Message 272856 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	rr-
Recipients	rr-
Date	2016-08-16.13:55:45
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1471355745.98.0.805545529346.issue27777@psf.upfronthosting.co.za>
In-reply-to

Content
Sending requests with Content-Length but without Content-Disposition headers causes following error: Traceback (most recent call last): File "./test", line 19, in <module> form = cgi.FieldStorage(fp=env['wsgi.input'], environ=env) File "/usr/lib/python3.5/cgi.py", line 561, in __init__ self.read_single() File "/usr/lib/python3.5/cgi.py", line 740, in read_single self.read_binary() File "/usr/lib/python3.5/cgi.py", line 762, in read_binary self.file.write(data) TypeError: write() argument must be str, not bytes I've attached a test file that reproduces the issue. The issue is because read_single decides whether to read the content as binary or text depending on content-length - if it's > 0, it uses read_binary which assumes binary input, and rewrites this input to self.file, assuming self.file is opened in binary mode. At the same, self.file is opened in text mode, because self._binary_file is set to False, which in turn is because there's no Content-Disposition header. At very least, the decision whether to use binary or text should be consistent in both places (self.length >= 0 vs self._binary_file). Related: https://bugs.python.org/issue27308 Note that unlike https://bugs.python.org/issue24764 this issue does NOT concern multipart requests.

Sending requests with Content-Length but without Content-Disposition headers causes following error:

Traceback (most recent call last):
  File "./test", line 19, in <module>
    form = cgi.FieldStorage(fp=env['wsgi.input'], environ=env)
  File "/usr/lib/python3.5/cgi.py", line 561, in __init__
    self.read_single()
  File "/usr/lib/python3.5/cgi.py", line 740, in read_single
    self.read_binary()
  File "/usr/lib/python3.5/cgi.py", line 762, in read_binary
    self.file.write(data)
TypeError: write() argument must be str, not bytes

I've attached a test file that reproduces the issue.

The issue is because read_single decides whether to read the content as binary or text depending on content-length - if it's > 0, it uses read_binary which assumes binary input, and rewrites this input to self.file, assuming self.file is opened in binary mode.

At the same, self.file is opened in text mode, because self._binary_file is set to False, which in turn is because there's no Content-Disposition header.

At very least, the decision whether to use binary or text should be consistent in both places (self.length >= 0 vs self._binary_file).

Related: https://bugs.python.org/issue27308
Note that unlike https://bugs.python.org/issue24764 this issue does NOT concern multipart requests.

History
Date	User	Action	Args
2016-08-16 13:55:46	rr-	set	recipients: + rr-
2016-08-16 13:55:45	rr-	set	messageid: <1471355745.98.0.805545529346.issue27777@psf.upfronthosting.co.za>
2016-08-16 13:55:45	rr-	link	issue27777 messages
2016-08-16 13:55:45	rr-	create