Python package for HTTP/1.1 style headers. Parse headers to objects. Most advanced available structure for http headers.
Home Page: https://ousret.github.io/kiss-headers/
License: MIT License
Describe the bug
Double quote (escaped) inside attribute value is not handled correctly in a particular case.
text/html; charset="UTF-\"8"
To Reproduce
Steps to reproduce the behavior:
from kiss_headers.utils import header_content_split
from kiss_headers import Attributes
if __name__ == "__main__":
print(
Attributes(header_content_split('text/html; charset="UTF-\"8"', ";"))
)
Expected behavior
A clear and concise description of what you expected to happen.
from kiss_headers.utils import header_content_split
from kiss_headers import Attributes
if __name__ == "__main__":
attributes = Attributes(header_content_split('text/html; charset="UTF-\"8"', ";"))
# 1) Correct
print(attributes["charset"]) # output: 'UTF-"8'
# 2) Wrong
print(attributes) # output: 'text/html; charset="UTF-"8"'
# Should have gotten 'text/html; charset="UTF-\"8"'https://github.com/Ousret/kiss-headers/blob/master/kiss_headers/models.py#L1211
When a proxy is used, there is an additional HTTP/1.1 200 Connection established\n\n, which this tool can't handle.
ALL_PROXY=http://127.0.0.1:1087 http_proxy=http://127.0.0.1:1087 https_proxy=http://127.0.0.1:1087 HTTP_PROXY=http://127.0.0.1:1087 HTTPS_PROXY=http://127.0.0.1:1087 curl --head https://ipython.readthedocs.io/_/downloads/en/stable/epub/
HTTP/1.1 200 Connection established
HTTP/2 200
date: Tue, 28 Sep 2021 13:45:34 GMT
content-type: application/epub+zip
content-length: 3706401
content-disposition: filename=ipython-readthedocs-io-en-stable.epub
x-amz-id-2: 2PO2WHP4qGqkhyC1VbRE2KLN2g4uk38vYzaNJDU/OBSxh4lUtYgERD2FNAOPkKPD1a6rsNBMeKI=
x-amz-request-id: 21E21R71FAY4WQKT
last-modified: Sat, 25 Sep 2021 00:43:37 GMT
etag: "6f512f04591f7667486d044c54708448"
x-served: Nginx-Proxito-Sendfile
x-backend: web-i-078619706c1392c2c
x-rtd-project: ipython
x-rtd-version: stable
x-rtd-path: /proxito/epub/ipython/stable/ipython.epub
x-rtd-domain: ipython.readthedocs.io
x-rtd-version-method: path
x-rtd-project-method: subdomain
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 270
expires: Tue, 28 Sep 2021 15:45:34 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 695d69b549330686-LHR
Describe this issue
The function is_legal_header_name @ against to the RFC2616 (RFC7230 ?)
about CTLs (octets 0 - 31 and DEL 127) and the 19 seprartors (\x2f, \x22)
or I am missing any udates of the RFCs.
ref:
message-header = field-name ":" [ field-value ]
field-name = token
token = 1*<any CHAR except CTLs or separators>
CTL = <any US-ASCII control character
(octets 0 - 31) and DEL (127)>
separators = "(" | ")" | "<" | ">" | "@"
| "," | ";" | ":" | "\" | <">
| "/" | "[" | "]" | "?" | "="
| "{" | "}" | SP | HT
SP = <US-ASCII SP, space (32)>
HT = <US-ASCII HT, horizontal-tab (9)>
<"> = <US-ASCII double-quote mark (34)>
To Reproduce
Steps to reproduce the behavior:
Expected behavior
# this should passed
assert is_legal_header_name('\x00') is False # NUL
assert is_legal_header_name('\x07') is False # BEL
assert is_legal_header_name('invalid"') is False # \x22
assert is_legal_header_name('invalid/') is False # \x2fStacktrace
If applicable, add stacktrace to help explain your problem.
Additional context
maybe a patch here, if this issue for the `is_legal_header_name` confirmed
file https://github.com/Ousret/kiss-headers/blob/83775798/kiss_headers/utils.py#L385
--- a/kiss_headers/utils.py
+++ b/kiss_headers/utils.py
- and search(r"[^\x00-\x7F]|[:;(),<>=@?\[\]\r\n\t &{}\\]", name) is None
+ and search(r"[^\x21-\x7e]|[()<>@,;:\x5c\x22\x2f\[\]?={}]", name) is None
+ # ^^ ^^ ^^^^^^^^ ^ ^ ^ ^ ^^^^^
+ # -- -- -- ordered 17 separators ---
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.