response.py 34 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890
  1. import json
  2. import typing
  3. import typing as t
  4. import warnings
  5. from http import HTTPStatus
  6. from .._internal import _to_bytes
  7. from ..datastructures import Headers
  8. from ..http import remove_entity_headers
  9. from ..sansio.response import Response as _SansIOResponse
  10. from ..urls import iri_to_uri
  11. from ..urls import url_join
  12. from ..utils import cached_property
  13. from ..wsgi import ClosingIterator
  14. from ..wsgi import get_current_url
  15. from werkzeug._internal import _get_environ
  16. from werkzeug.http import generate_etag
  17. from werkzeug.http import http_date
  18. from werkzeug.http import is_resource_modified
  19. from werkzeug.http import parse_etags
  20. from werkzeug.http import parse_range_header
  21. from werkzeug.wsgi import _RangeWrapper
  22. if t.TYPE_CHECKING:
  23. import typing_extensions as te
  24. from _typeshed.wsgi import StartResponse
  25. from _typeshed.wsgi import WSGIApplication
  26. from _typeshed.wsgi import WSGIEnvironment
  27. def _warn_if_string(iterable: t.Iterable) -> None:
  28. """Helper for the response objects to check if the iterable returned
  29. to the WSGI server is not a string.
  30. """
  31. if isinstance(iterable, str):
  32. warnings.warn(
  33. "Response iterable was set to a string. This will appear to"
  34. " work but means that the server will send the data to the"
  35. " client one character at a time. This is almost never"
  36. " intended behavior, use 'response.data' to assign strings"
  37. " to the response object.",
  38. stacklevel=2,
  39. )
  40. def _iter_encoded(
  41. iterable: t.Iterable[t.Union[str, bytes]], charset: str
  42. ) -> t.Iterator[bytes]:
  43. for item in iterable:
  44. if isinstance(item, str):
  45. yield item.encode(charset)
  46. else:
  47. yield item
  48. def _clean_accept_ranges(accept_ranges: t.Union[bool, str]) -> str:
  49. if accept_ranges is True:
  50. return "bytes"
  51. elif accept_ranges is False:
  52. return "none"
  53. elif isinstance(accept_ranges, str):
  54. return accept_ranges
  55. raise ValueError("Invalid accept_ranges value")
  56. class Response(_SansIOResponse):
  57. """Represents an outgoing WSGI HTTP response with body, status, and
  58. headers. Has properties and methods for using the functionality
  59. defined by various HTTP specs.
  60. The response body is flexible to support different use cases. The
  61. simple form is passing bytes, or a string which will be encoded as
  62. UTF-8. Passing an iterable of bytes or strings makes this a
  63. streaming response. A generator is particularly useful for building
  64. a CSV file in memory or using SSE (Server Sent Events). A file-like
  65. object is also iterable, although the
  66. :func:`~werkzeug.utils.send_file` helper should be used in that
  67. case.
  68. The response object is itself a WSGI application callable. When
  69. called (:meth:`__call__`) with ``environ`` and ``start_response``,
  70. it will pass its status and headers to ``start_response`` then
  71. return its body as an iterable.
  72. .. code-block:: python
  73. from werkzeug.wrappers.response import Response
  74. def index():
  75. return Response("Hello, World!")
  76. def application(environ, start_response):
  77. path = environ.get("PATH_INFO") or "/"
  78. if path == "/":
  79. response = index()
  80. else:
  81. response = Response("Not Found", status=404)
  82. return response(environ, start_response)
  83. :param response: The data for the body of the response. A string or
  84. bytes, or tuple or list of strings or bytes, for a fixed-length
  85. response, or any other iterable of strings or bytes for a
  86. streaming response. Defaults to an empty body.
  87. :param status: The status code for the response. Either an int, in
  88. which case the default status message is added, or a string in
  89. the form ``{code} {message}``, like ``404 Not Found``. Defaults
  90. to 200.
  91. :param headers: A :class:`~werkzeug.datastructures.Headers` object,
  92. or a list of ``(key, value)`` tuples that will be converted to a
  93. ``Headers`` object.
  94. :param mimetype: The mime type (content type without charset or
  95. other parameters) of the response. If the value starts with
  96. ``text/`` (or matches some other special cases), the charset
  97. will be added to create the ``content_type``.
  98. :param content_type: The full content type of the response.
  99. Overrides building the value from ``mimetype``.
  100. :param direct_passthrough: Pass the response body directly through
  101. as the WSGI iterable. This can be used when the body is a binary
  102. file or other iterator of bytes, to skip some unnecessary
  103. checks. Use :func:`~werkzeug.utils.send_file` instead of setting
  104. this manually.
  105. .. versionchanged:: 2.0
  106. Combine ``BaseResponse`` and mixins into a single ``Response``
  107. class. Using the old classes is deprecated and will be removed
  108. in Werkzeug 2.1.
  109. .. versionchanged:: 0.5
  110. The ``direct_passthrough`` parameter was added.
  111. """
  112. #: if set to `False` accessing properties on the response object will
  113. #: not try to consume the response iterator and convert it into a list.
  114. #:
  115. #: .. versionadded:: 0.6.2
  116. #:
  117. #: That attribute was previously called `implicit_seqence_conversion`.
  118. #: (Notice the typo). If you did use this feature, you have to adapt
  119. #: your code to the name change.
  120. implicit_sequence_conversion = True
  121. #: Should this response object correct the location header to be RFC
  122. #: conformant? This is true by default.
  123. #:
  124. #: .. versionadded:: 0.8
  125. autocorrect_location_header = True
  126. #: Should this response object automatically set the content-length
  127. #: header if possible? This is true by default.
  128. #:
  129. #: .. versionadded:: 0.8
  130. automatically_set_content_length = True
  131. #: The response body to send as the WSGI iterable. A list of strings
  132. #: or bytes represents a fixed-length response, any other iterable
  133. #: is a streaming response. Strings are encoded to bytes as UTF-8.
  134. #:
  135. #: Do not set to a plain string or bytes, that will cause sending
  136. #: the response to be very inefficient as it will iterate one byte
  137. #: at a time.
  138. response: t.Union[t.Iterable[str], t.Iterable[bytes]]
  139. def __init__(
  140. self,
  141. response: t.Optional[
  142. t.Union[t.Iterable[bytes], bytes, t.Iterable[str], str]
  143. ] = None,
  144. status: t.Optional[t.Union[int, str, HTTPStatus]] = None,
  145. headers: t.Optional[
  146. t.Union[
  147. t.Mapping[str, t.Union[str, int, t.Iterable[t.Union[str, int]]]],
  148. t.Iterable[t.Tuple[str, t.Union[str, int]]],
  149. ]
  150. ] = None,
  151. mimetype: t.Optional[str] = None,
  152. content_type: t.Optional[str] = None,
  153. direct_passthrough: bool = False,
  154. ) -> None:
  155. super().__init__(
  156. status=status,
  157. headers=headers,
  158. mimetype=mimetype,
  159. content_type=content_type,
  160. )
  161. #: Pass the response body directly through as the WSGI iterable.
  162. #: This can be used when the body is a binary file or other
  163. #: iterator of bytes, to skip some unnecessary checks. Use
  164. #: :func:`~werkzeug.utils.send_file` instead of setting this
  165. #: manually.
  166. self.direct_passthrough = direct_passthrough
  167. self._on_close: t.List[t.Callable[[], t.Any]] = []
  168. # we set the response after the headers so that if a class changes
  169. # the charset attribute, the data is set in the correct charset.
  170. if response is None:
  171. self.response = []
  172. elif isinstance(response, (str, bytes, bytearray)):
  173. self.set_data(response)
  174. else:
  175. self.response = response
  176. def call_on_close(self, func: t.Callable[[], t.Any]) -> t.Callable[[], t.Any]:
  177. """Adds a function to the internal list of functions that should
  178. be called as part of closing down the response. Since 0.7 this
  179. function also returns the function that was passed so that this
  180. can be used as a decorator.
