rpms
/
python-flask
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import python-flask-0.12.2-4.el8

Browse Source
c8 imports/c8/python-flask-0.12.2-4.el8
CentOS Sources 5 years ago committed by MSVSphere Packaging Team
commit 9a43a807c9
6 changed files with 583 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
.gitignore vendored
Unescape View File

@ -0,0 +1 @@
SOURCES/Flask-0.12.2.tar.gz

1
.python-flask.metadata
Unescape View File

@ -0,0 +1 @@
8193757ded6a4f0e7c9a3ce291bf3ae3a1d402c5 SOURCES/Flask-0.12.2.tar.gz

167
SOURCES/0001-detect-UTF-encodings-when-loading-json.patch
Unescape View File

@ -0,0 +1,167 @@
From 50062c4d8c4108d17b7f12d9518ce883956d3921 Mon Sep 17 00:00:00 2001
From: David Lord <davidism@gmail.com>
Date: Tue, 10 Apr 2018 09:29:48 -0700
Subject: [PATCH] detect UTF encodings when loading json
(cherry picked from commit 0e1e9a04aaf29ab78f721cfc79ac2a691f6e3929)
---
flask/json.py | 49 ++++++++++++++++++++++++++++++++++++++++++-
flask/wrappers.py | 13 +++---------
tests/test_helpers.py | 28 ++++++++++++++-----------
3 files changed, 67 insertions(+), 23 deletions(-)
diff --git a/flask/json.py b/flask/json.py
index 16e0c29..114873e 100644
--- a/flask/json.py
+++ b/flask/json.py
@@ -8,6 +8,7 @@
:copyright: (c) 2015 by Armin Ronacher.
:license: BSD, see LICENSE for more details.
"""
+import codecs
import io
import uuid
from datetime import date
@@ -108,6 +109,49 @@ def _load_arg_defaults(kwargs):
kwargs.setdefault('cls', JSONDecoder)
+def detect_encoding(data):
+ """Detect which UTF codec was used to encode the given bytes.
+
+ The latest JSON standard (:rfc:`8259`) suggests that only UTF-8 is
+ accepted. Older documents allowed 8, 16, or 32. 16 and 32 can be big
+ or little endian. Some editors or libraries may prepend a BOM.
+
+ :param data: Bytes in unknown UTF encoding.
+ :return: UTF encoding name
+ """
+ head = data[:4]
+
+ if head[:3] == codecs.BOM_UTF8:
+ return 'utf-8-sig'
+
+ if b'\x00' not in head:
+ return 'utf-8'
+
+ if head in (codecs.BOM_UTF32_BE, codecs.BOM_UTF32_LE):
+ return 'utf-32'
+
+ if head[:2] in (codecs.BOM_UTF16_BE, codecs.BOM_UTF16_LE):
+ return 'utf-16'
+
+ if len(head) == 4:
+ if head[:3] == b'\x00\x00\x00':
+ return 'utf-32-be'
+
+ if head[::2] == b'\x00\x00':
+ return 'utf-16-be'
+
+ if head[1:] == b'\x00\x00\x00':
+ return 'utf-32-le'
+
+ if head[1::2] == b'\x00\x00':
+ return 'utf-16-le'
+
+ if len(head) == 2:
+ return 'utf-16-be' if head.startswith(b'\x00') else 'utf-16-le'
+
+ return 'utf-8'
+
+
def dumps(obj, **kwargs):
"""Serialize ``obj`` to a JSON formatted ``str`` by using the application's
configured encoder (:attr:`~flask.Flask.json_encoder`) if there is an
@@ -142,7 +186,10 @@ def loads(s, **kwargs):
"""
_load_arg_defaults(kwargs)
if isinstance(s, bytes):
- s = s.decode(kwargs.pop('encoding', None) or 'utf-8')
+ encoding = kwargs.pop('encoding', None)
+ if encoding is None:
+ encoding = detect_encoding(s)
+ s = s.decode(encoding)
return _json.loads(s, **kwargs)
diff --git a/flask/wrappers.py b/flask/wrappers.py
index 04bdcb5..3e600fc 100644
--- a/flask/wrappers.py
+++ b/flask/wrappers.py
@@ -144,17 +144,10 @@ class Request(RequestBase):
if not (force or self.is_json):
return None
- # We accept a request charset against the specification as
- # certain clients have been using this in the past. This
- # fits our general approach of being nice in what we accept
- # and strict in what we send out.
- request_charset = self.mimetype_params.get('charset')
+ data = _get_data(self, cache)
+
try:
- data = _get_data(self, cache)
- if request_charset is not None:
- rv = json.loads(data, encoding=request_charset)
- else:
- rv = json.loads(data)
+ rv = json.loads(data)
except ValueError as e:
if silent:
rv = None
diff --git a/tests/test_helpers.py b/tests/test_helpers.py
index 9320ef7..9990782 100644
--- a/tests/test_helpers.py
+++ b/tests/test_helpers.py
@@ -21,6 +21,8 @@ from werkzeug.datastructures import Range
from werkzeug.exceptions import BadRequest, NotFound
from werkzeug.http import parse_cache_control_header, parse_options_header
from werkzeug.http import http_date
+
+from flask import json
from flask._compat import StringIO, text_type
@@ -34,6 +36,20 @@ def has_encoding(name):
class TestJSON(object):
+ @pytest.mark.parametrize('value', (
+ 1, 't', True, False, None,
+ [], [1, 2, 3],
+ {}, {'foo': u'🐍'},
+ ))
+ @pytest.mark.parametrize('encoding', (
+ 'utf-8', 'utf-8-sig',
+ 'utf-16-le', 'utf-16-be', 'utf-16',
+ 'utf-32-le', 'utf-32-be', 'utf-32',
+ ))
+ def test_detect_encoding(self, value, encoding):
+ data = json.dumps(value).encode(encoding)
+ assert json.detect_encoding(data) == encoding
+ assert json.loads(data) == value
def test_ignore_cached_json(self):
app = flask.Flask(__name__)
@@ -85,18 +101,6 @@ class TestJSON(object):
rv = c.post('/json', data='"foo"', content_type='application/x+json')
assert rv.data == b'foo'
- def test_json_body_encoding(self):
- app = flask.Flask(__name__)
- app.testing = True
- @app.route('/')
- def index():
- return flask.request.get_json()
-
- c = app.test_client()
- resp = c.get('/', data=u'"Hällo Wörld"'.encode('iso-8859-15'),
- content_type='application/json; charset=iso-8859-15')
- assert resp.data == u'Hällo Wörld'.encode('utf-8')
-
def test_json_as_unicode(self):
app = flask.Flask(__name__)
--
2.17.1

