从 web.py url 访问文件

发布于 2024-10-16 13:48:22 字数 254 浏览 4 评论 0原文

我正在将 web.py 用于一个小项目,并且我希望用户能够在服务器上的 /files 目录中访问文件。我似乎无法找到如何在 GET 请求上返回文件,因此我不知道如何执行此操作。

真正想做的是:

urls = ('/files/+', 'files')

class files:

  def GET(self)

    #RETURN SOME FILE

有没有一种简单的方法可以从 GET 请求返回文件?

I'm using web.py for a small project and I have files I want the user to be able to access in /files directory on the server. I can't seem to find how to return a file on a GET request so I can't work how to do this.

Exactly want to do essentially is:

urls = ('/files/+', 'files')

class files:

  def GET(self)

    #RETURN SOME FILE

Is there a simple way to return a file from a GET request?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

只涨不跌 2024-10-23 13:48:22

我想出了这个 webpy GET 方法:

def GET(self):
    request = web.input( path=None )
    getPath = request.path
    if os.path.exists( getPath ):
        getFile = file( getPath, 'rb' )
        web.header('Content-type','application/octet-stream')
        web.header('Content-transfer-encoding','base64') 
        return base64.standard_b64encode( getFile.read( ) )
    else:
        raise web.notfound( )

当其他受访者建议您仔细考虑安全隐患时,他们是正确的。就我而言,我们将把这样的代码包含到管理 Web 服务中,该服务将(应该!)仅在我们的内部 LAN 中可用。

Playing around I came up with this webpy GET method:

def GET(self):
    request = web.input( path=None )
    getPath = request.path
    if os.path.exists( getPath ):
        getFile = file( getPath, 'rb' )
        web.header('Content-type','application/octet-stream')
        web.header('Content-transfer-encoding','base64') 
        return base64.standard_b64encode( getFile.read( ) )
    else:
        raise web.notfound( )

Other respondants are correct when they advise you consider carefully the security implications. In my case we will include code like this to an administrative web service that will be (should be!) available only within our internal LAN.

纸短情长 2024-10-23 13:48:22

您可以读取文件的内容并将其流式传输给用户,但我不认为文件句柄是可序列化的。

允许用户访问和修改服务器上的文件或将文件复制到自己的计算机上似乎是一个潜在的安全漏洞。我认为你应该重新评估你想要实现的目标。

You can read the contents of a file and stream them down to the user, but I don't believe that a file handle is serializable.

It would seem to be a potential security hole to allow users to access and modify files on the server or to copy files down to their own machine. I think you should reassess what you're trying to accomplish.

你丑哭了我 2024-10-23 13:48:22

这就是我通过使用生成器而不是将整个文件读入内存来实现的方法:

    web.header("Content-Disposition", "attachment; filename=%s" % doc.filename)
    web.header("Content-Type", doc.filetype)
    web.header("Transfer-Encoding","chunked")
    f = open(os.path.join(config.upload_dir, doc.path, doc.filename), "rb")
    while 1:
        buf = f.read(1024 * 8)
        if not buf:
            break
        yield buf

This is how I do it by using generator and not reading the whole file into memory:

    web.header("Content-Disposition", "attachment; filename=%s" % doc.filename)
    web.header("Content-Type", doc.filetype)
    web.header("Transfer-Encoding","chunked")
    f = open(os.path.join(config.upload_dir, doc.path, doc.filename), "rb")
    while 1:
        buf = f.read(1024 * 8)
        if not buf:
            break
        yield buf
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文