  181. .. versionadded:: 0.6
  182. """
  183. self._on_close.append(func)
  184. return func
  185. def __repr__(self) -> str:
  186. if self.is_sequence:
  187. body_info = f"{sum(map(len, self.iter_encoded()))} bytes"
  188. else:
  189. body_info = "streamed" if self.is_streamed else "likely-streamed"
  190. return f"<{type(self).__name__} {body_info} [{self.status}]>"
  191. @classmethod
  192. def force_type(
  193. cls, response: "Response", environ: t.Optional["WSGIEnvironment"] = None
  194. ) -> "Response":
  195. """Enforce that the WSGI response is a response object of the current
  196. type. Werkzeug will use the :class:`Response` internally in many
  197. situations like the exceptions. If you call :meth:`get_response` on an
  198. exception you will get back a regular :class:`Response` object, even
  199. if you are using a custom subclass.
  200. This method can enforce a given response type, and it will also
  201. convert arbitrary WSGI callables into response objects if an environ
  202. is provided::
  203. # convert a Werkzeug response object into an instance of the
  204. # MyResponseClass subclass.
  205. response = MyResponseClass.force_type(response)
  206. # convert any WSGI application into a response object
  207. response = MyResponseClass.force_type(response, environ)
  208. This is especially useful if you want to post-process responses in
  209. the main dispatcher and use functionality provided by your subclass.
  210. Keep in mind that this will modify response objects in place if
  211. possible!
  212. :param response: a response object or wsgi application.
  213. :param environ: a WSGI environment object.
  214. :return: a response object.
  215. """
  216. if not isinstance(response, Response):
  217. if environ is None:
  218. raise TypeError(
  219. "cannot convert WSGI application into response"
  220. " objects without an environ"
  221. )
  222. from ..test import run_wsgi_app
  223. response = Response(*run_wsgi_app(response, environ))
  224. response.__class__ = cls
  225. return response
  226. @classmethod
  227. def from_app(
  228. cls, app: "WSGIApplication", environ: "WSGIEnvironment", buffered: bool = False
  229. ) -> "Response":
  230. """Create a new response object from an application output. This
  231. works best if you pass it an application that returns a generator all
  232. the time. Sometimes applications may use the `write()` callable
  233. returned by the `start_response` function. This tries to resolve such
  234. edge cases automatically. But if you don't get the expected output
  235. you should set `buffered` to `True` which enforces buffering.
  236. :param app: the WSGI application to execute.
  237. :param environ: the WSGI environment to execute against.
  238. :param buffered: set to `True` to enforce buffering.
  239. :return: a response object.
  240. """
  241. from ..test import run_wsgi_app
  242. return cls(*run_wsgi_app(app, environ, buffered))
  243. @typing.overload
  244. def get_data(self, as_text: "te.Literal[False]" = False) -> bytes:
  245. ...
  246. @typing.overload
  247. def get_data(self, as_text: "te.Literal[True]") -> str:
  248. ...
  249. def get_data(self, as_text: bool = False) -> t.Union[bytes, str]:
  250. """The string representation of the response body. Whenever you call
  251. this property the response iterable is encoded and flattened. This
  252. can lead to unwanted behavior if you stream big data.
  253. This behavior can be disabled by setting
  254. :attr:`implicit_sequence_conversion` to `False`.
  255. If `as_text` is set to `True` the return value will be a decoded
  256. string.
  257. .. versionadded:: 0.9
  258. """
  259. self._ensure_sequence()
  260. rv = b"".join(self.iter_encoded())
  261. if as_text:
  262. return rv.decode(self.charset)
  263. return rv
  264. def set_data(self, value: t.Union[bytes, str]) -> None:
  265. """Sets a new string as response. The value must be a string or
  266. bytes. If a string is set it's encoded to the charset of the
  267. response (utf-8 by default).
