Mercurial > p > roundup > code

diff roundup/cgi/actions.py @ 8580:5cba36e42b8f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
chore: refactor replace urlparse with urlsplit and use urllib_ Python docs recommend use of urlsplit() rather than urlparse(). urlsplit() is a little faster and doesn't try to split the path into path and params using the rules from an obsolete RFC. actions.py, demo.py, rest.py, client.py Replace urlparse() with urlsplit() actions.py urlsplit() produces a named tuple with one fewer elements (no .param). So fixup calls to urlunparse() so they have the proper number of elements in the tuple. also merge url filtering for param and path. demo.py, rest.py: Replace imports from urlparse/urllib.parse with roundup.anypy.urllib_ so we use the same interface throughout the code base. test/test_cgi.py: Since actions.py filtering for invali urls not split by path/param, fix tests for improperly quoted url's.
author John Rouillard <rouilj@ieee.org>
date Sun, 19 Apr 2026 22:58:59 -0400
parents 166cb2632315
children
line wrap: on
line diff
--- a/roundup/cgi/actions.py	Sun Apr 19 22:51:54 2026 -0400
+++ b/roundup/cgi/actions.py	Sun Apr 19 22:58:59 2026 -0400
@@ -92,9 +92,9 @@
         Finally paste the whole thing together and return the new url.
         '''
 
-        parsed_url_tuple = urllib_.urlparse(url)
+        parsed_url_tuple = urllib_.urlsplit(url)
         if self.base:
-            parsed_base_url_tuple = urllib_.urlparse(self.base)
+            parsed_base_url_tuple = urllib_.urlsplit(self.base)
         else:
             raise ValueError(self._("Base url not set. Check configuration."))
 
@@ -106,7 +106,6 @@
                 'url_scheme': parsed_url_tuple.scheme,
                 'url_netloc': parsed_url_tuple.netloc,
                 'url_path': parsed_url_tuple.path,
-                'url_params': parsed_url_tuple.params,
                 'url_query': parsed_url_tuple.query,
                 'url_fragment': parsed_url_tuple.fragment}
 
@@ -142,16 +141,15 @@
             raise ValueError(self._("Path component (%(url_path)s) in %(url)s "
                                     "is not properly escaped") % info)
 
-        if not allowed_pattern.match(parsed_url_tuple.params):
-            raise ValueError(self._("Params component (%(url_params)s) in %(url)s is not properly escaped") % info)
-
         if not allowed_pattern.match(parsed_url_tuple.query):
             raise ValueError(self._("Query component (%(url_query)s) in %(url)s is not properly escaped") % info)
 
         if not allowed_pattern.match(parsed_url_tuple.fragment):
             raise ValueError(self._("Fragment component (%(url_fragment)s) in %(url)s is not properly escaped") % info)
 
-        return urllib_.urlunparse(parsed_url_tuple)
+        return urllib_.urlunparse((*parsed_url_tuple[0:3],
+                                   "", # urlsplit has no .params
+                                   *parsed_url_tuple[3:]))
 
     name = ''
     permissionType = None
@@ -1278,7 +1276,7 @@
             #      a new error message
 
             clean_url = self.examine_url(self.form['__came_from'].value)
-            redirect_url_tuple = urllib_.urlparse(clean_url)
+            redirect_url_tuple = urllib_.urlsplit(clean_url)
             # now I have a tuple form for the __came_from url
             try:
                 query = urllib_.parse_qs(redirect_url_tuple.query)
@@ -1300,7 +1298,7 @@
                 (redirect_url_tuple.scheme,
                  redirect_url_tuple.netloc,
                  redirect_url_tuple.path,
-                 redirect_url_tuple.params,
+                 "",  # urlsplit() has no .params
                  urllib_.urlencode(list(sorted(query.items())), doseq=True),
                  redirect_url_tuple.fragment))
 
@@ -1318,7 +1316,7 @@
                     (redirect_url_tuple.scheme,
                      redirect_url_tuple.netloc,
                      redirect_url_tuple.path,
-                     redirect_url_tuple.params,
+                     "",  # urlsplit() has no .params
                      urllib_.urlencode(list(sorted(query.items())), doseq=True),
                      redirect_url_tuple.fragment))
                 raise exceptions.Redirect(redirect_url)
@@ -1341,7 +1339,7 @@
                     (redirect_url_tuple.scheme,
                      redirect_url_tuple.netloc,
                      redirect_url_tuple.path,
-                     redirect_url_tuple.params,
+                     "",  # urlsplit() has no .params
                      urllib_.urlencode(list(sorted(query.items())), doseq=True),
                      redirect_url_tuple.fragment))
                 raise exceptions.Redirect(redirect_url)
@@ -1363,7 +1361,7 @@
             redirect_url = urllib_.urlunparse((redirect_url_tuple.scheme,
                                                redirect_url_tuple.netloc,
                                                redirect_url_tuple.path,
-                                               redirect_url_tuple.params,
+                                               "",  # urlsplit has no .params
                                                urllib_.urlencode(list(sorted(query.items())), doseq=True),
                                                redirect_url_tuple.fragment))
Roundup Issue Tracker: http://roundup-tracker.org/