[Zope3-checkins] SVN: Zope3/trunk/ Fixed issue 304 by requiring all values in the DSN to be properly

Stephan Richter srichter at cosmos.phy.tufts.edu
Thu Dec 9 15:58:01 EST 2004


Log message for revision 28612:
  Fixed issue 304 by requiring all values in the DSN to be properly 
  URL-encoded.
  

Changed:
  U   Zope3/trunk/doc/CHANGES.txt
  U   Zope3/trunk/doc/TODO.txt
  U   Zope3/trunk/src/zope/app/rdb/__init__.py
  U   Zope3/trunk/src/zope/app/rdb/interfaces.py
  U   Zope3/trunk/src/zope/app/rdb/tests/test_dsnparser.py

-=-
Modified: Zope3/trunk/doc/CHANGES.txt
===================================================================
--- Zope3/trunk/doc/CHANGES.txt	2004-12-09 20:57:11 UTC (rev 28611)
+++ Zope3/trunk/doc/CHANGES.txt	2004-12-09 20:58:00 UTC (rev 28612)
@@ -249,6 +249,10 @@
 
     Bug Fixes
 
+      - Resolved issue 304 (Slash involve dbname). We require now that all
+        values in a DSN are properly URL-encoded, so that all values can
+        contain any special character, except for the hostname and the port.
+
       - Fixed intid utility: Registration and unregistration of
         local utitlity services, context aware registration of nested 
         components that may provide their own intids utiltities.

Modified: Zope3/trunk/doc/TODO.txt
===================================================================
--- Zope3/trunk/doc/TODO.txt	2004-12-09 20:57:11 UTC (rev 28611)
+++ Zope3/trunk/doc/TODO.txt	2004-12-09 20:58:00 UTC (rev 28612)
@@ -67,8 +67,6 @@
 
 * 302: File objects can't contain non-ascii characters
 
-* 304: Slash involve dbname 
-
 * 305: system error Translations/"Edit Messages" (Stephan)
 
 * 306: page/view-menu-layer configuration

Modified: Zope3/trunk/src/zope/app/rdb/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/rdb/__init__.py	2004-12-09 20:57:11 UTC (rev 28611)
+++ Zope3/trunk/src/zope/app/rdb/__init__.py	2004-12-09 20:58:00 UTC (rev 28612)
@@ -21,6 +21,7 @@
 """
 import types, string
 from types import StringTypes
+from urllib import unquote_plus
 
 from persistent import Persistent
 
@@ -179,6 +180,9 @@
        dbi://user:passwd@host:port/dbname
        dbi://user:passwd@host:port/dbname;param1=value...
 
+    Any values that might contain characters special for URIs need to be
+    quoted as it would be returned by `urllib.quote_plus`.
+
     Return value is a mapping with the following keys:
 
        username     username (if given) or an empty string
@@ -202,7 +206,9 @@
     dsn = raw_params[0]
     raw_params = raw_params[1:]
 
-    parameters = dict([param.split('=') for param in raw_params])
+    parameters = [param.split('=') for param in raw_params]
+    parameters = dict([(unquote_plus(key), unquote_plus(value))
+                       for key, value in parameters])
 
     result['parameters'] = parameters
 
@@ -213,7 +219,7 @@
         dbname = dsn
         dsn = ''
 
-    result['dbname'] = dbname
+    result['dbname'] = unquote_plus(dbname)
 
     # Get host and port from DSN
     if dsn and dsn.find('@') > 0:
@@ -237,8 +243,8 @@
     else:
         username, password = '', ''
 
-    result['username'] = username
-    result['password'] = password
+    result['username'] = unquote_plus(username)
+    result['password'] = unquote_plus(password)
 
     return result
 

Modified: Zope3/trunk/src/zope/app/rdb/interfaces.py
===================================================================
--- Zope3/trunk/src/zope/app/rdb/interfaces.py	2004-12-09 20:57:11 UTC (rev 28611)
+++ Zope3/trunk/src/zope/app/rdb/interfaces.py	2004-12-09 20:58:00 UTC (rev 28612)
@@ -405,7 +405,9 @@
         "dbi://user:passwd/dbname\n"
         "dbi://user:passwd/dbname;param1=value...\n"
         "dbi://user:passwd@host:port/dbname\n"
-        "dbi://user:passwd@host:port/dbname;param1=value...\n"),
+        "dbi://user:passwd@host:port/dbname;param1=value...\n"
+        "\n"
+        "All values should be properlu URL-encoded."),
         default=u"dbi://dbname",
         required=True)
 

Modified: Zope3/trunk/src/zope/app/rdb/tests/test_dsnparser.py
===================================================================
--- Zope3/trunk/src/zope/app/rdb/tests/test_dsnparser.py	2004-12-09 20:57:11 UTC (rev 28611)
+++ Zope3/trunk/src/zope/app/rdb/tests/test_dsnparser.py	2004-12-09 20:58:00 UTC (rev 28612)
@@ -27,6 +27,12 @@
                   'password': '', 'host': '', 'port': ''}
         self.assertEqual(result, parseDSN(dsn))
 
+    def testDBNameWithSpecialCharacters(self):
+        dsn = 'dbi://test%2Fmore+'
+        result = {'parameters': {}, 'dbname': 'test/more ', 'username': '',
+                  'password': '', 'host': '', 'port': ''}
+        self.assertEqual(result, parseDSN(dsn))
+
     def testDBNameAndParams(self):
         dsn = 'dbi://test;param1=value1;param2=value2'
         result = {'parameters': {'param1': 'value1', 'param2': 'value2'},
@@ -46,6 +52,12 @@
                   'password': 'muster', 'host': '', 'port': ''}
         self.assertEqual(result, parseDSN(dsn))
 
+    def testUserPasswordWithSpecialCharacters(self):
+        dsn = 'dbi://m+i+k+e:m%7Bu%7Dster/test'
+        result = {'parameters': {}, 'dbname': 'test', 'username': 'm i k e',
+                  'password': 'm{u}ster', 'host': '', 'port': ''}
+        self.assertEqual(result, parseDSN(dsn))
+
     def testPasswordWithColon(self):
         dsn = 'dbi://mike:before:after/test'
         result = {'parameters': {}, 'dbname': 'test', 'username': 'mike',
@@ -59,6 +71,12 @@
                   'host': '', 'port': ''}
         self.assertEqual(result, parseDSN(dsn))
 
+    def testParamsWithSpecialCharacters(self):
+        dsn = 'dbi://test;param%40=value%21;param%23=value%24'
+        result = {'parameters': {'param@': 'value!', 'param#': 'value$'},
+                  'dbname': 'test', 'username': '', 'password': '',
+                  'host': '', 'port': ''}
+        self.assertEqual(result, parseDSN(dsn))
 
     def testUserAndHostWithoutPort(self):
         dsn = 'dbi://mike@bohr/test'



More information about the Zope3-Checkins mailing list