Hackfut Security File Manager
Current Path:
/opt/alt/python38/lib64/python3.8/site-packages/aiohttp
opt
/
alt
/
python38
/
lib64
/
python3.8
/
site-packages
/
aiohttp
/
📁
..
📁
.hash
📄
__init__.py
(6.77 KB)
📁
__pycache__
📄
_cparser.pxd
(3.87 KB)
📄
_find_header.c
(183.17 KB)
📄
_find_header.h
(170 B)
📄
_find_header.pxd
(68 B)
📄
_frozenlist.c
(287.3 KB)
📄
_frozenlist.pyx
(2.54 KB)
📄
_headers.pxi
(1.96 KB)
📄
_helpers.c
(207.02 KB)
📄
_helpers.pyi
(202 B)
📄
_helpers.pyx
(1.02 KB)
📄
_http_parser.c
(987.82 KB)
📄
_http_parser.pyx
(28.34 KB)
📄
_http_writer.c
(208.03 KB)
📄
_http_writer.pyx
(4.1 KB)
📄
_websocket.c
(134.21 KB)
📄
_websocket.pyx
(1.52 KB)
📄
abc.py
(5.12 KB)
📄
base_protocol.py
(2.64 KB)
📄
client.py
(42.89 KB)
📄
client_exceptions.py
(8.33 KB)
📄
client_proto.py
(7.97 KB)
📄
client_reqrep.py
(35.58 KB)
📄
client_ws.py
(10.05 KB)
📄
connector.py
(41.96 KB)
📄
cookiejar.py
(11.88 KB)
📄
formdata.py
(5.94 KB)
📄
frozenlist.py
(1.68 KB)
📄
frozenlist.pyi
(1.4 KB)
📄
hdrs.py
(3.37 KB)
📄
helpers.py
(22.38 KB)
📄
http.py
(1.78 KB)
📄
http_exceptions.py
(2.53 KB)
📄
http_parser.py
(30.06 KB)
📄
http_websocket.py
(24.51 KB)
📄
http_writer.py
(5.22 KB)
📄
locks.py
(1.19 KB)
📄
log.py
(325 B)
📄
multipart.py
(31.5 KB)
📄
payload.py
(13.02 KB)
📄
payload_streamer.py
(2.05 KB)
📄
py.typed
(7 B)
📄
pytest_plugin.py
(10.75 KB)
📄
resolver.py
(4.5 KB)
📄
signals.py
(852 B)
📄
signals.pyi
(319 B)
📄
streams.py
(20.05 KB)
📄
tcp_helpers.py
(962 B)
📄
test_utils.py
(19.78 KB)
📄
tracing.py
(14.03 KB)
📄
typedefs.py
(1.34 KB)
📄
web.py
(17.46 KB)
📄
web_app.py
(16.65 KB)
📄
web_exceptions.py
(9.87 KB)
📄
web_fileresponse.py
(8.81 KB)
📄
web_log.py
(7.32 KB)
📄
web_middlewares.py
(4.09 KB)
📄
web_protocol.py
(22.71 KB)
📄
web_request.py
(25.83 KB)
📄
web_response.py
(25.59 KB)
📄
web_routedef.py
(5.97 KB)
📄
web_runner.py
(10.93 KB)
📄
web_server.py
(2.01 KB)
📄
web_urldispatcher.py
(38.61 KB)
📄
web_ws.py
(16.39 KB)
📄
worker.py
(7.83 KB)
Editing: web_middlewares.py
import re from typing import TYPE_CHECKING, Awaitable, Callable, Tuple, Type, TypeVar from .web_exceptions import HTTPPermanentRedirect, _HTTPMove from .web_request import Request from .web_response import StreamResponse from .web_urldispatcher import SystemRoute __all__ = ( "middleware", "normalize_path_middleware", ) if TYPE_CHECKING: # pragma: no cover from .web_app import Application _Func = TypeVar("_Func") async def _check_request_resolves(request: Request, path: str) -> Tuple[bool, Request]: alt_request = request.clone(rel_url=path) match_info = await request.app.router.resolve(alt_request) alt_request._match_info = match_info # type: ignore if match_info.http_exception is None: return True, alt_request return False, request def middleware(f: _Func) -> _Func: f.__middleware_version__ = 1 # type: ignore return f _Handler = Callable[[Request], Awaitable[StreamResponse]] _Middleware = Callable[[Request, _Handler], Awaitable[StreamResponse]] def normalize_path_middleware( *, append_slash: bool = True, remove_slash: bool = False, merge_slashes: bool = True, redirect_class: Type[_HTTPMove] = HTTPPermanentRedirect ) -> _Middleware: """ Middleware factory which produces a middleware that normalizes the path of a request. By normalizing it means: - Add or remove a trailing slash to the path. - Double slashes are replaced by one. The middleware returns as soon as it finds a path that resolves correctly. The order if both merge and append/remove are enabled is 1) merge slashes 2) append/remove slash 3) both merge slashes and append/remove slash. If the path resolves with at least one of those conditions, it will redirect to the new path. Only one of `append_slash` and `remove_slash` can be enabled. If both are `True` the factory will raise an assertion error If `append_slash` is `True` the middleware will append a slash when needed. If a resource is defined with trailing slash and the request comes without it, it will append it automatically. If `remove_slash` is `True`, `append_slash` must be `False`. When enabled the middleware will remove trailing slashes and redirect if the resource is defined If merge_slashes is True, merge multiple consecutive slashes in the path into one. """ correct_configuration = not (append_slash and remove_slash) assert correct_configuration, "Cannot both remove and append slash" @middleware async def impl(request: Request, handler: _Handler) -> StreamResponse: if isinstance(request.match_info.route, SystemRoute): paths_to_check = [] if "?" in request.raw_path: path, query = request.raw_path.split("?", 1) query = "?" + query else: query = "" path = request.raw_path if merge_slashes: paths_to_check.append(re.sub("//+", "/", path)) if append_slash and not request.path.endswith("/"): paths_to_check.append(path + "/") if remove_slash and request.path.endswith("/"): paths_to_check.append(path[:-1]) if merge_slashes and append_slash: paths_to_check.append(re.sub("//+", "/", path + "/")) if merge_slashes and remove_slash: merged_slashes = re.sub("//+", "/", path) paths_to_check.append(merged_slashes[:-1]) for path in paths_to_check: path = re.sub("^//+", "/", path) # SECURITY: GHSA-v6wp-4m6f-gcjg resolves, request = await _check_request_resolves(request, path) if resolves: raise redirect_class(request.raw_path + query) return await handler(request) return impl def _fix_request_current_app(app: "Application") -> _Middleware: @middleware async def impl(request: Request, handler: _Handler) -> StreamResponse: with request.match_info.set_current_app(app): return await handler(request) return impl
Upload File
Create Folder