iSharkFly-Open
/
python-peps
mirror of https://github.com/python/peps.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
python-peps/pep-0268/index.html

304 lines
21 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="color-scheme" content="light dark">
<title>PEP 268 Extended HTTP functionality and WebDAV | peps.python.org</title>
<link rel="shortcut icon" href="../_static/py.png">
<link rel="canonical" href="https://peps.python.org/pep-0268/">
<link rel="stylesheet" href="../_static/style.css" type="text/css">
<link rel="stylesheet" href="../_static/mq.css" type="text/css">
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" media="(prefers-color-scheme: light)" id="pyg-light">
<link rel="stylesheet" href="../_static/pygments_dark.css" type="text/css" media="(prefers-color-scheme: dark)" id="pyg-dark">
<link rel="alternate" type="application/rss+xml" title="Latest PEPs" href="https://peps.python.org/peps.rss">
<meta property="og:title" content='PEP 268 Extended HTTP functionality and WebDAV | peps.python.org'>
<meta property="og:description" content="This PEP discusses new modules and extended functionality for Pythons HTTP support. Notably, the addition of authenticated requests, proxy support, authenticated proxy usage, and WebDAV capabilities.">
<meta property="og:type" content="website">
<meta property="og:url" content="https://peps.python.org/pep-0268/">
<meta property="og:site_name" content="Python Enhancement Proposals (PEPs)">
<meta property="og:image" content="https://peps.python.org/_static/og-image.png">
<meta property="og:image:alt" content="Python PEPs">
<meta property="og:image:width" content="200">
<meta property="og:image:height" content="200">
<meta name="description" content="This PEP discusses new modules and extended functionality for Pythons HTTP support. Notably, the addition of authenticated requests, proxy support, authenticated proxy usage, and WebDAV capabilities.">
<meta name="theme-color" content="#3776ab">
</head>
<body>
<svg xmlns="http://www.w3.org/2000/svg" style="display: none;">
<symbol id="svg-sun-half" viewBox="0 0 24 24" pointer-events="all">
<title>Following system colour scheme</title>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none"
stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<circle cx="12" cy="12" r="9"></circle>
<path d="M12 3v18m0-12l4.65-4.65M12 14.3l7.37-7.37M12 19.6l8.85-8.85"></path>
</svg>
</symbol>
<symbol id="svg-moon" viewBox="0 0 24 24" pointer-events="all">
<title>Selected dark colour scheme</title>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none"
stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<path stroke="none" d="M0 0h24v24H0z" fill="none"></path>
<path d="M12 3c.132 0 .263 0 .393 0a7.5 7.5 0 0 0 7.92 12.446a9 9 0 1 1 -8.313 -12.454z"></path>
</svg>
</symbol>
<symbol id="svg-sun" viewBox="0 0 24 24" pointer-events="all">
<title>Selected light colour scheme</title>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none"
stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<circle cx="12" cy="12" r="5"></circle>
<line x1="12" y1="1" x2="12" y2="3"></line>
<line x1="12" y1="21" x2="12" y2="23"></line>
<line x1="4.22" y1="4.22" x2="5.64" y2="5.64"></line>
<line x1="18.36" y1="18.36" x2="19.78" y2="19.78"></line>
<line x1="1" y1="12" x2="3" y2="12"></line>
<line x1="21" y1="12" x2="23" y2="12"></line>
<line x1="4.22" y1="19.78" x2="5.64" y2="18.36"></line>
<line x1="18.36" y1="5.64" x2="19.78" y2="4.22"></line>
</svg>
</symbol>
</svg>
<script>
document.documentElement.dataset.colour_scheme = localStorage.getItem("colour_scheme") || "auto"
</script>
<section id="pep-page-section">
<header>
<h1>Python Enhancement Proposals</h1>
<ul class="breadcrumbs">
<li><a href="https://www.python.org/" title="The Python Programming Language">Python</a> &raquo; </li>
<li><a href="../pep-0000/">PEP Index</a> &raquo; </li>
<li>PEP 268</li>
</ul>
<button id="colour-scheme-cycler" onClick="setColourScheme(nextColourScheme())">
<svg aria-hidden="true" class="colour-scheme-icon-when-auto"><use href="#svg-sun-half"></use></svg>
<svg aria-hidden="true" class="colour-scheme-icon-when-dark"><use href="#svg-moon"></use></svg>
