit, thus establishing our limit.
                     """
                     if self._repos:
                         cached = self._repos.pop()
                         r, created = cached.fetch()
                     else:
                         cached = self._lastrepo.copy()
                         r, created = cached.fetch()
                     if created:
                         r = self._webifyrepo(r)
                     self._lastrepo = cached
                     self.mtime = cached.mtime
                     try:
                         yield r
                     finally:
                         self._repos.append(cached)
                 def run(self):
                     """Start a server from CGI environment.
                     Modern servers should be using WSGI and should avoid this
                     method, if possible.
                     """
                     if not encoding.environ.get('GATEWAY_INTERFACE',
                                                 '').startswith("CGI/1."):
                         raise RuntimeError("This function is only intended to be "
                                            "called while running as a CGI script.")
                     wsgicgi.launch(self)
                 def __call__(self, env, respond):
                     """Run the WSGI application.
                     This may be called by multiple threads.
                     """
                     req = requestmod.wsgirequest(env, respond)
                     return self.run_wsgi(req)
                 def run_wsgi(self, wsgireq):
                     """Internal method to run the WSGI application.
                     This is typically only called by Mercurial. External consumers
                     should be using instances of this class as the WSGI application.
                     """
                     with self._obtainrepo() as repo:
                         profile = repo.ui.configbool('profiling', 'enabled')
                         with profiling.profile(repo.ui, enabled=profile):
                             for r in self._runwsgi(wsgireq, repo):
                                 yield r
                 def _runwsgi(self, wsgireq, repo):
-                    req = requestmod.parserequestfromenv(wsgireq.env)
+                    req = wsgireq.req
                     rctx = requestcontext(self, repo)
                     # This state is global across all threads.
                     encoding.encoding = rctx.config('web', 'encoding')
                     rctx.repo.ui.environ = wsgireq.env
                     if rctx.csp:
                         # hgwebdir may have added CSP header. Since we generate our own,
                         # replace it.
                         wsgireq.headers = [h for h in wsgireq.headers
                                            if h[0] != 'Content-Security-Policy']
                         wsgireq.headers.append(('Content-Security-Policy', rctx.csp))
                     handled, res = wireprotoserver.handlewsgirequest(
                         rctx, wsgireq, req, self.check_perm)
                     if handled:
                         return res
                     if req.havepathinfo:
                         query = req.dispatchpath
                     else:
                         query = req.querystring.partition('&')[0].partition(';')[0]
                     # translate user-visible url structure to internal structure
                     args = query.split('/', 2)
                     if 'cmd' not in wsgireq.form and args and args[0]:
                         cmd = args.pop(0)
                         style = cmd.rfind('-')
                         if style != -1:
                             wsgireq.form['style'] = [cmd[:style]]
                             cmd = cmd[style + 1:]
                         # avoid accepting e.g. style parameter as command
                         if util.safehasattr(webcommands, cmd):
                             wsgireq.form['cmd'] = [cmd]
                         if cmd == 'static':
                             wsgireq.form['file'] = ['/'.join(args)]
                         else:
                             if args and args[0]:
                                 node = args.pop(0).replace('%2F', '/')
                                 wsgireq.form['node'] = [node]
                             if args:
                                 wsgireq.form['file'] = args
                         ua = req.headers.get('User-Agent', '')
                         if cmd == 'rev' and 'mercurial' in ua:
                             wsgireq.form['style'] = ['raw']
                         if cmd == 'archive':
                             fn = wsgireq.form['node'][0]
                             for type_, spec in rctx.archivespecs.iteritems():
                                 ext = spec[2]
                                 if fn.endswith(ext):
                                     wsgireq.form['node'] = [fn[:-len(ext)]]
                                     wsgireq.form['type'] = [type_]
                     else:
                         cmd = wsgireq.form.get('cmd', [''])[0]
                     # process the web interface request
                     try:
                         tmpl = rctx.templater(wsgireq, req)
                         ctype = tmpl('mimetype', encoding=encoding.encoding)
                         ctype = templater.stringify(ctype)
                         # check read permissions non-static content
                         if cmd != 'static':
                             self.check_perm(rctx, wsgireq, None)
                         if cmd == '':
                             wsgireq.form['cmd'] = [tmpl.cache['default']]
                             cmd = wsgireq.form['cmd'][0]