  268. .. versionadded:: 0.9
  269. """
  270. # if a string is set, it's encoded directly so that we
  271. # can set the content length
  272. if isinstance(value, str):
  273. value = value.encode(self.charset)
  274. else:
  275. value = bytes(value)
  276. self.response = [value]
  277. if self.automatically_set_content_length:
  278. self.headers["Content-Length"] = str(len(value))
  279. data = property(
  280. get_data,
  281. set_data,
  282. doc="A descriptor that calls :meth:`get_data` and :meth:`set_data`.",
  283. )
  284. def calculate_content_length(self) -> t.Optional[int]:
  285. """Returns the content length if available or `None` otherwise."""
  286. try:
  287. self._ensure_sequence()
  288. except RuntimeError:
  289. return None
  290. return sum(len(x) for x in self.iter_encoded())
  291. def _ensure_sequence(self, mutable: bool = False) -> None:
  292. """This method can be called by methods that need a sequence. If
  293. `mutable` is true, it will also ensure that the response sequence
  294. is a standard Python list.
  295. .. versionadded:: 0.6
  296. """
  297. if self.is_sequence:
  298. # if we need a mutable object, we ensure it's a list.
  299. if mutable and not isinstance(self.response, list):
  300. self.response = list(self.response) # type: ignore
  301. return
  302. if self.direct_passthrough:
  303. raise RuntimeError(
  304. "Attempted implicit sequence conversion but the"
  305. " response object is in direct passthrough mode."
  306. )
  307. if not self.implicit_sequence_conversion:
  308. raise RuntimeError(
  309. "The response object required the iterable to be a"
  310. " sequence, but the implicit conversion was disabled."
  311. " Call make_sequence() yourself."
  312. )
  313. self.make_sequence()
  314. def make_sequence(self) -> None:
  315. """Converts the response iterator in a list. By default this happens
  316. automatically if required. If `implicit_sequence_conversion` is
  317. disabled, this method is not automatically called and some properties
  318. might raise exceptions. This also encodes all the items.
  319. .. versionadded:: 0.6
  320. """
  321. if not self.is_sequence:
  322. # if we consume an iterable we have to ensure that the close
  323. # method of the iterable is called if available when we tear
  324. # down the response
  325. close = getattr(self.response, "close", None)
  326. self.response = list(self.iter_encoded())
  327. if close is not None:
  328. self.call_on_close(close)
  329. def iter_encoded(self) -> t.Iterator[bytes]:
  330. """Iter the response encoded with the encoding of the response.
  331. If the response object is invoked as WSGI application the return
  332. value of this method is used as application iterator unless
  333. :attr:`direct_passthrough` was activated.
  334. """
  335. if __debug__:
  336. _warn_if_string(self.response)
  337. # Encode in a separate function so that self.response is fetched
  338. # early. This allows us to wrap the response with the return
  339. # value from get_app_iter or iter_encoded.
  340. return _iter_encoded(self.response, self.charset)
  341. @property
  342. def is_streamed(self) -> bool:
  343. """If the response is streamed (the response is not an iterable with
  344. a length information) this property is `True`. In this case streamed
  345. means that there is no information about the number of iterations.
  346. This is usually `True` if a generator is passed to the response object.
  347. This is useful for checking before applying some sort of post
  348. filtering that should not take place for streamed responses.
  349. """
  350. try:
  351. len(self.response) # type: ignore
  352. except (TypeError, AttributeError):
  353. return True
  354. return False
  355. @property
  356. def is_sequence(self) -> bool:
  357. """If the iterator is buffered, this property will be `True`. A
  358. response object will consider an iterator to be buffered if the
  359. response attribute is a list or tuple.
  360. .. versionadded:: 0.6
  361. """
  362. return isinstance(self.response, (tuple, list))
  363. def close(self) -> None:
  364. """Close the wrapped response if possible. You can also use the object
  365. in a with statement which will automatically close it.
  366. .. versionadded:: 0.9
  367. Can now be used in a with statement.
  368. """
  369. if hasattr(self.response, "close"):
  370. self.response.close() # type: ignore
  371. for func in self._on_close:
  372. func()
  373. def __enter__(self) -> "Response":
  374. return self
  375. def __exit__(self, exc_type, exc_value, tb): # type: ignore
  376. self.close()
  377. def freeze(self, no_etag: None = None) -> None:
  378. """Make the response object ready to be pickled. Does the
  379. following:
  380. * Buffer the response into a list, ignoring
  381. :attr:`implicity_sequence_conversion` and
  382. :attr:`direct_passthrough`.
