Hackfut Security File Manager
Current Path:
/opt/alt/python37/lib64/python3.7/site-packages/aiohttp
opt
/
alt
/
python37
/
lib64
/
python3.7
/
site-packages
/
aiohttp
/
📁
..
📁
.hash
📄
__init__.py
(6.71 KB)
📁
__pycache__
📄
_cparser.pxd
(4.88 KB)
📄
_find_header.c
(183.17 KB)
📄
_find_header.h
(170 B)
📄
_find_header.pxd
(68 B)
📄
_headers.pxi
(1.96 KB)
📄
_helpers.c
(207.99 KB)
📄
_helpers.cpython-37m-x86_64-linux-gnu.so
(190.32 KB)
📄
_helpers.pyi
(202 B)
📄
_helpers.pyx
(1.02 KB)
📄
_http_parser.c
(955.26 KB)
📄
_http_parser.cpython-37m-x86_64-linux-gnu.so
(1.38 MB)
📄
_http_parser.pyx
(25.95 KB)
📄
_http_writer.c
(216.08 KB)
📄
_http_writer.cpython-37m-x86_64-linux-gnu.so
(202.37 KB)
📄
_http_writer.pyx
(4.47 KB)
📄
_websocket.c
(135.18 KB)
📄
_websocket.cpython-37m-x86_64-linux-gnu.so
(91.18 KB)
📄
_websocket.pyx
(1.52 KB)
📄
abc.py
(5.38 KB)
📄
base_protocol.py
(2.64 KB)
📄
client.py
(43.87 KB)
📄
client_exceptions.py
(9.06 KB)
📄
client_proto.py
(8 KB)
📄
client_reqrep.py
(36.02 KB)
📄
client_ws.py
(10.29 KB)
📄
connector.py
(49.66 KB)
📄
cookiejar.py
(13.25 KB)
📄
formdata.py
(5.98 KB)
📄
hdrs.py
(4.61 KB)
📄
helpers.py
(25.63 KB)
📄
http.py
(1.78 KB)
📄
http_exceptions.py
(2.53 KB)
📄
http_parser.py
(31.83 KB)
📄
http_websocket.py
(24.76 KB)
📄
http_writer.py
(5.84 KB)
📄
locks.py
(1.13 KB)
📄
log.py
(325 B)
📄
multipart.py
(31.68 KB)
📄
payload.py
(13.38 KB)
📄
payload_streamer.py
(2.06 KB)
📄
py.typed
(7 B)
📄
pytest_plugin.py
(11.5 KB)
📄
resolver.py
(4.97 KB)
📄
streams.py
(20.35 KB)
📄
tcp_helpers.py
(962 B)
📄
test_utils.py
(20.72 KB)
📄
tracing.py
(14.95 KB)
📄
typedefs.py
(1.72 KB)
📄
web.py
(17.51 KB)
📄
web_app.py
(16.86 KB)
📄
web_exceptions.py
(9.87 KB)
📄
web_fileresponse.py
(10.53 KB)
📄
web_log.py
(7.39 KB)
📄
web_middlewares.py
(4.04 KB)
📄
web_protocol.py
(22.02 KB)
📄
web_request.py
(27.23 KB)
📄
web_response.py
(26.92 KB)
📄
web_routedef.py
(5.9 KB)
📄
web_runner.py
(10.93 KB)
📄
web_server.py
(2.01 KB)
📄
web_urldispatcher.py
(38.62 KB)
📄
web_ws.py
(16.85 KB)
📄
worker.py
(8.57 KB)
Editing: web_middlewares.py
import re from typing import TYPE_CHECKING, Awaitable, Callable, Tuple, Type, TypeVar from .typedefs import Handler from .web_exceptions import HTTPPermanentRedirect, _HTTPMove from .web_request import Request from .web_response import StreamResponse from .web_urldispatcher import SystemRoute __all__ = ( "middleware", "normalize_path_middleware", ) if TYPE_CHECKING: # pragma: no cover from .web_app import Application _Func = TypeVar("_Func") async def _check_request_resolves(request: Request, path: str) -> Tuple[bool, Request]: alt_request = request.clone(rel_url=path) match_info = await request.app.router.resolve(alt_request) alt_request._match_info = match_info if match_info.http_exception is None: return True, alt_request return False, request def middleware(f: _Func) -> _Func: f.__middleware_version__ = 1 # type: ignore[attr-defined] return f _Middleware = Callable[[Request, Handler], Awaitable[StreamResponse]] def normalize_path_middleware( *, append_slash: bool = True, remove_slash: bool = False, merge_slashes: bool = True, redirect_class: Type[_HTTPMove] = HTTPPermanentRedirect, ) -> _Middleware: """Factory for producing a middleware that normalizes the path of a request. Normalizing means: - Add or remove a trailing slash to the path. - Double slashes are replaced by one. The middleware returns as soon as it finds a path that resolves correctly. The order if both merge and append/remove are enabled is 1) merge slashes 2) append/remove slash 3) both merge slashes and append/remove slash. If the path resolves with at least one of those conditions, it will redirect to the new path. Only one of `append_slash` and `remove_slash` can be enabled. If both are `True` the factory will raise an assertion error If `append_slash` is `True` the middleware will append a slash when needed. If a resource is defined with trailing slash and the request comes without it, it will append it automatically. If `remove_slash` is `True`, `append_slash` must be `False`. When enabled the middleware will remove trailing slashes and redirect if the resource is defined If merge_slashes is True, merge multiple consecutive slashes in the path into one. """ correct_configuration = not (append_slash and remove_slash) assert correct_configuration, "Cannot both remove and append slash" @middleware async def impl(request: Request, handler: Handler) -> StreamResponse: if isinstance(request.match_info.route, SystemRoute): paths_to_check = [] if "?" in request.raw_path: path, query = request.raw_path.split("?", 1) query = "?" + query else: query = "" path = request.raw_path if merge_slashes: paths_to_check.append(re.sub("//+", "/", path)) if append_slash and not request.path.endswith("/"): paths_to_check.append(path + "/") if remove_slash and request.path.endswith("/"): paths_to_check.append(path[:-1]) if merge_slashes and append_slash: paths_to_check.append(re.sub("//+", "/", path + "/")) if merge_slashes and remove_slash: merged_slashes = re.sub("//+", "/", path) paths_to_check.append(merged_slashes[:-1]) for path in paths_to_check: path = re.sub("^//+", "/", path) # SECURITY: GHSA-v6wp-4m6f-gcjg resolves, request = await _check_request_resolves(request, path) if resolves: raise redirect_class(request.raw_path + query) return await handler(request) return impl def _fix_request_current_app(app: "Application") -> _Middleware: @middleware async def impl(request: Request, handler: Handler) -> StreamResponse: with request.match_info.set_current_app(app): return await handler(request) return impl
Upload File
Create Folder