Changeset 626

Timestamp:

09/11/05 13:58:26

Author:

rdelon

Message:

Implemented ticket #90 (still need to write docs though)

Files:

• trunk/cherrypy/_cphttptools.py (modified) (2 diffs)
• trunk/cherrypy/_cpwsgi.py (modified) (1 diff)
• trunk/cherrypy/_cpwsgiserver.py (modified) (6 diffs)
• trunk/cherrypy/config.py (modified) (3 diffs)
• trunk/cherrypy/test/test_core.py (modified) (3 diffs)

trunk/cherrypy/_cphttptools.py

@@ -45 +45 @@
-
-import cherrypy
-
+, _cperror, _cpwsgiserver
-from cherrypy.lib import cptools
-
@@ -373 +373 @@
-        # FieldStorage only recognizes POST, so fake it.
-        methenv = {'REQUEST_METHOD': "POST"}
-
+
+
-                                      headers=lowerHeaderMap,
-                                      environ=methenv,
-                                      keep_blank_values=1)
+        except _cpwsgiserver.MaxSizeExceeded:
+            # Post data is too big
+            raise _cperror.HTTPStatusError(413)
-        
-        if forms.file:

trunk/cherrypy/_cpwsgi.py

@@ -159 +159 @@
-                        conf("server.threadPool"),
-                        conf("server.socketHost"),
+                        config = cherrypy.config
-                        )

trunk/cherrypy/_cpwsgiserver.py

@@ -42 +42 @@
-monthname = [None, 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',
-                   'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec']
+
+class MaxSizeExceeded(Exception):
+    pass
+
+class SizeCheckWrapper(object):
+    """ Wrapper around the rfile object. For each data reading method,
+        it reads the data but it checks that the size of the data doesn't
+        except a certain limit
+    """
+    def __init__(self, rfile, maxlen):
+        self.rfile = rfile
+        self.maxlen = maxlen
+        self.bytes_read = 0
+    def _check_length(self):
+        if self.maxlen and self.bytes_read > self.maxlen:
+            raise MaxSizeExceeded()
+    def read(self, size = None):
+        data = self.rfile.read(size)
+        self.bytes_read += len(data)
+        self._check_length()
+        return data
+    def readline(self, size = None):
+        if size is not None:
+            data = self.rfile.readline(size)
+            self.bytes_read += len(data)
+            self._check_length()
+            return data
+
+        # User didn't specify a size ...
+        # We read the line in chunks to make sure it's not a 100MB line !
+        res = []
+        while True:
+            data = self.rfile.readline(256)
+            self.bytes_read += len(data)
+            self._check_length()
+            res.append(data)
+            if len(data) < 256:
+                return ''.join(data)
+    def close(self):
+        self.rfile.close()
-
-
@@ -56 +96 @@
-        self.outheaderkeys = None
-        self.rfile = self.socket.makefile("r", self.server.bufsize)
+        if self.server.config:
+            mhs = self.server.config.get(
+                'server.maxRequestHeaderSize',
+                500 * 1024) # 500KB by default
+            self.rfile = SizeCheckWrapper(self.rfile, mhs)
-        self.wfile = self.socket.makefile("w", self.server.bufsize)
-        self.sent_headers = False
@@ -99 +144 @@
-            self.environ[envname] = v
-        self.ready = True
+
+        # Request header is parsed
+        # We prepare the SizeCheckWrapper for the request body
+        if self.server.config:
+            mbs = self.server.config.get(
+                'server.maxRequestBodySize',
+                100 * 1024 * 1024, # 100MB by default
+                path = path)
+            self.rfile.bytes_read = 0
+            self.rfile.maxlen = mbs
-    
-    def start_response(self, status, headers, exc_info = None):
@@ -181 +236 @@
-                    else:
-                        raise
+                except MaxSizeExceeded:
+                    str = "Request Entity Too Large"
+                    proto = request.environ.get("SERVER_PROTOCOL", "HTTP/1.0")
+                    request.wfile.write("%s 413 %s\r\n" % (proto, str))
+                    request.wfile.write("Content-Length: %s\r\n\r\n" % len(str))
+                    request.wfile.write(str)
+                    request.wfile.flush()
-                except:
-                    traceback.print_exc()
@@ -190 +252 @@
-    version = "CherryPy/2.1.0-beta"
-    def __init__(self, bind_addr, wsgi_app, numthreads=10, server_name=None,
-
+
+
-        '''
-        be careful w/ max
@@ -198 +261 @@
-        self.bind_addr = bind_addr
-        self.numthreads = numthreads or 1
+        self.config = config
-        if server_name:
-            self.server_name = server_name

trunk/cherrypy/config.py

@@ -55 +55 @@
-    'server.reverseDNS': False,
-    'server.threadPool': 0,
-
-    'server.maxRequestSize' : 0, # 0 == unlimited
-    }
-
@@ -89 +87 @@
-        _load(file, override)
-
-
+, path = None
-    """Return the configuration value corresponding to key
-    If specified, return defaultValue on lookup failure. If returnSection is
@@ -96 +94 @@
-    # Look, ma, no Python function calls! Uber-fast.
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-    while True:
-        if path == "":

trunk/cherrypy/test/test_core.py

@@ -236 +236 @@
-        return cherrypy.request.body
-
-
-class Cookies(Test):
-    
@@ -248 +247 @@
-            cherrypy.response.simpleCookie[name] = cookie.value
-
+class MaxRequestSize(Test):
+    
+    def index(self):
+        return "OK"
+
+    def upload(self, file):
+        return "Size: %s" % len(file.file.read())
-
-logFile = os.path.join(localDir, "error.log")
@@ -633 +639 @@
-        self.assertHeader('Set-Cookie', 'Last=Piranha;')
-
+    def testMaxRequestSize(self):
+        self.getPage("/maxrequestsize/index")
+        self.assertBody("OK")
+        cherrypy.config.update({'server.maxRequestHeaderSize': 10})
+        self.getPage("/maxrequestsize/index")
+        self.assertStatus("413 Request Entity Too Large")
+        self.assertBody("Request Entity Too Large")
+        cherrypy.config.update({'server.maxRequestHeaderSize': 0})
+
+        # Test upload
+        h = [("Content-type", "multipart/form-data; boundary=x"),
+             ("Content-Length", "110")]
+        b = """--x
+Content-Disposition: form-data; name="file"; filename="hello.txt"
+Content-Type: text/plain
+
+hello
+--x--
+"""
+        self.getPage('/maxrequestsize/upload', h, "POST", b)
+        self.assertBody('Size: 5')
+        cherrypy.config.update({
+            '/maxrequestsize': {'server.maxRequestBodySize': 3}})
+        self.getPage('/maxrequestsize/upload', h, "POST", b)
+        self.assertStatus("413 Request Entity Too Large")
+        self.assertInBody("Request Entity Too Large")
-
-if __name__ == '__main__':