python (3.12.0)
1 """Parse (absolute and relative) URLs.
2
3 urlparse module is based upon the following RFC specifications.
4
5 RFC 3986 (STD66): "Uniform Resource Identifiers" by T. Berners-Lee, R. Fielding
6 and L. Masinter, January 2005.
7
8 RFC 2732 : "Format for Literal IPv6 Addresses in URL's by R.Hinden, B.Carpenter
9 and L.Masinter, December 1999.
10
11 RFC 2396: "Uniform Resource Identifiers (URI)": Generic Syntax by T.
12 Berners-Lee, R. Fielding, and L. Masinter, August 1998.
13
14 RFC 2368: "The mailto URL scheme", by P.Hoffman , L Masinter, J. Zawinski, July 1998.
15
16 RFC 1808: "Relative Uniform Resource Locators", by R. Fielding, UC Irvine, June
17 1995.
18
19 RFC 1738: "Uniform Resource Locators (URL)" by T. Berners-Lee, L. Masinter, M.
20 McCahill, December 1994
21
22 RFC 3986 is considered the current standard and any future changes to
23 urlparse module should conform with it. The urlparse module is
24 currently not entirely compliant with this RFC due to defacto
25 scenarios for parsing, and for backward compatibility purposes, some
26 parsing quirks from older RFCs are retained. The testcases in
27 test_urlparse.py provides a good indicator of parsing behavior.
28
29 The WHATWG URL Parser spec should also be considered. We are not compliant with
30 it either due to existing user code API behavior expectations (Hyrum's Law).
31 It serves as a useful guide when making changes.
32 """
33
34 from collections import namedtuple
35 import functools
36 import math
37 import re
38 import types
39 import warnings
40 import ipaddress
41
42 __all__ = ["urlparse", "urlunparse", "urljoin", "urldefrag",
43 "urlsplit", "urlunsplit", "urlencode", "parse_qs",
44 "parse_qsl", "quote", "quote_plus", "quote_from_bytes",
45 "unquote", "unquote_plus", "unquote_to_bytes",
46 "DefragResult", "ParseResult", "SplitResult",
47 "DefragResultBytes", "ParseResultBytes", "SplitResultBytes"]
48
49 # A classification of schemes.
50 # The empty string classifies URLs with no scheme specified,
51 # being the default value returned by “urlsplit” and “urlparse”.
52
53 uses_relative = ['', 'ftp', 'http', 'gopher', 'nntp', 'imap',
54 'wais', 'file', 'https', 'shttp', 'mms',
55 'prospero', 'rtsp', 'rtsps', 'rtspu', 'sftp',
56 'svn', 'svn+ssh', 'ws', 'wss']
57
58 uses_netloc = ['', 'ftp', 'http', 'gopher', 'nntp', 'telnet',
59 'imap', 'wais', 'file', 'mms', 'https', 'shttp',
60 'snews', 'prospero', 'rtsp', 'rtsps', 'rtspu', 'rsync',
61 'svn', 'svn+ssh', 'sftp', 'nfs', 'git', 'git+ssh',
62 'ws', 'wss', 'itms-services']
63
64 uses_params = ['', 'ftp', 'hdl', 'prospero', 'http', 'imap',
65 'https', 'shttp', 'rtsp', 'rtsps', 'rtspu', 'sip',
66 'sips', 'mms', 'sftp', 'tel']
67
68 # These are not actually used anymore, but should stay for backwards
69 # compatibility. (They are undocumented, but have a public-looking name.)
70
71 non_hierarchical = ['gopher', 'hdl', 'mailto', 'news',
72 'telnet', 'wais', 'imap', 'snews', 'sip', 'sips']
73
74 uses_query = ['', 'http', 'wais', 'imap', 'https', 'shttp', 'mms',
75 'gopher', 'rtsp', 'rtsps', 'rtspu', 'sip', 'sips']
76
77 uses_fragment = ['', 'ftp', 'hdl', 'http', 'gopher', 'news',
78 'nntp', 'wais', 'https', 'shttp', 'snews',
79 'file', 'prospero']
80
81 # Characters valid in scheme names
82 scheme_chars = ('abcdefghijklmnopqrstuvwxyz'
83 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
84 '0123456789'
85 '+-.')
86
87 # Leading and trailing C0 control and space to be stripped per WHATWG spec.
88 # == "".join([chr(i) for i in range(0, 0x20 + 1)])
89 _WHATWG_C0_CONTROL_OR_SPACE = '\x00\x01\x02\x03\x04\x05\x06\x07\x08\t\n\x0b\x0c\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f '
90
91 # Unsafe bytes to be removed per WHATWG spec
92 _UNSAFE_URL_BYTES_TO_REMOVE = ['\t', '\r', '\n']
93
94 def clear_cache():
95 """Clear internal performance caches. Undocumented; some tests want it."""
96 urlsplit.cache_clear()
97 _byte_quoter_factory.cache_clear()
98
99 # Helpers for bytes handling
100 # For 3.2, we deliberately require applications that
101 # handle improperly quoted URLs to do their own
102 # decoding and encoding. If valid use cases are
103 # presented, we may relax this by using latin-1
104 # decoding internally for 3.3
105 _implicit_encoding = 'ascii'
106 _implicit_errors = 'strict'
107
108 def _noop(obj):
109 return obj
110
111 def _encode_result(obj, encoding=_implicit_encoding,
112 errors=_implicit_errors):
113 return obj.encode(encoding, errors)
114
115 def _decode_args(args, encoding=_implicit_encoding,
116 errors=_implicit_errors):
117 return tuple(x.decode(encoding, errors) if x else '' for x in args)
118
119 def _coerce_args(*args):
120 # Invokes decode if necessary to create str args
121 # and returns the coerced inputs along with
122 # an appropriate result coercion function
123 # - noop for str inputs
124 # - encoding function otherwise
125 str_input = isinstance(args[0], str)
126 for arg in args[1:]:
127 # We special-case the empty string to support the
128 # "scheme=''" default argument to some functions
129 if arg and isinstance(arg, str) != str_input:
130 raise TypeError("Cannot mix str and non-str arguments")
131 if str_input:
132 return args + (_noop,)
133 return _decode_args(args) + (_encode_result,)
134
135 # Result objects are more helpful than simple tuples
136 class ESC[4;38;5;81m_ResultMixinStr(ESC[4;38;5;149mobject):
137 """Standard approach to encoding parsed results from str to bytes"""
138 __slots__ = ()
139
140 def encode(self, encoding='ascii', errors='strict'):
141 return self._encoded_counterpart(*(x.encode(encoding, errors) for x in self))
142
143
144 class ESC[4;38;5;81m_ResultMixinBytes(ESC[4;38;5;149mobject):
145 """Standard approach to decoding parsed results from bytes to str"""
146 __slots__ = ()
147
148 def decode(self, encoding='ascii', errors='strict'):
149 return self._decoded_counterpart(*(x.decode(encoding, errors) for x in self))
150
151
152 class ESC[4;38;5;81m_NetlocResultMixinBase(ESC[4;38;5;149mobject):
153 """Shared methods for the parsed result objects containing a netloc element"""
154 __slots__ = ()
155
156 @property
157 def username(self):
158 return self._userinfo[0]
159
160 @property
161 def password(self):
162 return self._userinfo[1]
163
164 @property
165 def hostname(self):
166 hostname = self._hostinfo[0]
167 if not hostname:
168 return None
169 # Scoped IPv6 address may have zone info, which must not be lowercased
170 # like http://[fe80::822a:a8ff:fe49:470c%tESt]:1234/keys
171 separator = '%' if isinstance(hostname, str) else b'%'
172 hostname, percent, zone = hostname.partition(separator)
173 return hostname.lower() + percent + zone
174
175 @property
176 def port(self):
177 port = self._hostinfo[1]
178 if port is not None:
179 if port.isdigit() and port.isascii():
180 port = int(port)
181 else:
182 raise ValueError(f"Port could not be cast to integer value as {port!r}")
183 if not (0 <= port <= 65535):
184 raise ValueError("Port out of range 0-65535")
185 return port
186
187 __class_getitem__ = classmethod(types.GenericAlias)
188
189
190 class ESC[4;38;5;81m_NetlocResultMixinStr(ESC[4;38;5;149m_NetlocResultMixinBase, ESC[4;38;5;149m_ResultMixinStr):
191 __slots__ = ()
192
193 @property
194 def _userinfo(self):
195 netloc = self.netloc
196 userinfo, have_info, hostinfo = netloc.rpartition('@')
197 if have_info:
198 username, have_password, password = userinfo.partition(':')
199 if not have_password:
200 password = None
201 else:
202 username = password = None
203 return username, password
204
205 @property
206 def _hostinfo(self):
207 netloc = self.netloc
208 _, _, hostinfo = netloc.rpartition('@')
209 _, have_open_br, bracketed = hostinfo.partition('[')
210 if have_open_br:
211 hostname, _, port = bracketed.partition(']')
212 _, _, port = port.partition(':')
213 else:
214 hostname, _, port = hostinfo.partition(':')
215 if not port:
216 port = None
217 return hostname, port
218
219
220 class ESC[4;38;5;81m_NetlocResultMixinBytes(ESC[4;38;5;149m_NetlocResultMixinBase, ESC[4;38;5;149m_ResultMixinBytes):
221 __slots__ = ()
222
223 @property
224 def _userinfo(self):
225 netloc = self.netloc
226 userinfo, have_info, hostinfo = netloc.rpartition(b'@')
227 if have_info:
228 username, have_password, password = userinfo.partition(b':')
229 if not have_password:
230 password = None
231 else:
232 username = password = None
233 return username, password
234
235 @property
236 def _hostinfo(self):
237 netloc = self.netloc
238 _, _, hostinfo = netloc.rpartition(b'@')
239 _, have_open_br, bracketed = hostinfo.partition(b'[')
240 if have_open_br:
241 hostname, _, port = bracketed.partition(b']')
242 _, _, port = port.partition(b':')
243 else:
244 hostname, _, port = hostinfo.partition(b':')
245 if not port:
246 port = None
247 return hostname, port
248
249
250 _DefragResultBase = namedtuple('DefragResult', 'url fragment')
251 _SplitResultBase = namedtuple(
252 'SplitResult', 'scheme netloc path query fragment')
253 _ParseResultBase = namedtuple(
254 'ParseResult', 'scheme netloc path params query fragment')
255
256 _DefragResultBase.__doc__ = """
257 DefragResult(url, fragment)
258
259 A 2-tuple that contains the url without fragment identifier and the fragment
260 identifier as a separate argument.
261 """
262
263 _DefragResultBase.url.__doc__ = """The URL with no fragment identifier."""
264
265 _DefragResultBase.fragment.__doc__ = """
266 Fragment identifier separated from URL, that allows indirect identification of a
267 secondary resource by reference to a primary resource and additional identifying
268 information.
269 """
270
271 _SplitResultBase.__doc__ = """
272 SplitResult(scheme, netloc, path, query, fragment)
273
274 A 5-tuple that contains the different components of a URL. Similar to
275 ParseResult, but does not split params.
276 """
277
278 _SplitResultBase.scheme.__doc__ = """Specifies URL scheme for the request."""
279
280 _SplitResultBase.netloc.__doc__ = """
281 Network location where the request is made to.
282 """
283
284 _SplitResultBase.path.__doc__ = """
285 The hierarchical path, such as the path to a file to download.
286 """
287
288 _SplitResultBase.query.__doc__ = """
289 The query component, that contains non-hierarchical data, that along with data
290 in path component, identifies a resource in the scope of URI's scheme and
291 network location.
292 """
293
294 _SplitResultBase.fragment.__doc__ = """
295 Fragment identifier, that allows indirect identification of a secondary resource
296 by reference to a primary resource and additional identifying information.
297 """
298
299 _ParseResultBase.__doc__ = """
300 ParseResult(scheme, netloc, path, params, query, fragment)
301
302 A 6-tuple that contains components of a parsed URL.
303 """
304
305 _ParseResultBase.scheme.__doc__ = _SplitResultBase.scheme.__doc__
306 _ParseResultBase.netloc.__doc__ = _SplitResultBase.netloc.__doc__
307 _ParseResultBase.path.__doc__ = _SplitResultBase.path.__doc__
308 _ParseResultBase.params.__doc__ = """
309 Parameters for last path element used to dereference the URI in order to provide
310 access to perform some operation on the resource.
311 """
312
313 _ParseResultBase.query.__doc__ = _SplitResultBase.query.__doc__
314 _ParseResultBase.fragment.__doc__ = _SplitResultBase.fragment.__doc__
315
316
317 # For backwards compatibility, alias _NetlocResultMixinStr
318 # ResultBase is no longer part of the documented API, but it is
319 # retained since deprecating it isn't worth the hassle
320 ResultBase = _NetlocResultMixinStr
321
322 # Structured result objects for string data
323 class ESC[4;38;5;81mDefragResult(ESC[4;38;5;149m_DefragResultBase, ESC[4;38;5;149m_ResultMixinStr):
324 __slots__ = ()
325 def geturl(self):
326 if self.fragment:
327 return self.url + '#' + self.fragment
328 else:
329 return self.url
330
331 class ESC[4;38;5;81mSplitResult(ESC[4;38;5;149m_SplitResultBase, ESC[4;38;5;149m_NetlocResultMixinStr):
332 __slots__ = ()
333 def geturl(self):
334 return urlunsplit(self)
335
336 class ESC[4;38;5;81mParseResult(ESC[4;38;5;149m_ParseResultBase, ESC[4;38;5;149m_NetlocResultMixinStr):
337 __slots__ = ()
338 def geturl(self):
339 return urlunparse(self)
340
341 # Structured result objects for bytes data
342 class ESC[4;38;5;81mDefragResultBytes(ESC[4;38;5;149m_DefragResultBase, ESC[4;38;5;149m_ResultMixinBytes):
343 __slots__ = ()
344 def geturl(self):
345 if self.fragment:
346 return self.url + b'#' + self.fragment
347 else:
348 return self.url
349
350 class ESC[4;38;5;81mSplitResultBytes(ESC[4;38;5;149m_SplitResultBase, ESC[4;38;5;149m_NetlocResultMixinBytes):
351 __slots__ = ()
352 def geturl(self):
353 return urlunsplit(self)
354
355 class ESC[4;38;5;81mParseResultBytes(ESC[4;38;5;149m_ParseResultBase, ESC[4;38;5;149m_NetlocResultMixinBytes):
356 __slots__ = ()
357 def geturl(self):
358 return urlunparse(self)
359
360 # Set up the encode/decode result pairs
361 def _fix_result_transcoding():
362 _result_pairs = (
363 (DefragResult, DefragResultBytes),
364 (SplitResult, SplitResultBytes),
365 (ParseResult, ParseResultBytes),
366 )
367 for _decoded, _encoded in _result_pairs:
368 _decoded._encoded_counterpart = _encoded
369 _encoded._decoded_counterpart = _decoded
370
371 _fix_result_transcoding()
372 del _fix_result_transcoding
373
374 def urlparse(url, scheme='', allow_fragments=True):
375 """Parse a URL into 6 components:
376 <scheme>://<netloc>/<path>;<params>?<query>#<fragment>
377
378 The result is a named 6-tuple with fields corresponding to the
379 above. It is either a ParseResult or ParseResultBytes object,
380 depending on the type of the url parameter.
381
382 The username, password, hostname, and port sub-components of netloc
383 can also be accessed as attributes of the returned object.
384
385 The scheme argument provides the default value of the scheme
386 component when no scheme is found in url.
387
388 If allow_fragments is False, no attempt is made to separate the
389 fragment component from the previous component, which can be either
390 path or query.
391
392 Note that % escapes are not expanded.
393 """
394 url, scheme, _coerce_result = _coerce_args(url, scheme)
395 splitresult = urlsplit(url, scheme, allow_fragments)
396 scheme, netloc, url, query, fragment = splitresult
397 if scheme in uses_params and ';' in url:
398 url, params = _splitparams(url)
399 else:
400 params = ''
401 result = ParseResult(scheme, netloc, url, params, query, fragment)
402 return _coerce_result(result)
403
404 def _splitparams(url):
405 if '/' in url:
406 i = url.find(';', url.rfind('/'))
407 if i < 0:
408 return url, ''
409 else:
410 i = url.find(';')
411 return url[:i], url[i+1:]
412
413 def _splitnetloc(url, start=0):
414 delim = len(url) # position of end of domain part of url, default is end
415 for c in '/?#': # look for delimiters; the order is NOT important
416 wdelim = url.find(c, start) # find first of this delim
417 if wdelim >= 0: # if found
418 delim = min(delim, wdelim) # use earliest delim position
419 return url[start:delim], url[delim:] # return (domain, rest)
420
421 def _checknetloc(netloc):
422 if not netloc or netloc.isascii():
423 return
424 # looking for characters like \u2100 that expand to 'a/c'
425 # IDNA uses NFKC equivalence, so normalize for this check
426 import unicodedata
427 n = netloc.replace('@', '') # ignore characters already included
428 n = n.replace(':', '') # but not the surrounding text
429 n = n.replace('#', '')
430 n = n.replace('?', '')
431 netloc2 = unicodedata.normalize('NFKC', n)
432 if n == netloc2:
433 return
434 for c in '/?#@:':
435 if c in netloc2:
436 raise ValueError("netloc '" + netloc + "' contains invalid " +
437 "characters under NFKC normalization")
438
439 # Valid bracketed hosts are defined in
440 # https://www.rfc-editor.org/rfc/rfc3986#page-49 and https://url.spec.whatwg.org/
441 def _check_bracketed_host(hostname):
442 if hostname.startswith('v'):
443 if not re.match(r"\Av[a-fA-F0-9]+\..+\Z", hostname):
444 raise ValueError(f"IPvFuture address is invalid")
445 else:
446 ip = ipaddress.ip_address(hostname) # Throws Value Error if not IPv6 or IPv4
447 if isinstance(ip, ipaddress.IPv4Address):
448 raise ValueError(f"An IPv4 address cannot be in brackets")
449
450 # typed=True avoids BytesWarnings being emitted during cache key
451 # comparison since this API supports both bytes and str input.
452 @functools.lru_cache(typed=True)
453 def urlsplit(url, scheme='', allow_fragments=True):
454 """Parse a URL into 5 components:
455 <scheme>://<netloc>/<path>?<query>#<fragment>
456
457 The result is a named 5-tuple with fields corresponding to the
458 above. It is either a SplitResult or SplitResultBytes object,
459 depending on the type of the url parameter.
460
461 The username, password, hostname, and port sub-components of netloc
462 can also be accessed as attributes of the returned object.
463
464 The scheme argument provides the default value of the scheme
465 component when no scheme is found in url.
466
467 If allow_fragments is False, no attempt is made to separate the
468 fragment component from the previous component, which can be either
469 path or query.
470
471 Note that % escapes are not expanded.
472 """
473
474 url, scheme, _coerce_result = _coerce_args(url, scheme)
475 # Only lstrip url as some applications rely on preserving trailing space.
476 # (https://url.spec.whatwg.org/#concept-basic-url-parser would strip both)
477 url = url.lstrip(_WHATWG_C0_CONTROL_OR_SPACE)
478 scheme = scheme.strip(_WHATWG_C0_CONTROL_OR_SPACE)
479
480 for b in _UNSAFE_URL_BYTES_TO_REMOVE:
481 url = url.replace(b, "")
482 scheme = scheme.replace(b, "")
483
484 allow_fragments = bool(allow_fragments)
485 netloc = query = fragment = ''
486 i = url.find(':')
487 if i > 0 and url[0].isascii() and url[0].isalpha():
488 for c in url[:i]:
489 if c not in scheme_chars:
490 break
491 else:
492 scheme, url = url[:i].lower(), url[i+1:]
493 if url[:2] == '//':
494 netloc, url = _splitnetloc(url, 2)
495 if (('[' in netloc and ']' not in netloc) or
496 (']' in netloc and '[' not in netloc)):
497 raise ValueError("Invalid IPv6 URL")
498 if '[' in netloc and ']' in netloc:
499 bracketed_host = netloc.partition('[')[2].partition(']')[0]
500 _check_bracketed_host(bracketed_host)
501 if allow_fragments and '#' in url:
502 url, fragment = url.split('#', 1)
503 if '?' in url:
504 url, query = url.split('?', 1)
505 _checknetloc(netloc)
506 v = SplitResult(scheme, netloc, url, query, fragment)
507 return _coerce_result(v)
508
509 def urlunparse(components):
510 """Put a parsed URL back together again. This may result in a
511 slightly different, but equivalent URL, if the URL that was parsed
512 originally had redundant delimiters, e.g. a ? with an empty query
513 (the draft states that these are equivalent)."""
514 scheme, netloc, url, params, query, fragment, _coerce_result = (
515 _coerce_args(*components))
516 if params:
517 url = "%s;%s" % (url, params)
518 return _coerce_result(urlunsplit((scheme, netloc, url, query, fragment)))
519
520 def urlunsplit(components):
521 """Combine the elements of a tuple as returned by urlsplit() into a
522 complete URL as a string. The data argument can be any five-item iterable.
523 This may result in a slightly different, but equivalent URL, if the URL that
524 was parsed originally had unnecessary delimiters (for example, a ? with an
525 empty query; the RFC states that these are equivalent)."""
526 scheme, netloc, url, query, fragment, _coerce_result = (
527 _coerce_args(*components))
528 if netloc or (scheme and scheme in uses_netloc and url[:2] != '//'):
529 if url and url[:1] != '/': url = '/' + url
530 url = '//' + (netloc or '') + url
531 if scheme:
532 url = scheme + ':' + url
533 if query:
534 url = url + '?' + query
535 if fragment:
536 url = url + '#' + fragment
537 return _coerce_result(url)
538
539 def urljoin(base, url, allow_fragments=True):
540 """Join a base URL and a possibly relative URL to form an absolute
541 interpretation of the latter."""
542 if not base:
543 return url
544 if not url:
545 return base
546
547 base, url, _coerce_result = _coerce_args(base, url)
548 bscheme, bnetloc, bpath, bparams, bquery, bfragment = \
549 urlparse(base, '', allow_fragments)
550 scheme, netloc, path, params, query, fragment = \
551 urlparse(url, bscheme, allow_fragments)
552
553 if scheme != bscheme or scheme not in uses_relative:
554 return _coerce_result(url)
555 if scheme in uses_netloc:
556 if netloc:
557 return _coerce_result(urlunparse((scheme, netloc, path,
558 params, query, fragment)))
559 netloc = bnetloc
560
561 if not path and not params:
562 path = bpath
563 params = bparams
564 if not query:
565 query = bquery
566 return _coerce_result(urlunparse((scheme, netloc, path,
567 params, query, fragment)))
568
569 base_parts = bpath.split('/')
570 if base_parts[-1] != '':
571 # the last item is not a directory, so will not be taken into account
572 # in resolving the relative path
573 del base_parts[-1]
574
575 # for rfc3986, ignore all base path should the first character be root.
576 if path[:1] == '/':
577 segments = path.split('/')
578 else:
579 segments = base_parts + path.split('/')
580 # filter out elements that would cause redundant slashes on re-joining
581 # the resolved_path
582 segments[1:-1] = filter(None, segments[1:-1])
583
584 resolved_path = []
585
586 for seg in segments:
587 if seg == '..':
588 try:
589 resolved_path.pop()
590 except IndexError:
591 # ignore any .. segments that would otherwise cause an IndexError
592 # when popped from resolved_path if resolving for rfc3986
593 pass
594 elif seg == '.':
595 continue
596 else:
597 resolved_path.append(seg)
598
599 if segments[-1] in ('.', '..'):
600 # do some post-processing here. if the last segment was a relative dir,
601 # then we need to append the trailing '/'
602 resolved_path.append('')
603
604 return _coerce_result(urlunparse((scheme, netloc, '/'.join(
605 resolved_path) or '/', params, query, fragment)))
606
607
608 def urldefrag(url):
609 """Removes any existing fragment from URL.
610
611 Returns a tuple of the defragmented URL and the fragment. If
612 the URL contained no fragments, the second element is the
613 empty string.
614 """
615 url, _coerce_result = _coerce_args(url)
616 if '#' in url:
617 s, n, p, a, q, frag = urlparse(url)
618 defrag = urlunparse((s, n, p, a, q, ''))
619 else:
620 frag = ''
621 defrag = url
622 return _coerce_result(DefragResult(defrag, frag))
623
624 _hexdig = '0123456789ABCDEFabcdef'
625 _hextobyte = None
626
627 def unquote_to_bytes(string):
628 """unquote_to_bytes('abc%20def') -> b'abc def'."""
629 return bytes(_unquote_impl(string))
630
631 def _unquote_impl(string: bytes | bytearray | str) -> bytes | bytearray:
632 # Note: strings are encoded as UTF-8. This is only an issue if it contains
633 # unescaped non-ASCII characters, which URIs should not.
634 if not string:
635 # Is it a string-like object?
636 string.split
637 return b''
638 if isinstance(string, str):
639 string = string.encode('utf-8')
640 bits = string.split(b'%')
641 if len(bits) == 1:
642 return string
643 res = bytearray(bits[0])
644 append = res.extend
645 # Delay the initialization of the table to not waste memory
646 # if the function is never called
647 global _hextobyte
648 if _hextobyte is None:
649 _hextobyte = {(a + b).encode(): bytes.fromhex(a + b)
650 for a in _hexdig for b in _hexdig}
651 for item in bits[1:]:
652 try:
653 append(_hextobyte[item[:2]])
654 append(item[2:])
655 except KeyError:
656 append(b'%')
657 append(item)
658 return res
659
660 _asciire = re.compile('([\x00-\x7f]+)')
661
662 def _generate_unquoted_parts(string, encoding, errors):
663 previous_match_end = 0
664 for ascii_match in _asciire.finditer(string):
665 start, end = ascii_match.span()
666 yield string[previous_match_end:start] # Non-ASCII
667 # The ascii_match[1] group == string[start:end].
668 yield _unquote_impl(ascii_match[1]).decode(encoding, errors)
669 previous_match_end = end
670 yield string[previous_match_end:] # Non-ASCII tail
671
672 def unquote(string, encoding='utf-8', errors='replace'):
673 """Replace %xx escapes by their single-character equivalent. The optional
674 encoding and errors parameters specify how to decode percent-encoded
675 sequences into Unicode characters, as accepted by the bytes.decode()
676 method.
677 By default, percent-encoded sequences are decoded with UTF-8, and invalid
678 sequences are replaced by a placeholder character.
679
680 unquote('abc%20def') -> 'abc def'.
681 """
682 if isinstance(string, bytes):
683 return _unquote_impl(string).decode(encoding, errors)
684 if '%' not in string:
685 # Is it a string-like object?
686 string.split
687 return string
688 if encoding is None:
689 encoding = 'utf-8'
690 if errors is None:
691 errors = 'replace'
692 return ''.join(_generate_unquoted_parts(string, encoding, errors))
693
694
695 def parse_qs(qs, keep_blank_values=False, strict_parsing=False,
696 encoding='utf-8', errors='replace', max_num_fields=None, separator='&'):
697 """Parse a query given as a string argument.
698
699 Arguments:
700
701 qs: percent-encoded query string to be parsed
702
703 keep_blank_values: flag indicating whether blank values in
704 percent-encoded queries should be treated as blank strings.
705 A true value indicates that blanks should be retained as
706 blank strings. The default false value indicates that
707 blank values are to be ignored and treated as if they were
708 not included.
709
710 strict_parsing: flag indicating what to do with parsing errors.
711 If false (the default), errors are silently ignored.
712 If true, errors raise a ValueError exception.
713
714 encoding and errors: specify how to decode percent-encoded sequences
715 into Unicode characters, as accepted by the bytes.decode() method.
716
717 max_num_fields: int. If set, then throws a ValueError if there
718 are more than n fields read by parse_qsl().
719
720 separator: str. The symbol to use for separating the query arguments.
721 Defaults to &.
722
723 Returns a dictionary.
724 """
725 parsed_result = {}
726 pairs = parse_qsl(qs, keep_blank_values, strict_parsing,
727 encoding=encoding, errors=errors,
728 max_num_fields=max_num_fields, separator=separator)
729 for name, value in pairs:
730 if name in parsed_result:
731 parsed_result[name].append(value)
732 else:
733 parsed_result[name] = [value]
734 return parsed_result
735
736
737 def parse_qsl(qs, keep_blank_values=False, strict_parsing=False,
738 encoding='utf-8', errors='replace', max_num_fields=None, separator='&'):
739 """Parse a query given as a string argument.
740
741 Arguments:
742
743 qs: percent-encoded query string to be parsed
744
745 keep_blank_values: flag indicating whether blank values in
746 percent-encoded queries should be treated as blank strings.
747 A true value indicates that blanks should be retained as blank
748 strings. The default false value indicates that blank values
749 are to be ignored and treated as if they were not included.
750
751 strict_parsing: flag indicating what to do with parsing errors. If
752 false (the default), errors are silently ignored. If true,
753 errors raise a ValueError exception.
754
755 encoding and errors: specify how to decode percent-encoded sequences
756 into Unicode characters, as accepted by the bytes.decode() method.
757
758 max_num_fields: int. If set, then throws a ValueError
759 if there are more than n fields read by parse_qsl().
760
761 separator: str. The symbol to use for separating the query arguments.
762 Defaults to &.
763
764 Returns a list, as G-d intended.
765 """
766 qs, _coerce_result = _coerce_args(qs)
767 separator, _ = _coerce_args(separator)
768
769 if not separator or (not isinstance(separator, (str, bytes))):
770 raise ValueError("Separator must be of type string or bytes.")
771
772 # If max_num_fields is defined then check that the number of fields
773 # is less than max_num_fields. This prevents a memory exhaustion DOS
774 # attack via post bodies with many fields.
775 if max_num_fields is not None:
776 num_fields = 1 + qs.count(separator) if qs else 0
777 if max_num_fields < num_fields:
778 raise ValueError('Max number of fields exceeded')
779
780 r = []
781 query_args = qs.split(separator) if qs else []
782 for name_value in query_args:
783 if not name_value and not strict_parsing:
784 continue
785 nv = name_value.split('=', 1)
786 if len(nv) != 2:
787 if strict_parsing:
788 raise ValueError("bad query field: %r" % (name_value,))
789 # Handle case of a control-name with no equal sign
790 if keep_blank_values:
791 nv.append('')
792 else:
793 continue
794 if len(nv[1]) or keep_blank_values:
795 name = nv[0].replace('+', ' ')
796 name = unquote(name, encoding=encoding, errors=errors)
797 name = _coerce_result(name)
798 value = nv[1].replace('+', ' ')
799 value = unquote(value, encoding=encoding, errors=errors)
800 value = _coerce_result(value)
801 r.append((name, value))
802 return r
803
804 def unquote_plus(string, encoding='utf-8', errors='replace'):
805 """Like unquote(), but also replace plus signs by spaces, as required for
806 unquoting HTML form values.
807
808 unquote_plus('%7e/abc+def') -> '~/abc def'
809 """
810 string = string.replace('+', ' ')
811 return unquote(string, encoding, errors)
812
813 _ALWAYS_SAFE = frozenset(b'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
814 b'abcdefghijklmnopqrstuvwxyz'
815 b'0123456789'
816 b'_.-~')
817 _ALWAYS_SAFE_BYTES = bytes(_ALWAYS_SAFE)
818
819 def __getattr__(name):
820 if name == 'Quoter':
821 warnings.warn('Deprecated in 3.11. '
822 'urllib.parse.Quoter will be removed in Python 3.14. '
823 'It was not intended to be a public API.',
824 DeprecationWarning, stacklevel=2)
825 return _Quoter
826 raise AttributeError(f'module {__name__!r} has no attribute {name!r}')
827
828 class ESC[4;38;5;81m_Quoter(ESC[4;38;5;149mdict):
829 """A mapping from bytes numbers (in range(0,256)) to strings.
830
831 String values are percent-encoded byte values, unless the key < 128, and
832 in either of the specified safe set, or the always safe set.
833 """
834 # Keeps a cache internally, via __missing__, for efficiency (lookups
835 # of cached keys don't call Python code at all).
836 def __init__(self, safe):
837 """safe: bytes object."""
838 self.safe = _ALWAYS_SAFE.union(safe)
839
840 def __repr__(self):
841 return f"<Quoter {dict(self)!r}>"
842
843 def __missing__(self, b):
844 # Handle a cache miss. Store quoted string in cache and return.
845 res = chr(b) if b in self.safe else '%{:02X}'.format(b)
846 self[b] = res
847 return res
848
849 def quote(string, safe='/', encoding=None, errors=None):
850 """quote('abc def') -> 'abc%20def'
851
852 Each part of a URL, e.g. the path info, the query, etc., has a
853 different set of reserved characters that must be quoted. The
854 quote function offers a cautious (not minimal) way to quote a
855 string for most of these parts.
856
857 RFC 3986 Uniform Resource Identifier (URI): Generic Syntax lists
858 the following (un)reserved characters.
859
860 unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
861 reserved = gen-delims / sub-delims
862 gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@"
863 sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
864 / "*" / "+" / "," / ";" / "="
865
866 Each of the reserved characters is reserved in some component of a URL,
867 but not necessarily in all of them.
868
869 The quote function %-escapes all characters that are neither in the
870 unreserved chars ("always safe") nor the additional chars set via the
871 safe arg.
872
873 The default for the safe arg is '/'. The character is reserved, but in
874 typical usage the quote function is being called on a path where the
875 existing slash characters are to be preserved.
876
877 Python 3.7 updates from using RFC 2396 to RFC 3986 to quote URL strings.
878 Now, "~" is included in the set of unreserved characters.
879
880 string and safe may be either str or bytes objects. encoding and errors
881 must not be specified if string is a bytes object.
882
883 The optional encoding and errors parameters specify how to deal with
884 non-ASCII characters, as accepted by the str.encode method.
885 By default, encoding='utf-8' (characters are encoded with UTF-8), and
886 errors='strict' (unsupported characters raise a UnicodeEncodeError).
887 """
888 if isinstance(string, str):
889 if not string:
890 return string
891 if encoding is None:
892 encoding = 'utf-8'
893 if errors is None:
894 errors = 'strict'
895 string = string.encode(encoding, errors)
896 else:
897 if encoding is not None:
898 raise TypeError("quote() doesn't support 'encoding' for bytes")
899 if errors is not None:
900 raise TypeError("quote() doesn't support 'errors' for bytes")
901 return quote_from_bytes(string, safe)
902
903 def quote_plus(string, safe='', encoding=None, errors=None):
904 """Like quote(), but also replace ' ' with '+', as required for quoting
905 HTML form values. Plus signs in the original string are escaped unless
906 they are included in safe. It also does not have safe default to '/'.
907 """
908 # Check if ' ' in string, where string may either be a str or bytes. If
909 # there are no spaces, the regular quote will produce the right answer.
910 if ((isinstance(string, str) and ' ' not in string) or
911 (isinstance(string, bytes) and b' ' not in string)):
912 return quote(string, safe, encoding, errors)
913 if isinstance(safe, str):
914 space = ' '
915 else:
916 space = b' '
917 string = quote(string, safe + space, encoding, errors)
918 return string.replace(' ', '+')
919
920 # Expectation: A typical program is unlikely to create more than 5 of these.
921 @functools.lru_cache
922 def _byte_quoter_factory(safe):
923 return _Quoter(safe).__getitem__
924
925 def quote_from_bytes(bs, safe='/'):
926 """Like quote(), but accepts a bytes object rather than a str, and does
927 not perform string-to-bytes encoding. It always returns an ASCII string.
928 quote_from_bytes(b'abc def\x3f') -> 'abc%20def%3f'
929 """
930 if not isinstance(bs, (bytes, bytearray)):
931 raise TypeError("quote_from_bytes() expected bytes")
932 if not bs:
933 return ''
934 if isinstance(safe, str):
935 # Normalize 'safe' by converting to bytes and removing non-ASCII chars
936 safe = safe.encode('ascii', 'ignore')
937 else:
938 # List comprehensions are faster than generator expressions.
939 safe = bytes([c for c in safe if c < 128])
940 if not bs.rstrip(_ALWAYS_SAFE_BYTES + safe):
941 return bs.decode()
942 quoter = _byte_quoter_factory(safe)
943 if (bs_len := len(bs)) < 200_000:
944 return ''.join(map(quoter, bs))
945 else:
946 # This saves memory - https://github.com/python/cpython/issues/95865
947 chunk_size = math.isqrt(bs_len)
948 chunks = [''.join(map(quoter, bs[i:i+chunk_size]))
949 for i in range(0, bs_len, chunk_size)]
950 return ''.join(chunks)
951
952 def urlencode(query, doseq=False, safe='', encoding=None, errors=None,
953 quote_via=quote_plus):
954 """Encode a dict or sequence of two-element tuples into a URL query string.
955
956 If any values in the query arg are sequences and doseq is true, each
957 sequence element is converted to a separate parameter.
958
959 If the query arg is a sequence of two-element tuples, the order of the
960 parameters in the output will match the order of parameters in the
961 input.
962
963 The components of a query arg may each be either a string or a bytes type.
964
965 The safe, encoding, and errors parameters are passed down to the function
966 specified by quote_via (encoding and errors only if a component is a str).
967 """
968
969 if hasattr(query, "items"):
970 query = query.items()
971 else:
972 # It's a bother at times that strings and string-like objects are
973 # sequences.
974 try:
975 # non-sequence items should not work with len()
976 # non-empty strings will fail this
977 if len(query) and not isinstance(query[0], tuple):
978 raise TypeError
979 # Zero-length sequences of all types will get here and succeed,
980 # but that's a minor nit. Since the original implementation
981 # allowed empty dicts that type of behavior probably should be
982 # preserved for consistency
983 except TypeError as err:
984 raise TypeError("not a valid non-string sequence "
985 "or mapping object") from err
986
987 l = []
988 if not doseq:
989 for k, v in query:
990 if isinstance(k, bytes):
991 k = quote_via(k, safe)
992 else:
993 k = quote_via(str(k), safe, encoding, errors)
994
995 if isinstance(v, bytes):
996 v = quote_via(v, safe)
997 else:
998 v = quote_via(str(v), safe, encoding, errors)
999 l.append(k + '=' + v)
1000 else:
1001 for k, v in query:
1002 if isinstance(k, bytes):
1003 k = quote_via(k, safe)
1004 else:
1005 k = quote_via(str(k), safe, encoding, errors)
1006
1007 if isinstance(v, bytes):
1008 v = quote_via(v, safe)
1009 l.append(k + '=' + v)
1010 elif isinstance(v, str):
1011 v = quote_via(v, safe, encoding, errors)
1012 l.append(k + '=' + v)
1013 else:
1014 try:
1015 # Is this a sufficient test for sequence-ness?
1016 x = len(v)
1017 except TypeError:
1018 # not a sequence
1019 v = quote_via(str(v), safe, encoding, errors)
1020 l.append(k + '=' + v)
1021 else:
1022 # loop over the sequence
1023 for elt in v:
1024 if isinstance(elt, bytes):
1025 elt = quote_via(elt, safe)
1026 else:
1027 elt = quote_via(str(elt), safe, encoding, errors)
1028 l.append(k + '=' + elt)
1029 return '&'.join(l)
1030
1031
1032 def to_bytes(url):
1033 warnings.warn("urllib.parse.to_bytes() is deprecated as of 3.8",
1034 DeprecationWarning, stacklevel=2)
1035 return _to_bytes(url)
1036
1037
1038 def _to_bytes(url):
1039 """to_bytes(u"URL") --> 'URL'."""
1040 # Most URL schemes require ASCII. If that changes, the conversion
1041 # can be relaxed.
1042 # XXX get rid of to_bytes()
1043 if isinstance(url, str):
1044 try:
1045 url = url.encode("ASCII").decode()
1046 except UnicodeError:
1047 raise UnicodeError("URL " + repr(url) +
1048 " contains non-ASCII characters")
1049 return url
1050
1051
1052 def unwrap(url):
1053 """Transform a string like '<URL:scheme://host/path>' into 'scheme://host/path'.
1054
1055 The string is returned unchanged if it's not a wrapped URL.
1056 """
1057 url = str(url).strip()
1058 if url[:1] == '<' and url[-1:] == '>':
1059 url = url[1:-1].strip()
1060 if url[:4] == 'URL:':
1061 url = url[4:].strip()
1062 return url
1063
1064
1065 def splittype(url):
1066 warnings.warn("urllib.parse.splittype() is deprecated as of 3.8, "
1067 "use urllib.parse.urlparse() instead",
1068 DeprecationWarning, stacklevel=2)
1069 return _splittype(url)
1070
1071
1072 _typeprog = None
1073 def _splittype(url):
1074 """splittype('type:opaquestring') --> 'type', 'opaquestring'."""
1075 global _typeprog
1076 if _typeprog is None:
1077 _typeprog = re.compile('([^/:]+):(.*)', re.DOTALL)
1078
1079 match = _typeprog.match(url)
1080 if match:
1081 scheme, data = match.groups()
1082 return scheme.lower(), data
1083 return None, url
1084
1085
1086 def splithost(url):
1087 warnings.warn("urllib.parse.splithost() is deprecated as of 3.8, "
1088 "use urllib.parse.urlparse() instead",
1089 DeprecationWarning, stacklevel=2)
1090 return _splithost(url)
1091
1092
1093 _hostprog = None
1094 def _splithost(url):
1095 """splithost('//host[:port]/path') --> 'host[:port]', '/path'."""
1096 global _hostprog
1097 if _hostprog is None:
1098 _hostprog = re.compile('//([^/#?]*)(.*)', re.DOTALL)
1099
1100 match = _hostprog.match(url)
1101 if match:
1102 host_port, path = match.groups()
1103 if path and path[0] != '/':
1104 path = '/' + path
1105 return host_port, path
1106 return None, url
1107
1108
1109 def splituser(host):
1110 warnings.warn("urllib.parse.splituser() is deprecated as of 3.8, "
1111 "use urllib.parse.urlparse() instead",
1112 DeprecationWarning, stacklevel=2)
1113 return _splituser(host)
1114
1115
1116 def _splituser(host):
1117 """splituser('user[:passwd]@host[:port]') --> 'user[:passwd]', 'host[:port]'."""
1118 user, delim, host = host.rpartition('@')
1119 return (user if delim else None), host
1120
1121
1122 def splitpasswd(user):
1123 warnings.warn("urllib.parse.splitpasswd() is deprecated as of 3.8, "
1124 "use urllib.parse.urlparse() instead",
1125 DeprecationWarning, stacklevel=2)
1126 return _splitpasswd(user)
1127
1128
1129 def _splitpasswd(user):
1130 """splitpasswd('user:passwd') -> 'user', 'passwd'."""
1131 user, delim, passwd = user.partition(':')
1132 return user, (passwd if delim else None)
1133
1134
1135 def splitport(host):
1136 warnings.warn("urllib.parse.splitport() is deprecated as of 3.8, "
1137 "use urllib.parse.urlparse() instead",
1138 DeprecationWarning, stacklevel=2)
1139 return _splitport(host)
1140
1141
1142 # splittag('/path#tag') --> '/path', 'tag'
1143 _portprog = None
1144 def _splitport(host):
1145 """splitport('host:port') --> 'host', 'port'."""
1146 global _portprog
1147 if _portprog is None:
1148 _portprog = re.compile('(.*):([0-9]*)', re.DOTALL)
1149
1150 match = _portprog.fullmatch(host)
1151 if match:
1152 host, port = match.groups()
1153 if port:
1154 return host, port
1155 return host, None
1156
1157
1158 def splitnport(host, defport=-1):
1159 warnings.warn("urllib.parse.splitnport() is deprecated as of 3.8, "
1160 "use urllib.parse.urlparse() instead",
1161 DeprecationWarning, stacklevel=2)
1162 return _splitnport(host, defport)
1163
1164
1165 def _splitnport(host, defport=-1):
1166 """Split host and port, returning numeric port.
1167 Return given default port if no ':' found; defaults to -1.
1168 Return numerical port if a valid number is found after ':'.
1169 Return None if ':' but not a valid number."""
1170 host, delim, port = host.rpartition(':')
1171 if not delim:
1172 host = port
1173 elif port:
1174 if port.isdigit() and port.isascii():
1175 nport = int(port)
1176 else:
1177 nport = None
1178 return host, nport
1179 return host, defport
1180
1181
1182 def splitquery(url):
1183 warnings.warn("urllib.parse.splitquery() is deprecated as of 3.8, "
1184 "use urllib.parse.urlparse() instead",
1185 DeprecationWarning, stacklevel=2)
1186 return _splitquery(url)
1187
1188
1189 def _splitquery(url):
1190 """splitquery('/path?query') --> '/path', 'query'."""
1191 path, delim, query = url.rpartition('?')
1192 if delim:
1193 return path, query
1194 return url, None
1195
1196
1197 def splittag(url):
1198 warnings.warn("urllib.parse.splittag() is deprecated as of 3.8, "
1199 "use urllib.parse.urlparse() instead",
1200 DeprecationWarning, stacklevel=2)
1201 return _splittag(url)
1202
1203
1204 def _splittag(url):
1205 """splittag('/path#tag') --> '/path', 'tag'."""
1206 path, delim, tag = url.rpartition('#')
1207 if delim:
1208 return path, tag
1209 return url, None
1210
1211
1212 def splitattr(url):
1213 warnings.warn("urllib.parse.splitattr() is deprecated as of 3.8, "
1214 "use urllib.parse.urlparse() instead",
1215 DeprecationWarning, stacklevel=2)
1216 return _splitattr(url)
1217
1218
1219 def _splitattr(url):
1220 """splitattr('/path;attr1=value1;attr2=value2;...') ->
1221 '/path', ['attr1=value1', 'attr2=value2', ...]."""
1222 words = url.split(';')
1223 return words[0], words[1:]
1224
1225
1226 def splitvalue(attr):
1227 warnings.warn("urllib.parse.splitvalue() is deprecated as of 3.8, "
1228 "use urllib.parse.parse_qsl() instead",
1229 DeprecationWarning, stacklevel=2)
1230 return _splitvalue(attr)
1231
1232
1233 def _splitvalue(attr):
1234 """splitvalue('attr=value') --> 'attr', 'value'."""
1235 attr, delim, value = attr.partition('=')
1236 return attr, (value if delim else None)
Browse
Usage
Versions