Public Member Functions | Public Attributes | Static Public Attributes | Private Member Functions | Private Attributes | Static Private Attributes
tornado.web.RequestHandler Class Reference
Inheritance diagram for tornado.web.RequestHandler:
Inheritance graph
[legend]

List of all members.

Public Member Functions

def __init__
def add_header
def async_callback
def check_xsrf_cookie
def clear
def clear_all_cookies
def clear_cookie
def clear_header
def compute_etag
def cookies
def create_signed_value
def create_template_loader
def current_user
def decode_argument
def delete
def finish
def flush
def get
def get_argument
def get_arguments
def get_browser_locale
def get_cookie
def get_current_user
def get_login_url
def get_secure_cookie
def get_status
def get_template_path
def get_user_locale
def head
def initialize
def locale
def on_connection_close
def on_finish
def options
def patch
def post
def prepare
def put
def redirect
def render
def render_string
def require_setting
def reverse_url
def send_error
def set_cookie
def set_default_headers
def set_header
def set_secure_cookie
def set_status
def settings
def static_url
def write
def write_error
def xsrf_form_html
def xsrf_token

Public Attributes

 application
 request
 ui

Static Public Attributes

tuple SUPPORTED_METHODS

Private Member Functions

def _clear_headers_for_304
def _convert_header_value
def _execute
def _generate_headers
def _handle_request_exception
def _log
def _request_summary
def _stack_context_handle_exception
def _ui_method
def _ui_module

Private Attributes

 _active_modules
 _auto_finish
 _current_user
 _finished
 _headers
 _headers_written
 _list_headers
 _locale
 _new_cookie
 _status_code
 _transforms
 _write_buffer
 _xsrf_token

Static Private Attributes

list _ARG_DEFAULT = []
tuple _template_loader_lock = threading.Lock()
dictionary _template_loaders = {}

Detailed Description

Subclass this class and define get() or post() to make a handler.

If you want to support more methods than the standard GET/HEAD/POST, you
should override the class variable SUPPORTED_METHODS in your
RequestHandler class.

Definition at line 94 of file web.py.


Constructor & Destructor Documentation

def tornado.web.RequestHandler.__init__ (   self,
  application,
  request,
  kwargs 
)

Reimplemented in tornado.websocket.WebSocketHandler.

Definition at line 107 of file web.py.


Member Function Documentation

Definition at line 1080 of file web.py.

def tornado.web.RequestHandler._convert_header_value (   self,
  value 
) [private]

Definition at line 276 of file web.py.

def tornado.web.RequestHandler._execute (   self,
  transforms,
  args,
  kwargs 
) [private]
Executes this request with the given output transforms.

Reimplemented in tornado.websocket.WebSocketHandler.

Definition at line 1005 of file web.py.

Definition at line 1027 of file web.py.

def tornado.web.RequestHandler._handle_request_exception (   self,
  e 
) [private]

Definition at line 1051 of file web.py.

def tornado.web.RequestHandler._log (   self) [private]
Logs the current request.

Sort of deprecated since this functionality was moved to the
Application, but left in place for the benefit of existing apps
that have overridden this method.

Definition at line 1038 of file web.py.

Definition at line 1047 of file web.py.

def tornado.web.RequestHandler._stack_context_handle_exception (   self,
  type,
  value,
  traceback 
) [private]

Definition at line 994 of file web.py.

def tornado.web.RequestHandler._ui_method (   self,
  method 
) [private]

Definition at line 1077 of file web.py.

def tornado.web.RequestHandler._ui_module (   self,
  name,
  module 
) [private]

Definition at line 1067 of file web.py.

def tornado.web.RequestHandler.add_header (   self,
  name,
  value 
)
Adds the given response header and value.

Unlike `set_header`, `add_header` may be called multiple times
to return multiple values for the same header.

Definition at line 259 of file web.py.

def tornado.web.RequestHandler.async_callback (   self,
  callback,
  args,
  kwargs 
)
Obsolete - catches exceptions from the wrapped function.

This function is unnecessary since Tornado 1.1.

Reimplemented in tornado.websocket.WebSocketHandler.

Definition at line 952 of file web.py.

Verifies that the '_xsrf' cookie matches the '_xsrf' argument.

To prevent cross-site request forgery, we set an '_xsrf'
cookie and include the same value as a non-cookie
field with all POST requests. If the two do not match, we
reject the form submission as a potential forgery.

The _xsrf value may be set as either a form field named _xsrf
or in a custom HTTP header named X-XSRFToken or X-CSRFToken
(the latter is accepted for compatibility with Django).

See http://en.wikipedia.org/wiki/Cross-site_request_forgery

Prior to release 1.1.1, this check was ignored if the HTTP header
"X-Requested-With: XMLHTTPRequest" was present.  This exception
has been shown to be insecure and has been removed.  For more
information please see
http://www.djangoproject.com/weblog/2011/feb/08/security/
http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails

Definition at line 879 of file web.py.

Resets all headers and content for this response.

Definition at line 212 of file web.py.

Deletes all the cookies the user sent with this request.

Definition at line 403 of file web.py.

def tornado.web.RequestHandler.clear_cookie (   self,
  name,
  path = "/",
  domain = None 
)
Deletes the cookie with the given name.

Definition at line 397 of file web.py.

def tornado.web.RequestHandler.clear_header (   self,
  name 
)
Clears an outgoing header, undoing a previous `set_header` call.

Note that this method does not apply to multi-valued headers
set by `add_header`.

Definition at line 267 of file web.py.

Computes the etag header to be used for this request.

May be overridden to provide custom etag implementations,
or may return None to disable tornado's default etag support.

Definition at line 983 of file web.py.

Definition at line 351 of file web.py.

def tornado.web.RequestHandler.create_signed_value (   self,
  name,
  value 
)
Signs and timestamps a string so it cannot be forged.

Normally used via set_secure_cookie, but provided as a separate
method for non-cookie uses.  To decode a value not stored
as a cookie use the optional value argument to get_secure_cookie.

Definition at line 427 of file web.py.

def tornado.web.RequestHandler.create_template_loader (   self,
  template_path 
)

Definition at line 617 of file web.py.

The authenticated user for this request.

Determined by either get_current_user, which you can override to
set the user based on, e.g., a cookie. If that method is not
overridden, this method always returns None.

We lazy-load the current user the first time this method is called
and cache the result after that.

Definition at line 825 of file web.py.

def tornado.web.RequestHandler.decode_argument (   self,
  value,
  name = None 
)
Decodes an argument from the request.

The argument has been percent-decoded and is now a byte string.
By default, this method decodes the argument as utf-8 and returns
a unicode string, but this may be overridden in subclasses.

This method is used as a filter for both get_argument() and for
values extracted from the url and passed to get()/post()/etc.

The name of the argument is provided if known, but may be None
(e.g. for unnamed groups in the url regex).

Definition at line 335 of file web.py.

def tornado.web.RequestHandler.delete (   self,
  args,
  kwargs 
)

Definition at line 166 of file web.py.

def tornado.web.RequestHandler.finish (   self,
  chunk = None 
)
Finishes this response, ending the HTTP request.

Definition at line 662 of file web.py.

def tornado.web.RequestHandler.flush (   self,
  include_footers = False,
  callback = None 
)
Flushes the current output buffer to the network.

The ``callback`` argument, if given, can be used for flow control:
it will be run when all flushed data has been written to the socket.
Note that only one flush callback can be outstanding at a time;
if another flush occurs before the previous flush's callback
has been run, the previous callback will be discarded.

Definition at line 628 of file web.py.

def tornado.web.RequestHandler.get (   self,
  args,
  kwargs 
)

Reimplemented in tornado.web.StaticFileHandler.

Definition at line 160 of file web.py.

def tornado.web.RequestHandler.get_argument (   self,
  name,
  default = _ARG_DEFAULT,
  strip = True 
)
Returns the value of the argument with the given name.

If default is not provided, the argument is considered to be
required, and we throw an HTTP 400 exception if it is missing.

If the argument appears in the url more than once, we return the
last value.

The returned value is always unicode.

Definition at line 298 of file web.py.

def tornado.web.RequestHandler.get_arguments (   self,
  name,
  strip = True 
)
Returns a list of the arguments with the given name.

If the argument is not present, returns an empty list.

The returned values are always unicode.

Definition at line 316 of file web.py.

def tornado.web.RequestHandler.get_browser_locale (   self,
  default = "en_US" 
)
Determines the user's locale from Accept-Language header.

See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.4

Definition at line 800 of file web.py.

def tornado.web.RequestHandler.get_cookie (   self,
  name,
  default = None 
)
Gets the value of the cookie with the given name, else default.

Definition at line 354 of file web.py.

Override to determine the current user from, e.g., a cookie.

Definition at line 839 of file web.py.

Override to customize the login URL based on the request.

By default, we use the 'login_url' application setting.

Definition at line 843 of file web.py.

def tornado.web.RequestHandler.get_secure_cookie (   self,
  name,
  value = None,
  max_age_days = 31 
)
Returns the given signed cookie if it validates, or None.

The decoded cookie value is returned as a byte string (unlike
`get_cookie`).

Definition at line 438 of file web.py.

Returns the status code for our response.

Definition at line 246 of file web.py.

Override to customize template path for each handler.

By default, we use the 'template_path' application setting.
Return None to load templates relative to the calling file.

Definition at line 851 of file web.py.

Override to determine the locale from the authenticated user.

If None is returned, we fall back to get_browser_locale().

This method should return a tornado.locale.Locale object,
most likely obtained via a call like tornado.locale.get("en")

Definition at line 790 of file web.py.

def tornado.web.RequestHandler.head (   self,
  args,
  kwargs 
)

Definition at line 157 of file web.py.

Hook for subclass initialization.

A dictionary passed as the third argument of a url spec will be
supplied as keyword arguments to initialize().

Example::

    class ProfileHandler(RequestHandler):
def initialize(self, database):
    self.database = database

def get(self, username):
    ...

    app = Application([
(r'/user/(.*)', ProfileHandler, dict(database=database)),
])

Definition at line 131 of file web.py.

The local for the current session.

Determined by either get_user_locale, which you can override to
set the locale based on, e.g., a user preference stored in a
database, or get_browser_locale, which uses the Accept-Language
header.

Definition at line 775 of file web.py.

Called in async handlers if the client closed the connection.

Override this to clean up resources associated with
long-lived connections.  Note that this method is called only if
the connection was closed during asynchronous processing; if you
need to do cleanup after every request override `on_finish`
instead.

Proxies may keep a connection open for a time (perhaps
indefinitely) after the client has gone away, so this method
may not be called promptly after the end user closes their
connection.

Reimplemented in tornado.websocket.WebSocketHandler.

Definition at line 196 of file web.py.

Called after the end of a request.

Override this method to perform cleanup, logging, etc.
This method is a counterpart to `prepare`.  ``on_finish`` may
not produce any output, as it is called after the response
has been sent to the client.

Definition at line 186 of file web.py.

def tornado.web.RequestHandler.options (   self,
  args,
  kwargs 
)

Definition at line 175 of file web.py.

def tornado.web.RequestHandler.patch (   self,
  args,
  kwargs 
)

Definition at line 169 of file web.py.

def tornado.web.RequestHandler.post (   self,
  args,
  kwargs 
)

Definition at line 163 of file web.py.

Called at the beginning of a request before `get`/`post`/etc.

Override this method to perform common initialization regardless
of the request method.

Reimplemented in tornado.web.FallbackHandler, and tornado.web.ErrorHandler.

Definition at line 178 of file web.py.

def tornado.web.RequestHandler.put (   self,
  args,
  kwargs 
)

Definition at line 172 of file web.py.

def tornado.web.RequestHandler.redirect (   self,
  url,
  permanent = False,
  status = None 
)
Sends a redirect to the given (optionally relative) URL.

If the ``status`` argument is specified, that value is used as the
HTTP status code; otherwise either 301 (permanent) or 302
(temporary) is chosen based on the ``permanent`` argument.
The default is 302 (temporary).

Definition at line 450 of file web.py.

def tornado.web.RequestHandler.render (   self,
  template_name,
  kwargs 
)
Renders the template with the given arguments as the response.

Definition at line 496 of file web.py.

def tornado.web.RequestHandler.render_string (   self,
  template_name,
  kwargs 
)
Generate the given template with the given arguments.

We return the generated string. To generate and write a template
as a response, use render() above.

Definition at line 582 of file web.py.

def tornado.web.RequestHandler.require_setting (   self,
  name,
  feature = "this feature" 
)
Raises an exception if the given app setting is not defined.

Definition at line 973 of file web.py.

def tornado.web.RequestHandler.reverse_url (   self,
  name,
  args 
)
Alias for `Application.reverse_url`.

Definition at line 979 of file web.py.

def tornado.web.RequestHandler.send_error (   self,
  status_code = 500,
  kwargs 
)
Sends the given HTTP error code to the browser.

If `flush()` has already been called, it is not possible to send
an error, so this method will simply terminate the response.
If output has been written but not yet flushed, it will be discarded
and replaced with the error page.

Override `write_error()` to customize the error page that is returned.
Additional keyword arguments are passed through to `write_error`.

Definition at line 706 of file web.py.

def tornado.web.RequestHandler.set_cookie (   self,
  name,
  value,
  domain = None,
  expires = None,
  path = "/",
  expires_days = None,
  kwargs 
)
Sets the given cookie name/value with the given options.

Additional keyword arguments are set on the Cookie.Morsel
directly.
See http://docs.python.org/library/cookie.html#morsel-objects
for available attributes.

Definition at line 360 of file web.py.

Override this to set HTTP headers at the beginning of the request.

For example, this is the place to set a custom ``Server`` header.
Note that setting such headers in the normal flow of request
processing may not do what you want, since headers may be reset
during error handling.

Definition at line 231 of file web.py.

def tornado.web.RequestHandler.set_header (   self,
  name,
  value 
)
Sets the given response header name and value.

If a datetime is given, we automatically format it according to the
HTTP specification. If the value is not a string, we convert it to
a string. All header values are then encoded as UTF-8.

Definition at line 250 of file web.py.

def tornado.web.RequestHandler.set_secure_cookie (   self,
  name,
  value,
  expires_days = 30,
  kwargs 
)
Signs and timestamps a cookie so it cannot be forged.

You must specify the ``cookie_secret`` setting in your Application
to use this method. It should be a long, random sequence of bytes
to be used as the HMAC secret for the signature.

To read a cookie set with this method, use `get_secure_cookie()`.

Note that the ``expires_days`` parameter sets the lifetime of the
cookie in the browser, but is independent of the ``max_age_days``
parameter to `get_secure_cookie`.

Secure cookies may contain arbitrary byte values, not just unicode
strings (unlike regular cookies)

Definition at line 408 of file web.py.

def tornado.web.RequestHandler.set_status (   self,
  status_code 
)
Sets the status code for our response.

Definition at line 241 of file web.py.

An alias for `self.application.settings`.

Definition at line 153 of file web.py.

def tornado.web.RequestHandler.static_url (   self,
  path,
  include_host = None 
)
Returns a static URL for the given relative static file path.

This method requires you set the 'static_path' setting in your
application (which specifies the root directory of your static
files).

We append ?v=<signature> to the returned URL, which makes our
static file handler set an infinite expiration header on the
returned content. The signature is based on the content of the
file.

By default this method returns URLs relative to the current
host, but if ``include_host`` is true the URL returned will be
absolute.  If this handler has an ``include_host`` attribute,
that value will be used as the default for all `static_url`
calls that do not pass ``include_host`` as a keyword argument.

Definition at line 921 of file web.py.

def tornado.web.RequestHandler.write (   self,
  chunk 
)
Writes the given chunk to the output buffer.

To write the output to the network, use the flush() method below.

If the given chunk is a dictionary, we write it as JSON and set
the Content-Type of the response to be application/json.
(if you want to send JSON as a different Content-Type, call
set_header *after* calling write()).

Note that lists are not converted to JSON because of a potential
cross-site security vulnerability.  All JSON output should be
wrapped in a dictionary.  More details at
http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-json-vulnerability.aspx

Definition at line 471 of file web.py.

def tornado.web.RequestHandler.write_error (   self,
  status_code,
  kwargs 
)
Override to implement custom error pages.

``write_error`` may call `write`, `render`, `set_header`, etc
to produce output as usual.

If this error was caused by an uncaught exception, an ``exc_info``
triple will be available as ``kwargs["exc_info"]``.  Note that this
exception may not be the "current" exception for purposes of
methods like ``sys.exc_info()`` or ``traceback.format_exc``.

For historical reasons, if a method ``get_error_html`` exists,
it will be used instead of the default ``write_error`` implementation.
``get_error_html`` returned a string instead of producing output
normally, and had different semantics for exception handling.
Users of ``get_error_html`` are encouraged to convert their code
to override ``write_error`` instead.

Definition at line 731 of file web.py.

An HTML <input/> element to be included with all POST forms.

It defines the _xsrf input value, which we check on all POST
requests to prevent cross-site request forgery. If you have set
the 'xsrf_cookies' application setting, you must include this
HTML within all of your HTML forms.

See check_xsrf_cookie() above for more information.

Definition at line 908 of file web.py.

The XSRF-prevention token for the current user/session.

To prevent cross-site request forgery, we set an '_xsrf' cookie
and include the same '_xsrf' value as an argument with all POST
requests. If the two do not match, we reject the form submission
as a potential forgery.

See http://en.wikipedia.org/wiki/Cross-site_request_forgery

Definition at line 860 of file web.py.


Member Data Documentation

Definition at line 1067 of file web.py.

list tornado::web.RequestHandler::_ARG_DEFAULT = [] [static, private]

Definition at line 296 of file web.py.

Definition at line 107 of file web.py.

Definition at line 833 of file web.py.

Reimplemented in tornado.web.FallbackHandler.

Definition at line 107 of file web.py.

Definition at line 212 of file web.py.

Definition at line 107 of file web.py.

Definition at line 212 of file web.py.

Definition at line 781 of file web.py.

Definition at line 366 of file web.py.

Definition at line 212 of file web.py.

tuple tornado::web.RequestHandler::_template_loader_lock = threading.Lock() [static, private]

Definition at line 105 of file web.py.

dictionary tornado::web.RequestHandler::_template_loaders = {} [static, private]

Definition at line 104 of file web.py.

Definition at line 107 of file web.py.

Definition at line 212 of file web.py.

Definition at line 868 of file web.py.

Definition at line 107 of file web.py.

Definition at line 107 of file web.py.

Initial value:
("GET", "HEAD", "POST", "DELETE", "PATCH", "PUT",
                         "OPTIONS")

Definition at line 101 of file web.py.

Definition at line 107 of file web.py.


The documentation for this class was generated from the following file:


roswww
Author(s): Jonathan Mace
autogenerated on Thu Jan 2 2014 11:53:30