87
SOURCES/0002-Fix-ValueError-for-some-invalid-Range-requests.patch
Unescape View File

@ -0,0 +1,87 @@
From c52e1b7388c17466a551391cdf81964bf0b7aef0 Mon Sep 17 00:00:00 2001
From: ThiefMaster <adrian@planetcoding.net>
Date: Thu, 23 Nov 2017 10:32:13 +0100
Subject: [PATCH 2/3] Fix ValueError for some invalid Range requests
fixes #2526
---
CHANGES | 8 ++++++++
flask/helpers.py | 3 ++-
tests/test_helpers.py | 21 ++++++++++++++++++++-
3 files changed, 30 insertions(+), 2 deletions(-)
diff --git a/CHANGES b/CHANGES
index 3456276a..b32b98cb 100644
--- a/CHANGES
+++ b/CHANGES
@@ -15,6 +15,14 @@ Major release, unreleased
method returns compressed response by default, and pretty response in
debug mode.
+Version 0.12.3
+--------------
+
+Bugfix release, unreleased
+
+- Fix a ValueError caused by invalid Range requests in some cases
+
+
Version 0.12.2
--------------
diff --git a/flask/helpers.py b/flask/helpers.py
index 4bb1d1c9..caaad9a3 100644
--- a/flask/helpers.py
+++ b/flask/helpers.py
@@ -591,7 +591,8 @@ def send_file(filename_or_fp, mimetype=None, as_attachment=False,
rv = rv.make_conditional(request, accept_ranges=True,
complete_length=fsize)
except RequestedRangeNotSatisfiable:
- file.close()
+ if file is not None:
+ file.close()
raise
else:
rv = rv.make_conditional(request)
diff --git a/tests/test_helpers.py b/tests/test_helpers.py
index 9320ef71..69350751 100644
--- a/tests/test_helpers.py
+++ b/tests/test_helpers.py
@@ -468,7 +468,7 @@ class TestSendfile(object):
@pytest.mark.skipif(
not callable(getattr(Range, 'to_content_range_header', None)),
- reason="not implement within werkzeug"
+ reason="not implemented within werkzeug"
)
def test_send_file_range_request(self):
app = flask.Flask(__name__)
@@ -529,6 +529,25 @@ class TestSendfile(object):
assert rv.status_code == 200
rv.close()
+ @pytest.mark.skipif(
+ not callable(getattr(Range, 'to_content_range_header', None)),
+ reason="not implemented within werkzeug"
+ )
+ def test_send_file_range_request_xsendfile_invalid(self):
+ # https://github.com/pallets/flask/issues/2526
+ app = flask.Flask(__name__)
+ app.use_x_sendfile = True
+
+ @app.route('/')
+ def index():
+ return flask.send_file('static/index.html', conditional=True)
+
+ c = app.test_client()
+
+ rv = c.get('/', headers={'Range': 'bytes=1000-'})
+ assert rv.status_code == 416
+ rv.close()
+
def test_attachment(self):
app = flask.Flask(__name__)
with app.test_request_context():
--
2.21.0

47
SOURCES/0003-be-smarter-about-adding-.cli-to-reloader-command.patch
Unescape View File

@ -0,0 +1,47 @@
From 18c9db47940c1195809a0c82fcb85601c3f4df46 Mon Sep 17 00:00:00 2001
From: David Lord <davidism@gmail.com>
Date: Sun, 4 Jun 2017 12:26:21 -0700
Subject: [PATCH 3/3] be smarter about adding ".cli" to reloader command python
-m flask.cli raises an import warning on > 2.6 it's only needed on 2.6,
"flask" works otherwise
---
flask/cli.py | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/flask/cli.py b/flask/cli.py
index 074ee768..ca455671 100644
--- a/flask/cli.py
+++ b/flask/cli.py
@@ -494,19 +494,19 @@ Example usage:
def main(as_module=False):
- this_module = __package__ + '.cli'
args = sys.argv[1:]
if as_module:
- if sys.version_info >= (2, 7):
- name = 'python -m ' + this_module.rsplit('.', 1)[0]
- else:
- name = 'python -m ' + this_module
+ this_module = 'flask'
+
+ if sys.version_info < (2, 7):
+ this_module += '.cli'
+
+ name = 'python -m ' + this_module
- # This module is always executed as "python -m flask.run" and as such
- # we need to ensure that we restore the actual command line so that
- # the reloader can properly operate.
- sys.argv = ['-m', this_module] + sys.argv[1:]
+ # Python rewrites "python -m flask" to the path to the file in argv.
+ # Restore the original command so that the reloader works.
+ sys.argv = ['-m', this_module] + args
else:
name = None
--
2.21.0

280
SPECS/python-flask.spec
Unescape View File

@ -0,0 +1,280 @@
%if 0%{?rhel} > 7
# Disable python2 build by default
%bcond_with python2
%else
%bcond_without python2
%endif
%global modname flask
%global srcname Flask
Name: python-%{modname}
Version: 0.12.2
Release: 4%{?dist}
Epoch: 1
Summary: A micro-framework for Python based on Werkzeug, Jinja 2 and good intentions
License: BSD
URL: http://flask.pocoo.org/
Source0: https://github.com/pallets/flask/releases/download/%{version}/Flask-%{version}.tar.gz
# rhbz#1623180
# Backported just this patch because 0.12.3+ have added other changes we cannot take.
Patch0001: 0001-detect-UTF-encodings-when-loading-json.patch
# rhbz#1585318
# Backport 0.12.4 changes, other than the theme changes which cause no end of problems since
# they depend on their own pallets_sphinx_theme module.
Patch0002: 0002-Fix-ValueError-for-some-invalid-Range-requests.patch
Patch0003: 0003-be-smarter-about-adding-.cli-to-reloader-command.patch
BuildArch: noarch
%global _description \
Flask is called a “micro-framework” because the idea to keep the core\
simple but extensible. There is no database abstraction layer, no form\
validation or anything else where different libraries already exist\
that can handle that. However Flask knows the concept of extensions\
that can add this functionality into your application as if it was\
implemented in Flask itself. There are currently extensions for object\
relational mappers, form validation, upload handling, various open\
authentication technologies and more.
%description %{_description}
%if %{with python2}
%package -n python2-%{modname}
Summary: %{summary}
%{?python_provide:%python_provide python2-%{modname}}
BuildRequires: python2-devel
BuildRequires: python2-setuptools
BuildRequires: python2-pytest
%if 0%{?fedora} >= 26
BuildRequires: python2-werkzeug
Requires: python2-werkzeug
BuildRequires: python2-jinja2
Requires: python2-jinja2
BuildRequires: python2-click
Requires: python2-click
BuildRequires: python2-itsdangerous
Requires: python2-itsdangerous
%else
BuildRequires: python-werkzeug
Requires: python-werkzeug
BuildRequires: python-jinja2
Requires: python-jinja2
BuildRequires: python-click
Requires: python-click
BuildRequires: python-itsdangerous
Requires: python-itsdangerous
%endif
%description -n python2-%{modname} %{_description}
Python 2 version.
%endif # with python2
%package -n python%{python3_pkgversion}-%{modname}
Summary: %{summary}
%{?python_provide:%python_provide python%{python3_pkgversion}-%{modname}}
BuildRequires: python%{python3_pkgversion}-devel
BuildRequires: python%{python3_pkgversion}-setuptools
BuildRequires: python%{python3_pkgversion}-pytest
BuildRequires: python%{python3_pkgversion}-jinja2
BuildRequires: python%{python3_pkgversion}-werkzeug
BuildRequires: python%{python3_pkgversion}-itsdangerous
BuildRequires: python%{python3_pkgversion}-click
Requires: python%{python3_pkgversion}-jinja2
Requires: python%{python3_pkgversion}-werkzeug
Requires: python%{python3_pkgversion}-itsdangerous
Requires: python%{python3_pkgversion}-click
%description -n python%{python3_pkgversion}-%{modname} %{_description}
Python 3 version.
%package doc
Summary: Documentation for %{name}
Obsoletes: python%{python3_pkgversion}-%{modname}-doc < 1:0.11.1-3
BuildRequires: python3-sphinx
%description doc
Documentation and examples for %{name}.
%prep
%autosetup -p1 -n %{srcname}-%{version}
rm -rf examples/flaskr/
rm -rf examples/minitwit/
%build
%if %{with python2}
%py2_build
%endif # with python2
%py3_build
PYTHONPATH=`pwd` sphinx-build-3 -b html docs/ docs/_build/html/
rm -rf docs/_build/html/{.buildinfo,.doctrees}
%install
%if %{with python2}
%py2_install
mv %{buildroot}%{_bindir}/%{modname}{,-%{python2_version}}
ln -s %{modname}-%{python2_version} %{buildroot}%{_bindir}/%{modname}-2
%endif # with python2
%py3_install
mv %{buildroot}%{_bindir}/%{modname}{,-%{python3_version}}
ln -s %{modname}-%{python3_version} %{buildroot}%{_bindir}/%{modname}-3
%if %{with python2}
ln -sf %{modname}-2 %{buildroot}%{_bindir}/%{modname}
%else
ln -sf %{modname}-3 %{buildroot}%{_bindir}/%{modname}
%endif # with python2
%check
export LC_ALL=C.UTF-8
%if %{with python2}
PYTHONPATH=%{buildroot}%{python2_sitelib} py.test-%{python2_version} -v
%endif # with python2
PYTHONPATH=%{buildroot}%{python3_sitelib} py.test-%{python3_version} -v || :
%if %{with python2}
%files -n python2-%{modname}
%license LICENSE
%doc CHANGES README
%{_bindir}/%{modname}-2
%{_bindir}/%{modname}-%{python2_version}
%{python2_sitelib}/%{srcname}-*.egg-info/
%{python2_sitelib}/%{modname}/
%{_bindir}/%{modname}
%endif # with python2
%files -n python%{python3_pkgversion}-%{modname}
%license LICENSE
%doc CHANGES README
%{_bindir}/%{modname}-3
%{_bindir}/%{modname}-%{python3_version}
%{python3_sitelib}/%{srcname}-*.egg-info/
%{python3_sitelib}/%{modname}/
%if %{without python2}
%{_bindir}/%{modname}
%endif # without python2
%files doc
%license LICENSE
%doc docs/_build/html examples
%changelog
* Thu Nov 07 2019 Brian C. Lane <bcl@redhat.com> - 0.12.2-4
- Add upstream changes from 0.12.4
Resolves: rhbz#1585318
- Add TestJSON to the gating test from upstream
Related: rhbz#1585318
* Wed Sep 05 2018 Brian C. Lane <bcl@redhat.com> - 0.12.2-3
- detect UTF encodings when loading json (CVE-2018-1000656)
Resolves: rhbz#1623180
* Wed Jun 20 2018 Charalampos Stratakis <cstratak@redhat.com> - 1:0.12.2-2
- Conditionalize the python2 subpackage
* Thu Feb 15 2018 itamar <itamar@ispbrasil.com.br> - 1:0.12.2-1
- new version
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.11.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jan 18 2018 Iryna Shcherbina <ishcherb@redhat.com> - 1:0.11.1-7
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.11.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.11.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Dec 13 2016 Stratakis Charalampos <cstratak@redhat.com> - 1:0.11.1-4
- Rebuild for Python 3.6
- Have rpmbuild to not fail on python3 test failures
* Mon Aug 22 2016 Igor Gnatenko <ignatenko@redhat.com> - 1:0.11.1-3
- Fix FTBFS
- Ton of fixes in spec
* Tue Aug 16 2016 Ricky Elrod <relrod@redhat.com> - 1:0.11.1-2
- Attempt a completely fresh build with new NVR.
* Tue Aug 16 2016 Ricky Elrod <relrod@redhat.com> - 1:0.11.1-1
- Latest upstream release.
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.10.1-9
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1:0.10.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Oct 14 2015 Robert Kuska <rkuska@redhat.com> - 1:0.10.1-7
- Rebuilt for Python3.5 rebuild
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.10.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.10.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 13 2014 Bohuslav Kabrda <bkabrda@redhat.com> - 1:0.10.1-4
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
- Minor fix to rhel macro logic
* Mon Jul 29 2013 Haïkel Guémar <hguemar@fedoraproject.org> - 1:0.10.1-3
- fix wrong requires on sphinx (RHBZ #989361)
* Sat Jul 20 2013 Ricky Elrod <codeblock@fedoraproject.org> - 1:0.10.1-2
- Nuke a Python3 specific file owned by python3-setuptools.
* Sat Jun 15 2013 Haïkel Guémar <hguemar@fedoraproject.org> - 1:0.10.1-1
- upstream 0.10.1
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.9-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Aug 17 2012 Ricky Elrod <codeblock@fedoraproject.org> - 0.9-5
- Add epoch to subpackage Requires.
* Wed Aug 8 2012 Ricky Elrod <codeblock@fedoraproject.org> - 0.9-4
- Fix changelog messup.
* Wed Aug 8 2012 Ricky Elrod <codeblock@fedoraproject.org> - 0.9-3
- Unified spec for EL6 and Fedora
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jul 2 2012 Haïkel Guémar <hguemar@fedoraproject.org> - 0.9.0-1
- upstream 0.9
- spec cleanups
* Sun Jul 1 2012 Haïkel Guémar <hguemar@fedoraproject.org> - 0.8.1-1
- upstream 0.8.1 (minor bugfixes)
* Wed Jan 25 2012 Haïkel Guémar <hguemar@fedoraproject.org> - 0.8.0-1
- upstream 0.8
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Nov 16 2011 Dan Young <dyoung@mesd.k12.or.us> - 0.7.2-2
- don't own easy-install.pth
* Fri Jul 22 2011 Steve Milner <smilner@fedoraproject.org> - 0.7.2-1
- update for upstream release
* Thu Feb 24 2011 Dan Young <dyoung@mesd.k12.or.us> - 0.6.1-2
- fix rpmlint spelling warning
- BR python2-devel rather than python-devel
- run test suite in check
* Tue Feb 22 2011 Dan Young <dyoung@mesd.k12.or.us> - 0.6.1-1
- Initial package
Write Preview
Loading…
Cancel
Save