<svg aria-hidden="true" class="colour-scheme-icon-when-light"><use href="#svg-sun"></use></svg>
<span class="visually-hidden">Toggle light / dark / auto colour theme</span>
</button>
</header>
<article>
<section id="pep-content">
<h1 class="page-title">PEP 268 Extended HTTP functionality and WebDAV</h1>
<dl class="rfc2822 field-list simple">
<dt class="field-odd">Author<span class="colon">:</span></dt>
<dd class="field-odd">Greg Stein &lt;gstein&#32;&#97;t&#32;lyra.org&gt;</dd>
<dt class="field-even">Status<span class="colon">:</span></dt>
<dd class="field-even"><abbr title="Formally declined and will not be accepted">Rejected</abbr></dd>
<dt class="field-odd">Type<span class="colon">:</span></dt>
<dd class="field-odd"><abbr title="Normative PEP with a new feature for Python, implementation change for CPython or interoperability standard for the ecosystem">Standards Track</abbr></dd>
<dt class="field-even">Created<span class="colon">:</span></dt>
<dd class="field-even">20-Aug-2001</dd>
<dt class="field-odd">Python-Version<span class="colon">:</span></dt>
<dd class="field-odd">2.x</dd>
<dt class="field-even">Post-History<span class="colon">:</span></dt>
<dd class="field-even">21-Aug-2001</dd>
</dl>
<hr class="docutils" />
<section id="contents">
<details><summary>Table of Contents</summary><ul class="simple">
<li><a class="reference internal" href="#rejection-notice">Rejection Notice</a></li>
<li><a class="reference internal" href="#abstract">Abstract</a></li>
<li><a class="reference internal" href="#rationale">Rationale</a></li>
<li><a class="reference internal" href="#specification">Specification</a><ul>
<li><a class="reference internal" href="#http-authentication">HTTP Authentication</a></li>
<li><a class="reference internal" href="#proxy-handling">Proxy Handling</a></li>
<li><a class="reference internal" href="#webdav-features">WebDAV Features</a></li>
</ul>
</li>
<li><a class="reference internal" href="#reference-implementation">Reference Implementation</a></li>
<li><a class="reference internal" href="#copyright">Copyright</a></li>
</ul>
</details></section>
<section id="rejection-notice">
<h2><a class="toc-backref" href="#rejection-notice" role="doc-backlink">Rejection Notice</a></h2>
<p>This PEP has been rejected. It has failed to generate sufficient
community support in the six years since its proposal.</p>
</section>
<section id="abstract">
<h2><a class="toc-backref" href="#abstract" role="doc-backlink">Abstract</a></h2>
<p>This PEP discusses new modules and extended functionality for Pythons
HTTP support. Notably, the addition of authenticated requests, proxy
support, authenticated proxy usage, and <a class="reference external" href="http://www.webdav.org/">WebDAV</a> capabilities.</p>
</section>
<section id="rationale">
<h2><a class="toc-backref" href="#rationale" role="doc-backlink">Rationale</a></h2>
<p>Python has been quite popular as a result of its “batteries included”
positioning. One of the most heavily used protocols, HTTP (see
<span class="target" id="index-0"></span><a class="rfc reference external" href="https://datatracker.ietf.org/doc/html/rfc2616.html"><strong>RFC 2616</strong></a>), has been included with Python for years (<code class="docutils literal notranslate"><span class="pre">httplib</span></code>). However,
this support has not kept up with the full needs and requirements of
many HTTP-based applications and systems. In addition, new protocols
based on HTTP, such as WebDAV and XML-RPC, are becoming useful and are
seeing increasing usage. Supplying this functionality meets Pythons
“batteries included” role and also keeps Python at the leading edge of
new technologies.</p>
<p>While authentication and proxy support are two very notable features
missing from Pythons core HTTP processing, they are minimally handled
as part of Pythons URL handling (<code class="docutils literal notranslate"><span class="pre">urllib</span></code> and
<code class="docutils literal notranslate"><span class="pre">urllib2</span></code>). However, applications that need fine-grained or
sophisticated HTTP handling cannot make use of the features while they
reside in urllib. Refactoring these features into a location where
they can be directly associated with an HTTP connection will improve
their utility for both urllib and for sophisticated applications.</p>
<p>The motivation for this PEP was from several people requesting these
features directly, and from a number of feature requests on
SourceForge. Since the exact form of the modules to be provided and
the classes/architecture used could be subject to debate, this PEP was
created to provide a focal point for those discussions.</p>
</section>
<section id="specification">
<h2><a class="toc-backref" href="#specification" role="doc-backlink">Specification</a></h2>
<p>Two modules will be added to the standard library: <code class="docutils literal notranslate"><span class="pre">httpx</span></code> (HTTP
extended functionality), and <code class="docutils literal notranslate"><span class="pre">davlib</span></code> (WebDAV library).</p>
<p>[ suggestions for module names are welcome; <code class="docutils literal notranslate"><span class="pre">davlib</span></code> has some
precedence, but something like <code class="docutils literal notranslate"><span class="pre">webdav</span></code> might be desirable ]</p>
<section id="http-authentication">
<h3><a class="toc-backref" href="#http-authentication" role="doc-backlink">HTTP Authentication</a></h3>
<p>The <code class="docutils literal notranslate"><span class="pre">httpx</span></code> module will provide a mixin for performing HTTP
authentication (for both proxy and origin server authentication). This
mixin (<code class="docutils literal notranslate"><span class="pre">httpx.HandleAuthentication</span></code>) can be combined with the
<code class="docutils literal notranslate"><span class="pre">HTTPConnection</span></code> and the <code class="docutils literal notranslate"><span class="pre">HTTPSConnection</span></code> classes (the mixin may
possibly work with the HTTP and HTTPS compatibility classes, but that
is not a requirement).</p>
<p>The mixin will delegate the authentication process to one or more
“authenticator” objects, allowing multiple connections to share
authenticators. The use of a separate object allows for a long term
connection to an authentication system (e.g. LDAP). An authenticator
for the Basic and Digest mechanisms (see <span class="target" id="index-1"></span><a class="rfc reference external" href="https://datatracker.ietf.org/doc/html/rfc2617.html"><strong>RFC 2617</strong></a>) will be
provided. User-supplied authenticator subclasses can be registered and
used by the connections.</p>
<p>A “credentials” object (<code class="docutils literal notranslate"><span class="pre">httpx.Credentials</span></code>) is also associated with
the mixin, and stores the credentials (e.g. username and password)
needed by the authenticators. Subclasses of Credentials can be created
to hold additional information (e.g. NT domain).</p>
<p>The mixin overrides the <code class="docutils literal notranslate"><span class="pre">getresponse()</span></code> method to detect <code class="docutils literal notranslate"><span class="pre">401</span>
<span class="pre">(Unauthorized)</span></code> and <code class="docutils literal notranslate"><span class="pre">407</span> <span class="pre">(Proxy</span> <span class="pre">Authentication</span> <span class="pre">Required)</span></code>
responses. When this is found, the response object, the connection,
and the credentials are passed to the authenticator corresponding with
the authentication scheme specified in the response (multiple
authenticators are tried in decreasing order of security if multiple
schemes are in the response). Each authenticator can examine the
response headers and decide whether and how to resend the request with
the correct authentication headers. If no authenticator can
successfully handle the authentication, then an exception is raised.</p>
<p>Resending a request, with the appropriate credentials, is one of the
more difficult portions of the authentication system. The difficulty
arises in recording what was sent originally: the request line, the
headers, and the body. By overriding putrequest, putheader, and
endheaders, we can capture all but the body. Once the endheaders
