Commits

Lynn Rees committed 39ff47d

[svn] made a copy

Comments (0)

Files changed (4)

branches/0.1/trunk/ez_setup.py

+#!python
+"""Bootstrap setuptools installation
+
+If you want to use setuptools in your package's setup.py, just include this
+file in the same directory with it, and add this to the top of your setup.py::
+
+    from ez_setup import use_setuptools
+    use_setuptools()
+
+If you want to require a specific version of setuptools, set a download
+mirror, or use an alternate download directory, you can do so by supplying
+the appropriate options to ``use_setuptools()``.
+
+This file can also be run as a script to install or upgrade setuptools.
+"""
+import sys
+DEFAULT_VERSION = "0.6a9"
+DEFAULT_URL     = "http://cheeseshop.python.org/packages/%s/s/setuptools/" % sys.version[:3]
+
+md5_data = {
+    'setuptools-0.5a13-py2.3.egg': '85edcf0ef39bab66e130d3f38f578c86',
+    'setuptools-0.5a13-py2.4.egg': 'ede4be600e3890e06d4ee5e0148e092a',
+    'setuptools-0.6a1-py2.3.egg': 'ee819a13b924d9696b0d6ca6d1c5833d',
+    'setuptools-0.6a1-py2.4.egg': '8256b5f1cd9e348ea6877b5ddd56257d',
+    'setuptools-0.6a2-py2.3.egg': 'b98da449da411267c37a738f0ab625ba',
+    'setuptools-0.6a2-py2.4.egg': 'be5b88bc30aed63fdefd2683be135c3b',
+    'setuptools-0.6a3-py2.3.egg': 'ee0e325de78f23aab79d33106dc2a8c8',
+    'setuptools-0.6a3-py2.4.egg': 'd95453d525a456d6c23e7a5eea89a063',
+    'setuptools-0.6a4-py2.3.egg': 'e958cbed4623bbf47dd1f268b99d7784',
+    'setuptools-0.6a4-py2.4.egg': '7f33c3ac2ef1296f0ab4fac1de4767d8',
+    'setuptools-0.6a5-py2.3.egg': '748408389c49bcd2d84f6ae0b01695b1',
+    'setuptools-0.6a5-py2.4.egg': '999bacde623f4284bfb3ea77941d2627',
+    'setuptools-0.6a6-py2.3.egg': '7858139f06ed0600b0d9383f36aca24c',
+    'setuptools-0.6a6-py2.4.egg': 'c10d20d29acebce0dc76219dc578d058',
+    'setuptools-0.6a7-py2.3.egg': 'cfc4125ddb95c07f9500adc5d6abef6f',
+    'setuptools-0.6a7-py2.4.egg': 'c6d62dab4461f71aed943caea89e6f20',
+    'setuptools-0.6a8-py2.3.egg': '2f18eaaa3f544f5543ead4a68f3b2e1a',
+    'setuptools-0.6a8-py2.4.egg': '799018f2894f14c9f8bcb2b34e69b391',
+    'setuptools-0.6a9-py2.3.egg': '8e438ad70438b07b0d8f82cae42b278f',
+    'setuptools-0.6a9-py2.4.egg': '8f6e01fc12fb1cd006dc0d6c04327ec1',
+}
+
+import sys, os
+
+def _validate_md5(egg_name, data):
+    if egg_name in md5_data:
+        from md5 import md5
+        digest = md5(data).hexdigest()
+        if digest != md5_data[egg_name]:
+            print >>sys.stderr, (
+                "md5 validation of %s failed!  (Possible download problem?)"
+                % egg_name
+            )
+            sys.exit(2)
+    return data    
+
+
+def use_setuptools(
+    version=DEFAULT_VERSION, download_base=DEFAULT_URL, to_dir=os.curdir,
+    download_delay=15
+):
+    """Automatically find/download setuptools and make it available on sys.path
+
+    `version` should be a valid setuptools version number that is available
+    as an egg for download under the `download_base` URL (which should end with
+    a '/').  `to_dir` is the directory where setuptools will be downloaded, if
+    it is not already available.  If `download_delay` is specified, it should
+    be the number of seconds that will be paused before initiating a download,
+    should one be required.  If an older version of setuptools is installed,
+    this routine will print a message to ``sys.stderr`` and raise SystemExit in
+    an attempt to abort the calling script.  
+    """
+    try:
+        import setuptools
+        if setuptools.__version__ == '0.0.1':
+            print >>sys.stderr, (
+            "You have an obsolete version of setuptools installed.  Please\n"
+            "remove it from your system entirely before rerunning this script."
+            )
+            sys.exit(2)
+    except ImportError:
+        egg = download_setuptools(version, download_base, to_dir, download_delay)
+        sys.path.insert(0, egg)
+        import setuptools; setuptools.bootstrap_install_from = egg
+
+    import pkg_resources
+    try:
+        pkg_resources.require("setuptools>="+version)
+
+    except pkg_resources.VersionConflict:
+        # XXX could we install in a subprocess here?
+        print >>sys.stderr, (
+            "The required version of setuptools (>=%s) is not available, and\n"
