CGI: POST and GET
William
wilk-spamout at flibuste.net
Sun Feb 9 03:54:26 EST 2003
printf_nemesis at hotmail.com (empty) writes:
> Is it possible to retrieve specifically POST or GET method information
> ? Does cgi.FieldStorage() have a method for that ? And if its not
> possible, thats a big security issue, any other form of security ?
I think if you change the argument of FieldStorage, you can skip GET or
POST.
But why do you say it's a security issue ?
class FieldStorage:
def __init__(self, fp=None, headers=None, outerboundary="",
environ=os.environ, keep_blank_values=0, strict_parsing=0):
"""Constructor. Read multipart/* until last part.
Arguments, all optional:
fp : file pointer; default: sys.stdin
(not used when the request method is GET)
headers : header dictionary-like object; default:
taken from environ as per CGI spec
outerboundary : terminating multipart boundary
(for internal use only)
environ : environment dictionary; default: os.environ
keep_blank_values: flag indicating whether blank values in
URL encoded forms should be treated as blank strings.
A true value indicates that blanks should be retained as
blank strings. The default false value indicates that
blank values are to be ignored and treated as if they were
not included.
strict_parsing: flag indicating what to do with parsing errors.
If false (the default), errors are silently ignored.
If true, errors raise a ValueError exception.
--
William Dode - http://flibuste.net
More information about the Python-list
mailing list