plain 0.24.1__py3-none-any.whl → 0.26.0__py3-none-any.whl

plain/utils/html.py

@@ -2,16 +2,10 @@
 
 import html
 import json
-import re
 from html.parser import HTMLParser
-from urllib.parse import parse_qsl, quote, unquote, urlencode, urlsplit, urlunsplit
 
-from plain.utils.encoding import punycode
 from plain.utils.functional import Promise, keep_lazy, keep_lazy_text
-from plain.utils.http import RFC3986_GENDELIMS, RFC3986_SUBDELIMS
-from plain.utils.regex_helper import _lazy_re_compile
-from plain.utils.safestring import SafeData, SafeString, mark_safe
-from plain.utils.text import normalize_newlines
+from plain.utils.safestring import SafeString, mark_safe
 
 
 @keep_lazy(SafeString)
@@ -27,31 +21,6 @@ def escape(text):
     return SafeString(html.escape(str(text)))
 
 
-_js_escapes = {
-    ord("\\"): "\\u005C",
-    ord("'"): "\\u0027",
-    ord('"'): "\\u0022",
-    ord(">"): "\\u003E",
-    ord("<"): "\\u003C",
-    ord("&"): "\\u0026",
-    ord("="): "\\u003D",
-    ord("-"): "\\u002D",
-    ord(";"): "\\u003B",
-    ord("`"): "\\u0060",
-    ord("\u2028"): "\\u2028",
-    ord("\u2029"): "\\u2029",
-}
-
-# Escape every ASCII character with a value less than 32.
-_js_escapes.update((ord("%c" % z), f"\\u{z:04X}") for z in range(32))  # noqa: UP031
-
-
-@keep_lazy(SafeString)
-def escapejs(value):
-    """Hex encode characters for use in JavaScript strings."""
-    return mark_safe(str(value).translate(_js_escapes))
-
-
 _json_script_escapes = {
     ord(">"): "\\u003E",
     ord("<"): "\\u003C",
@@ -105,39 +74,6 @@ def format_html(format_string, *args, **kwargs):
     return mark_safe(format_string.format(*args_safe, **kwargs_safe))
 
 
-def format_html_join(sep, format_string, args_generator):
-    """
-    A wrapper of format_html, for the common case of a group of arguments that
-    need to be formatted using the same format string, and then joined using
-    'sep'. 'sep' is also passed through conditional_escape.
-
-    'args_generator' should be an iterator that returns the sequence of 'args'
-    that will be passed to format_html.
-
-    Example:
-
-      format_html_join('\n', "<li>{} {}</li>", ((u.first_name, u.last_name)
-                                                  for u in users))
-    """
-    return mark_safe(
-        conditional_escape(sep).join(
-            format_html(format_string, *args) for args in args_generator
-        )
-    )
-
-
-@keep_lazy_text
-def linebreaks(value, autoescape=False):
-    """Convert newlines into <p> and <br>s."""
-    value = normalize_newlines(value)
-    paras = re.split("\n{2,}", str(value))
-    if autoescape:
-        paras = ["<p>{}</p>".format(escape(p).replace("\n", "<br>")) for p in paras]
-    else:
-        paras = ["<p>{}</p>".format(p.replace("\n", "<br>")) for p in paras]
-    return "\n\n".join(paras)
-
-
 class MLStripper(HTMLParser):
     def __init__(self):
         super().__init__(convert_charrefs=False)
@@ -182,217 +118,6 @@ def strip_tags(value):
     return value
 
 
-@keep_lazy_text
-def strip_spaces_between_tags(value):
-    """Return the given HTML with spaces between tags removed."""
-    return re.sub(r">\s+<", "><", str(value))
-
-
-def smart_urlquote(url):
-    """Quote a URL if it isn't already quoted."""
-
-    def unquote_quote(segment):
-        segment = unquote(segment)
-        # Tilde is part of RFC 3986 Section 2.3 Unreserved Characters,
-        # see also https://bugs.python.org/issue16285
-        return quote(segment, safe=RFC3986_SUBDELIMS + RFC3986_GENDELIMS + "~")
-
-    # Handle IDN before quoting.
-    try:
-        scheme, netloc, path, query, fragment = urlsplit(url)
-    except ValueError:
-        # invalid IPv6 URL (normally square brackets in hostname part).
-        return unquote_quote(url)
-
-    try:
-        netloc = punycode(netloc)  # IDN -> ACE
-    except UnicodeError:  # invalid domain part
-        return unquote_quote(url)
-
-    if query:
-        # Separately unquoting key/value, so as to not mix querystring separators
-        # included in query values. See #22267.
-        query_parts = [
-            (unquote(q[0]), unquote(q[1]))
-            for q in parse_qsl(query, keep_blank_values=True)
-        ]
-        # urlencode will take care of quoting
-        query = urlencode(query_parts)
-
-    path = unquote_quote(path)
-    fragment = unquote_quote(fragment)
-
-    return urlunsplit((scheme, netloc, path, query, fragment))
-
-
-class Urlizer:
-    """
-    Convert any URLs in text into clickable links.
-
-    Work on http://, https://, www. links, and also on links ending in one of
-    the original seven gTLDs (.com, .edu, .gov, .int, .mil, .net, and .org).
-    Links can have trailing punctuation (periods, commas, close-parens) and
-    leading punctuation (opening parens) and it'll still do the right thing.
-    """
-
-    trailing_punctuation_chars = ".,:;!"
-    wrapping_punctuation = [("(", ")"), ("[", "]")]
-
-    simple_url_re = _lazy_re_compile(r"^https?://\[?\w", re.IGNORECASE)
-    simple_url_2_re = _lazy_re_compile(
-        r"^www\.|^(?!http)\w[^@]+\.(com|edu|gov|int|mil|net|org)($|/.*)$", re.IGNORECASE
-    )
-    word_split_re = _lazy_re_compile(r"""([\s<>"']+)""")
-
-    mailto_template = "mailto:{local}@{domain}"
-    url_template = '<a href="{href}"{attrs}>{url}</a>'
-
-    def __call__(self, text, trim_url_limit=None, nofollow=False, autoescape=False):
-        """
-        If trim_url_limit is not None, truncate the URLs in the link text
-        longer than this limit to trim_url_limit - 1 characters and append an
-        ellipsis.
-
-        If nofollow is True, give the links a rel="nofollow" attribute.
-
-        If autoescape is True, autoescape the link text and URLs.
-        """
-        safe_input = isinstance(text, SafeData)
-
-        words = self.word_split_re.split(str(text))
-        return "".join(
-            [
-                self.handle_word(
-                    word,
-                    safe_input=safe_input,
-                    trim_url_limit=trim_url_limit,
-                    nofollow=nofollow,
-                    autoescape=autoescape,
-                )
-                for word in words
-            ]
-        )
-
-    def handle_word(
-        self,
-        word,
-        *,
-        safe_input,
-        trim_url_limit=None,
-        nofollow=False,
-        autoescape=False,
-    ):
-        if "." in word or "@" in word or ":" in word:
-            # lead: Punctuation trimmed from the beginning of the word.
-            # middle: State of the word.
-            # trail: Punctuation trimmed from the end of the word.
-            lead, middle, trail = self.trim_punctuation(word)
-            # Make URL we want to point to.
-            url = None
-            nofollow_attr = ' rel="nofollow"' if nofollow else ""
-            if self.simple_url_re.match(middle):
-                url = smart_urlquote(html.unescape(middle))
-            elif self.simple_url_2_re.match(middle):
-                url = smart_urlquote(f"http://{html.unescape(middle)}")
-            elif ":" not in middle and self.is_email_simple(middle):
-                local, domain = middle.rsplit("@", 1)
-                try:
-                    domain = punycode(domain)
-                except UnicodeError:
-                    return word
-                url = self.mailto_template.format(local=local, domain=domain)
-                nofollow_attr = ""
-            # Make link.
-            if url:
-                trimmed = self.trim_url(middle, limit=trim_url_limit)
-                if autoescape and not safe_input:
-                    lead, trail = escape(lead), escape(trail)
-                    trimmed = escape(trimmed)
-                middle = self.url_template.format(
-                    href=escape(url),
-                    attrs=nofollow_attr,
-                    url=trimmed,
-                )
-                return mark_safe(f"{lead}{middle}{trail}")
-            else:
-                if safe_input:
-                    return mark_safe(word)
-                elif autoescape:
-                    return escape(word)
-        elif safe_input:
-            return mark_safe(word)
-        elif autoescape:
-            return escape(word)
-        return word
-
-    def trim_url(self, x, *, limit):
-        if limit is None or len(x) <= limit:
-            return x
-        return f"{x[: max(0, limit - 1)]}…"
-
-    def trim_punctuation(self, word):
-        """
-        Trim trailing and wrapping punctuation from `word`. Return the items of
-        the new state.
-        """
-        lead, middle, trail = "", word, ""
-        # Continue trimming until middle remains unchanged.
-        trimmed_something = True
-        while trimmed_something:
-            trimmed_something = False
-            # Trim wrapping punctuation.
-            for opening, closing in self.wrapping_punctuation:
-                if middle.startswith(opening):
-                    middle = middle.removeprefix(opening)
-                    lead += opening
-                    trimmed_something = True
-                # Keep parentheses at the end only if they're balanced.
-                if (
-                    middle.endswith(closing)
-                    and middle.count(closing) == middle.count(opening) + 1
-                ):
-                    middle = middle.removesuffix(closing)
-                    trail = closing + trail
-                    trimmed_something = True
-            # Trim trailing punctuation (after trimming wrapping punctuation,
-            # as encoded entities contain ';'). Unescape entities to avoid
-            # breaking them by removing ';'.
-            middle_unescaped = html.unescape(middle)
-            stripped = middle_unescaped.rstrip(self.trailing_punctuation_chars)
-            if middle_unescaped != stripped:
-                punctuation_count = len(middle_unescaped) - len(stripped)
-                trail = middle[-punctuation_count:] + trail
-                middle = middle[:-punctuation_count]
-                trimmed_something = True
-        return lead, middle, trail
-
-    @staticmethod
-    def is_email_simple(value):
-        """Return True if value looks like an email address."""
-        # An @ must be in the middle of the value.
-        if "@" not in value or value.startswith("@") or value.endswith("@"):
-            return False
-        try:
-            p1, p2 = value.split("@")
-        except ValueError:
-            # value contains more than one @.
-            return False
-        # Dot must be in p2 (e.g. example.com)
-        if "." not in p2 or p2.startswith("."):
-            return False
-        return True
-
-
-urlizer = Urlizer()
-
-
-@keep_lazy_text
-def urlize(text, trim_url_limit=None, nofollow=False, autoescape=False):
-    return urlizer(
-        text, trim_url_limit=trim_url_limit, nofollow=nofollow, autoescape=autoescape
-    )
-
-
 def avoid_wrapping(value):
     """
     Avoid text wrapping in the middle of a phrase by adding non-breaking

plain/utils/http.py

@@ -1,40 +1,9 @@
-import base64
-import datetime
-import re
-import unicodedata
-from binascii import Error as BinasciiError
 from email.utils import formatdate
-from urllib.parse import quote, unquote, urlparse
+from urllib.parse import quote, unquote
 from urllib.parse import urlencode as original_urlencode
 
 from plain.utils.datastructures import MultiValueDict
-from plain.utils.regex_helper import _lazy_re_compile
 
-# Based on RFC 9110 Appendix A.
-ETAG_MATCH = _lazy_re_compile(
-    r"""
-    \A(      # start of string and capture group
-    (?:W/)?  # optional weak indicator
-    "        # opening quote
-    [^"]*    # any sequence of non-quote characters
-    "        # end quote
-    )\Z      # end of string and capture group
-""",
-    re.X,
-)
-
-MONTHS = "jan feb mar apr may jun jul aug sep oct nov dec".split()
-__D = r"(?P<day>[0-9]{2})"
-__D2 = r"(?P<day>[ 0-9][0-9])"
-__M = r"(?P<mon>\w{3})"
-__Y = r"(?P<year>[0-9]{4})"
-__Y2 = r"(?P<year>[0-9]{2})"
-__T = r"(?P<hour>[0-9]{2}):(?P<min>[0-9]{2}):(?P<sec>[0-9]{2})"
-RFC1123_DATE = _lazy_re_compile(rf"^\w{{3}}, {__D} {__M} {__Y} {__T} GMT$")
-RFC850_DATE = _lazy_re_compile(rf"^\w{{6,9}}, {__D}-{__M}-{__Y2} {__T} GMT$")
-ASCTIME_DATE = _lazy_re_compile(rf"^\w{{3}} {__M} {__D2} {__T} {__Y}$")
-
-RFC3986_GENDELIMS = ":/?#[]@"
 RFC3986_SUBDELIMS = "!$&'()*+,;="
 
 
@@ -93,57 +62,6 @@ def http_date(epoch_seconds=None):
     return formatdate(epoch_seconds, usegmt=True)
 
 
-def parse_http_date(date):
-    """
-    Parse a date format as specified by HTTP RFC 9110 Section 5.6.7.
-
-    The three formats allowed by the RFC are accepted, even if only the first
-    one is still in widespread use.
-
-    Return an integer expressed in seconds since the epoch, in UTC.
-    """
-    # email.utils.parsedate() does the job for RFC 1123 dates; unfortunately
-    # RFC 9110 makes it mandatory to support RFC 850 dates too. So we roll
-    # our own RFC-compliant parsing.
-    for regex in RFC1123_DATE, RFC850_DATE, ASCTIME_DATE:
-        m = regex.match(date)
-        if m is not None:
-            break
-    else:
-        raise ValueError(f"{date!r} is not in a valid HTTP date format")
-    try:
-        tz = datetime.UTC
-        year = int(m["year"])
-        if year < 100:
-            current_year = datetime.datetime.now(tz=tz).year
-            current_century = current_year - (current_year % 100)
-            if year - (current_year % 100) > 50:
-                # year that appears to be more than 50 years in the future are
-                # interpreted as representing the past.
-                year += current_century - 100
-            else:
-                year += current_century
-        month = MONTHS.index(m["mon"].lower()) + 1
-        day = int(m["day"])
-        hour = int(m["hour"])
-        min = int(m["min"])
-        sec = int(m["sec"])
-        result = datetime.datetime(year, month, day, hour, min, sec, tzinfo=tz)
-        return int(result.timestamp())
-    except Exception as exc:
-        raise ValueError(f"{date!r} is not a valid date") from exc
-
-
-def parse_http_date_safe(date):
-    """
-    Same as parse_http_date, but return None if the input is invalid.
-    """
-    try:
-        return parse_http_date(date)
-    except Exception:
-        pass
-
-
 # Base 36 functions: useful for generating compact URLs
 
 
@@ -174,51 +92,6 @@ def int_to_base36(i):
     return b36
 
 
-def urlsafe_base64_encode(s):
-    """
-    Encode a bytestring to a base64 string for use in URLs. Strip any trailing
-    equal signs.
-    """
-    return base64.urlsafe_b64encode(s).rstrip(b"\n=").decode("ascii")
-
-
-def urlsafe_base64_decode(s):
-    """
-    Decode a base64 encoded string. Add back any trailing equal signs that
-    might have been stripped.
-    """
-    s = s.encode()
-    try:
-        return base64.urlsafe_b64decode(s.ljust(len(s) + len(s) % 4, b"="))
-    except (LookupError, BinasciiError) as e:
-        raise ValueError(e)
-
-
-def parse_etags(etag_str):
-    """
-    Parse a string of ETags given in an If-None-Match or If-Match header as
-    defined by RFC 9110. Return a list of quoted ETags, or ['*'] if all ETags
-    should be matched.
-    """
-    if etag_str.strip() == "*":
-        return ["*"]
-    else:
-        # Parse each ETag individually, and return any that are valid.
-        etag_matches = (ETAG_MATCH.match(etag.strip()) for etag in etag_str.split(","))
-        return [match[1] for match in etag_matches if match]
-
-
-def quote_etag(etag_str):
-    """
-    If the provided string is already a quoted ETag, return it. Otherwise, wrap
-    the string in quotes, making it a strong ETag.
-    """
-    if ETAG_MATCH.match(etag_str):
-        return etag_str
-    else:
-        return f'"{etag_str}"'
-
-
 def is_same_domain(host, pattern):
     """
     Return ``True`` if the host is either an exact match or a match
@@ -239,66 +112,6 @@ def is_same_domain(host, pattern):
     )
 
 
-def url_has_allowed_host_and_scheme(url, allowed_hosts, require_https=False):
-    """
-    Return ``True`` if the url uses an allowed host and a safe scheme.
-
-    Always return ``False`` on an empty url.
-
-    If ``require_https`` is ``True``, only 'https' will be considered a valid
-    scheme, as opposed to 'http' and 'https' with the default, ``False``.
-
-    Note: "True" doesn't entail that a URL is "safe". It may still be e.g.
-    quoted incorrectly. Ensure to also use plain.utils.encoding.iri_to_uri()
-    on the path component of untrusted URLs.
-    """
-    if url is not None:
-        url = url.strip()
-    if not url:
-        return False
-    if allowed_hosts is None:
-        allowed_hosts = set()
-    elif isinstance(allowed_hosts, str):
-        allowed_hosts = {allowed_hosts}
-    # Chrome treats \ completely as / in paths but it could be part of some
-    # basic auth credentials so we need to check both URLs.
-    return _url_has_allowed_host_and_scheme(
-        url, allowed_hosts, require_https=require_https
-    ) and _url_has_allowed_host_and_scheme(
-        url.replace("\\", "/"), allowed_hosts, require_https=require_https
-    )
-
-
-def _url_has_allowed_host_and_scheme(url, allowed_hosts, require_https=False):
-    # Chrome considers any URL with more than two slashes to be absolute, but
-    # urlparse is not so flexible. Treat any url with three slashes as unsafe.
-    if url.startswith("///"):
-        return False
-    try:
-        url_info = urlparse(url)
-    except ValueError:  # e.g. invalid IPv6 addresses
-        return False
-    # Forbid URLs like http:///example.com - with a scheme, but without a hostname.
-    # In that URL, example.com is not the hostname but, a path component. However,
-    # Chrome will still consider example.com to be the hostname, so we must not
-    # allow this syntax.
-    if not url_info.netloc and url_info.scheme:
-        return False
-    # Forbid URLs that start with control characters. Some browsers (like
-    # Chrome) ignore quite a few control characters at the start of a
-    # URL and might consider the URL as scheme relative.
-    if unicodedata.category(url[0])[0] == "C":
-        return False
-    scheme = url_info.scheme
-    # Consider URLs without a scheme (e.g. //example.com/p) to be http.
-    if not url_info.scheme and url_info.netloc:
-        scheme = "http"
-    valid_schemes = ["https"] if require_https else ["http", "https"]
-    return (not url_info.netloc or url_info.netloc in allowed_hosts) and (
-        not scheme or scheme in valid_schemes
-    )
-
-
 def escape_leading_slashes(url):
     """
     If redirecting to an absolute path (two leading slashes), a slash must be
@@ -347,7 +160,7 @@ def parse_header_parameters(line):
                 value = value[1:-1]
                 value = value.replace("\\\\", "\\").replace('\\"', '"')
             if has_encoding:
-                encoding, lang, value = value.split("'")
+                encoding, _, value = value.split("'")
                 value = unquote(value, encoding=encoding)
             pdict[name] = value
     return key, pdict

plain/utils/inspect.py

@@ -25,49 +25,14 @@ def get_func_args(func):
     ]
 
 
-def get_func_full_args(func):
-    """
-    Return a list of (argument name, default value) tuples. If the argument
-    does not have a default value, omit it in the tuple. Arguments such as
-    *args and **kwargs are also included.
-    """
-    params = _get_callable_parameters(func)
-    args = []
-    for param in params:
-        name = param.name
-        # Ignore 'self'
-        if name == "self":
-            continue
-        if param.kind == inspect.Parameter.VAR_POSITIONAL:
-            name = "*" + name
-        elif param.kind == inspect.Parameter.VAR_KEYWORD:
-            name = "**" + name
-        if param.default != inspect.Parameter.empty:
-            args.append((name, param.default))
-        else:
-            args.append((name,))
-    return args
-
-
 def func_accepts_kwargs(func):
     """Return True if function 'func' accepts keyword arguments **kwargs."""
     return any(p for p in _get_callable_parameters(func) if p.kind == p.VAR_KEYWORD)
 
 
-def func_accepts_var_args(func):
-    """
-    Return True if function 'func' accepts positional arguments *args.
-    """
-    return any(p for p in _get_callable_parameters(func) if p.kind == p.VAR_POSITIONAL)
-
-
 def method_has_no_args(meth):
     """Return True if a method only accepts 'self'."""
     count = len(
         [p for p in _get_callable_parameters(meth) if p.kind == p.POSITIONAL_OR_KEYWORD]
     )
     return count == 0 if inspect.ismethod(meth) else count == 1
-
-
-def func_supports_parameter(func, name):
-    return any(param.name == name for param in _get_callable_parameters(func))

plain/utils/module_loading.py

@@ -1,7 +1,6 @@
 import os
 import sys
 from importlib import import_module
-from importlib.util import find_spec as importlib_find
 
 
 def cached_import(module_path, class_name):
@@ -33,24 +32,6 @@ def import_string(dotted_path):
         ) from err
 
 
-def module_has_submodule(package, module_name):
-    """See if 'module' is in 'package'."""
-    try:
-        package_name = package.__name__
-        package_path = package.__path__
-    except AttributeError:
-        # package isn't a package.
-        return False
-
-    full_module_name = package_name + "." + module_name
-    try:
-        return importlib_find(full_module_name, package_path) is not None
-    except ModuleNotFoundError:
-        # When module_name is an invalid dotted path, Python raises
-        # ModuleNotFoundError.
-        return False
-
-
 def module_dir(module):
     """
     Find the name of the directory that contains a module, if possible.

plain/utils/safestring.py

@@ -44,9 +44,6 @@ class SafeString(str, SafeData):
         return self
 
 
-SafeText = SafeString  # For backwards compatibility since Plain 2.0.
-
-
 def _safety_decorator(safety_marker, func):
     @wraps(func)
     def wrapper(*args, **kwargs):