+            "can't be installed while this script is running. Please install\n"
+            " a more recent version first."
+        ) % version
+        sys.exit(2)
+
+def download_setuptools(
+    version=DEFAULT_VERSION, download_base=DEFAULT_URL, to_dir=os.curdir,
+    delay = 15
+):
+    """Download setuptools from a specified location and return its filename
+
+    `version` should be a valid setuptools version number that is available
+    as an egg for download under the `download_base` URL (which should end
+    with a '/'). `to_dir` is the directory where the egg will be downloaded.
+    `delay` is the number of seconds to pause before an actual download attempt.
+    """
+    import urllib2, shutil
+    egg_name = "setuptools-%s-py%s.egg" % (version,sys.version[:3])
+    url = download_base + egg_name
+    saveto = os.path.join(to_dir, egg_name)
+    src = dst = None
+    if not os.path.exists(saveto):  # Avoid repeated downloads
+        try:
+            from distutils import log
+            if delay:
+                log.warn("""
+---------------------------------------------------------------------------
+This script requires setuptools version %s to run (even to display
+help).  I will attempt to download it for you (from
+%s), but
+you may need to enable firewall access for this script first.
+I will start the download in %d seconds.
+---------------------------------------------------------------------------""",
+                    version, download_base, delay
+                ); from time import sleep; sleep(delay)
+            log.warn("Downloading %s", url)
+            src = urllib2.urlopen(url)
+            # Read/write all in one block, so we don't create a corrupt file
+            # if the download is interrupted.
+            data = _validate_md5(egg_name, src.read())
+            dst = open(saveto,"wb"); dst.write(data)
+        finally:
+            if src: src.close()
+            if dst: dst.close()
+    return os.path.realpath(saveto)
+
+def main(argv, version=DEFAULT_VERSION):
+    """Install or upgrade setuptools and EasyInstall"""
+
+    try:
+        import setuptools
+    except ImportError:
+        import tempfile, shutil
+        tmpdir = tempfile.mkdtemp(prefix="easy_install-")
+        try:
+            egg = download_setuptools(version, to_dir=tmpdir, delay=0)
+            sys.path.insert(0,egg)
+            from setuptools.command.easy_install import main
+            main(list(argv)+[egg])
+        finally:
+            shutil.rmtree(tmpdir)
+    else:
+        if setuptools.__version__ == '0.0.1':
+            # tell the user to uninstall obsolete version
+            use_setuptools(version)
+
+    req = "setuptools>="+version
+    import pkg_resources
+    try:
+        pkg_resources.require(req)
+    except pkg_resources.VersionConflict:
+        try:
+            from setuptools.command.easy_install import main
+        except ImportError:
+            from easy_install import main
+        main(list(argv)+[download_setuptools(delay=0)])
+        sys.exit(0) # try to force an exit
+    else:
+        if argv:
+            from setuptools.command.easy_install import main
+            main(argv)
+        else:
+            print "Setuptools version",version,"or greater has been installed."
+            print '(Run "ez_setup.py -U setuptools" to reinstall or upgrade.)'
+
+
+            
+def update_md5(filenames):
+    """Update our built-in md5 registry"""
+
+    import re
+    from md5 import md5
+
+    for name in filenames:
+        base = os.path.basename(name)
+        f = open(name,'rb')       
+        md5_data[base] = md5(f.read()).hexdigest()
+        f.close()
+
+    data = ["    %r: %r,\n" % it for it in md5_data.items()]
+    data.sort()
+    repl = "".join(data)
+
+    import inspect
+    srcfile = inspect.getsourcefile(sys.modules[__name__])
+    f = open(srcfile, 'rb'); src = f.read(); f.close()
+
+    match = re.search("\nmd5_data = {\n([^}]+)}", src)
+    if not match:
+        print >>sys.stderr, "Internal error!"
+        sys.exit(2)
+
+    src = src[:match.start(1)] + repl + src[match.end(1):]
+    f = open(srcfile,'w')
+    f.write(src)
+    f.close()
+
+
+if __name__=='__main__':
+    if len(sys.argv)>2 and sys.argv[1]=='--md5update':
+        update_md5(sys.argv[2:])
+    else:
+        main(sys.argv[1:])
+

