From 895807f94ea9a8e588605c12076b7d7517cda503 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 28 Jul 2020 14:08:27 +0100 Subject: [PATCH] Quote path component before logging (#724) * Quote path component before logging * Linting --- uvicorn/logging.py | 7 ++++--- uvicorn/protocols/utils.py | 5 ++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/uvicorn/logging.py b/uvicorn/logging.py index ac910faba..2199e2ce8 100644 --- a/uvicorn/logging.py +++ b/uvicorn/logging.py @@ -1,6 +1,7 @@ import http import logging import sys +import urllib from copy import copy import click @@ -77,14 +78,14 @@ def get_client_addr(self, scope): return "%s:%d" % (client[0], client[1]) def get_path(self, scope): - return scope.get("root_path", "") + scope["path"] + return urllib.parse.quote(scope.get("root_path", "") + scope["path"]) def get_full_path(self, scope): path = scope.get("root_path", "") + scope["path"] query_string = scope.get("query_string", b"").decode("ascii") if query_string: - return path + "?" + query_string - return path + return urllib.parse.quote(path) + "?" + query_string + return urllib.parse.quote(path) def get_status_code(self, record): status_code = record.__dict__["status_code"] diff --git a/uvicorn/protocols/utils.py b/uvicorn/protocols/utils.py index c9347277d..a282c61eb 100644 --- a/uvicorn/protocols/utils.py +++ b/uvicorn/protocols/utils.py @@ -1,4 +1,5 @@ import socket +import urllib def get_remote_addr(transport): @@ -49,7 +50,9 @@ def get_client_addr(scope): def get_path_with_query_string(scope): - path_with_query_string = scope.get("root_path", "") + scope["path"] + path_with_query_string = urllib.parse.quote( + scope.get("root_path", "") + scope["path"] + ) if scope["query_string"]: path_with_query_string = "{}?{}".format( path_with_query_string, scope["query_string"].decode("ascii")