1

我在我的开发系统中发现了这个问题,并在 此处找到的 Eve 演示中重现了它

这是我运行的代码。

    import requests
    import json
    import string
    import random
    def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
        return ''.join(random.choice(chars) for _ in range(size))

    name = "max and me"
    data = {"lastname":id_generator(), "firstname":name}

    print data
    res = requests.post("http://127.0.0.1:5000/people", data = data)
    print res.text

    data = 'where={"firstname":"%s"}' % (name)
    res = requests.get("http://127.0.0.1:5000/people", params = data)
    print res.text

首先,我创建一个包含变量的 POST,然后在同一个变量上使用 where 进行 GET。首先,我将变量设置为“max and me”,一切运行良好然后我运行设置为“max & me”,而前夕把我整个人都扔了:

    127.0.0.1 - - [23/Apr/2014 20:22:07] "GET /people?where=%7B%22firstname%22:%22max%20&%20me%22%7D HTTP/1.1" 500 -
Traceback (most recent call last):
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1836, in __call__
    return self.wsgi_app(environ, start_response)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1820, in wsgi_app
    response = self.make_response(self.handle_exception(e))
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1403, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1817, in wsgi_app
    response = self.full_dispatch_request()
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1477, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1381, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
    rv = self.dispatch_request()
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/endpoints.py", line 53, in collections_endpoint
    response = get(resource, lookup)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/methods/common.py", line 226, in rate_limited
    return f(*args, **kwargs)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/auth.py", line 45, in decorated
    return f(*args, **kwargs)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/methods/common.py", line 429, in decorated
    r = f(*args, **kwargs)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/methods/get.py", line 104, in get
    cursor = app.data.find(resource, req, lookup)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/io/mongo/mongo.py", line 145, in find
    spec = parse(req.where)
  File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/io/mongo/parser.py", line 26, in parse
    v.visit(ast.parse(expression))
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ast.py", line 37, in parse
    return compile(source, filename, mode, PyCF_ONLY_AST)
File "<unknown>", line 1
    {"firstname":"max
                     ^
SyntaxError: EOL while scanning string literal

可能是我没有处理 <&> 符号 - 但我觉得我已经尝试了各种编码......而且我被卡住了......每次

4

2 回答 2

3

尝试用&它的转义版本替换:%26. 我刚刚尝试了这个 GET 到 Eve 驱动的 API

?where={"name": "You %26 me"}

它工作得很好。

于 2014-04-23T14:13:13.093 回答
1

我认为您不能在 URL 中以未编码的方式使用&符号 - 这意味着 URL 中查询的下一部分。通常你必须将 & 号编码为%26.

我认为这部分是 eve 的错误,因为如果您将未编码的 & 符号放入 URL 的查询部分,Flask(这是 Eve 的基础)将其拆分为请求参数,然后 Eve 尝试将 pythonic ast 作为“where”部分(这是它在 Python 语法中处理查询格式的方式),它在 之后结束max,因此它引发了这个错误,因为它显然不正确的 python 表达式。在此代码https://github.com/nicolaiarocci/eve/blob/develop/eve/io/mongo/mongo.py#L151中,可能也应该被捕获SyntaxError。也许你可以尝试在 eve 的 github 上填写 bug,并建议 eve 应该返回 400 bad request。

我希望这篇文章能解释问题的核心。

于 2014-04-23T12:49:47.837 回答