                         # Don't enable caching if using a CSP nonce because then it wouldn't
                         # be a nonce.
                         if rctx.configbool('web', 'cache') and not rctx.nonce:
                             caching(self, wsgireq) # sets ETag header or raises NOT_MODIFIED
                         if cmd not in webcommands.__all__:
                             msg = 'no such method: %s' % cmd
                             raise ErrorResponse(HTTP_BAD_REQUEST, msg)
                         elif cmd == 'file' and 'raw' in wsgireq.form.get('style', []):
                             rctx.ctype = ctype
                             content = webcommands.rawfile(rctx, wsgireq, tmpl)
                         else:
                             content = getattr(webcommands, cmd)(rctx, wsgireq, tmpl)
                             wsgireq.respond(HTTP_OK, ctype)
                         return content
                     except (error.LookupError, error.RepoLookupError) as err:
                         wsgireq.respond(HTTP_NOT_FOUND, ctype)
                         msg = pycompat.bytestr(err)
                         if (util.safehasattr(err, 'name') and
                             not isinstance(err,  error.ManifestLookupError)):
                             msg = 'revision not found: %s' % err.name
                         return tmpl('error', error=msg)
                     except (error.RepoError, error.RevlogError) as inst:
                         wsgireq.respond(HTTP_SERVER_ERROR, ctype)
                         return tmpl('error', error=pycompat.bytestr(inst))
                     except ErrorResponse as inst:
                         wsgireq.respond(inst, ctype)
                         if inst.code == HTTP_NOT_MODIFIED:
                             # Not allowed to return a body on a 304
                             return ['']
                         return tmpl('error', error=pycompat.bytestr(inst))
                 def check_perm(self, rctx, req, op):
                     for permhook in permhooks:
                         permhook(rctx, req, op)
             def getwebview(repo):
                 """The 'web.view' config controls changeset filter to hgweb. Possible
                 values are ``served``, ``visible`` and ``all``. Default is ``served``.
                 The ``served`` filter only shows changesets that can be pulled from the
                 hgweb instance.  The``visible`` filter includes secret changesets but
                 still excludes "hidden" one.
                 See the repoview module for details.
                 The option has been around undocumented since Mercurial 2.5, but no
                 user ever asked about it. So we better keep it undocumented for now."""
                 # experimental config: web.view
                 viewconfig = repo.ui.config('web', 'view', untrusted=True)
                 if viewconfig == 'all':
                     return repo.unfiltered()
                 elif viewconfig in repoview.filtertable:
                     return repo.filtered(viewconfig)
                 else:
                     return repo.filtered('served')

mercurial/hgweb/hgwebdir_mod.py

0 +5 0

             # hgweb/hgwebdir_mod.py - Web interface for a directory of repositories.
             #
             # Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
             # Copyright 2005, 2006 Matt Mackall <mpm@selenic.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             from __future__ import absolute_import
             import os
             import re
             import time
             from ..i18n import _
             from .common import (
                 ErrorResponse,
                 HTTP_NOT_FOUND,
                 HTTP_OK,
                 HTTP_SERVER_ERROR,
                 cspvalues,
                 get_contact,
                 get_mtime,
                 ismember,
                 paritygen,
                 staticfile,
             )
             from .. import (
                 configitems,
                 encoding,
                 error,
                 hg,
                 profiling,
                 pycompat,
                 scmutil,
                 templater,
                 ui as uimod,
                 util,
             )
             from . import (
                 hgweb_mod,
                 request as requestmod,
                 webutil,
                 wsgicgi,
             )
             from ..utils import dateutil
             def cleannames(items):
                 return [(util.pconvert(name).strip('/'), path) for name, path in items]
             def findrepos(paths):
                 repos = []
                 for prefix, root in cleannames(paths):
                     roothead, roottail = os.path.split(root)
                     # "foo = /bar/*" or "foo = /bar/**" lets every repo /bar/N in or below
                     # /bar/ be served as as foo/N .
                     # '*' will not search inside dirs with .hg (except .hg/patches),
                     # '**' will search inside dirs with .hg (and thus also find subrepos).
                     try:
                         recurse = {'*': False, '**': True}[roottail]
                     except KeyError:
                         repos.append((prefix, root))
                         continue
                     roothead = os.path.normpath(os.path.abspath(roothead))
                     paths = scmutil.walkrepos(roothead, followsym=True, recurse=recurse)
                     repos.extend(urlrepos(prefix, roothead, paths))
                 return repos
             def urlrepos(prefix, roothead, paths):
                 """yield url paths and filesystem paths from a list of repo paths
                 >>> conv = lambda seq: [(v, util.pconvert(p)) for v,p in seq]
                 >>> conv(urlrepos(b'hg', b'/opt', [b'/opt/r', b'/opt/r/r', b'/opt']))
                 [('hg/r', '/opt/r'), ('hg/r/r', '/opt/r/r'), ('hg', '/opt')]
                 >>> conv(urlrepos(b'', b'/opt', [b'/opt/r', b'/opt/r/r', b'/opt']))
                 [('r', '/opt/r'), ('r/r', '/opt/r/r'), ('', '/opt')]
                 """
                 for path in paths:
                     path = os.path.normpath(path)
                     yield (prefix + '/' +
                            util.pconvert(path[len(roothead):]).lstrip('/')).strip('/'), path
             def geturlcgivars(baseurl, port):
                 """
                 Extract CGI variables from baseurl
                 >>> geturlcgivars(b"http://host.org/base", b"80")
                 ('host.org', '80', '/base')
                 >>> geturlcgivars(b"http://host.org:8000/base", b"80")
                 ('host.org', '8000', '/base')
                 >>> geturlcgivars(b'/base', 8000)
                 ('', '8000', '/base')
                 >>> geturlcgivars(b"base", b'8000')
                 ('', '8000', '/base')
                 >>> geturlcgivars(b"http://host", b'8000')
                 ('host', '8000', '/')
                 >>> geturlcgivars(b"http://host/", b'8000')
                 ('host', '8000', '/')
                 """
                 u = util.url(baseurl)
                 name = u.host or ''
                 if u.port:
                     port = u.port
                 path = u.path or ""
                 if not path.startswith('/'):
                     path = '/' + path
                 return name, pycompat.bytestr(port), path
             class hgwebdir(object):
                 """HTTP server for multiple repositories.
