B GZJ @sdZddlmZddlmZmZddlmZddlmZm Z m Z m Z m Z m Z mZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZddl m!Z!m"Z"m#Z#ddl$m%Z%m&Z&ddl'm(Z(m)Z)m*Z*m+Z+dd l,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2dd l3m4Z4m5Z5m6Z6m7Z7m8Z8m9Z9m:Z:m;Z;mZ>m?Z?m@Z@mAZAmBZBdd lCmDZDdd lEmFZFmGZGmHZHmIZImJZJmKZKmLZLmMZMmNZNd daOddZPddZQddZRddZSGdddeTZUGdddeTZVGdddeTZWGdddeTZXGdd d eTZYGd!d"d"eTZZGd#d$d$eTZ[Gd%d&d&eTZ\Gd'd(d(eTZ]Gd)d*d*eTZ^Gd+d,d,eTZ_Gd-d.d.eTZ`Gd/d0d0eTZaGd1d2d2eUeWeXeYeZe_ZbGd3d4d4e[ebZcGd5d6d6eVe\e^e`eaZdd7S)8ai werkzeug.wrappers ~~~~~~~~~~~~~~~~~ The wrappers are simple request and response objects which you can subclass to do whatever you want them to do. The request object contains the information transmitted by the client (webbrowser) and the response object contains all the information sent back to the browser. An important detail is that the request object is created with the WSGI environ and will act as high-level proxy whereas the response object is an actual WSGI application. Like everything else in Werkzeug these objects will work correctly with unicode data. Incoming form data parsed by the response object will be decoded into an unicode object if possible and if it makes sense. :copyright: (c) 2014 by the Werkzeug Team, see AUTHORS for more details. :license: BSD, see LICENSE for more details. )update_wrapper)datetime timedelta)warn)HTTP_STATUS_CODESparse_accept_headerparse_cache_control_header parse_etags parse_date generate_etagis_resource_modified unquote_etag quote_etagparse_set_headerparse_authorization_headerparse_www_authenticate_headerremove_entity_headersparse_options_headerdump_options_header http_dateparse_if_range_header parse_cookie dump_cookieparse_range_headerparse_content_range_header dump_header parse_agedump_age) url_decode iri_to_uriurl_join)FormDataParserdefault_stream_factory)cached_propertyenviron_propertyheader_propertyget_content_type)get_current_urlget_hostClosingIteratorget_input_streamget_content_length _RangeWrapper) MultiDictCombinedMultiDictHeadersEnvironHeadersImmutableMultiDictImmutableTypeConversionDict ImmutableList MIMEAccept CharsetAcceptLanguageAcceptResponseCacheControlRequestCacheControl CallbackDict ContentRangeiter_multi_items) _get_environ) to_bytes string_types text_type integer_typeswsgi_decoding_dancewsgi_get_bytes to_unicode to_nativeBytesIOcGsddlmat|S)zsThis function replaces itself to ensure that the test module is not imported unless required. DO NOT USE! r) run_wsgi_app) werkzeug.testrF _run_wsgi_app)argsrJ0lib/python3.7/site-packages/werkzeug/wrappers.pyrH5s rHcCst|trttddddS)znHelper for the response objects to check if the iterable returned to the WSGI server is not a string. zresponse iterable was set to a string. This appears to work but means that the server will send the data to the client char, by char. This is almost never intended behavior, use response.data to assign strings to the response object.) stacklevelN) isinstancer>rWarning)iterablerJrJrK_warn_if_string>s rQcCs|jrtddS)NzeA shallow request tried to consume form data. If you really want to do that, set `shallow` to False.)shallow RuntimeError)requestrJrJrK_assert_not_shallowJsrUccs0x*|D]"}t|tr"||Vq|VqWdS)N)rNr?encode)rPcharsetitemrJrJrK _iter_encodedQs  rYcCs6|dkr dS|dkrdSt|tr*t|StddS)NTbytesFZnonezInvalid accept_ranges value)rNr?rD ValueError) accept_rangesrJrJrK_clean_accept_rangesYs r]c@s eZdZdZdZdZdZdZeZ e Z e Z eZdZdZdaddZd d Zed d Zed dZeddZdbddZeddZddZddZddZddZddZdd Z e!d!d"Z"e#d#d$Z$e!d%d&Z%e!d'd(Z&dcd)d*Z'e!d+d,Z(e!d-d.Z)e!d/d0Z*e!d1d2Z+e!d3d4Z,e!d5d6Z-e!d7d8Z.e!d9d:Z/e!d;d<Z0e!d=d>Z1e!d?d@Z2e!dAdBZ3e!dCdDZ4e#dEdFde5dGdHZ6e#dIdJddKdLdMdHZ7e!dNdOZ8edPdQZ9e#dRdSdTZ:e#dUdVdTZ;edWdXZe#d]d^dTZ?e#d_d`dTZ@dS)d BaseRequestaVery basic request object. This does not implement advanced stuff like entity tag parsing or cache controls. The request object is created with the WSGI environment as first argument and will add itself to the WSGI environment as ``'werkzeug.request'`` unless it's created with `populate_request` set to False. There are a couple of mixins available that add additional functionality to the request object, there is also a class called `Request` which subclasses `BaseRequest` and all the important mixins. It's a good idea to create a custom subclass of the :class:`BaseRequest` and add missing functionality either via mixins or direct implementation. Here an example for such subclasses:: from werkzeug.wrappers import BaseRequest, ETagRequestMixin class Request(BaseRequest, ETagRequestMixin): pass Request objects are **read only**. As of 0.5 modifications are not allowed in any place. Unlike the lower level parsing functions the request object will use immutable objects everywhere possible. Per default the request object will assume all the text data is `utf-8` encoded. Please refer to `the unicode chapter `_ for more details about customizing the behavior. Per default the request object will be added to the WSGI environment as `werkzeug.request` to support the debugging system. If you don't want that, set `populate_request` to `False`. If `shallow` is `True` the environment is initialized as shallow object around the environ. Every operation that would modify the environ in any way (such as consuming form data) raises an exception unless the `shallow` attribute is explicitly set to `False`. This is useful for middlewares where you don't want to consume the form data by accident. A shallow request is not populated to the WSGI environment. .. versionchanged:: 0.5 read-only mode was enforced by using immutables classes for all data. zutf-8replaceNFTcCs"||_|r|s||jd<||_dS)Nzwerkzeug.request)environrR)selfr`Zpopulate_requestrRrJrJrK__init__s zBaseRequest.__init__cCsfg}y,|dt|j|j|d|jWntk rN|dYnXd|jjd|fS)Nz'%s'z[%s]z(invalid WSGI environ)z<%s %s> ) appendrDurl url_charsetmethod Exception __class____name__join)rarIrJrJrK__repr__szBaseRequest.__repr__cCs|jS)zThe charset that is assumed for URLs. Defaults to the value of :attr:`charset`. .. versionadded:: 0.6 )rW)rarJrJrKrfszBaseRequest.url_charsetcOsFddlm}|d|j}||d<|||}z ||S|XdS)aCreate a new request object based on the values provided. If environ is given missing values are filled from there. This method is useful for small scripts when you need to simulate a request from an URL. Do not use this method for unittesting, there is a full featured client object (:class:`Client`) that allows to create multipart requests, support for cookies etc. This accepts the same options as the :class:`~werkzeug.test.EnvironBuilder`. .. versionchanged:: 0.5 This method now accepts the same arguments as :class:`~werkzeug.test.EnvironBuilder`. Because of this the `environ` parameter is now called `environ_overrides`. :return: request object r)EnvironBuilderrWN)rGrmpoprWZ get_requestclose)clsrIkwargsrmrWZbuilderrJrJrK from_valuess   zBaseRequest.from_valuescs&ddlmfdd}t|S)a_Decorate a function as responder that accepts the request as first argument. This works like the :func:`responder` decorator but the function is passed the request object as first argument and the request object will be closed automatically:: @Request.application def my_wsgi_app(request): return Response('Hello World!') As of Werkzeug 0.14 HTTP exceptions are automatically caught and converted to responses instead of failing. :param f: the WSGI callable to decorate :return: a new WSGI callable r) HTTPExceptionc sx|d}|^y|dd|f}Wn0k r\}z||d}Wdd}~XYnX||ddSQRXdS)N)Z get_response)rIrTZrespe)rsrpfrJrK application0s  z,BaseRequest.application..application)werkzeug.exceptionsrsr)rprvrwrJ)rsrprvrKrws  zBaseRequest.applicationcCst||||dS)aCalled to get a stream for the file upload. This must provide a file-like class with `read()`, `readline()` and `seek()` methods that is both writeable and readable. The default implementation returns a temporary file if the total content length is higher than 500KB. Because many browsers do not provide a content length for the files only the total content length matters. :param total_content_length: the total content length of all the data in the request combined. This value is guaranteed to be there. :param content_type: the mimetype of the uploaded file. :param filename: the filename of the uploaded file. May be `None`. :param content_length: the length of this file. This value is usually not provided because webbrowsers do not provide this value. )total_content_length content_typefilenamecontent_length)r")raryrzr{r|rJrJrK_get_file_stream;s zBaseRequest._get_file_streamcCst|jdS)zReturns True if the request method carries content. As of Werkzeug 0.9 this will be the case if a content type is transmitted. .. versionadded:: 0.8 CONTENT_TYPE)boolr`get)rarJrJrKwant_form_data_parsedVsz!BaseRequest.want_form_data_parsedcCs ||j|j|j|j|j|jS)zCreates the form data parser. Instantiates the :attr:`form_data_parser_class` with some parameters. .. versionadded:: 0.8 )form_data_parser_classr}rWencoding_errorsmax_form_memory_sizemax_content_lengthparameter_storage_class)rarJrJrKmake_form_data_parser_s z!BaseRequest.make_form_data_parsercCsd|jkrdSt||jr^|jdd}t|j}t|\}}|}|| |||}n|j | | f}|j}|\|d<|d<|d<dS)auMethod used internally to retrieve submitted data. After calling this sets `form` and `files` on the request object to multi dicts filled with the incoming form data. As a matter of fact the input stream will be empty afterwards. You can also call this method to force the parsing of the form data. .. versionadded:: 0.8 formNr~streamfiles) __dict__rUrr`rr+rrparse_get_stream_for_parsingrr)rarzr|mimetypeZoptionsparserdatadrJrJrK_load_form_datals       zBaseRequest._load_form_datacCs"t|dd}|dk rt|S|jS)zThis is the same as accessing :attr:`stream` with the difference that if it finds cached data from calling :meth:`get_data` first it will create a new stream out of the cached data. .. versionadded:: 0.9.3 _cached_dataN)getattrrEr)raZ cached_datarJrJrKrs z#BaseRequest._get_stream_for_parsingcCs2|jd}x t|pdD]\}}|qWdS)zCloses associated resources of this request object. This closes all file handles explicitly. You can also use the request object in a with statement which will automatically close it. .. versionadded:: 0.9 rrJN)rrr;ro)rarkeyvaluerJrJrKros zBaseRequest.closecCs|S)NrJ)rarJrJrK __enter__szBaseRequest.__enter__cCs |dS)N)ro)raexc_type exc_valuetbrJrJrK__exit__szBaseRequest.__exit__cCst|t|jS)a7 If the incoming form data was not encoded with a known mimetype the data is stored unmodified in this stream for consumption. Most of the time it is a better idea to use :attr:`data` which will give you that data as a string. The stream only returns the data once. Unlike :attr:`input_stream` this stream is properly guarded that you can't accidentally read past the length of the input. Werkzeug will internally always refer to this stream to read data which makes it possible to wrap this object with a stream that does filtering. .. versionchanged:: 0.9 This stream is now always available but might be consumed by the form parser later on. Previously the stream was only set if no parsing happened. )rUr*r`)rarJrJrKrszBaseRequest.streamz wsgi.inputz The WSGI input stream. In general it's a bad idea to use this one because you can easily read past the boundary. Use the :attr:`stream` instead. cCs$tt|jdd|j|j|jdS)aThe parsed URL parameters (the part in the URL after the question mark). By default an :class:`~werkzeug.datastructures.ImmutableMultiDict` is returned from this function. This can be changed by setting :attr:`parameter_storage_class` to a different type. This might be necessary if the order of the form data is important. QUERY_STRINGr)errorsrp)rrBr`rrfrr)rarJrJrKrIs zBaseRequest.argscCs|jrtd|jddS)z Contains the incoming request data as string in case it came with a mimetype Werkzeug does not handle. zdata descriptor is disabledT)parse_form_data)disable_data_descriptorAttributeErrorget_data)rarJrJrKrszBaseRequest.datacCsLt|dd}|dkr4|r ||j}|r4||_|rH||j|j}|S)aThis reads the buffered incoming data from the client into one bytestring. By default this is cached but that behavior can be changed by setting `cache` to `False`. Usually it's a bad idea to call this method without checking the content length first as a client could send dozens of megabytes or more to cause memory problems on the server. Note that if the form data was already parsed this method will not return anything as form data parsing does not cache the data like this method does. To implicitly invoke form data parsing function set `parse_form_data` to `True`. When this is done the return value of this method will be an empty string if the form parser handles the data. This generally is not necessary as if the whole data is cached (which is the default) the form parser will used the cached data to parse the form data. Please be generally aware of checking the content length first in any case before calling this method to avoid exhausting server memory. If `as_text` is set to `True` the return value will be a decoded unicode string. .. versionadded:: 0.9 rN)rrrreadrdecoderWr)racacheas_textrrvrJrJrKrs  zBaseRequest.get_datacCs||jS)aDThe form parameters. By default an :class:`~werkzeug.datastructures.ImmutableMultiDict` is returned from this function. This can be changed by setting :attr:`parameter_storage_class` to a different type. This might be necessary if the order of the form data is important. Please keep in mind that file uploads will not end up here, but instead in the :attr:`files` attribute. .. versionchanged:: 0.9 Previous to Werkzeug 0.9 this would only contain form data for POST and PUT requests. )rr)rarJrJrKr szBaseRequest.formcCs>g}x0|j|jfD] }t|ts(t|}||qWt|S)ziA :class:`werkzeug.datastructures.CombinedMultiDict` that combines :attr:`args` and :attr:`form`.)rIrrNr-rdr.)rarIrrJrJrKvaluess  zBaseRequest.valuescCs||jS)a:class:`~werkzeug.datastructures.MultiDict` object containing all uploaded files. Each key in :attr:`files` is the name from the ````. Each value in :attr:`files` is a Werkzeug :class:`~werkzeug.datastructures.FileStorage` object. It basically behaves like a standard file object you know from Python, with the difference that it also has a :meth:`~werkzeug.datastructures.FileStorage.save` function that can store the file on the filesystem. Note that :attr:`files` will only contain data if the request method was POST, PUT or PATCH and the ``
`` that posted to the request had ``enctype="multipart/form-data"``. It will be empty otherwise. See the :class:`~werkzeug.datastructures.MultiDict` / :class:`~werkzeug.datastructures.FileStorage` documentation for more details about the used data structure. )rr)rarJrJrKr'szBaseRequest.filescCst|j|j|j|jdS)zVA :class:`dict` with the contents of all cookies transmitted with the request.)rp)rr`rWrdict_storage_class)rarJrJrKcookies>s zBaseRequest.cookiescCs t|jS)zqThe headers from the WSGI environ as immutable :class:`~werkzeug.datastructures.EnvironHeaders`. )r0r`)rarJrJrKheadersFszBaseRequest.headerscCs*t|jdpd|j|j}d|dS)zRequested path as unicode. This works a bit like the regular path info in the WSGI environment but will always include a leading slash, even if the URL root is accessed. Z PATH_INFOr/)rAr`rrWrlstrip)raraw_pathrJrJrKpathMs zBaseRequest.pathcCs|jdt|j|jS)z6Requested path as unicode, including the query string.?)rrC query_stringrf)rarJrJrK full_pathWszBaseRequest.full_pathcCs&t|jdpd|j|j}|dS)z7The root path of the script without the trailing slash.Z SCRIPT_NAMErr)rAr`rrWrrstrip)rarrJrJrK script_root\s zBaseRequest.script_rootcCst|j|jdS)zWThe reconstructed current URL as IRI. See also: :attr:`trusted_hosts`. ) trusted_hosts)r'r`r)rarJrJrKrecszBaseRequest.urlcCst|jd|jdS)z^Like :attr:`url` but without the querystring See also: :attr:`trusted_hosts`. T)Zstrip_querystringr)r'r`r)rarJrJrKbase_urlkszBaseRequest.base_urlcCst|jd|jdS)zThe full URL root (with hostname), this is the application root as IRI. See also: :attr:`trusted_hosts`. T)r)r'r`r)rarJrJrKurl_rootsszBaseRequest.url_rootcCst|jd|jdS)zSJust the host with scheme as IRI. See also: :attr:`trusted_hosts`. T)Z host_onlyr)r'r`r)rarJrJrKhost_url|szBaseRequest.host_urlcCst|j|jdS)z`Just the host including the port if available. See also: :attr:`trusted_hosts`. )r)r(r`r)rarJrJrKhostszBaseRequest.hostrrz%The URL parameters as raw bytestring.)Z read_onlyZ load_funcdocREQUEST_METHODGETcCs|S)N)upper)xrJrJrKszBaseRequest.z:The request method. (For example ``'GET'`` or ``'POST'``).cCsRd|jkr.|jdd}|dd|DSd|jkrJ||jdgS|S)z}If a forwarded header exists this is a list of all ip addresses from the client ip to the last proxy server. ZHTTP_X_FORWARDED_FOR,cSsg|] }|qSrJ)strip).0rrJrJrK sz,BaseRequest.access_route.. REMOTE_ADDR)r`splitlist_storage_class)raZaddrrJrJrK access_routes   zBaseRequest.access_routecCs |jdS)z!The remote address of the client.r)r`r)rarJrJrK remote_addrszBaseRequest.remote_addrZ REMOTE_USERz If the server supports user authentication, and the script is protected, this attribute contains the username the user has authenticated as.)rzwsgi.url_schemezC URL scheme (http or https). .. versionadded:: 0.7cCs&ttddd|jdddkS)aTrue if the request was triggered via a JavaScript XMLHttpRequest. This only works with libraries that support the ``X-Requested-With`` header and set it to "XMLHttpRequest". Libraries that do that are prototype, jQuery and Mochikit and probably some more. .. deprecated:: 0.13 ``X-Requested-With`` is not standard and is unreliable. zrRequest.is_xhr is deprecated. Given that the X-Requested-With header is not a part of any spec, it is not reliablerL)rMZHTTP_X_REQUESTED_WITHrZxmlhttprequest)rDeprecationWarningr`rlower)rarJrJrKis_xhrs  zBaseRequest.is_xhrcCs|jddkS)Nzwsgi.url_schemeZhttps)r`)rrJrJrKrsz `True` if the request is secure.zwsgi.multithreadzd boolean that is `True` if the application is served by a multithreaded WSGI server.zwsgi.multiprocesszu boolean that is `True` if the application is served by a WSGI server that spawns multiple processes.z wsgi.run_oncez boolean that is `True` if the application will be executed only once in a process lifetime. This is the case for CGI for example, but it's not guaranteed that the execution only happens one time.)TF)NN)TFF)Arj __module__ __qualname____doc__rWrrrr1rr3rr2rr!rrrrbrlpropertyrf classmethodrrrwr}rrrrrorrr#rr$Z input_streamrIrrrrrrrrrrrerrrrrBrrgrrZ remote_userZschemerZ is_secureZis_multithreadZis_multiprocessZ is_run_oncerJrJrJrKr^cs,       #         $             r^c@sTeZdZdZdZdZdZdZdZdZ dZ dEd d Z d d Z d dZ edFddZedGddZddZddZeeeddZ[[ddZddZeeeddZ[[dHddZd d!Zeeed"dZd#d$ZdId%d&Zd'd(Zd)d*ZdJd-d.ZdKd/d0Z ed1d2Z!ed3d4Z"d5d6Z#d7d8Z$d9d:Z%d;d<Z&d=d>Z'd?d@Z(dAdBZ)dCdDZ*dS)L BaseResponsea Base response class. The most important fact about a response object is that it's a regular WSGI application. It's initialized with a couple of response parameters (headers, body, status code etc.) and will start a valid WSGI response when called with the environ and start response callable. Because it's a WSGI application itself processing usually ends before the actual response is sent to the server. This helps debugging systems because they can catch all the exceptions before responses are started. Here a small example WSGI application that takes advantage of the response objects:: from werkzeug.wrappers import BaseResponse as Response def index(): return Response('Index page') def application(environ, start_response): path = environ.get('PATH_INFO') or '/' if path == '/': response = index() else: response = Response('Not Found', status=404) return response(environ, start_response) Like :class:`BaseRequest` which object is lacking a lot of functionality implemented in mixins. This gives you a better control about the actual API of your response objects, so you can create subclasses and add custom functionality. A full featured response object is available as :class:`Response` which implements a couple of useful mixins. To enforce a new type of already existing responses you can use the :meth:`force_type` method. This is useful if you're working with different subclasses of response objects and you want to post process them with a known interface. Per default the response object will assume all the text data is `utf-8` encoded. Please refer to `the unicode chapter `_ for more details about customizing the behavior. Response can be any kind of iterable or string. If it's a string it's considered being an iterable with one item which is the string passed. Headers can be a list of tuples or a :class:`~werkzeug.datastructures.Headers` object. Special note for `mimetype` and `content_type`: For most mime types `mimetype` and `content_type` work the same, the difference affects only 'text' mimetypes. If the mimetype passed with `mimetype` is a mimetype starting with `text/`, the charset parameter of the response object is appended to it. In contrast the `content_type` parameter is always added as header unmodified. .. versionchanged:: 0.5 the `direct_passthrough` parameter was added. :param response: a string or response iterable. :param status: a string with a status or an integer with the status code. :param headers: a list of headers or a :class:`~werkzeug.datastructures.Headers` object. :param mimetype: the mimetype for the response. See notice above. :param content_type: the content type for the response. See notice above. :param direct_passthrough: if set to `True` :meth:`iter_encoded` is not called before iteration which makes it possible to pass special iterators through unchanged (see :func:`wrap_file` for more details.) zutf-8z text/plainTiNFcCst|tr||_n|s t|_n t||_|dkrb|dkrJd|jkrJ|j}|dk r^t||j}|}|dk rt||jd<|dkr|j}t|tr||_n||_ ||_ g|_ |dkrg|_ n"t|t ttfr||n||_ dS)Nz content-typez Content-Type)rNr/rdefault_mimetyper&rWdefault_statusr@ status_codestatusdirect_passthrough _on_closeresponser?rZ bytearrayset_data)rarrrrrzrrJrJrKrb>s2       zBaseResponse.__init__cCs|j||S)aAdds a function to the internal list of functions that should be called as part of closing down the response. Since 0.7 this function also returns the function that was passed so that this can be used as a decorator. .. versionadded:: 0.6 )rrd)rafuncrJrJrK call_on_closebs zBaseResponse.call_on_closecCs@|jrdttt|}n|jr(dnd}d|jj||jfS)Nz%d bytesZstreamedzlikely-streamedz <%s %s [%s]>) is_sequencesummaplen iter_encoded is_streamedrirjr)raZ body_inforJrJrKrlmszBaseResponse.__repr__cCs2t|ts(|dkrtdtt||}||_|S)aEnforce that the WSGI response is a response object of the current type. Werkzeug will use the :class:`BaseResponse` internally in many situations like the exceptions. If you call :meth:`get_response` on an exception you will get back a regular :class:`BaseResponse` object, even if you are using a custom subclass. This method can enforce a given response type, and it will also convert arbitrary WSGI callables into response objects if an environ is provided:: # convert a Werkzeug response object into an instance of the # MyResponseClass subclass. response = MyResponseClass.force_type(response) # convert any WSGI application into a response object response = MyResponseClass.force_type(response, environ) This is especially useful if you want to post-process responses in the main dispatcher and use functionality provided by your subclass. Keep in mind that this will modify response objects in place if possible! :param response: a response object or wsgi application. :param environ: a WSGI environment object. :return: a response object. NzHcannot convert WSGI application into response objects without an environ)rNr TypeErrorrHri)rprr`rJrJrK force_typexs  zBaseResponse.force_typecCs|t|||S)aCreate a new response object from an application output. This works best if you pass it an application that returns a generator all the time. Sometimes applications may use the `write()` callable returned by the `start_response` function. This tries to resolve such edge cases automatically. But if you don't get the expected output you should set `buffered` to `True` which enforces buffering. :param app: the WSGI application to execute. :param environ: the WSGI environment to execute against. :param buffered: set to `True` to enforce buffering. :return: a response object. )rH)rpZappr`ZbufferedrJrJrKfrom_appszBaseResponse.from_appcCs|jS)N) _status_code)rarJrJrK_get_status_codeszBaseResponse._get_status_codecCsD||_yd|t|f|_Wntk r>d||_YnXdS)Nz%d %sz %d UNKNOWN)rrr_statusKeyError)racoderJrJrK_set_status_codes zBaseResponse._set_status_codezThe HTTP Status code as number)rcCs|jS)N)r)rarJrJrK _get_statusszBaseResponse._get_statuscCsyt||_Wntk r*tdYnXyt|jddd|_Wn@tk rnd|_d|j|_Yntk rtdYnXdS)NzInvalid status argumentrz0 %szEmpty status argument) rDrrrintrrr[ IndexError)rarrJrJrK _set_statusszBaseResponse._set_statuszThe HTTP Status codecCs*|d|}|r&||j}|S)aThe string representation of the request body. Whenever you call this property the request iterable is encoded and flattened. This can lead to unwanted behavior if you stream big data. This behavior can be disabled by setting :attr:`implicit_sequence_conversion` to `False`. If `as_text` is set to `True` the return value will be a decoded unicode string. .. versionadded:: 0.9 )_ensure_sequencerkrrrW)rarrrJrJrKrs  zBaseResponse.get_datacCsDt|tr||j}nt|}|g|_|jr@tt||j d<dS)zSets a new string as response. The value set must either by a unicode or bytestring. If a unicode string is set it's encoded automatically to the charset of the response (utf-8 by default). .. versionadded:: 0.9 zContent-LengthN) rNr?rVrWrZr automatically_set_content_lengthstrrr)rarrJrJrKrs zBaseResponse.set_dataz A descriptor that calls :meth:`get_data` and :meth:`set_data`. This should not be used and will eventually get deprecated. cCs8y |Wntk r dSXtdd|DS)zsz8BaseResponse.calculate_content_length..)rrSrr)rarJrJrKcalculate_content_lengths  z%BaseResponse.calculate_content_lengthcCsN|jr&|r"t|jts"t|j|_dS|jr4td|jsBtd|dS)zThis method can be called by methods that need a sequence. If `mutable` is true, it will also ensure that the response sequence is a standard Python list. .. versionadded:: 0.6 Nz]Attempted implicit sequence conversion but the response object is in direct passthrough mode.zThe response object required the iterable to be a sequence, but the implicit conversion was disabled. Call make_sequence() yourself.)rrNrlistrrSimplicit_sequence_conversion make_sequence)ramutablerJrJrKrs zBaseResponse._ensure_sequencecCs8|js4t|jdd}t||_|dk r4||dS)aCConverts the response iterator in a list. By default this happens automatically if required. If `implicit_sequence_conversion` is disabled, this method is not automatically called and some properties might raise exceptions. This also encodes all the items. .. versionadded:: 0.6 roN)rrrrrr)rarorJrJrKrs zBaseResponse.make_sequencecCst|jt|j|jS)aIter the response encoded with the encoding of the response. If the response object is invoked as WSGI application the return value of this method is used as application iterator unless :attr:`direct_passthrough` was activated. )rQrrYrW)rarJrJrKr&s zBaseResponse.iter_encodedrrc