  383. * Set the ``Content-Length`` header.
  384. * Generate an ``ETag`` header if one is not already set.
  385. .. versionchanged:: 2.0
  386. An ``ETag`` header is added, the ``no_etag`` parameter is
  387. deprecated and will be removed in Werkzeug 2.1.
  388. .. versionchanged:: 0.6
  389. The ``Content-Length`` header is set.
  390. """
  391. # Always freeze the encoded response body, ignore
  392. # implicit_sequence_conversion and direct_passthrough.
  393. self.response = list(self.iter_encoded())
  394. self.headers["Content-Length"] = str(sum(map(len, self.response)))
  395. if no_etag is not None:
  396. warnings.warn(
  397. "The 'no_etag' parameter is deprecated and will be"
  398. " removed in Werkzeug 2.1.",
  399. DeprecationWarning,
  400. stacklevel=2,
  401. )
  402. self.add_etag()
  403. def get_wsgi_headers(self, environ: "WSGIEnvironment") -> Headers:
  404. """This is automatically called right before the response is started
  405. and returns headers modified for the given environment. It returns a
  406. copy of the headers from the response with some modifications applied
  407. if necessary.
  408. For example the location header (if present) is joined with the root
  409. URL of the environment. Also the content length is automatically set
  410. to zero here for certain status codes.
  411. .. versionchanged:: 0.6
  412. Previously that function was called `fix_headers` and modified
  413. the response object in place. Also since 0.6, IRIs in location
  414. and content-location headers are handled properly.
  415. Also starting with 0.6, Werkzeug will attempt to set the content
  416. length if it is able to figure it out on its own. This is the
  417. case if all the strings in the response iterable are already
  418. encoded and the iterable is buffered.
  419. :param environ: the WSGI environment of the request.
  420. :return: returns a new :class:`~werkzeug.datastructures.Headers`
  421. object.
  422. """
  423. headers = Headers(self.headers)
  424. location: t.Optional[str] = None
  425. content_location: t.Optional[str] = None
  426. content_length: t.Optional[t.Union[str, int]] = None
  427. status = self.status_code
  428. # iterate over the headers to find all values in one go. Because
  429. # get_wsgi_headers is used each response that gives us a tiny
  430. # speedup.
  431. for key, value in headers:
  432. ikey = key.lower()
  433. if ikey == "location":
  434. location = value
  435. elif ikey == "content-location":
  436. content_location = value
  437. elif ikey == "content-length":
  438. content_length = value
  439. # make sure the location header is an absolute URL
  440. if location is not None:
  441. old_location = location
  442. if isinstance(location, str):
  443. # Safe conversion is necessary here as we might redirect
  444. # to a broken URI scheme (for instance itms-services).
  445. location = iri_to_uri(location, safe_conversion=True)
  446. if self.autocorrect_location_header:
  447. current_url = get_current_url(environ, strip_querystring=True)
  448. if isinstance(current_url, str):
  449. current_url = iri_to_uri(current_url)
  450. location = url_join(current_url, location)
  451. if location != old_location:
  452. headers["Location"] = location
  453. # make sure the content location is a URL
  454. if content_location is not None and isinstance(content_location, str):
  455. headers["Content-Location"] = iri_to_uri(content_location)
  456. if 100 <= status < 200 or status == 204:
  457. # Per section 3.3.2 of RFC 7230, "a server MUST NOT send a
  458. # Content-Length header field in any response with a status
  459. # code of 1xx (Informational) or 204 (No Content)."
  460. headers.remove("Content-Length")
  461. elif status == 304:
  462. remove_entity_headers(headers)
  463. # if we can determine the content length automatically, we
  464. # should try to do that. But only if this does not involve
  465. # flattening the iterator or encoding of strings in the
  466. # response. We however should not do that if we have a 304
  467. # response.
  468. if (
  469. self.automatically_set_content_length
  470. and self.is_sequence
  471. and content_length is None
  472. and status not in (204, 304)
  473. and not (100 <= status < 200)
  474. ):
  475. try:
  476. content_length = sum(len(_to_bytes(x, "ascii")) for x in self.response)
  477. except UnicodeError:
  478. # Something other than bytes, can't safely figure out
  479. # the length of the response.
  480. pass
  481. else:
  482. headers["Content-Length"] = str(content_length)
  483. return headers
  484. def get_app_iter(self, environ: "WSGIEnvironment") -> t.Iterable[bytes]:
  485. """Returns the application iterator for the given environ. Depending
  486. on the request method and the current status code the return value
  487. might be an empty response rather than the one from the response.
  488. If the request method is `HEAD` or the status code is in a range
  489. where the HTTP specification requires an empty response, an empty
  490. iterable is returned.
  491. .. versionadded:: 0.6
  492. :param environ: the WSGI environment of the request.
  493. :return: a response iterable.
  494. """
  495. status = self.status_code
  496. if (
  497. environ["REQUEST_METHOD"] == "HEAD"
  498. or 100 <= status < 200
  499. or status in (204, 304)
  500. ):
  501. iterable: t.Iterable[bytes] = ()
  502. elif self.direct_passthrough:
  503. if __debug__:
  504. _warn_if_string(self.response)
  505. return self.response # type: ignore
  506. else:
  507. iterable = self.iter_encoded()
  508. return ClosingIterator(iterable, self.close)
  509. def get_wsgi_response(
  510. self, environ: "WSGIEnvironment"
  511. ) -> t.Tuple[t.Iterable[bytes], str, t.List[t.Tuple[str, str]]]:
  512. """Returns the final WSGI response as tuple. The first item in
  513. the tuple is the application iterator, the second the status and
  514. the third the list of headers. The response returned is created
  515. specially for the given environment. For example if the request
  516. method in the WSGI environment is ``'HEAD'`` the response will
  517. be empty and only the headers and status code will be present.
  518. .. versionadded:: 0.6
  519. :param environ: the WSGI environment of the request.
  520. :return: an ``(app_iter, status, headers)`` tuple.
  521. """
  522. headers = self.get_wsgi_headers(environ)
  523. app_iter = self.get_app_iter(environ)
  524. return app_iter, self.status, headers.to_wsgi_list()
  525. def __call__(
  526. self, environ: "WSGIEnvironment", start_response: "StartResponse"
  527. ) -> t.Iterable[bytes]:
  528. """Process this response as WSGI application.
  529. :param environ: the WSGI environment.
  530. :param start_response: the response callable provided by the WSGI
  531. server.
  532. :return: an application iterator
  533. """
  534. app_iter, status, headers = self.get_wsgi_response(environ)
  535. start_response(status, headers)
  536. return app_iter
  537. # JSON
  538. #: A module or other object that has ``dumps`` and ``loads``
  539. #: functions that match the API of the built-in :mod:`json` module.
  540. json_module = json
  541. @property
  542. def json(self) -> t.Optional[t.Any]:
  543. """The parsed JSON data if :attr:`mimetype` indicates JSON
  544. (:mimetype:`application/json`, see :attr:`is_json`).
  545. Calls :meth:`get_json` with default arguments.
  546. """
  547. return self.get_json()
  548. def get_json(self, force: bool = False, silent: bool = False) -> t.Optional[t.Any]:
  549. """Parse :attr:`data` as JSON. Useful during testing.
  550. If the mimetype does not indicate JSON
  551. (:mimetype:`application/json`, see :attr:`is_json`), this
  552. returns ``None``.
  553. Unlike :meth:`Request.get_json`, the result is not cached.
  554. :param force: Ignore the mimetype and always try to parse JSON.
  555. :param silent: Silence parsing errors and return ``None``
  556. instead.
  557. """
  558. if not (force or self.is_json):
  559. return None
  560. data = self.get_data()
  561. try:
  562. return self.json_module.loads(data)
  563. except ValueError:
  564. if not silent:
  565. raise
  566. return None
  567. # Stream
  568. @cached_property
  569. def stream(self) -> "ResponseStream":
  570. """The response iterable as write-only stream."""
  571. return ResponseStream(self)
  572. def _wrap_range_response(self, start: int, length: int) -> None:
  573. """Wrap existing Response in case of Range Request context."""
  574. if self.status_code == 206:
  575. self.response = _RangeWrapper(self.response, start, length) # type: ignore
  576. def _is_range_request_processable(self, environ: "WSGIEnvironment") -> bool:
  577. """Return ``True`` if `Range` header is present and if underlying
  578. resource is considered unchanged when compared with `If-Range` header.
  579. """
  580. return (
  581. "HTTP_IF_RANGE" not in environ
  582. or not is_resource_modified(
  583. environ,
  584. self.headers.get("etag"),
  585. None,
  586. self.headers.get("last-modified"),
  587. ignore_if_range=False,
  588. )
  589. ) and "HTTP_RANGE" in environ
  590. def _process_range_request(
  591. self,
  592. environ: "WSGIEnvironment",
  593. complete_length: t.Optional[int] = None,
  594. accept_ranges: t.Optional[t.Union[bool, str]] = None,
  595. ) -> bool:
  596. """Handle Range Request related headers (RFC7233). If `Accept-Ranges`
  597. header is valid, and Range Request is processable, we set the headers
  598. as described by the RFC, and wrap the underlying response in a
  599. RangeWrapper.
  600. Returns ``True`` if Range Request can be fulfilled, ``False`` otherwise.
  601. :raises: :class:`~werkzeug.exceptions.RequestedRangeNotSatisfiable`
  602. if `Range` header could not be parsed or satisfied.
  603. .. versionchanged:: 2.0
  604. Returns ``False`` if the length is 0.
  605. """
  606. from ..exceptions import RequestedRangeNotSatisfiable
  607. if (
  608. accept_ranges is None
  609. or complete_length is None
  610. or complete_length == 0
  611. or not self._is_range_request_processable(environ)
  612. ):
  613. return False
  614. parsed_range = parse_range_header(environ.get("HTTP_RANGE"))
  615. if parsed_range is None:
  616. raise RequestedRangeNotSatisfiable(complete_length)
  617. range_tuple = parsed_range.range_for_length(complete_length)
  618. content_range_header = parsed_range.to_content_range_header(complete_length)
  619. if range_tuple is None or content_range_header is None:
  620. raise RequestedRangeNotSatisfiable(complete_length)
  621. content_length = range_tuple[1] - range_tuple[0]
  622. self.headers["Content-Length"] = content_length
  623. self.headers["Accept-Ranges"] = accept_ranges
  624. self.content_range = content_range_header # type: ignore
  625. self.status_code = 206
  626. self._wrap_range_response(range_tuple[0], content_length)
  627. return True
  628. def make_conditional(
  629. self,
  630. request_or_environ: "WSGIEnvironment",
  631. accept_ranges: t.Union[bool, str] = False,
  632. complete_length: t.Optional[int] = None,
  633. ) -> "Response":
  634. """Make the response conditional to the request. This method works
  635. best if an etag was defined for the response already. The `add_etag`
  636. method can be used to do that. If called without etag just the date
  637. header is set.
  638. This does nothing if the request method in the request or environ is
  639. anything but GET or HEAD.
  640. For optimal performance when handling range requests, it's recommended
  641. that your response data object implements `seekable`, `seek` and `tell`
  642. methods as described by :py:class:`io.IOBase`. Objects returned by
  643. :meth:`~werkzeug.wsgi.wrap_file` automatically implement those methods.
  644. It does not remove the body of the response because that's something
  645. the :meth:`__call__` function does for us automatically.
  646. Returns self so that you can do ``return resp.make_conditional(req)``
  647. but modifies the object in-place.
  648. :param request_or_environ: a request object or WSGI environment to be
  649. used to make the response conditional
  650. against.
  651. :param accept_ranges: This parameter dictates the value of
  652. `Accept-Ranges` header. If ``False`` (default),
  653. the header is not set. If ``True``, it will be set
  654. to ``"bytes"``. If ``None``, it will be set to
  655. ``"none"``. If it's a string, it will use this
  656. value.
  657. :param complete_length: Will be used only in valid Range Requests.
  658. It will set `Content-Range` complete length
  659. value and compute `Content-Length` real value.
  660. This parameter is mandatory for successful
  661. Range Requests completion.
  662. :raises: :class:`~werkzeug.exceptions.RequestedRangeNotSatisfiable`
  663. if `Range` header could not be parsed or satisfied.
  664. .. versionchanged:: 2.0
  665. Range processing is skipped if length is 0 instead of
  666. raising a 416 Range Not Satisfiable error.
  667. """
  668. environ = _get_environ(request_or_environ)
  669. if environ["REQUEST_METHOD"] in ("GET", "HEAD"):
  670. # if the date is not in the headers, add it now. We however
  671. # will not override an already existing header. Unfortunately
  672. # this header will be overriden by many WSGI servers including
  673. # wsgiref.
  674. if "date" not in self.headers:
  675. self.headers["Date"] = http_date()
  676. accept_ranges = _clean_accept_ranges(accept_ranges)
  677. is206 = self._process_range_request(environ, complete_length, accept_ranges)
  678. if not is206 and not is_resource_modified(
  679. environ,
  680. self.headers.get("etag"),
  681. None,
  682. self.headers.get("last-modified"),
  683. ):
  684. if parse_etags(environ.get("HTTP_IF_MATCH")):
  685. self.status_code = 412
  686. else:
  687. self.status_code = 304
  688. if (
  689. self.automatically_set_content_length
  690. and "content-length" not in self.headers
  691. ):
  692. length = self.calculate_content_length()
  693. if length is not None:
  694. self.headers["Content-Length"] = length
  695. return self
  696. def add_etag(self, overwrite: bool = False, weak: bool = False) -> None:
  697. """Add an etag for the current response if there is none yet.
  698. .. versionchanged:: 2.0
  699. SHA-1 is used to generate the value. MD5 may not be
  700. available in some environments.
  701. """
  702. if overwrite or "etag" not in self.headers:
  703. self.set_etag(generate_etag(self.get_data()), weak)
  704. class ResponseStream:
  705. """A file descriptor like object used by the :class:`ResponseStreamMixin` to
  706. represent the body of the stream. It directly pushes into the response
  707. iterable of the response object.
  708. """
  709. mode = "wb+"
  710. def __init__(self, response: Response):
  711. self.response = response
  712. self.closed = False
  713. def write(self, value: bytes) -> int:
  714. if self.closed:
  715. raise ValueError("I/O operation on closed file")
  716. self.response._ensure_sequence(mutable=True)
  717. self.response.response.append(value) # type: ignore
  718. self.response.headers.pop("Content-Length", None)
  719. return len(value)
  720. def writelines(self, seq: t.Iterable[bytes]) -> None:
  721. for item in seq:
  722. self.write(item)
  723. def close(self) -> None:
  724. self.closed = True
  725. def flush(self) -> None:
  726. if self.closed:
  727. raise ValueError("I/O operation on closed file")
  728. def isatty(self) -> bool:
  729. if self.closed:
  730. raise ValueError("I/O operation on closed file")
  731. return False
  732. def tell(self) -> int:
  733. self.response._ensure_sequence()
  734. return sum(map(len, self.response.response))
  735. @property
  736. def encoding(self) -> str:
  737. return self.response.charset
  738. class ResponseStreamMixin:
  739. def __init__(self, *args: t.Any, **kwargs: t.Any) -> None:
  740. warnings.warn(
  741. "'ResponseStreamMixin' is deprecated and will be removed in"
  742. " Werkzeug 2.1. 'Response' now includes the functionality"
  743. " directly.",
  744. DeprecationWarning,
  745. stacklevel=2,
  746. )
  747. super().__init__(*args, **kwargs) # type: ignore