我在我的开发系统中发现了这个问题,并在Eve模拟中找到了here
这是我运行的代码。
import requests
import json
import string
import random
def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
return ''.join(random.choice(chars) for _ in range(size))
name = "max and me"
data = {"lastname":id_generator(), "firstname":name}
print data
res = requests.post("http://127.0.0.1:5000/people", data = data)
print res.text
data = 'where={"firstname":"%s"}' % (name)
res = requests.get("http://127.0.0.1:5000/people", params = data)
print res.text
首先我做一个包含变量的POST,然后我在同一个变量上执行GET。 首先,我将变量设置为“max and me”,所有运行正常 然后我将with set设置为“max& me”,并且eve在我身上抛出:
127.0.0.1 - - [23/Apr/2014 20:22:07] "GET /people?where=%7B%22firstname%22:%22max%20&%20me%22%7D HTTP/1.1" 500 -
Traceback (most recent call last):
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1836, in __call__
return self.wsgi_app(environ, start_response)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1820, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1403, in handle_exception
reraise(exc_type, exc_value, tb)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/endpoints.py", line 53, in collections_endpoint
response = get(resource, lookup)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/methods/common.py", line 226, in rate_limited
return f(*args, **kwargs)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/auth.py", line 45, in decorated
return f(*args, **kwargs)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/methods/common.py", line 429, in decorated
r = f(*args, **kwargs)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/methods/get.py", line 104, in get
cursor = app.data.find(resource, req, lookup)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/io/mongo/mongo.py", line 145, in find
spec = parse(req.where)
File "/Users/hingem/Documents/python/venv/lib/python2.7/site-packages/eve/io/mongo/parser.py", line 26, in parse
v.visit(ast.parse(expression))
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ast.py", line 37, in parse
return compile(source, filename, mode, PyCF_ONLY_AST)
File "<unknown>", line 1
{"firstname":"max
^
SyntaxError: EOL while scanning string literal
我可能不会处理&lt;&amp;&gt;符号可能 - 但我觉得我已经尝试了各种各样的编码...而且每次都被卡住....
答案 0 :(得分:2)
尝试将&替换为其转义版本:%26。我刚试过这个GET到Eve驱动的API
?where={"name": "You %26 me"}
它运作得很好。
答案 1 :(得分:1)
我认为你不能在URL中以未编码的方式使用&符号 - 这意味着URL的下一部分查询。通常您必须将&符号编码为%26。
我认为这是前夕的部分错误,因为如果你把未编码的&符号放入URL的查询部分,Flask(这是Eve的基础)将它分成请求args和Eve然后尝试制作pythonic ast的“其中“part(它处理Python语法中的查询格式的方式),它在max之后结束,结果它引发了这个错误,因为它显然不是正确的python表达式。在此代码中https://github.com/nicolaiarocci/eve/blob/develop/eve/io/mongo/mongo.py#L151也应该有SyntaxError。也许你可以尝试在前夕的github上填写bug,并建议前夕应该返回400个错误的请求。
我希望这篇文章解释问题的核心。