                 Given a configuration, different repositories will be served depending
                 on the request path.
                 Instances are typically used as WSGI applications.
                 """
                 def __init__(self, conf, baseui=None):
                     self.conf = conf
                     self.baseui = baseui
                     self.ui = None
                     self.lastrefresh = 0
                     self.motd = None
                     self.refresh()
                 def refresh(self):
                     if self.ui:
                         refreshinterval = self.ui.configint('web', 'refreshinterval')
                     else:
                         item = configitems.coreitems['web']['refreshinterval']
                         refreshinterval = item.default
                     # refreshinterval <= 0 means to always refresh.
                     if (refreshinterval > 0 and
                         self.lastrefresh + refreshinterval > time.time()):
                         return
                     if self.baseui:
                         u = self.baseui.copy()
                     else:
                         u = uimod.ui.load()
                         u.setconfig('ui', 'report_untrusted', 'off', 'hgwebdir')
                         u.setconfig('ui', 'nontty', 'true', 'hgwebdir')
                         # displaying bundling progress bar while serving feels wrong and may
                         # break some wsgi implementations.
                         u.setconfig('progress', 'disable', 'true', 'hgweb')
                     if not isinstance(self.conf, (dict, list, tuple)):
                         map = {'paths': 'hgweb-paths'}
                         if not os.path.exists(self.conf):
                             raise error.Abort(_('config file %s not found!') % self.conf)
                         u.readconfig(self.conf, remap=map, trust=True)
                         paths = []
                         for name, ignored in u.configitems('hgweb-paths'):
                             for path in u.configlist('hgweb-paths', name):
                                 paths.append((name, path))
                     elif isinstance(self.conf, (list, tuple)):
                         paths = self.conf
                     elif isinstance(self.conf, dict):
                         paths = self.conf.items()
                     repos = findrepos(paths)
                     for prefix, root in u.configitems('collections'):
                         prefix = util.pconvert(prefix)
                         for path in scmutil.walkrepos(root, followsym=True):
                             repo = os.path.normpath(path)
                             name = util.pconvert(repo)
                             if name.startswith(prefix):
                                 name = name[len(prefix):]
                             repos.append((name.lstrip('/'), repo))
                     self.repos = repos
                     self.ui = u
                     encoding.encoding = self.ui.config('web', 'encoding')
                     self.style = self.ui.config('web', 'style')
                     self.templatepath = self.ui.config('web', 'templates', untrusted=False)
                     self.stripecount = self.ui.config('web', 'stripes')
                     if self.stripecount:
                         self.stripecount = int(self.stripecount)
                     self._baseurl = self.ui.config('web', 'baseurl')
                     prefix = self.ui.config('web', 'prefix')
                     if prefix.startswith('/'):
                         prefix = prefix[1:]
                     if prefix.endswith('/'):
                         prefix = prefix[:-1]
                     self.prefix = prefix
                     self.lastrefresh = time.time()
                 def run(self):
                     if not encoding.environ.get('GATEWAY_INTERFACE',
                                                 '').startswith("CGI/1."):
                         raise RuntimeError("This function is only intended to be "
                                            "called while running as a CGI script.")
                     wsgicgi.launch(self)
                 def __call__(self, env, respond):
                     wsgireq = requestmod.wsgirequest(env, respond)
                     return self.run_wsgi(wsgireq)
                 def read_allowed(self, ui, wsgireq):
                     """Check allow_read and deny_read config options of a repo's ui object
                     to determine user permissions.  By default, with neither option set (or
                     both empty), allow all users to read the repo.  There are two ways a
                     user can be denied read access:  (1) deny_read is not empty, and the
                     user is unauthenticated or deny_read contains user (or *), and (2)
                     allow_read is not empty and the user is not in allow_read.  Return True
                     if user is allowed to read the repo, else return False."""