method is called, then we capture all calls to send() (until the next
putrequest method call) to hold the body content. The mixin will have
a configurable limit for the amount of data to hold in this fashion
(e.g. only hold up to 100k of body content). Assuming that the entire
body has been stored, then we can resend the request with the
appropriate authentication information.</p>
<p>If the body is too large to be stored, then the <code class="docutils literal notranslate"><span class="pre">getresponse()</span></code>
simply returns the response object, indicating the 401 or 407
error. Since the authentication information has been computed and
cached (into the Credentials object; see below), the caller can simply
regenerate the request. The mixin will attach the appropriate
credentials.</p>
<p>A “protection space” (see <span class="target" id="index-2"></span><a class="rfc reference external" href="https://datatracker.ietf.org/doc/html/rfc2617.html"><strong>RFC 2617</strong></a>, section 1.2) is defined as a tuple
of the host, port, and authentication realm. When a request is
initially sent to an HTTP server, we do not know the authentication
realm (the realm is only returned when authentication fails). However,
we do have the path from the URL, and that can be useful in
determining the credentials to send to the server. The Basic
authentication scheme is typically set up hierarchically: the
credentials for <code class="docutils literal notranslate"><span class="pre">/path</span></code> can be tried for <code class="docutils literal notranslate"><span class="pre">/path/subpath</span></code>. The
Digest authentication scheme has explicit support for the hierarchical
setup. The <code class="docutils literal notranslate"><span class="pre">httpx.Credentials</span></code> object will store credentials for
multiple protection spaces, and can be looked up in two different
ways:</p>
<ol class="arabic simple">
<li>looked up using <code class="docutils literal notranslate"><span class="pre">(host,</span> <span class="pre">port,</span> <span class="pre">path)</span></code> this lookup scheme is
used when generating a request for a path where we dont know the
authentication realm.</li>
<li>looked up using <code class="docutils literal notranslate"><span class="pre">(host,</span> <span class="pre">port,</span> <span class="pre">realm)</span></code> this mechanism is used
during the authentication process when the server has specified that
the Request-URI resides within a specific realm.</li>
</ol>
<p>The <code class="docutils literal notranslate"><span class="pre">HandleAuthentication</span></code> mixin will override <code class="docutils literal notranslate"><span class="pre">putrequest()</span></code> to
automatically insert credentials, if available. The URL from the
putrequest is used to determine the appropriate authentication
information to use.</p>
<p>It is also important to note that two sets of credentials are used,
and stored by the mixin. One set for any proxy that may be used, and
one used for the target origin server. Since proxies do not have
paths, the protection spaces in the proxy credentials will always use
“/” for storing and looking up via a path.</p>
</section>
<section id="proxy-handling">
<h3><a class="toc-backref" href="#proxy-handling" role="doc-backlink">Proxy Handling</a></h3>
<p>The <code class="docutils literal notranslate"><span class="pre">httpx</span></code> module will provide a mixin for using a proxy to perform
HTTP(S) operations. This mixin (<code class="docutils literal notranslate"><span class="pre">httpx.UseProxy</span></code>) can be combined
with the <code class="docutils literal notranslate"><span class="pre">HTTPConnection</span></code> and the <code class="docutils literal notranslate"><span class="pre">HTTPSConnection</span></code> classes (the
mixin may possibly work with the HTTP and HTTPS compatibility classes,
but that is not a requirement).</p>
<p>The mixin will record the <code class="docutils literal notranslate"><span class="pre">(host,</span> <span class="pre">port)</span></code> of the proxy to use. XXX
