g2p / rfc6266 Goto Github PK

Content-Disposition header support for Python

License: GNU Lesser General Public License v3.0

Python 100.00%

rfc6266's Introduction

rfc6266

This module parses and generates HTTP Content-Disposition headers. These headers are used when getting resources for download; they provide a hint of whether the file should be downloaded, and of what filename to use when saving.

Usage

Receiver

parse_headers builds a ContentDisposition object from the Content-Disposition header and (as a fallback) the document location. Shortcuts work with response objects from httplib2 and the requests library.

Important attributes of ContentDisposition are is_inline, filename_unsafe, filename_sanitized.

Sender

build_header builds a header value from a filename.

Security

The Content-Disposition filename should be used with caution. Do not let the sender overwrite an arbitrary filesystem location, pick arbitrary extensions or filenames with special meaning, pick filenames containing unusual or misleading characters, etc. Read RFC 6266 section 4.3 for more details.

Testing

To test in the current Python implementation:

py.test

To test compatibility across Python releases:

tox

rfc6266 is currently tested under Python 2.7, Python 2.6, Python 3.3, Python 3.2, and PyPy (1.7).

References

RFC 6266 <https://tools.ietf.org/html/rfc6266> specifies the Content-Disposition header
RFC 5987 <https://tools.ietf.org/html/rfc5987> specifies a way to encode non-ascii filenames
TC 2231 <http://greenbytes.de/tech/tc2231/> is a test suite for Content-Disposition headers

rfc6266's People

Contributors

Stargazers

Watchers

rfc6266's Issues

It would be nice to have a way to bypass extension replacement in filename_sanitized

I want to use slash/dir sep and leading dots removal, yet I want to preserve extension.

Which leads to a code like this:

        parsed = parse_requests_response(resp)
        fname = parsed.filename_sanitized(
            os.path.splitext(parsed.filename_unsafe)[-1].strip("."))

Can make you a PR if you want.

Version on PyPi out of date, raises AttributeError on parse_headers

As of 2016-10-29, the rfc6266 package on PyPi (https://pypi.python.org/pypi/rfc6266) is dated 2013-11-13. There is a typo in that version that has been fixed in the version on Github. Line 28 reads:

LOGGER.addHandler(logging.NullHandler)

instead of:

LOGGER.addHandler(logging.NullHandler())

So the call to LOGGER.debug inside parse_headers raises an AttributeError.

dependency LEPL develop discontinued

just left a notice here as I encounter some error with LEPL under python 3.7,
as this project have been left untouched for a really long time too.

Release 0.0.5?

We have run into issues on 0.0.4 due to the log handler being a class instead of an instantiated class, I know it has been a while, but could you possibly do a 0.0.5 release on master? It would help us out a lot.

Project is abandoned

Looking at #8, it appears as if this project is abandoned.

@g2p Is there any intention to maintain this project? I'd be willing to adopt it if you do not wish to maintain it.

I also see there's at least one fork and that project looks more actively maintained (only 2 years stale). @SWW13, is that project actively maintained?

Project no longer builds under Setuptools 58

This project relies on the use2to3 feature of Setuptools which was removed in Setuptools 58. As a result, this project no longer builds naturally. In pypa/setuptools#2767, I describe some proposed fixes, all of which require some maintenance in this project.

question on improvements to "filename*" handling

I have a question or perhaps a suggestion to

rfc6266/rfc6266.py

Line 107 in cad5896

return self.assocs['filename*'].string

I wonder if it wouldn't be better/(easier on high level libraries that will use it) to assign to 'self.assocs['filename']' as opposed to 'self.assocs['filename*']'?
shouldn't the file name extracted from 'filename*' be 1) urldecoded 2) character decoded from defined encoding? (https://tools.ietf.org/html/rfc5987)

ValueError with empty filename

How to reproduce:

rfc6266.parse_headers('attachment; filename=""')

Traceback (most recent call last):
  File "contentdisposition.py", line 3, in <module>
    rfc6266.parse_headers('attachment; filename=""')
  File "rfc6266.py", line 232, in parse_headers
    disposition=parsed[0], assocs=parsed[1:], location=location)
  File "rfc6266.py", line 86, in __init__
    self.assocs = dict((key.lower(), val) for (key, val) in assocs)
  File "rfc6266.py", line 86, in <genexpr>
    self.assocs = dict((key.lower(), val) for (key, val) in assocs)
ValueError: need more than 1 value to unpack

undeclared dependency on pytest, pytest failures?

It would be reasonable to consider me a Python n00b, so feel free to close this if you like:

It looks to me like there's an undeclared dependency on pytest. Specifically, after installing with

python setup.py install --user

(python version is 2.7)

I try to run the test file with

python test_rfc6266.py

and discover that I need pytest.

Second, after installing pytest, I see this output:

python -m pytest
=========================================================================================== test session starts ============================================================================================
platform darwin -- Python 2.7.12, pytest-3.0.2, py-1.4.31, pluggy-0.3.1
rootdir: /private/tmp/rfc6266, inifile: 
collected 7 items 

test_rfc6266.py .EE....

================================================================================================== ERRORS ==================================================================================================
_____________________________________________________________________________________ ERROR at setup of test_httplib2 ______________________________________________________________________________________
file /private/tmp/rfc6266/test_rfc6266.py, line 26
  @pytest.mark.skipif("(3,0) <= sys.version_info < (3,3)")
  def test_httplib2(httpserver):
E       fixture 'httpserver' not found
>       available fixtures: cache, capfd, capsys, doctest_namespace, monkeypatch, pytestconfig, record_xml_property, recwarn, tmpdir, tmpdir_factory
>       use 'pytest --fixtures [testpath]' for help on them.

/private/tmp/rfc6266/test_rfc6266.py:26
_____________________________________________________________________________________ ERROR at setup of test_requests ______________________________________________________________________________________
file /private/tmp/rfc6266/test_rfc6266.py, line 36
  @pytest.mark.skipif("(3,0) <= sys.version_info < (3,3)")
  def test_requests(httpserver):
E       fixture 'httpserver' not found
>       available fixtures: cache, capfd, capsys, doctest_namespace, monkeypatch, pytestconfig, record_xml_property, recwarn, tmpdir, tmpdir_factory
>       use 'pytest --fixtures [testpath]' for help on them.

/private/tmp/rfc6266/test_rfc6266.py:36
==================================================================================== 5 passed, 2 error in 0.22 seconds =====================================================================================

Finally, I guess I was surprised by the test coverage--there's not much coverage of parsing of interesting Content-Disposition lines?

Many thanks, sorry for being so needy!

rfc6266 should not raise on unsafe lws

RFC 6266 section 3 "Conformance and Error Handling"

Recipients MAY take steps to recover a usable field value from an
invalid header field, but SHOULD NOT reject the message outright,
unless this is explicitly desirable behavior (e.g., the
implementation is a validator). As such, the default handling of
invalid fields is to ignore them.

logging.NullHandler not available under python 2.6

This handler is available starting from python 2.7. The documentation says rfc6266 is compatible with python 2.6. Am I missing something?

Thanks.