                     user = wsgireq.env.get('REMOTE_USER')
                     deny_read = ui.configlist('web', 'deny_read', untrusted=True)
                     if deny_read and (not user or ismember(ui, user, deny_read)):
                         return False
                     allow_read = ui.configlist('web', 'allow_read', untrusted=True)
                     # by default, allow reading if no allow_read option has been set
                     if (not allow_read) or ismember(ui, user, allow_read):
                         return True
                     return False
                 def run_wsgi(self, wsgireq):
                     profile = self.ui.configbool('profiling', 'enabled')
                     with profiling.profile(self.ui, enabled=profile):
                         for r in self._runwsgi(wsgireq):
                             yield r
                 def _runwsgi(self, wsgireq):
                     try:
                         self.refresh()
                         csp, nonce = cspvalues(self.ui)
                         if csp:
                             wsgireq.headers.append(('Content-Security-Policy', csp))
                         virtual = wsgireq.env.get("PATH_INFO", "").strip('/')
                         tmpl = self.templater(wsgireq, nonce)
                         ctype = tmpl('mimetype', encoding=encoding.encoding)
                         ctype = templater.stringify(ctype)
                         # a static file
                         if virtual.startswith('static/') or 'static' in wsgireq.form:
                             if virtual.startswith('static/'):
                                 fname = virtual[7:]
                             else:
                                 fname = wsgireq.form['static'][0]
                             static = self.ui.config("web", "static", None,
                                                     untrusted=False)
                             if not static:
                                 tp = self.templatepath or templater.templatepaths()
                                 if isinstance(tp, str):
                                     tp = [tp]
                                 static = [os.path.join(p, 'static') for p in tp]
                             staticfile(static, fname, wsgireq)
                             return []
                         # top-level index
                         repos = dict(self.repos)
                         if (not virtual or virtual == 'index') and virtual not in repos:
                             wsgireq.respond(HTTP_OK, ctype)
                             return self.makeindex(wsgireq, tmpl)
                         # nested indexes and hgwebs
                         if virtual.endswith('/index') and virtual not in repos:
                             subdir = virtual[:-len('index')]
                             if any(r.startswith(subdir) for r in repos):
                                 wsgireq.respond(HTTP_OK, ctype)
                                 return self.makeindex(wsgireq, tmpl, subdir)
                         def _virtualdirs():
                             # Check the full virtual path, each parent, and the root ('')
                             if virtual != '':
                                 yield virtual
                                 for p in util.finddirs(virtual):
                                     yield p
                             yield ''
                         for virtualrepo in _virtualdirs():
                             real = repos.get(virtualrepo)
                             if real:
                                 wsgireq.env['REPO_NAME'] = virtualrepo
+                                # We have to re-parse because of updated environment
+                                # variable.
+                                # TODO this is kind of hacky and we should have a better
+                                # way of doing this than with REPO_NAME side-effects.
+                                wsgireq.req = requestmod.parserequestfromenv(wsgireq.env)
                                 try:
                                     # ensure caller gets private copy of ui
                                     repo = hg.repository(self.ui.copy(), real)
                                     return hgweb_mod.hgweb(repo).run_wsgi(wsgireq)
                                 except IOError as inst:
                                     msg = encoding.strtolocal(inst.strerror)
                                     raise ErrorResponse(HTTP_SERVER_ERROR, msg)
                                 except error.RepoError as inst:
                                     raise ErrorResponse(HTTP_SERVER_ERROR, bytes(inst))
                         # browse subdirectories
                         subdir = virtual + '/'
                         if [r for r in repos if r.startswith(subdir)]:
                             wsgireq.respond(HTTP_OK, ctype)
                             return self.makeindex(wsgireq, tmpl, subdir)
                         # prefixes not found
                         wsgireq.respond(HTTP_NOT_FOUND, ctype)
                         return tmpl("notfound", repo=virtual)
                     except ErrorResponse as err:
                         wsgireq.respond(err, ctype)
                         return tmpl('error', error=err.message or '')
                     finally:
                         tmpl = None
                 def makeindex(self, wsgireq, tmpl, subdir=""):
                     def archivelist(ui, nodeid, url):
                         allowed = ui.configlist("web", "allow_archive", untrusted=True)
                         archives = []
                         for typ, spec in hgweb_mod.archivespecs.iteritems():
                             if typ in allowed or ui.configbool("web", "allow" + typ,
                                                                 untrusted=True):
                                 archives.append({"type": typ, "extension": spec[2],
                                                  "node": nodeid, "url": url})
                         return archives
                     def rawentries(subdir="", **map):
                         descend = self.ui.configbool('web', 'descend')
                         collapse = self.ui.configbool('web', 'collapse')
                         seenrepos = set()
                         seendirs = set()
                         for name, path in self.repos:
                             if not name.startswith(subdir):
                                 continue
                             name = name[len(subdir):]
                             directory = False
                             if '/' in name:
                                 if not descend:
                                     continue
                                 nameparts = name.split('/')
                                 rootname = nameparts[0]
                                 if not collapse:
                                     pass
                                 elif rootname in seendirs:
                                     continue
                                 elif rootname in seenrepos:
                                     pass
                                 else:
                                     directory = True
                                     name = rootname
                                     # redefine the path to refer to the directory
                                     discarded = '/'.join(nameparts[1:])
                                     # remove name parts plus accompanying slash
                                     path = path[:-len(discarded) - 1]
                                     try:
                                         r = hg.repository(self.ui, path)
                                         directory = False
                                     except (IOError, error.RepoError):
                                         pass
                             parts = [name]
                             parts.insert(0, '/' + subdir.rstrip('/'))
                             if wsgireq.env['SCRIPT_NAME']:
                                 parts.insert(0, wsgireq.env['SCRIPT_NAME'])
                             url = re.sub(r'/+', '/', '/'.join(parts) + '/')
                             # show either a directory entry or a repository
                             if directory:
                                 # get the directory's time information
                                 try:
                                     d = (get_mtime(path), dateutil.makedate()[1])
                                 except OSError:
                                     continue
                                 # add '/' to the name to make it obvious that
                                 # the entry is a directory, not a regular repository
                                 row = {'contact': "",
                                        'contact_sort': "",
                                        'name': name + '/',
                                        'name_sort': name,
                                        'url': url,
                                        'description': "",
                                        'description_sort': "",
                                        'lastchange': d,
                                        'lastchange_sort': d[1]-d[0],
                                        'archives': [],
                                        'isdirectory': True,
                                        'labels': [],
                                        }
                                 seendirs.add(name)
                                 yield row
                                 continue
                             u = self.ui.copy()
                             try:
                                 u.readconfig(os.path.join(path, '.hg', 'hgrc'))
                             except Exception as e:
                                 u.warn(_('error reading %s/.hg/hgrc: %s\n') % (path, e))
                                 continue
                             def get(section, name, default=uimod._unset):
                                 return u.config(section, name, default, untrusted=True)
                             if u.configbool("web", "hidden", untrusted=True):
                                 continue
                             if not self.read_allowed(u, wsgireq):
                                 continue
                             # update time with local timezone
                             try:
                                 r = hg.repository(self.ui, path)
                             except IOError:
                                 u.warn(_('error accessing repository at %s\n') % path)
                                 continue
                             except error.RepoError:
                                 u.warn(_('error accessing repository at %s\n') % path)
                                 continue
                             try:
                                 d = (get_mtime(r.spath), dateutil.makedate()[1])
                             except OSError:
                                 continue
                             contact = get_contact(get)
                             description = get("web", "description")
                             seenrepos.add(name)
                             name = get("web", "name", name)
                             row = {'contact': contact or "unknown",
                                    'contact_sort': contact.upper() or "unknown",
                                    'name': name,
                                    'name_sort': name,
                                    'url': url,
                                    'description': description or "unknown",
                                    'description_sort': description.upper() or "unknown",
                                    'lastchange': d,
                                    'lastchange_sort': d[1]-d[0],
                                    'archives': archivelist(u, "tip", url),
                                    'isdirectory': None,
                                    'labels': u.configlist('web', 'labels', untrusted=True),
                                    }
                             yield row
                     sortdefault = None, False
                     def entries(sortcolumn="", descending=False, subdir="", **map):
                         rows = rawentries(subdir=subdir, **map)
                         if sortcolumn and sortdefault != (sortcolumn, descending):
                             sortkey = '%s_sort' % sortcolumn
                             rows = sorted(rows, key=lambda x: x[sortkey],
                                           reverse=descending)
                         for row, parity in zip(rows, paritygen(self.stripecount)):
                             row['parity'] = parity
                             yield row
                     self.refresh()
                     sortable = ["name", "description", "contact", "lastchange"]
                     sortcolumn, descending = sortdefault
                     if 'sort' in wsgireq.form:
                         sortcolumn = wsgireq.form['sort'][0]
                         descending = sortcolumn.startswith('-')
                         if descending:
                             sortcolumn = sortcolumn[1:]
                         if sortcolumn not in sortable:
                             sortcolumn = ""
                     sort = [("sort_%s" % column,
                              "%s%s" % ((not descending and column == sortcolumn)
                                         and "-" or "", column))
                             for column in sortable]
                     self.refresh()
                     self.updatereqenv(wsgireq.env)
                     return tmpl("index", entries=entries, subdir=subdir,
                                 pathdef=hgweb_mod.makebreadcrumb('/' + subdir, self.prefix),
                                 sortcolumn=sortcolumn, descending=descending,
                                 **dict(sort))
                 def templater(self, wsgireq, nonce):
                     def motd(**map):
                         if self.motd is not None:
                             yield self.motd
                         else:
                             yield config('web', 'motd')
                     def config(section, name, default=uimod._unset, untrusted=True):
                         return self.ui.config(section, name, default, untrusted)
                     self.updatereqenv(wsgireq.env)
                     url = wsgireq.env.get('SCRIPT_NAME', '')
                     if not url.endswith('/'):
                         url += '/'
                     vars = {}
                     styles, (style, mapfile) = hgweb_mod.getstyle(wsgireq, config,
                                                                   self.templatepath)
                     if style == styles[0]:
                         vars['style'] = style
                     sessionvars = webutil.sessionvars(vars, r'?')
                     logourl = config('web', 'logourl')
                     logoimg = config('web', 'logoimg')
                     staticurl = config('web', 'staticurl') or url + 'static/'
                     if not staticurl.endswith('/'):
                         staticurl += '/'
                     defaults = {
                         "encoding": encoding.encoding,
                         "motd": motd,
                         "url": url,
                         "logourl": logourl,
                         "logoimg": logoimg,
                         "staticurl": staticurl,
                         "sessionvars": sessionvars,
                         "style": style,
                         "nonce": nonce,
                     }
                     tmpl = templater.templater.frommapfile(mapfile, defaults=defaults)
                     return tmpl
                 def updatereqenv(self, env):
                     if self._baseurl is not None:
                         name, port, path = geturlcgivars(self._baseurl, env['SERVER_PORT'])
                         env['SERVER_NAME'] = name
                         env['SERVER_PORT'] = port
                         env['SCRIPT_NAME'] = path

mercurial/hgweb/request.py

0 +2 0

             # hgweb/request.py - An http request from either CGI or the standalone server.
             #
             # Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
             # Copyright 2005, 2006 Matt Mackall <mpm@selenic.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             from __future__ import absolute_import
             import cgi
             import errno
             import socket
             import wsgiref.headers as wsgiheaders
             #import wsgiref.validate
             from .common import (
                 ErrorResponse,
                 HTTP_NOT_MODIFIED,
                 statusmessage,
             )
             from ..thirdparty import (
                 attr,
             )
             from .. import (
                 pycompat,
                 util,
             )
             shortcuts = {
                 'cl': [('cmd', ['changelog']), ('rev', None)],
                 'sl': [('cmd', ['shortlog']), ('rev', None)],
                 'cs': [('cmd', ['changeset']), ('node', None)],
                 'f': [('cmd', ['file']), ('filenode', None)],
                 'fl': [('cmd', ['filelog']), ('filenode', None)],
                 'fd': [('cmd', ['filediff']), ('node', None)],
                 'fa': [('cmd', ['annotate']), ('filenode', None)],
                 'mf': [('cmd', ['manifest']), ('manifest', None)],
                 'ca': [('cmd', ['archive']), ('node', None)],
                 'tags': [('cmd', ['tags'])],
                 'tip': [('cmd', ['changeset']), ('node', ['tip'])],
                 'static': [('cmd', ['static']), ('file', None)]
             }
             def normalize(form):
                 # first expand the shortcuts
                 for k in shortcuts:
                     if k in form:
                         for name, value in shortcuts[k]:
                             if value is None:
                                 value = form[k]
                             form[name] = value
                         del form[k]
                 # And strip the values
                 bytesform = {}
                 for k, v in form.iteritems():
                     bytesform[pycompat.bytesurl(k)] = [
                         pycompat.bytesurl(i.strip()) for i in v]
                 return bytesform
             @attr.s(frozen=True)
             class parsedrequest(object):
                 """Represents a parsed WSGI request / static HTTP request parameters."""
                 # Request method.
                 method = attr.ib()
                 # Full URL for this request.
                 url = attr.ib()
                 # URL without any path components. Just <proto>://<host><port>.
                 baseurl = attr.ib()
                 # Advertised URL. Like ``url`` and ``baseurl`` but uses SERVER_NAME instead
                 # of HTTP: Host header for hostname. This is likely what clients used.
                 advertisedurl = attr.ib()
                 advertisedbaseurl = attr.ib()
                 # WSGI application path.
                 apppath = attr.ib()
                 # List of path parts to be used for dispatch.
                 dispatchparts = attr.ib()
                 # URL path component (no query string) used for dispatch.
                 dispatchpath = attr.ib()
                 # Whether there is a path component to this request. This can be true
                 # when ``dispatchpath`` is empty due to REPO_NAME muckery.
                 havepathinfo = attr.ib()
                 # Raw query string (part after "?" in URL).
                 querystring = attr.ib()
                 # List of 2-tuples of query string arguments.
                 querystringlist = attr.ib()
                 # Dict of query string arguments. Values are lists with at least 1 item.
                 querystringdict = attr.ib()
                 # wsgiref.headers.Headers instance. Operates like a dict with case
                 # insensitive keys.
                 headers = attr.ib()
             def parserequestfromenv(env):
                 """Parse URL components from environment variables.
                 WSGI defines request attributes via environment variables. This function
                 parses the environment variables into a data structure.
                 """
                 # PEP-0333 defines the WSGI spec and is a useful reference for this code.
                 # We first validate that the incoming object conforms with the WSGI spec.
                 # We only want to be dealing with spec-conforming WSGI implementations.
                 # TODO enable this once we fix internal violations.
                 #wsgiref.validate.check_environ(env)
                 # PEP-0333 states that environment keys and values are native strings
                 # (bytes on Python 2 and str on Python 3). The code points for the Unicode
                 # strings on Python 3 must be between \00000-\000FF. We deal with bytes
                 # in Mercurial, so mass convert string keys and values to bytes.
                 if pycompat.ispy3:
                     env = {k.encode('latin-1'): v for k, v in env.iteritems()}
                     env = {k: v.encode('latin-1') if isinstance(v, str) else v
                            for k, v in env.iteritems()}
                 # https://www.python.org/dev/peps/pep-0333/#environ-variables defines
                 # the environment variables.
                 # https://www.python.org/dev/peps/pep-0333/#url-reconstruction defines
                 # how URLs are reconstructed.
                 fullurl = env['wsgi.url_scheme'] + '://'
                 advertisedfullurl = fullurl
                 def addport(s):
                     if env['wsgi.url_scheme'] == 'https':
                         if env['SERVER_PORT'] != '443':
                             s += ':' + env['SERVER_PORT']
                     else:
                         if env['SERVER_PORT'] != '80':
                             s += ':' + env['SERVER_PORT']
                     return s
                 if env.get('HTTP_HOST'):
                     fullurl += env['HTTP_HOST']
                 else:
                     fullurl += env['SERVER_NAME']
                     fullurl = addport(fullurl)
                 advertisedfullurl += env['SERVER_NAME']
                 advertisedfullurl = addport(advertisedfullurl)
                 baseurl = fullurl
                 advertisedbaseurl = advertisedfullurl
                 fullurl += util.urlreq.quote(env.get('SCRIPT_NAME', ''))
                 advertisedfullurl += util.urlreq.quote(env.get('SCRIPT_NAME', ''))
                 fullurl += util.urlreq.quote(env.get('PATH_INFO', ''))
                 advertisedfullurl += util.urlreq.quote(env.get('PATH_INFO', ''))
                 if env.get('QUERY_STRING'):
                     fullurl += '?' + env['QUERY_STRING']
                     advertisedfullurl += '?' + env['QUERY_STRING']
                 # When dispatching requests, we look at the URL components (PATH_INFO
                 # and QUERY_STRING) after the application root (SCRIPT_NAME). But hgwebdir
                 # has the concept of "virtual" repositories. This is defined via REPO_NAME.
                 # If REPO_NAME is defined, we append it to SCRIPT_NAME to form a new app
                 # root. We also exclude its path components from PATH_INFO when resolving
                 # the dispatch path.
                 apppath = env['SCRIPT_NAME']
                 if env.get('REPO_NAME'):
                     if not apppath.endswith('/'):
                         apppath += '/'
                     apppath += env.get('REPO_NAME')
                 if 'PATH_INFO' in env:
                     dispatchparts = env['PATH_INFO'].strip('/').split('/')
                     # Strip out repo parts.
                     repoparts = env.get('REPO_NAME', '').split('/')
                     if dispatchparts[:len(repoparts)] == repoparts:
                         dispatchparts = dispatchparts[len(repoparts):]
                 else:
                     dispatchparts = []
                 dispatchpath = '/'.join(dispatchparts)
                 querystring = env.get('QUERY_STRING', '')
                 # We store as a list so we have ordering information. We also store as
                 # a dict to facilitate fast lookup.
                 querystringlist = util.urlreq.parseqsl(querystring, keep_blank_values=True)
                 querystringdict = {}
                 for k, v in querystringlist:
                     if k in querystringdict:
                         querystringdict[k].append(v)
                     else:
                         querystringdict[k] = [v]
                 # HTTP_* keys contain HTTP request headers. The Headers structure should
                 # perform case normalization for us. We just rewrite underscore to dash
                 # so keys match what likely went over the wire.
                 headers = []
                 for k, v in env.iteritems():
                     if k.startswith('HTTP_'):
                         headers.append((k[len('HTTP_'):].replace('_', '-'), v))
                 headers = wsgiheaders.Headers(headers)
                 # This is kind of a lie because the HTTP header wasn't explicitly
                 # sent. But for all intents and purposes it should be OK to lie about
                 # this, since a consumer will either either value to determine how many
                 # bytes are available to read.
                 if 'CONTENT_LENGTH' in env and 'HTTP_CONTENT_LENGTH' not in env:
                     headers['Content-Length'] = env['CONTENT_LENGTH']
                 return parsedrequest(method=env['REQUEST_METHOD'],
                                      url=fullurl, baseurl=baseurl,
                                      advertisedurl=advertisedfullurl,
                                      advertisedbaseurl=advertisedbaseurl,
                                      apppath=apppath,
                                      dispatchparts=dispatchparts, dispatchpath=dispatchpath,
                                      havepathinfo='PATH_INFO' in env,
                                      querystring=querystring,
                                      querystringlist=querystringlist,
                                      querystringdict=querystringdict,
                                      headers=headers)
             class wsgirequest(object):
                 """Higher-level API for a WSGI request.
                 WSGI applications are invoked with 2 arguments. They are used to
                 instantiate instances of this class, which provides higher-level APIs
                 for obtaining request parameters, writing HTTP output, etc.
                 """
                 def __init__(self, wsgienv, start_response):
                     version = wsgienv[r'wsgi.version']
                     if (version < (1, 0)) or (version >= (2, 0)):
                         raise RuntimeError("Unknown and unsupported WSGI version %d.%d"
                                            % version)
                     self.inp = wsgienv[r'wsgi.input']
                     if r'HTTP_CONTENT_LENGTH' in wsgienv:
                         self.inp = util.cappedreader(self.inp,
                                                      int(wsgienv[r'HTTP_CONTENT_LENGTH']))
                     elif r'CONTENT_LENGTH' in wsgienv:
                         self.inp = util.cappedreader(self.inp,
                                                      int(wsgienv[r'CONTENT_LENGTH']))
                     self.err = wsgienv[r'wsgi.errors']
                     self.threaded = wsgienv[r'wsgi.multithread']
                     self.multiprocess = wsgienv[r'wsgi.multiprocess']
                     self.run_once = wsgienv[r'wsgi.run_once']
                     self.env = wsgienv
                     self.form = normalize(cgi.parse(self.inp,
                                                     self.env,
                                                     keep_blank_values=1))
                     self._start_response = start_response
                     self.server_write = None
                     self.headers = []
+                    self.req = parserequestfromenv(wsgienv)
                 def respond(self, status, type, filename=None, body=None):
                     if not isinstance(type, str):
                         type = pycompat.sysstr(type)
                     if self._start_response is not None:
                         self.headers.append((r'Content-Type', type))
                         if filename:
                             filename = (filename.rpartition('/')[-1]
                                         .replace('\\', '\\\\').replace('"', '\\"'))
                             self.headers.append(('Content-Disposition',
                                                  'inline; filename="%s"' % filename))
                         if body is not None:
                             self.headers.append((r'Content-Length', str(len(body))))
                         for k, v in self.headers:
                             if not isinstance(v, str):
                                 raise TypeError('header value must be string: %r' % (v,))
                         if isinstance(status, ErrorResponse):
                             self.headers.extend(status.headers)
                             if status.code == HTTP_NOT_MODIFIED:
                                 # RFC 2616 Section 10.3.5: 304 Not Modified has cases where
                                 # it MUST NOT include any headers other than these and no
                                 # body
                                 self.headers = [(k, v) for (k, v) in self.headers if
                                                 k in ('Date', 'ETag', 'Expires',
                                                       'Cache-Control', 'Vary')]
                             status = statusmessage(status.code, pycompat.bytestr(status))
                         elif status == 200:
                             status = '200 Script output follows'
                         elif isinstance(status, int):
                             status = statusmessage(status)
                         # Various HTTP clients (notably httplib) won't read the HTTP
                         # response until the HTTP request has been sent in full. If servers
                         # (us) send a response before the HTTP request has been fully sent,
                         # the connection may deadlock because neither end is reading.
                         #
                         # We work around this by "draining" the request data before
                         # sending any response in some conditions.
                         drain = False
                         close = False
                         # If the client sent Expect: 100-continue, we assume it is smart
                         # enough to deal with the server sending a response before reading
                         # the request. (httplib doesn't do this.)
                         if self.env.get(r'HTTP_EXPECT', r'').lower() == r'100-continue':
                             pass
                         # Only tend to request methods that have bodies. Strictly speaking,
                         # we should sniff for a body. But this is fine for our existing
                         # WSGI applications.
                         elif self.env[r'REQUEST_METHOD'] not in (r'POST', r'PUT'):
                             pass
                         else:
                             # If we don't know how much data to read, there's no guarantee
                             # that we can drain the request responsibly. The WSGI
                             # specification only says that servers *should* ensure the
                             # input stream doesn't overrun the actual request. So there's
                             # no guarantee that reading until EOF won't corrupt the stream
                             # state.
                             if not isinstance(self.inp, util.cappedreader):
                                 close = True
                             else:
                                 # We /could/ only drain certain HTTP response codes. But 200
                                 # and non-200 wire protocol responses both require draining.
                                 # Since we have a capped reader in place for all situations
                                 # where we drain, it is safe to read from that stream. We'll
                                 # either do a drain or no-op if we're already at EOF.
                                 drain = True
                         if close:
                             self.headers.append((r'Connection', r'Close'))
                         if drain:
                             assert isinstance(self.inp, util.cappedreader)
                             while True:
                                 chunk = self.inp.read(32768)
                                 if not chunk:
                                     break
                         self.server_write = self._start_response(
                             pycompat.sysstr(status), self.headers)
                         self._start_response = None
                         self.headers = []
                     if body is not None:
                         self.write(body)
                         self.server_write = None
                 def write(self, thing):
                     if thing:
                         try:
                             self.server_write(thing)
                         except socket.error as inst:
                             if inst[0] != errno.ECONNRESET:
                                 raise
                 def flush(self):
                     return None
             def wsgiapplication(app_maker):
                 '''For compatibility with old CGI scripts. A plain hgweb() or hgwebdir()
                 can and should now be used as a WSGI application.'''
                 application = app_maker()
                 def run_wsgi(env, respond):
                     return application(env, respond)
                 return run_wsgi

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages