Unverified Kaydet (Commit) 698865dc authored tarafından INADA Naoki's avatar INADA Naoki Kaydeden (comit) GitHub

bpo-33843: Remove deprecated stuff in cgi module (GH-7662)

üst cb970730
...@@ -284,18 +284,6 @@ algorithms implemented in this module in other circumstances. ...@@ -284,18 +284,6 @@ algorithms implemented in this module in other circumstances.
passed to :func:`urllib.parse.parse_qs` unchanged. passed to :func:`urllib.parse.parse_qs` unchanged.
.. function:: parse_qs(qs, keep_blank_values=False, strict_parsing=False)
This function is deprecated in this module. Use :func:`urllib.parse.parse_qs`
instead. It is maintained here only for backward compatibility.
.. function:: parse_qsl(qs, keep_blank_values=False, strict_parsing=False)
This function is deprecated in this module. Use :func:`urllib.parse.parse_qsl`
instead. It is maintained here only for backward compatibility.
.. function:: parse_multipart(fp, pdict, encoding="utf-8", errors="replace") .. function:: parse_multipart(fp, pdict, encoding="utf-8", errors="replace")
Parse input of type :mimetype:`multipart/form-data` (for file uploads). Parse input of type :mimetype:`multipart/form-data` (for file uploads).
...@@ -348,20 +336,6 @@ algorithms implemented in this module in other circumstances. ...@@ -348,20 +336,6 @@ algorithms implemented in this module in other circumstances.
Print a list of useful (used by CGI) environment variables in HTML. Print a list of useful (used by CGI) environment variables in HTML.
.. function:: escape(s, quote=False)
Convert the characters ``'&'``, ``'<'`` and ``'>'`` in string *s* to HTML-safe
sequences. Use this if you need to display text that might contain such
characters in HTML. If the optional flag *quote* is true, the quotation mark
character (``"``) is also translated; this helps for inclusion in an HTML
attribute value delimited by double quotes, as in ``<a href="...">``. Note
that single quotes are never translated.
.. deprecated:: 3.2
This function is unsafe because *quote* is false by default, and therefore
deprecated. Use :func:`html.escape` instead.
.. _cgi-security: .. _cgi-security:
Caring about security Caring about security
......
...@@ -136,6 +136,10 @@ Removed ...@@ -136,6 +136,10 @@ Removed
to help eliminate confusion as to what Python interpreter the ``pyvenv`` to help eliminate confusion as to what Python interpreter the ``pyvenv``
script is tied to. (Contributed by Brett Cannon in :issue:`25427`.) script is tied to. (Contributed by Brett Cannon in :issue:`25427`.)
* ``parse_qs``, ``parse_qsl``, and ``escape`` are removed from :mod:`cgi`
module. They are deprecated from Python 3.2 or older.
Porting to Python 3.8 Porting to Python 3.8
===================== =====================
......
...@@ -38,16 +38,14 @@ import os ...@@ -38,16 +38,14 @@ import os
import urllib.parse import urllib.parse
from email.parser import FeedParser from email.parser import FeedParser
from email.message import Message from email.message import Message
from warnings import warn
import html import html
import locale import locale
import tempfile import tempfile
__all__ = ["MiniFieldStorage", "FieldStorage", __all__ = ["MiniFieldStorage", "FieldStorage", "parse", "parse_multipart",
"parse", "parse_qs", "parse_qsl", "parse_multipart",
"parse_header", "test", "print_exception", "print_environ", "parse_header", "test", "print_exception", "print_environ",
"print_form", "print_directory", "print_arguments", "print_form", "print_directory", "print_arguments",
"print_environ_usage", "escape"] "print_environ_usage"]
# Logging support # Logging support
# =============== # ===============
...@@ -183,21 +181,6 @@ def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0): ...@@ -183,21 +181,6 @@ def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
encoding=encoding) encoding=encoding)
# parse query string function called from urlparse,
# this is done in order to maintain backward compatibility.
def parse_qs(qs, keep_blank_values=0, strict_parsing=0):
"""Parse a query given as a string argument."""
warn("cgi.parse_qs is deprecated, use urllib.parse.parse_qs instead",
DeprecationWarning, 2)
return urllib.parse.parse_qs(qs, keep_blank_values, strict_parsing)
def parse_qsl(qs, keep_blank_values=0, strict_parsing=0):
"""Parse a query given as a string argument."""
warn("cgi.parse_qsl is deprecated, use urllib.parse.parse_qsl instead",
DeprecationWarning, 2)
return urllib.parse.parse_qsl(qs, keep_blank_values, strict_parsing)
def parse_multipart(fp, pdict, encoding="utf-8", errors="replace"): def parse_multipart(fp, pdict, encoding="utf-8", errors="replace"):
"""Parse multipart input. """Parse multipart input.
...@@ -974,18 +957,6 @@ environment as well. Here are some common variable names: ...@@ -974,18 +957,6 @@ environment as well. Here are some common variable names:
# Utilities # Utilities
# ========= # =========
def escape(s, quote=None):
"""Deprecated API."""
warn("cgi.escape is deprecated, use html.escape instead",
DeprecationWarning, stacklevel=2)
s = s.replace("&", "&amp;") # Must be done first!
s = s.replace("<", "&lt;")
s = s.replace(">", "&gt;")
if quote:
s = s.replace('"', "&quot;")
return s
def valid_boundary(s): def valid_boundary(s):
import re import re
if isinstance(s, bytes): if isinstance(s, bytes):
......
...@@ -4,7 +4,6 @@ import os ...@@ -4,7 +4,6 @@ import os
import sys import sys
import tempfile import tempfile
import unittest import unittest
import warnings
from collections import namedtuple from collections import namedtuple
from io import StringIO, BytesIO from io import StringIO, BytesIO
from test import support from test import support
...@@ -163,15 +162,6 @@ Content-Length: 3 ...@@ -163,15 +162,6 @@ Content-Length: 3
fs = cgi.FieldStorage(headers={'content-type':'text/plain'}) fs = cgi.FieldStorage(headers={'content-type':'text/plain'})
self.assertRaises(TypeError, bool, fs) self.assertRaises(TypeError, bool, fs)
def test_escape(self):
# cgi.escape() is deprecated.
with warnings.catch_warnings():
warnings.filterwarnings('ignore', r'cgi\.escape',
DeprecationWarning)
self.assertEqual("test &amp; string", cgi.escape("test & string"))
self.assertEqual("&lt;test string&gt;", cgi.escape("<test string>"))
self.assertEqual("&quot;test string&quot;", cgi.escape('"test string"', True))
def test_strict(self): def test_strict(self):
for orig, expect in parse_strict_test_cases: for orig, expect in parse_strict_test_cases:
# Test basic parsing # Test basic parsing
...@@ -449,20 +439,6 @@ this is the content of the fake file ...@@ -449,20 +439,6 @@ this is the content of the fake file
v = gen_result(data, environ) v = gen_result(data, environ)
self.assertEqual(result, v) self.assertEqual(result, v)
def test_deprecated_parse_qs(self):
# this func is moved to urllib.parse, this is just a sanity check
with check_warnings(('cgi.parse_qs is deprecated, use urllib.parse.'
'parse_qs instead', DeprecationWarning)):
self.assertEqual({'a': ['A1'], 'B': ['B3'], 'b': ['B2']},
cgi.parse_qs('a=A1&b=B2&B=B3'))
def test_deprecated_parse_qsl(self):
# this func is moved to urllib.parse, this is just a sanity check
with check_warnings(('cgi.parse_qsl is deprecated, use urllib.parse.'
'parse_qsl instead', DeprecationWarning)):
self.assertEqual([('a', 'A1'), ('b', 'B2'), ('B', 'B3')],
cgi.parse_qsl('a=A1&b=B2&B=B3'))
def test_parse_header(self): def test_parse_header(self):
self.assertEqual( self.assertEqual(
cgi.parse_header("text/plain"), cgi.parse_header("text/plain"),
......
Remove deprecated ``cgi.escape``, ``cgi.parse_qs`` and ``cgi.parse_qsl``.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment