diff options
| -rw-r--r-- | Doc/library/cgi.rst | 26 | ||||
| -rw-r--r-- | Doc/whatsnew/3.8.rst | 4 | ||||
| -rwxr-xr-x | Lib/cgi.py | 33 | ||||
| -rw-r--r-- | Lib/test/test_cgi.py | 24 | ||||
| -rw-r--r-- | Misc/NEWS.d/next/Library/2018-06-12-18-59-16.bpo-33843.qVAK8g.rst | 1 |
5 files changed, 7 insertions, 81 deletions
diff --git a/Doc/library/cgi.rst b/Doc/library/cgi.rst index 0b1aead9dd..4048592e73 100644 --- a/Doc/library/cgi.rst +++ b/Doc/library/cgi.rst @@ -284,18 +284,6 @@ algorithms implemented in this module in other circumstances. passed to :func:`urllib.parse.parse_qs` unchanged. -.. function:: parse_qs(qs, keep_blank_values=False, strict_parsing=False) - - This function is deprecated in this module. Use :func:`urllib.parse.parse_qs` - instead. It is maintained here only for backward compatibility. - - -.. function:: parse_qsl(qs, keep_blank_values=False, strict_parsing=False) - - This function is deprecated in this module. Use :func:`urllib.parse.parse_qsl` - instead. It is maintained here only for backward compatibility. - - .. function:: parse_multipart(fp, pdict, encoding="utf-8", errors="replace") Parse input of type :mimetype:`multipart/form-data` (for file uploads). @@ -348,20 +336,6 @@ algorithms implemented in this module in other circumstances. Print a list of useful (used by CGI) environment variables in HTML. -.. function:: escape(s, quote=False) - - Convert the characters ``'&'``, ``'<'`` and ``'>'`` in string *s* to HTML-safe - sequences. Use this if you need to display text that might contain such - characters in HTML. If the optional flag *quote* is true, the quotation mark - character (``"``) is also translated; this helps for inclusion in an HTML - attribute value delimited by double quotes, as in ``<a href="...">``. Note - that single quotes are never translated. - - .. deprecated:: 3.2 - This function is unsafe because *quote* is false by default, and therefore - deprecated. Use :func:`html.escape` instead. - - .. _cgi-security: Caring about security diff --git a/Doc/whatsnew/3.8.rst b/Doc/whatsnew/3.8.rst index 10fa182fae..58be90f92c 100644 --- a/Doc/whatsnew/3.8.rst +++ b/Doc/whatsnew/3.8.rst @@ -136,6 +136,10 @@ Removed to help eliminate confusion as to what Python interpreter the ``pyvenv`` script is tied to. (Contributed by Brett Cannon in :issue:`25427`.) +* ``parse_qs``, ``parse_qsl``, and ``escape`` are removed from :mod:`cgi` + module. They are deprecated from Python 3.2 or older. + + Porting to Python 3.8 ===================== diff --git a/Lib/cgi.py b/Lib/cgi.py index f82cc6c8bd..b655a057d4 100755 --- a/Lib/cgi.py +++ b/Lib/cgi.py @@ -38,16 +38,14 @@ import os import urllib.parse from email.parser import FeedParser from email.message import Message -from warnings import warn import html import locale import tempfile -__all__ = ["MiniFieldStorage", "FieldStorage", - "parse", "parse_qs", "parse_qsl", "parse_multipart", +__all__ = ["MiniFieldStorage", "FieldStorage", "parse", "parse_multipart", "parse_header", "test", "print_exception", "print_environ", "print_form", "print_directory", "print_arguments", - "print_environ_usage", "escape"] + "print_environ_usage"] # Logging support # =============== @@ -183,21 +181,6 @@ def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0): encoding=encoding) -# parse query string function called from urlparse, -# this is done in order to maintain backward compatibility. - -def parse_qs(qs, keep_blank_values=0, strict_parsing=0): - """Parse a query given as a string argument.""" - warn("cgi.parse_qs is deprecated, use urllib.parse.parse_qs instead", - DeprecationWarning, 2) - return urllib.parse.parse_qs(qs, keep_blank_values, strict_parsing) - -def parse_qsl(qs, keep_blank_values=0, strict_parsing=0): - """Parse a query given as a string argument.""" - warn("cgi.parse_qsl is deprecated, use urllib.parse.parse_qsl instead", - DeprecationWarning, 2) - return urllib.parse.parse_qsl(qs, keep_blank_values, strict_parsing) - def parse_multipart(fp, pdict, encoding="utf-8", errors="replace"): """Parse multipart input. @@ -974,18 +957,6 @@ environment as well. Here are some common variable names: # Utilities # ========= -def escape(s, quote=None): - """Deprecated API.""" - warn("cgi.escape is deprecated, use html.escape instead", - DeprecationWarning, stacklevel=2) - s = s.replace("&", "&") # Must be done first! - s = s.replace("<", "<") - s = s.replace(">", ">") - if quote: - s = s.replace('"', """) - return s - - def valid_boundary(s): import re if isinstance(s, bytes): diff --git a/Lib/test/test_cgi.py b/Lib/test/test_cgi.py index 4f2bba14a1..b284a0d098 100644 --- a/Lib/test/test_cgi.py +++ b/Lib/test/test_cgi.py @@ -4,7 +4,6 @@ import os import sys import tempfile import unittest -import warnings from collections import namedtuple from io import StringIO, BytesIO from test import support @@ -163,15 +162,6 @@ Content-Length: 3 fs = cgi.FieldStorage(headers={'content-type':'text/plain'}) self.assertRaises(TypeError, bool, fs) - def test_escape(self): - # cgi.escape() is deprecated. - with warnings.catch_warnings(): - warnings.filterwarnings('ignore', r'cgi\.escape', - DeprecationWarning) - self.assertEqual("test & string", cgi.escape("test & string")) - self.assertEqual("<test string>", cgi.escape("<test string>")) - self.assertEqual(""test string"", cgi.escape('"test string"', True)) - def test_strict(self): for orig, expect in parse_strict_test_cases: # Test basic parsing @@ -449,20 +439,6 @@ this is the content of the fake file v = gen_result(data, environ) self.assertEqual(result, v) - def test_deprecated_parse_qs(self): - # this func is moved to urllib.parse, this is just a sanity check - with check_warnings(('cgi.parse_qs is deprecated, use urllib.parse.' - 'parse_qs instead', DeprecationWarning)): - self.assertEqual({'a': ['A1'], 'B': ['B3'], 'b': ['B2']}, - cgi.parse_qs('a=A1&b=B2&B=B3')) - - def test_deprecated_parse_qsl(self): - # this func is moved to urllib.parse, this is just a sanity check - with check_warnings(('cgi.parse_qsl is deprecated, use urllib.parse.' - 'parse_qsl instead', DeprecationWarning)): - self.assertEqual([('a', 'A1'), ('b', 'B2'), ('B', 'B3')], - cgi.parse_qsl('a=A1&b=B2&B=B3')) - def test_parse_header(self): self.assertEqual( cgi.parse_header("text/plain"), diff --git a/Misc/NEWS.d/next/Library/2018-06-12-18-59-16.bpo-33843.qVAK8g.rst b/Misc/NEWS.d/next/Library/2018-06-12-18-59-16.bpo-33843.qVAK8g.rst new file mode 100644 index 0000000000..c79b251309 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2018-06-12-18-59-16.bpo-33843.qVAK8g.rst @@ -0,0 +1 @@ +Remove deprecated ``cgi.escape``, ``cgi.parse_qs`` and ``cgi.parse_qsl``. |