branches/0.1/trunk/setup.py

+# Copyright (c) 2006 L. C. Rees.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1.  Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# 2.  Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# 3.  Neither the name of the Portable Site Information Project nor the names
+# of its contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+'''setup - setuptools based setup for wsgiform.'''
+
+import ez_setup
+ez_setup.use_setuptools()
+
+try:
+    from setuptools import setup
+except:
+    from distutils.core import setup
+
+setup(name='wsgiform',
+      version='0.1',
+      description='''WSGI middleware for parsing form data.''',
+      long_description='''WSGI middleware for parsing form data into dictionaries, individual environ
+entries, cgi.FieldStorage instances, or keyword arguments that can be passed to WSGI applications
+in the environ dictionary. Features hooks for form validation, HTML escaping, and data sterilization.''',
+      author='L. C. Rees',
+      author_email='lcrees@gmail.com',
+      license='BSD',
+      test_suite='test_wsgiform',
+      py_modules=['wsgiform', 'test_wsgiform'],
+      packages = [],
+      zip_safe = True,
+      keywords='WSGI dispatch middleware web HTTP decorators',
+      classifiers=['Development Status :: 3 - Alpha',
+                    'Environment :: Web Environment',
+                    'License :: OSI Approved :: BSD License',
+                    'Natural Language :: English',
+                    'Operating System :: OS Independent',
+                    'Programming Language :: Python',
+                    'Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware'])

