Re: [Zope-dev] getting request variables values

21 Jul 2000

      Steve Alexander wrote:
...
However, looking in the code, it starts off by looking in "other", and
doesn't look in "environ" at all.
I suggest a patch to go right after the method's docstring:
def __getitem__(self,key,
                    default=_marker, # Any special internal marker will
do
                    URLmatch=regex.compile('URL[0-9]+$').match,
                    BASEmatch=regex.compile('BASE[0-9]+$').match,
                    ):
        """Get a variable value
Return a value for the required variable name.
        The value will be looked up from one of the request data
        categories. The search order is environment variables,
        other variables, form data, and then cookies.
""" #"
+       environ=self.environ
+       if environ.has_key(key):
+           return environ[key]
        other=self.other
        if other.has_key(key):
            if key=='REQUEST': return self
            return other[key]
Ok... I was wrong :-/

A bit later we have:

        if isCGI_NAME(key) or key[:5] == 'HTTP_':
            environ=self.environ
            if environ.has_key(key) and (not hide_key(key)):
                return environ[key]
            return ''

I was only sort-of wrong though :-)

The code certainly doesn't stick exactly to its docstring. The "other"
dictionary is seached first, then URLx where x is a number.
Then "environ" is searched, but *only* if the key begins with 'HTTP_' or
is in the following list:

SERVER_SOFTWARE, SERVER_NAME, GATEWAY_INTERFACE, SERVER_PROTOCOL,
SERVER_PORT, REQUEST_METHOD, PATH_INFO, PATH_TRANSLATED, SCRIPT_NAME,
QUERY_STRING, REMOTE_HOST, REMOTE_ADDR, AUTH_TYPE, REMOTE_USER,
REMOTE_IDENT, CONTENT_TYPE, CONTENT_LENGTH, SERVER_URL

Looking in Leonardo's sample environment, a posted to this list, there's
a lot of keys that won't get matched:

SSL_*
HTTPS_*
REMOTE_PORT
SERVER_ROOT
SERVER_SIGNATURE

My question is "why was __getitem__ of HTTPRequest.py designed this
way?".

Is there a good reason that it filters the keys according to membership
of a standard-cgi-keys list, or whether they start with 'HTTP_' ?
Would there be any disadvantage to altering __getitem__ so that it
behaves according to its docstring?

If so, the patch would probably be something like:

line 753.
         """ #"
 +       environ=self.environ
 +       if environ.has_key(key) and (not hide_key(key)):
 +           return environ[key]
         other=self.other
         if other.has_key(key):
             if key=='REQUEST': return self
             return other[key]

        if key[:1]=='U' and URLmatch(key) >= 0:
            path = self._script + self._steps
            n = len(path) - atoi(key[3:])
            if n < 0:
                raise KeyError, key
            URL=join([other['SERVER_URL']] + path[:n], '/')
            other[key]=URL
            self._urls = self._urls + (key,)
            return URL

-       if isCGI_NAME(key) or key[:5] == 'HTTP_':
-           environ=self.environ
-           if environ.has_key(key) and (not hide_key(key)):
-               return environ[key]
-           return ''

Comments?

--
Steve Alexander
Software Engineer
Cat-Box limited
http://www.cat-box.net