will be overridden to use this host/port combination for connections
and to rewrite request URLs into the absoluteURIs referring to the
origin server (these URIs are passed to the proxy server).</p>
<p>Proxy authentication is handled by the <code class="docutils literal notranslate"><span class="pre">httpx.HandleAuthentication</span></code>
class since a user may directly use <code class="docutils literal notranslate"><span class="pre">HTTP(S)Connection</span></code> to speak
with proxies.</p>
</section>
<section id="webdav-features">
<h3><a class="toc-backref" href="#webdav-features" role="doc-backlink">WebDAV Features</a></h3>
<p>The <code class="docutils literal notranslate"><span class="pre">davlib</span></code> module will provide a mixin for sending WebDAV requests
to a WebDAV-enabled server. This mixin (<code class="docutils literal notranslate"><span class="pre">davlib.DAVClient</span></code>) can be
combined with the <code class="docutils literal notranslate"><span class="pre">HTTPConnection</span></code> and the <code class="docutils literal notranslate"><span class="pre">HTTPSConnection</span></code>
classes (the mixin may possibly work with the HTTP and HTTPS
compatibility classes, but that is not a requirement).</p>
<p>The mixin provides methods to perform the various HTTP methods defined
by HTTP in <span class="target" id="index-3"></span><a class="rfc reference external" href="https://datatracker.ietf.org/doc/html/rfc2616.html"><strong>RFC 2616</strong></a>, and by WebDAV in <span class="target" id="index-4"></span><a class="rfc reference external" href="https://datatracker.ietf.org/doc/html/rfc2518.html"><strong>RFC 2518</strong></a>.</p>
<p>A custom response object is used to decode <code class="docutils literal notranslate"><span class="pre">207</span> <span class="pre">(Multi-Status)</span></code>
responses. The response object will use the standard librarys xml
package to parse the multistatus XML information, producing a simple
structure of objects to hold the multistatus data. Multiple parsing
schemes will be tried/used, in order of decreasing speed.</p>
</section>
</section>
<section id="reference-implementation">
<h2><a class="toc-backref" href="#reference-implementation" role="doc-backlink">Reference Implementation</a></h2>
<p>The actual (future/final) implementation is being developed in the
<code class="docutils literal notranslate"><span class="pre">/nondist/sandbox/Lib</span></code> directory, until it is accepted and moved
into the main Lib directory.</p>
</section>
<section id="copyright">
<h2><a class="toc-backref" href="#copyright" role="doc-backlink">Copyright</a></h2>
<p>This document has been placed in the public domain.</p>
</section>
</section>
<hr class="docutils" />
<p>Source: <a class="reference external" href="https://github.com/python/peps/blob/main/peps/pep-0268.rst">https://github.com/python/peps/blob/main/peps/pep-0268.rst</a></p>
<p>Last modified: <a class="reference external" href="https://github.com/python/peps/commits/main/peps/pep-0268.rst">2023-09-09 17:39:29 GMT</a></p>
</article>
<nav id="pep-sidebar">
<h2>Contents</h2>
<ul>
<li><a class="reference internal" href="#rejection-notice">Rejection Notice</a></li>
<li><a class="reference internal" href="#abstract">Abstract</a></li>
<li><a class="reference internal" href="#rationale">Rationale</a></li>
<li><a class="reference internal" href="#specification">Specification</a><ul>
<li><a class="reference internal" href="#http-authentication">HTTP Authentication</a></li>
<li><a class="reference internal" href="#proxy-handling">Proxy Handling</a></li>
<li><a class="reference internal" href="#webdav-features">WebDAV Features</a></li>
</ul>
</li>
<li><a class="reference internal" href="#reference-implementation">Reference Implementation</a></li>
<li><a class="reference internal" href="#copyright">Copyright</a></li>
</ul>
<br>
<a id="source" href="https://github.com/python/peps/blob/main/peps/pep-0268.rst">Page Source (GitHub)</a>
</nav>
</section>
<script src="../_static/colour_scheme.js"></script>
<script src="../_static/wrap_tables.js"></script>
<script src="../_static/sticky_banner.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink