[Medusa-dev] psp_handler - embed python in HTML like ASP

Kevin Smith smithk at attbi.com
Sun Apr 27 13:27:49 EDT 2003


Hi, I have created a psp_handler (Python Server Pages???) for medusa
based on the script_handler.  This handler lets you mix HTML with python
like ASP pages.  The handler can be installed on the server in the sam
manner as the script handler.  
Here is an example hello.psp file...

<html>
<title>Medusa PSP Handler</title>
<body>
<%psp
print "hello world"
%>
</body>
</html>

I have been using this handler for much more useful applications of
course :).  Just wrap the inline python with <%psp ... %> tags. 

Here is the handler...
# -*- Mode: Python -*-

# This is a simple python server pages script handler.

# A note about performance: This is really only suited for 'fast'
# scripts: The script should generate its output quickly, since the
# whole web server will stall otherwise.  This doesn't mean you have
# to write 'fast code' or anything, it simply means that you shouldn't
# call any long-running code, [like say something that opens up an
# internet connection, or a database query that will hold up the
# server].  If you need this sort of feature, you can support it using
# the asynchronous I/O 'api' that the rest of medusa is built on.  [or
# you could probably use threads]

# Put your script into your web docs directory (like a cgi-bin
# script), make sure it has the correct extension [see the overridable
# script_handler.extension member below].
#
# There's lots of things that can be done to tweak the restricted
# execution model.  Also, of course you could just use 'execfile'
# instead (this is now the default, see class variable
# script_handler.restricted)

import rexec
import re
import string
import StringIO
import sys

import counter
import default_handler
import producers
from script_handler import collector

unquote    = default_handler.unquote

def iif(expression,truepart,falsepart):
    if expression:
        return truepart
    else:
        return falsepart

class psp_handler:
 
    extension = 'psp'

    # the following should not get overridden!
    fp = None
    script = ''
    data = ''
    insidePsp = False
    
    script_regex = re.compile (
            r'.*/([^/]+\.%s)' % extension,
            re.IGNORECASE
            )

    def __init__ (self,
filesystem,restricted=False,preserveNamespace=True):
        self.filesystem = filesystem
        self.hits = counter.counter()
        self.exceptions = counter.counter()
        self.restricted = restricted
        self.preserveNamespace = preserveNamespace

    def match (self, request):
        [path, params, query, fragment] = request.split_uri()
        m = self.script_regex.match (path)
        return (m and (m.end() == len(path)))

    def handle_request (self, request):

        [path, params, query, fragment] = request.split_uri()

        while path and path[0] == '/':
            path = path[1:]

        if '%' in path:
            path = unquote (path)

        if not self.filesystem.isfile (path):
            request.error (404)
            return
        else:

            self.hits.increment()

            request.script_filename = self.filesystem.translate (path)

            if request.command in ('PUT', 'POST'):
                # look for a Content-Length header.
                cl = request.get_header ('content-length')
                length = int(cl)
                if not cl:
                    request.error (411)
                else:
                    collector (self, length, request)
            else:
                self.continue_request (
                        request,
                        StringIO.StringIO() # empty stdin
                        )

    def continue_request (self, request, stdin):
        temp_files = stdin, StringIO.StringIO(), StringIO.StringIO()
        old_files = sys.stdin, sys.stdout, sys.stderr

        try:
            sys.request = request
            sys.stdin, sys.stdout, sys.stderr = temp_files
            try:
                #get the path from the uri and open the file with the
filesystem class
                try:
                    file =
self.filesystem.open(request.split_uri()[0],'r')
                except IOError:
                    request.error (404)
                    return
                self.fp = producers.file_producer(file)
                self.dissect_psp(request)
                request.reply_code = 200
            except:
                request.reply_code = 500
                self.exceptions.increment()
        finally:
            sys.stdin, sys.stdout, sys.stderr = old_files
            del sys.request

        i,o,e = temp_files

        if request.reply_code != 200:
            s = e.getvalue()
        else:
            s = o.getvalue()

        request['Content-Length'] = len(s)
        request.push (s)
        request.done()

    def status (self):
        return producers.simple_producer (
                '<li>PSP - Python Server Pages Handler'
                + '<ul>'
                + '  <li><b>Hits:</b> %s' % self.hits
                + '  <li><b>Exceptions:</b> %s' % self.exceptions
                + '  <li><b>Execution Mode:</b>%s' %
iif(self.restricted,'Restricted','Unrestricted' )
                + '  <li><b>Namespace:</b>:%sPreserved' %
iif(self.preserveNamespace,'','not ' )
                + '</ul>'
                )

    ## this function reads the file using the file producer and sends  
    ## the data to the client until the script start tag '<%psp'
    ## is found.  All of the text between the script start marker 
    ## '<%psp' and the end script marker '%>' is executed as
    ## python script. 
    def dissect_psp(self,request):
        self.insidePsp = False
        self.script = ''
        while not self.fp.done:
            self.data=self.fp.more()
            #print the HTML to the stdout, execute the python script...
            while self.data:
                if self.insidePsp:
                    sectionend=self.data.find("%>")
                    if (sectionend == -1):
                        #end of script section is not in the current
chunk
                        self.script += self.data
                        self.data = ''
                    else:
                        #end of script section is within the current
chunk
                        self.script += self.data[:sectionend]
                        self.data = self.data[sectionend+len("%>"):]
                        del sectionend
                        if self.preserveNamespace:
                            if self.restricted:
                                r = rexec.RExec()
                            try:
                                if self.restricted:
                                    r.s_exec (self.script)
                                else:
                                    exec (self.script)
                                request.reply_code = 200
                            except:
                                request.reply_code = 500
                                self.exceptions.increment()
                        else:
                            self.script_exec(request,self.script)
                        self.script = ''
                        self.insidePsp = False
                else:
                    sectionend=self.data.find("<%psp")
                    if (sectionend == -1):
                        #end of HTML section is not in the current chunk
                        print self.data
                        self.data = ''
                    else:
                        #end of HTML section is within the current chunk
                        print self.data[:sectionend]
                        self.data = self.data[sectionend+len("<%psp"):]
                        self.insidePsp = True
                       
                    
    # this function will eliminate any of the unnecessary objects
    # from appearing in the script namespace.  print dir() should
    # return only self,request, and script.

    # one drawback with this method is that namespace is cleared
    # for each section of script in the document.
    
    def script_exec(self,request,script):
        # for debugging we can send a copy of the script to the browser.
        # this presents security issues so this next line should be
        # commented out.
        if self.restricted:
            r = rexec.RExec()
        try:
            if self.restricted:
                r.s_exec (script)
            else:
                exec (script)
            request.reply_code = 200
        except:
            request.reply_code = 500
            self.exceptions.increment()
        









More information about the Medusa-dev mailing list