Cs0|jdt|||||||||j|j| d dS)aXSets a cookie. The parameters are the same as in the cookie `Morsel` object in the Python standard library but it accepts unicode data, too. A warning is raised if the size of the cookie header exceeds :attr:`max_cookie_size`, but the header will still be set. :param key: the key (name) of the cookie to be set. :param value: the value of the cookie. :param max_age: should be a number of seconds, or `None` (default) if the cookie should last only as long as the client's browser session. :param expires: should be a `datetime` object or UNIX timestamp. :param path: limits the cookie to a given path, per default it will span the whole domain. :param domain: if you want to set a cross-domain cookie. For example, ``domain=".example.com"`` will set a cookie that is readable by the domain ``www.example.com``, ``foo.example.com`` etc. Otherwise, a cookie will only be readable by the domain that set it. :param secure: If `True`, the cookie will only be available via HTTPS :param httponly: disallow JavaScript to access the cookie. This is an extension to the cookie standard and probably not supported by all browsers. :param samesite: Limits the scope of the cookie such that it will only be attached to requests if those requests are "same-site". z Set-Cookie) rmax_ageexpiresrdomainsecurehttponlyrWZmax_sizesamesiteN)raddrrWmax_cookie_size) rarrrrrrrrrrJrJrK set_cookie3s zBaseResponse.set_cookiecCs|j|dd||ddS)aDelete a cookie. Fails silently if key doesn't exist. :param key: the key (name) of the cookie to be deleted. :param path: if the cookie that should be deleted was limited to a path, the path has to be defined here. :param domain: if the cookie that should be deleted was limited to a domain, that domain has to be defined here. r)rrrrN)r)rarrrrJrJrK delete_cookie_s zBaseResponse.delete_cookiec Cs,yt|jWnttfk r&dSXdS)aIf the response is streamed (the response is not an iterable with a length information) this property is `True`. In this case streamed means that there is no information about the number of iterations. This is usually `True` if a generator is passed to the response object. This is useful for checking before applying some sort of post filtering that should not take place for streamed responses. TF)rrrr)rarJrJrKrjs zBaseResponse.is_streamedcCst|jttfS)zIf the iterator is buffered, this property will be `True`. A response object will consider an iterator to be buffered if the response attribute is a list or tuple. .. versionadded:: 0.6 )rNrtupler)rarJrJrKrzszBaseResponse.is_sequencecCs0t|jdr|jx|jD] }|qWdS)zClose the wrapped response if possible. You can also use the object in a with statement which will automatically close it. .. versionadded:: 0.9 Can now be used in a with statement. roN)hasattrrror)rarrJrJrKros   zBaseResponse.closecCs|S)NrJ)rarJrJrKrszBaseResponse.__enter__cCs |dS)N)ro)rarrrrJrJrKrszBaseResponse.__exit__cCs,t||_tttt|j|jd<dS)a5Call this method if you want to make your response object ready for being pickled. This buffers the generator if there is one. It will also set the `Content-Length` header to the length of the body. .. versionchanged:: 0.6 The `Content-Length` header is now set. zContent-LengthN)rrrrrrrr)rarJrJrKfreezes zBaseResponse.freezec Csjt|j}d}d}d}|j}x@|D]8\}}|} | dkr@|}q"| dkrN|}q"| dkr"|}q"W|dk r|} t|trt|dd}|jrt|dd} t| trt| } t | |}|| kr||d<|dk rt|trt||d <|d krt ||j rf|j rf|dkrf|d krfd |kr(d ksfnyt dd|jD}Wntk rXYnXt||d<|S)akThis is automatically called right before the response is started and returns headers modified for the given environment. It returns a copy of the headers from the response with some modifications applied if necessary. For example the location header (if present) is joined with the root URL of the environment. Also the content length is automatically set to zero here for certain status codes. .. versionchanged:: 0.6 Previously that function was called `fix_headers` and modified the response object in place. Also since 0.6, IRIs in location and content-location headers are handled properly. Also starting with 0.6, Werkzeug will attempt to set the content length if it is able to figure it out on its own. This is the case if all the strings in the response iterable are already encoded and the iterable is buffered. :param environ: the WSGI environment of the request. :return: returns a new :class:`~werkzeug.datastructures.Headers` object. Nlocationzcontent-locationzcontent-lengthT)Zsafe_conversion)Z root_onlyLocationzContent-Location)i0i)i0drcss|]}tt|dVqdS)asciiN)rr=)rrrJrJrKrsz0BaseResponse.get_wsgi_headers..zContent-Length)r/rrrrNr?rautocorrect_location_headerr'r rrrrr UnicodeErrorr) rar`rr content_locationr|rrrZikeyZ old_locationZ current_urlrJrJrKget_wsgi_headerssP          zBaseResponse.get_wsgi_headerscCs`|j}|ddks0d|kr&dks0n|dkr6d}n|jrLt|j|jS|}t||jS)aReturns the application iterator for the given environ. Depending on the request method and the current status code the return value might be an empty response rather than the one from the response. If the request method is `HEAD` or the status code is in a range where the HTTP specification requires an empty response, an empty iterable is returned. .. versionadded:: 0.6 :param environ: the WSGI environment of the request. :return: a response iterable. rHEADr r)r i0irJ)rrrQrrr)ro)rar`rrPrJrJrK get_app_iters  zBaseResponse.get_app_itercCs$||}||}||j|fS)aFReturns the final WSGI response as tuple. The first item in the tuple is the application iterator, the second the status and the third the list of headers. The response returned is created specially for the given environment. For example if the request method in the WSGI environment is ``'HEAD'`` the response will be empty and only the headers and status code will be present. .. versionadded:: 0.6 :param environ: the WSGI environment of the request. :return: an ``(app_iter, status, headers)`` tuple. )rrrZ to_wsgi_list)rar`rapp_iterrJrJrKget_wsgi_responses  zBaseResponse.get_wsgi_responsecCs||\}}}||||S)zProcess this response as WSGI application. :param environ: the WSGI environment. :param start_response: the response callable provided by the WSGI server. :return: an application iterator )r)rar`Zstart_responserrrrJrJrK__call__%s zBaseResponse.__call__)NNNNNF)N)F)F)F)rNNrNFFN)rN)+rjrrrrWrrrrrrrbrrlrrrrrrrrrrrrrrrrrrrrrrorrrrrrrrJrJrJrKrs^E   #   $      *    Wrc@s@eZdZdZeddZeddZeddZedd Zd S) AcceptMixinzA mixin for classes with an :attr:`~BaseResponse.environ` attribute to get all the HTTP accept headers as :class:`~werkzeug.datastructures.Accept` objects (or subclasses thereof). cCst|jdtS)zoList of mimetypes this client supports as :class:`~werkzeug.datastructures.MIMEAccept` object. Z HTTP_ACCEPT)rr`rr4)rarJrJrKaccept_mimetypes:szAcceptMixin.accept_mimetypescCst|jdtS)zqList of charsets this client supports as :class:`~werkzeug.datastructures.CharsetAccept` object. ZHTTP_ACCEPT_CHARSET)rr`rr5)rarJrJrKaccept_charsetsAs zAcceptMixin.accept_charsetscCst|jdS)zList of encodings this client accepts. Encodings in a HTTP term are compression encodings such as gzip. For charsets have a look at :attr:`accept_charset`. ZHTTP_ACCEPT_ENCODING)rr`r)rarJrJrKaccept_encodingsIszAcceptMixin.accept_encodingscCst|jdtS)aList of languages this client accepts as :class:`~werkzeug.datastructures.LanguageAccept` object. .. versionchanged 0.5 In previous versions this was a regular :class:`~werkzeug.datastructures.Accept` object. ZHTTP_ACCEPT_LANGUAGE)rr`rr6)rarJrJrKaccept_languagesQs zAcceptMixin.accept_languagesN) rjrrrr#rrrrrJrJrJrKr2s    rc@sdeZdZdZeddZeddZeddZedd Zed d Z ed d Z eddZ dS)ETagRequestMixinzAdd entity tag and cache descriptors to a request object or object with a WSGI environment available as :attr:`~BaseRequest.environ`. This not only provides access to etags but also to the cache control header. cCs|jd}t|dtS)zwA :class:`~werkzeug.datastructures.RequestCacheControl` object for the incoming cache control headers. ZHTTP_CACHE_CONTROLN)r`rrr8)ra cache_controlrJrJrKres zETagRequestMixin.cache_controlcCst|jdS)z~An object containing all the etags in the `If-Match` header. :rtype: :class:`~werkzeug.datastructures.ETags` HTTP_IF_MATCH)r r`r)rarJrJrKif_matchnszETagRequestMixin.if_matchcCst|jdS)zAn object containing all the etags in the `If-None-Match` header. :rtype: :class:`~werkzeug.datastructures.ETags` ZHTTP_IF_NONE_MATCH)r r`r)rarJrJrK if_none_matchvszETagRequestMixin.if_none_matchcCst|jdS)z9The parsed `If-Modified-Since` header as datetime object.ZHTTP_IF_MODIFIED_SINCE)r r`r)rarJrJrKif_modified_since~sz"ETagRequestMixin.if_modified_sincecCst|jdS)z;The parsed `If-Unmodified-Since` header as datetime object.ZHTTP_IF_UNMODIFIED_SINCE)r r`r)rarJrJrKif_unmodified_sincesz$ETagRequestMixin.if_unmodified_sincecCst|jdS)zThe parsed `If-Range` header. .. versionadded:: 0.7 :rtype: :class:`~werkzeug.datastructures.IfRange` HTTP_IF_RANGE)rr`r)rarJrJrKif_rangeszETagRequestMixin.if_rangecCst|jdS)z{The parsed `Range` header. .. versionadded:: 0.7 :rtype: :class:`~werkzeug.datastructures.Range` HTTP_RANGE)rr`r)rarJrJrKrangeszETagRequestMixin.rangeN) rjrrrr#rrr r!r"r$r&rJrJrJrKr^s     rc@seZdZdZeddZdS)UserAgentMixinzAdds a `user_agent` attribute to the request object which contains the parsed user agent of the browser that triggered the request as a :class:`~werkzeug.useragents.UserAgent` object. cCsddlm}||jS)zThe current user agent.r) UserAgent)Zwerkzeug.useragentsr(r`)rar(rJrJrK user_agents zUserAgentMixin.user_agentN)rjrrrr#r)rJrJrJrKr'sr'c@seZdZdZeddZdS)AuthorizationMixinzAdds an :attr:`authorization` property that represents the parsed value of the `Authorization` header as :class:`~werkzeug.datastructures.Authorization` object. cCs|jd}t|S)z*The `Authorization` object in parsed form.ZHTTP_AUTHORIZATION)r`rr)raheaderrJrJrK authorizations z AuthorizationMixin.authorizationN)rjrrrr#r,rJrJrJrKr*sr*c@seZdZdZdZdZdS)StreamOnlyMixina'If mixed in before the request object this will change the bahavior of it to disable handling of form parsing. This disables the :attr:`files`, :attr:`form` attributes and will just provide a :attr:`stream` attribute that however is always available. .. versionadded:: 0.9 TFN)rjrrrrrrJrJrJrKr-sr-cseZdZdZeddZddZddZdd d Zdd d Z d ddZ d!ddZ ddZ d"fdd Z edddZddZddZeeeddZ[[ZS)#ETagResponseMixinaAdds extra functionality to a response object for etag and cache handling. This mixin requires an object with at least a `headers` object that implements a dict like interface similar to :class:`~werkzeug.datastructures.Headers`. If you want the :meth:`freeze` method to automatically add an etag, you have to mixin this method before the response base class. The default response class does not do that. cs fdd}tjd|tS)zThe Cache-Control general-header field is used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain. cs.|sdjkrjd=n|r*|jd<dS)Nz cache-controlz Cache-Control)r to_header)r)rarJrK on_updates z2ETagResponseMixin.cache_control..on_updatez cache-control)rrrr7)rar0rJ)rarKrs  zETagResponseMixin.cache_controlcCs|jdkrt|j|||_dS)z8Wrap existing Response in case of Range Request context.N)rr,r)rastartlengthrJrJrK_wrap_responses z ETagResponseMixin._wrap_responsecCs4d|ks,t||jdd|jddd o2d|kS)zReturn ``True`` if `Range` header is present and if underlying resource is considered unchanged when compared with `If-Range` header. r#etagNz last-modifiedF)Zignore_if_ranger%)r rr)rar`rJrJrK_is_range_request_processables z/ETagResponseMixin._is_range_request_processableNc Csddlm}|dkrdS||jd<||r4|dkr8dSt|d}|dkrV||||}||}|dksz|dkr|||d|d}||kr||jd<||_d |_ | |d|d SdS) aHandle Range Request related headers (RFC7233). If `Accept-Ranges` header is valid, and Range Request is processable, we set the headers as described by the RFC, and wrap the underlying response in a RangeWrapper. Returns ``True`` if Range Request can be fulfilled, ``False`` otherwise. :raises: :class:`~werkzeug.exceptions.RequestedRangeNotSatisfiable` if `Range` header could not be parsed or satisfied. r)RequestedRangeNotSatisfiableNFz Accept-Rangesr%rzContent-Lengthr1T) rxr7rr6rrZrange_for_lengthZto_content_range_header content_rangerr4) rar`complete_lengthr\r7Z parsed_rangeZ range_tupleZcontent_range_headerr|rJrJrK_process_range_requests*     z(ETagResponseMixin._process_range_requestFcCst|}|ddkrd|jkr*t|jd<t|}||||}|s~t||jdd|jds~t|drxd |_nd |_|j rd |jkr| }|dk r||jd <|S) aMake the response conditional to the request. This method works best if an etag was defined for the response already. The `add_etag` method can be used to do that. If called without etag just the date header is set. This does nothing if the request method in the request or environ is anything but GET or HEAD. For optimal performance when handling range requests, it's recommended that your response data object implements `seekable`, `seek` and `tell` methods as described by :py:class:`io.IOBase`. Objects returned by :meth:`~werkzeug.wsgi.wrap_file` automatically implement those methods. It does not remove the body of the response because that's something the :meth:`__call__` function does for us automatically. Returns self so that you can do ``return resp.make_conditional(req)`` but modifies the object in-place. :param request_or_environ: a request object or WSGI environment to be used to make the response conditional against. :param accept_ranges: This parameter dictates the value of `Accept-Ranges` header. If ``False`` (default), the header is not set. If ``True``, it will be set to ``"bytes"``. If ``None``, it will be set to ``"none"``. If it's a string, it will use this value. :param complete_length: Will be used only in valid Range Requests. It will set `Content-Range` complete length value and compute `Content-Length` real value. This parameter is mandatory for successful Range Requests completion. :raises: :class:`~werkzeug.exceptions.RequestedRangeNotSatisfiable` if `Range` header could not be parsed or satisfied. r)rrdateDater5Nz last-modifiedrii0zcontent-lengthzContent-Length) r<rrr]r:r rr rrr)raZrequest_or_environr\r9r`Zis206r3rJrJrKmake_conditionals"&    z"ETagResponseMixin.make_conditionalcCs&|sd|jkr"|t||dS)z:Add an etag for the current response if there is none yet.r5N)rset_etagr r)raZ overwriteweakrJrJrKadd_etagTszETagResponseMixin.add_etagcCst|||jd<dS)z8Set the etag, and override the old one if there was one.ETagN)rr)rar5r?rJrJrKr>YszETagResponseMixin.set_etagcCst|jdS)z{Return a tuple in the form ``(etag, is_weak)``. If there is no ETag the return value is ``(None, None)``. rA)r rr)rarJrJrKget_etag]szETagResponseMixin.get_etagcs|s |tt|dS)zCall this method if you want to make your response object ready for pickeling. This buffers the generator if there is one. This also sets the etag unless `no_etag` is set to `True`. N)r@superr.r)raZno_etag)rirJrKrcszETagResponseMixin.freezez Accept-Rangesz The `Accept-Ranges` header. Even though the name would indicate that multiple values are supported, it must be one string token only. The values ``'bytes'`` and ``'none'`` are common. .. versionadded:: 0.7)rcs:fdd}tjd|}|dkr6tddd|d}|S)Ncs |sjd=n|jd<dS)Nz content-rangez Content-Range)rr/)rng)rarJrKr0us z7ETagResponseMixin._get_content_range..on_updatez content-range)r0)rrrr:)rar0rrJ)rarK_get_content_rangets   z$ETagResponseMixin._get_content_rangecCs6|s|jd=n$t|tr$||jd<n||jd<dS)Nz content-rangez Content-Range)rrNr>r/)rarrJrJrK_set_content_ranges    z$ETagResponseMixin._set_content_rangez The `Content-Range` header as :class:`~werkzeug.datastructures.ContentRange` object. Even if the header is not set it wil provide such an object for easier manipulation. .. versionadded:: 0.7)NN)FN)FF)F)F)rjrrrrrr4r6r:r=r@r>rBrr%r\rErFr8 __classcell__rJrJ)rirKr.s$   # =   r.c@sXeZdZdZdZddZddZddZd d Zd d Z d dZ ddZ e ddZ dS)ResponseStreamzA file descriptor like object used by the :class:`ResponseStreamMixin` to represent the body of the stream. It directly pushes into the response iterable of the response object. zwb+cCs||_d|_dS)NF)rclosed)rarrJrJrKrbszResponseStream.__init__cCsB|jrtd|jjdd|jj||jjddt|S)NzI/O operation on closed fileT)rzContent-Length)rIr[rrrdrrnr)rarrJrJrKwrites zResponseStream.writecCsx|D]}||qWdS)N)rJ)raseqrXrJrJrK writeliness zResponseStream.writelinescCs d|_dS)NT)rI)rarJrJrKroszResponseStream.closecCs|jrtddS)NzI/O operation on closed file)rIr[)rarJrJrKflushszResponseStream.flushcCs|jrtddS)NzI/O operation on closed fileF)rIr[)rarJrJrKisattyszResponseStream.isattycCs|jttt|jjS)N)rrrrr)rarJrJrKtells zResponseStream.tellcCs|jjS)N)rrW)rarJrJrKencodingszResponseStream.encodingN)rjrrrmoderbrJrLrorMrNrOrrPrJrJrJrKrHsrHc@seZdZdZeddZdS)ResponseStreamMixinzMixin for :class:`BaseRequest` subclasses. Classes that inherit from this mixin will automatically get a :attr:`stream` property that provides a write-only interface to the response iterable. cCst|S)z+The response iterable as write-only stream.)rH)rarJrJrKrszResponseStreamMixin.streamN)rjrrrr#rrJrJrJrKrRsrRc@seZdZdZedddZeddZedddZed d dZ ed d dZ ed de ddZ edde ddZddZeddZeddZeddZdS)CommonRequestDescriptorsMixinzA mixin for :class:`BaseRequest` subclasses. Request objects that mix this class in will automatically get descriptors for a couple of HTTP headers with automatic type conversion. .. versionadded:: 0.5 r~z The Content-Type entity-header field indicates the media type of the entity-body sent to the recipient or, in the case of the HEAD method, the media type that would have been sent had the request been a GET.)rcCs t|jS)zThe Content-Length entity-header field indicates the size of the entity-body in bytes or, in the case of the HEAD method, the size of the entity-body that would have been sent had the request been a GET. )r+r`)rarJrJrKr|sz,CommonRequestDescriptorsMixin.content_lengthZHTTP_CONTENT_ENCODINGa The Content-Encoding entity-header field is used as a modifier to the media-type. When present, its value indicates what additional content codings have been applied to the entity-body, and thus what decoding mechanisms must be applied in order to obtain the media-type referenced by the Content-Type header field. .. versionadded:: 0.9ZHTTP_CONTENT_MD5a The Content-MD5 entity-header field, as defined in RFC 1864, is an MD5 digest of the entity-body for the purpose of providing an end-to-end message integrity check (MIC) of the entity-body. (Note: a MIC is good for detecting accidental modification of the entity-body in transit, but is not proof against malicious attacks.) .. versionadded:: 0.9Z HTTP_REFERERa The Referer[sic] request-header field allows the client to specify, for the server's benefit, the address (URI) of the resource from which the Request-URI was obtained (the "referrer", although the header field is misspelled).Z HTTP_DATENz The Date general-header field represents the date and time at which the message was originated, having the same semantics as orig-date in RFC 822.ZHTTP_MAX_FORWARDSz The Max-Forwards request-header field provides a mechanism with the TRACE and OPTIONS methods to limit the number of proxies or gateways that can forward the request to the next inbound server.cCs"t|dst|jdd|_dS)N_parsed_content_typer~r)rrr`rrT)rarJrJrK_parse_content_types z1CommonRequestDescriptorsMixin._parse_content_typecCs||jdS)zLike :attr:`content_type`, but without parameters (eg, without charset, type etc.) and always lowercase. For example if the content type is ``text/HTML; charset=utf-8`` the mimetype would be ``'text/html'``. r)rUrTr)rarJrJrKr sz&CommonRequestDescriptorsMixin.mimetypecCs||jdS)zThe mimetype parameters as dict. For example if the content type is ``text/html; charset=utf-8`` the params would be ``{'charset': 'utf-8'}``. r)rUrT)rarJrJrKmimetype_paramssz-CommonRequestDescriptorsMixin.mimetype_paramscCst|jddS)ajThe Pragma general-header field is used to include implementation-specific directives that might apply to any recipient along the request/response chain. All pragma directives specify optional behavior from the viewpoint of the protocol; however, some systems MAY require that behavior be consistent with the directives. Z HTTP_PRAGMAr)rr`r)rarJrJrKpragmasz$CommonRequestDescriptorsMixin.pragma)rjrrrr$rzr#r|content_encoding content_md5Zreferrerr r;rZ max_forwardsrUrrrVrWrJrJrJrKrSs$  rSc@s.eZdZdZddZddZddZeeedd Zeed d Z e d d d Z e d de e dd Ze ddd Ze ddeedd Ze ddd Ze ddd Ze ddd Ze ddeedd Ze ddeedd Ze ddeedd Zd d!Zd"d#Zeeed$d Zd-d%d&Zed'd(d Zed)d*d Z ed+d,d Z![[[[[dS).CommonResponseDescriptorsMixinzA mixin for :class:`BaseResponse` subclasses. Response objects that mix this class in will automatically get descriptors for a couple of HTTP headers with automatic type conversion. cCs&|jd}|r"|ddSdS)Nz content-type;r)rrrr)raZctrJrJrK _get_mimetype/s z,CommonResponseDescriptorsMixin._get_mimetypecCst||j|jd<dS)Nz Content-Type)r&rWr)rarrJrJrK _set_mimetype4sz,CommonResponseDescriptorsMixin._set_mimetypecs,fdd}tjddd}t||S)Ncstj|jd<dS)Nz Content-Type)rrr)r)rarJrKr08szFCommonResponseDescriptorsMixin._get_mimetype_params..on_updatez content-typerr)rrrr9)rar0rrJ)rarK_get_mimetype_params7s z3CommonResponseDescriptorsMixin._get_mimetype_paramsz9 The mimetype (content type without charset etc.))rz The mimetype parameters as dict. For example if the content type is ``text/html; charset=utf-8`` the params would be ``{'charset': 'utf-8'}``. .. versionadded:: 0.5 r z The Location response-header field is used to redirect the recipient to a location other than the Request-URI for completion of the request or identification of a new resource.ZAgeNa The Age response-header field conveys the sender's estimate of the amount of time since the response (or its revalidation) was generated at the origin server. Age values are non-negative decimal integers, representing time in seconds.z Content-Typez The Content-Type entity-header field indicates the media type of the entity-body sent to the recipient or, in the case of the HEAD method, the media type that would have been sent had the request been a GET. zContent-Lengtha The Content-Length entity-header field indicates the size of the entity-body, in decimal number of OCTETs, sent to the recipient or, in the case of the HEAD method, the size of the entity-body that would have been sent had the request been a GET.zContent-Locationz The Content-Location entity-header field MAY be used to supply the resource location for the entity enclosed in the message when that entity is accessible from a location separate from the requested resource's URI.zContent-Encodingad The Content-Encoding entity-header field is used as a modifier to the media-type. When present, its value indicates what additional content codings have been applied to the entity-body, and thus what decoding mechanisms must be applied in order to obtain the media-type referenced by the Content-Type header field.z Content-MD5a| The Content-MD5 entity-header field, as defined in RFC 1864, is an MD5 digest of the entity-body for the purpose of providing an end-to-end message integrity check (MIC) of the entity-body. (Note: a MIC is good for detecting accidental modification of the entity-body in transit, but is not proof against malicious attacks.) r<z The Date general-header field represents the date and time at which the message was originated, having the same semantics as orig-date in RFC 822.ZExpiresz The Expires entity-header field gives the date/time after which the response is considered stale. A stale cache entry may not normally be returned by a cache.z Last-Modifiedz The Last-Modified entity-header field indicates the date and time at which the origin server believes the variant was last modified.cCs>|jd}|dkrdS|r6ttt|dSt|S)Nz retry-after)Zseconds)rrisdigitrZutcnowrrr )rarrJrJrK_get_retry_after{s  z/CommonResponseDescriptorsMixin._get_retry_aftercCsH|dkrd|jkr|jd=dSt|tr2t|}nt|}||jd<dS)Nz retry-afterz Retry-After)rrNrrr)rarrJrJrK_set_retry_afters   z/CommonResponseDescriptorsMixin._set_retry_aftera The Retry-After response-header field can be used with a 503 (Service Unavailable) response to indicate how long the service is expected to be unavailable to the requesting client. Time in seconds until expiration or date.cs&fdd}fdd}t|||dS)Ncs fdd}tj|S)Ncs.|sjkrj=n|r*|j<dS)N)rr/)Z header_set)namerarJrKr0s zMCommonResponseDescriptorsMixin._set_property..fget..on_update)rrr)rar0)rb)rarKfgetsz:CommonResponseDescriptorsMixin._set_property..fgetcs6|s|j=n$t|tr$||j<nt||j<dS)N)rrNr>r)rar)rbrJrKfsets    z:CommonResponseDescriptorsMixin._set_property..fset)r)r)rbrrcrdrJ)rbrK _set_propertys  z,CommonResponseDescriptorsMixin._set_propertyZVarya The Vary field value indicates the set of request-header fields that fully determines, while the response is fresh, whether a cache is permitted to use the response to reply to a subsequent request without revalidation.zContent-Languagez The Content-Language entity-header field describes the natural language(s) of the intended audience for the enclosed entity. Note that this might not be equivalent to all the languages used within the entity-body.ZAllowaS The Allow entity-header field lists the set of methods supported by the resource identified by the Request-URI. The purpose of this field is strictly to inform the recipient of valid methods associated with the resource. An Allow header field MUST be present in a 405 (Method Not Allowed) response.)N)"rjrrrr\r]r^rrrVr%r rrZagerzrrr|rrXrYr rr;rZ last_modifiedr`raZ retry_afterreZvaryZcontent_languageZallowrJrJrJrKrZ(sT      rZc@seZdZdZeddZdS)WWWAuthenticateMixinz>Adds a :attr:`www_authenticate` property to a response object.cs"fdd}jd}t||S)z/The `WWW-Authenticate` header in a parsed form.cs.|sdjkrjd=n|r*|jd<dS)Nzwww-authenticatezWWW-Authenticate)rr/)Zwww_auth)rarJrKr0s z8WWWAuthenticateMixin.www_authenticate..on_updatezwww-authenticate)rrr)rar0r+rJ)rarKwww_authenticates  z%WWWAuthenticateMixin.www_authenticateN)rjrrrrrgrJrJrJrKrfsrfc@seZdZdZdS)RequestarFull featured request object implementing the following mixins: - :class:`AcceptMixin` for accept header parsing - :class:`ETagRequestMixin` for etag and cache control handling - :class:`UserAgentMixin` for user agent introspection - :class:`AuthorizationMixin` for http auth handling - :class:`CommonRequestDescriptorsMixin` for common headers N)rjrrrrJrJrJrKrhs rhc@seZdZdZdS) PlainRequestz[A request object without special form parsing capabilities. .. versionadded:: 0.9 N)rjrrrrJrJrJrKrisric@seZdZdZdS)ResponseafFull featured response object implementing the following mixins: - :class:`ETagResponseMixin` for etag and cache control handling - :class:`ResponseStreamMixin` to add support for the `stream` property - :class:`CommonResponseDescriptorsMixin` for various HTTP descriptors - :class:`WWWAuthenticateMixin` for HTTP authentication support N)rjrrrrJrJrJrKrjs rjN)er functoolsrrrwarningsrZ werkzeug.httprrrr r r r r rrrrrrrrrrrrrrrrZ werkzeug.urlsrrr Zwerkzeug.formparserr!r"Zwerkzeug.utilsr#r$r%r&Z werkzeug.wsgir'r(r)r*r+r,Zwerkzeug.datastructuresr-r.r/r0r1r2r3r4r5r6r7r8r9r:r;Zwerkzeug._internalr<Zwerkzeug._compatr=r>r?r@rArBrCrDrErHrQrUrYr]objectr^rrrr'r*r-r.rHrRrSrZrfrhrirjrJrJrJrKs\  h  D ,   oh,?N. Y