branches/0.1/trunk/test_wsgiform.py

+# Copyright (c) 2006 L. C. Rees
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without modification,
+# are permitted provided that the following conditions are met:
+#
+#    1. Redistributions of source code must retain the above copyright notice, 
+#       this list of conditions and the following disclaimer.
+#    
+#    2. Redistributions in binary form must reproduce the above copyright 
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#
+#    3. Neither the name of WsgiForm nor the names of its contributors may be used
+#       to endorse or promote products derived from this software without
+#       specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+'''Unit tests for wsgiform.'''
+
+import wsgiform
+import unittest
+import StringIO
+import copy
+
+class TestWsgiForm(unittest.TestCase):
+    
+    '''Test cases for wsgiform.'''
+        
+    test_env = {
+        'CONTENT_LENGTH': '118',
+        'wsgi.multiprocess': 0,
+        'wsgi.version': (1, 0),
+        'CONTENT_TYPE': 'application/x-www-form-urlencoded',
+        'SERVER_NAME': '127.0.0.1',
+        'wsgi.run_once': 0,
+        'wsgi.errors': StringIO.StringIO(),
+        'wsgi.multithread': 0,
+        'SCRIPT_NAME': '',
+        'wsgi.url_scheme': 'http',
+        'wsgi.input': StringIO.StringIO(
+'num=12121&str1=test&name=%3Ctag+id%3D%22Test%22%3EThis+is+a+%27test%27+%26+another.%3C%2Ftag%3E&state=NV&Submit=Submit'
+            ), 
+        'REQUEST_METHOD': 'POST',
+        'HTTP_HOST': '127.0.0.1',
+        'PATH_INFO': '/',
+        'SERVER_PORT': '80',
+        'SERVER_PROTOCOL': 'HTTP/1.0'}       
+
+    def dummy_app(self, environ, func):
+        return environ
+
+    def dummy_sr(self):
+        pass
+
+    def testfieldstorage(self):
+        '''Parses form data into a FieldStorage instance.'''
+        env = wsgiform.WsgiForm(self.dummy_app).fieldstorage(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.fieldstorage'].getfirst('num'), '12121')
+
+    def testdictionary(self):
+        '''Parses form data into a dictionary.'''
+        env = wsgiform.WsgiForm(self.dummy_app).dictionary(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.dict']['num'], '12121')
+
+    def testkwargs(self):
+        '''Parses form data into keyword arguments.'''
+        env = wsgiform.WsgiForm(self.dummy_app).kwargs(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgize.kwargs']['num'], '12121')
+
+    def testenviron(self):
+        '''Parses form data into individual environ entries.'''
+        env = wsgiform.WsgiForm(self.dummy_app).environ(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.num'], '12121')
+
+    def testdict_escape(self):
+        '''Parses form data into a dictionary with HTML escaping. '''
+        env = wsgiform.WsgiForm(self.dummy_app).dict_escape(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.dict']['name'], '<tag id="Test">This is a 'test' & another.</tag>')         
+
+    def testkwargs_escape(self):
+        '''Parses form data into keyword arguments with HTML escaping.'''
+        env = wsgiform.WsgiForm(self.dummy_app).kwargs_escape(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgize.kwargs']['name'], '<tag id="Test">This is a 'test' & another.</tag>')
+
+    def testenviron_escape(self):
+        '''Parses form data into individual environ entries with HTML escaping.'''
+        env = wsgiform.WsgiForm(self.dummy_app).environ_escape(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.name'], '<tag id="Test">This is a 'test' & another.</tag>')
+
+    def testdict_strictescape(self):
+        '''Parses form data into a dictionary with strict HTML escaping.'''
+        env = wsgiform.WsgiForm(self.dummy_app).dict_strictescape(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.dict']['name'], '<tag id="Test">This is a 'test' & another.</tag>')
+
+    def testkwargs_strictescape(self):
+        '''Parses form data into keyword arguments with strict HTML escaping.'''
+        env = wsgiform.WsgiForm(self.dummy_app).kwargs_strictescape(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgize.kwargs']['name'], '<tag id="Test">This is a 'test' & another.</tag>')
+
+    def testenviron_strictescape(self):
+        '''Parses form data into individual environ entries with strict HTML escaping.'''
+        env = wsgiform.WsgiForm(self.dummy_app).environ_strictescape(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.name'], '<tag id="Test">This is a 'test' & another.</tag>')
+
+    def testdict_sterilize(self):
+        '''Parses form data into a dictionary with data sterilization.'''
+        env = wsgiform.WsgiForm(self.dummy_app).dict_sterilize(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.dict']['name'], 'tag idTestThis is a test  another.tag')
+
+    def testkwargs_sterilize(self):
+        '''Parses form data into keyword arguments with data sterilization.'''
+        env = wsgiform.WsgiForm(self.dummy_app).kwargs_sterilize(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgize.kwargs']['name'], 'tag idTestThis is a test  another.tag')
+
+    def testenviron_sterilize(self):
+        '''Parses form data into individual environ entries with data sterilization.'''
+        env = wsgiform.WsgiForm(self.dummy_app).environ_sterilize(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.name'], 'tag idTestThis is a test  another.tag')
+
+    def testdict_strictsterilize(self):
+        '''Parses form data into a dictionary with strict data sterilization.'''
+        env = wsgiform.WsgiForm(self.dummy_app).dict_strictsterilize(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.dict']['name'], 'tag idTestThis is a test  another.tag')
+
+    def testkwargs_strictsterilize(self):
+        '''Parses form data into keyword arguments with strict data sterilization.'''
+        env = wsgiform.WsgiForm(self.dummy_app).kwargs_strictsterilize(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgize.kwargs']['name'], 'tag idTestThis is a test  another.tag')
+
+    def testenviron_strictsterilize(self):
+        '''Parses form data into individual environ entries with strict data sterilization.'''
+        env = wsgiform.WsgiForm(self.dummy_app).environ_strictsterilize(copy.deepcopy(self.test_env), self.dummy_sr)
+        self.assertEqual(env['wsgiform.name'], 'tag idTestThis is a test  another.tag')
+
+
+if __name__ == '__main__': unittest.main()

branches/0.1/trunk/wsgiform.py

+# Copyright (c) 2006 L. C. Rees
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without modification,
+# are permitted provided that the following conditions are met:
+#
+#    1. Redistributions of source code must retain the above copyright notice, 
+#       this list of conditions and the following disclaimer.
+#    
+#    2. Redistributions in binary form must reproduce the above copyright 
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#
+#    3. Neither the name of WsgiForm nor the names of its contributors may be used
+#       to endorse or promote products derived from this software without
+#       specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+'''WSGI middleware for parsing form data into dictionaries, individual environ
+entries, cgi.FieldStorage instances, or keyword arguments that can be passed to
+WSGI applications in the environ dictionary. Features include hooks for form
+validation, HTML escaping, and data sterilization.
+'''
+
+import cgi
+import xml.sax.saxutils as s
+import string
+
+# Contains only alphanumeric characters, ., -, and _
+_notsterile = '!"#$%&\'()*+,/:;<=>?@[\\]^`{|}~'
+_trans = string.maketrans('', '')    
+
+
+def extract(environ, empty=False, err=False):
+    '''Extracts strings in form data.'''
+    qdict = cgi.parse(environ['wsgi.input'], environ, empty, err)
+    for key, value in qdict.iteritems():
+        if len(value) == 1: qdict[key] = value[0]
+    return qdict
+
+def escape(environ, empty=False, err=False):
+    '''Escapes XML/HTML in form data.'''
+    qdict = extract(environ, empty, err)
+    for key, value in qdict.iteritems():
+        if isinstance(value, basestring):
+            qdict[key] = s.escape(value, {'"':"&quot;", "'":'&#39;'})
+        elif isinstance(value, list):
+            for num, item in enumerate(value):
+                if isinstance(value, basestring):
+                    value[num] = s.escape(item, {'"':"&quot;", "'":'&#39;'})
+    return qdict    
+
+def sterilize(environ, empty=False, err=False):
+    '''Removes all form data characters except alphanumerics, ., -, and _.'''
+    qdict = extract(environ, empty, err)
+    for key, value in qdict.iteritems():
+        if isinstance(value, basestring):
+            qdict[key] = value.translate(_trans, _notsterile)
+        elif isinstance(value, list):
+            for num, item in value:
+                if isinstance(value, basestring):
+                    qdict[num] = item.translate(_trans, _notsterile)
+    return qdict
+    
+
+class WsgiForm(object):
+
+    '''Class that parsing form data into dictionaries, individual environ entries,
+    cgi.FieldStorage instances, or keyword arguments that can be passed to WSGI
+    applications in the environ dictionary. 
+    '''     
+
+    def __init__(self, app, **kw):
+        '''@param app WSGI callable
+        @param kw Keyword arguments.'''
+        self.app = app
+        # Prefix for individual environ entries
+        self.prefix = kw.get('envprefix', 'wsgiform.%s')
+        # Prefix for field storage environ entries
+        self.fkey = kw.get('fieldstorage', 'wsgiform.fieldstorage')
+        # Prefix for dictionary environ entries
+        self.dkey = kw.get('dict', 'wsgiform.dict')
+        # Prefix for keyword environ entries
+        self.kkey = kw.get('kwargs', 'wsgize.kwargs')
+        # Dictionary of validators where the keywords are form field names 
+        self.validators = kw.get('validators', {})
+
+    def _call(self, environ, func, key, empty=False, err=False):
+        '''Pattern for dicts and kwargs.'''
+        qdict = func(environ)
+        if self.validators: self.validate(qdict) 
+        environ[key] = qdict
+        return environ
+
+    def _callenv(self, environ, func, empty=False, err=False):
+        '''Pattern for environ entries.'''
+        qdict = func(environ)
+        if self.validators: self.validate(qdict) 
+        for k, v in qdict.iteritems(): environ[self.prefix % k] = v
+        return environ
+    
+    def validate(self, qdict):
+        '''Validates form data.
+
+        qdict Dictionary of validators indexed by form field        
+        '''
+        for key, value in qdict.iteritems():
+            try:
+                self.validators[key](value)
+            except KeyError: pass
+     
+    def fieldstorage(self, env, start_return):
+        '''Parses WSGI input from a form into a FieldStorage instance.'''
+        env[self.fkey] = cgi.FieldStorage(fp=env['wsgi.input'], environ=env)
+        return self.app(env, start_return)
+        
+    def dictionary(self, environ, start_return):
+        '''Parses WSGI input from a form into a dictionary.'''        
+        return self.app(self._call(environ, extract, self.dkey), start_return)
+
+    def kwargs(self, environ, start_return):
+        '''Parses WSGI input from a form into keyword arguments.'''
+        return self.app(self._call(environ, extract, self.kkey), start_return)
+
+    def environ(self, environ, start_return):
+        '''Parses WSGI input from a form into individual environ entries.'''
+        return self.app(self._callenv(environ, extract), start_return)    
+        
+    def dict_escape(self, environ, start_return):
+        '''Parses WSGI input from a form into a dictionary and HTML escapes
+        each string value.
+        '''
+        return self.app(self._call(environ, escape, self.dkey), start_return)
+
+    def kwargs_escape(self, environ, start_return):
+        '''Parses WSGI input from a form into keyword arguments and HTML
+        escapes each string value.
+        '''
+        return self.app(self._call(environ, escape, self.kkey), start_return)
+
+    def environ_escape(self, environ, start_return):
+        '''Parses WSGI input from a form into individual environ entries and
+        HTML escapes each string value.
+        '''
+        return self.app(self._callenv(environ, escape), start_return)    
+
+    def dict_strictescape(self, environ, start_return):
+        '''Parses WSGI input from a form into a dictionary and strictly HTML escapes
+        each string value.
+        '''
+        return self.app(self._call(environ, escape, self.dkey, True, True), start_return)
+
+    def kwargs_strictescape(self, environ, start_return):
+        '''Parses WSGI input from a form into keyword arguments and strictly HTML
+        escapes each string value.
+        '''
+        return self.app(self._call(environ, escape, self.kkey, True, True), start_return)
+
+    def environ_strictescape(self, environ, start_return):
+        '''Parses WSGI input from a form into individual environ entries and
+        strictly HTML escapes each string value.
+        '''
+        return self.app(self._callenv(environ, escape, True, True), start_return)        
+    
+    def dict_sterilize(self, environ, start_return):
+        '''Parses WSGI input from a form into a dictionary and sterilizes the
+        data of each string value.
+        '''
+        return self.app(self._call(environ, sterilize, self.dkey), start_return)
+
+    def kwargs_sterilize(self, environ, start_return):
+        '''Parses WSGI input from a form into keyword arguments and sterilizes the
+        data of each string value.
+        '''
+        return self.app(self._call(environ, sterilize, self.kkey), start_return)
+
+    def environ_sterilize(self, environ, start_return):
+        '''Parses WSGI input from a form into individual environ entries and
+        sterilizes the data of each string value.
+        '''
+        return self.app(self._callenv(environ, sterilize), start_return)        
+
+    def dict_strictsterilize(self, environ, start_return):
+        '''Parses WSGI input from a form into a dictionary and strictly sterilizes the
+        data of each string value.
+        '''
+        return self.app(self._call(environ, sterilize, self.dkey, True, True), start_return)
+
+    def kwargs_strictsterilize(self, environ, start_return):
+        '''Parses WSGI input from a form into keyword arguments and strictly sterilizes the
+        data of each string value.
+        '''
+        return self.app(self._call(environ, sterilize, self.kkey, True, True), start_return)
+
+    def environ_strictsterilize(self, environ, start_return):
+        '''Parses WSGI input from a form into individual environ entries and
+        strictly sterilizes the data of each string value.
+        '''
+        return self.app(self._callenv(environ, sterilize, True, True), start_return)     
+
+
+__all__ = ['WsgiForm']