Why, TypeError: expected string or bytes-like object ? - Printable Version +- Python Forum (https://python-forum.io) +-- Forum: Python Coding (https://python-forum.io/forum-7.html) +--- Forum: General Coding Help (https://python-forum.io/forum-8.html) +--- Thread: Why, TypeError: expected string or bytes-like object ? (/thread-26630.html) |
Why, TypeError: expected string or bytes-like object ? - JohnnyCoffee - May-07-2020 The method below aims to receive parameters in order to detect xss threat. I could not identify an error in the code below but only on the return of the method I get the error (TypeError: expected string or bytes-like object), does anyone know why ? # Native Module, Import : re, regex import re, json # Name Class : CrositeScript class CrositeScript: def m_post(o_output, v_url, v_inp): # Regex Condition - exist if check if re.search( r"FSCommand|onAbort|onActivate|onAfterPrint|onAfterUpdate|onBeforeActivate|" r"onBeforeCopy|onBeforeCut|onBeforeDeactivate|onBeforeEditFocus|onBeforePaste|" r"onBeforePrint|onBeforeUnload|onBeforeUpdate|onBegin|onBlur|onBounce|onCellChange|" r"onChange|onClick|onContextMenu|onControlSelect|onCopy|onCut|onDataAvailable|" r"onDataSetChanged|onDataSetComplete|onDblClick|onDeactivate|onDrag|onDragEnd|" r"onDragLeave|onDragEnter|onDragOver|onDragDrop|onDragStart|onDrop|onEnd|onError|" r"onErrorUpdate|onFilterChange|onFinish|onFocus|onFocusIn|onFocusOut|onHashChange|" r"onHelp|onInput|onKeyDown|onKeyPress|onKeyUp|onLayoutComplete|onLoad|onLoseCapture|" r"onMediaComplete|onMediaError|onMessage|onMouseDown|onMouseEnter|onMouseLeave|" r"onMouseMove|onMouseOut|onMouseOver|onMouseUp|onMouseWheel|onMove|onMoveEnd|onMoveStart|" r"onOffline|onOnline|onOutOfSync|onPaste|onPause|onPopState|onProgress|onPropertyChange|" r"onReadyStateChange|onRedo|onRepeat|onReset|onResize|onResizeEnd|onResizeStart|onResume|" r"onReverse|onRowsEnter|onRowExit|onRowDelete|onRowInserted|onScroll|onSeek|onSelect|" r"onSelectionChange|onSelectStart|onStart|onStop|onStorage|onSyncRestored|onSubmit|onTimeError|" r"onTrackChange|onUndo|onUnload|onURLFlip|seekSegmentTime|bgsound|xss|rocks|noxss|" r"<script>|</script>|script|livescript|vbscript|alert|[(]|[)]|>|<|;|&#|[*]|`", v_url, re.IGNORECASE ): # Variable : obtem status de resposta para client browser : status = "200 OK" # Variable : obtem cabeçalho http para o browser do client headers = [("Content-type", "application/json; charset=utf-8")] # Function : Envio de variable para o client browser : o_output(status, headers) # Output : return "Hacker Attempt: True, Threat : Cross-Site Scripting, Syntax: " + v_url else: # Regex Condition - exist if check if re.search( r"FSCommand|onAbort|onActivate|onAfterPrint|onAfterUpdate|onBeforeActivate|" r"onBeforeCopy|onBeforeCut|onBeforeDeactivate|onBeforeEditFocus|onBeforePaste|" r"onBeforePrint|onBeforeUnload|onBeforeUpdate|onBegin|onBlur|onBounce|onCellChange|" r"onChange|onClick|onContextMenu|onControlSelect|onCopy|onCut|onDataAvailable|" r"onDataSetChanged|onDataSetComplete|onDblClick|onDeactivate|onDrag|onDragEnd|" r"onDragLeave|onDragEnter|onDragOver|onDragDrop|onDragStart|onDrop|onEnd|onError|" r"onErrorUpdate|onFilterChange|onFinish|onFocus|onFocusIn|onFocusOut|onHashChange|" r"onHelp|onInput|onKeyDown|onKeyPress|onKeyUp|onLayoutComplete|onLoad|onLoseCapture|" r"onMediaComplete|onMediaError|onMessage|onMouseDown|onMouseEnter|onMouseLeave|" r"onMouseMove|onMouseOut|onMouseOver|onMouseUp|onMouseWheel|onMove|onMoveEnd|onMoveStart|" r"onOffline|onOnline|onOutOfSync|onPaste|onPause|onPopState|onProgress|onPropertyChange|" r"onReadyStateChange|onRedo|onRepeat|onReset|onResize|onResizeEnd|onResizeStart|onResume|" r"onReverse|onRowsEnter|onRowExit|onRowDelete|onRowInserted|onScroll|onSeek|onSelect|" r"onSelectionChange|onSelectStart|onStart|onStop|onStorage|onSyncRestored|onSubmit|onTimeError|" r"onTrackChange|onUndo|onUnload|onURLFlip|seekSegmentTime|bgsound|xss|rocks|noxss|" r"<script>|</script>|script|livescript|vbscript|alert|[(]|[)]|>|<|;|&#|[*]|`", v_inp, re.IGNORECASE ): # Variable : obtem status de resposta para client browser : status = "200 OK" # Variable : obtem cabeçalho http para o browser do client headers = [("Content-type", "application/json; charset=utf-8")] # Function : Envio de variable para o client browser : o_output(status, headers) # Output : return "Hacker Attempt: True, Threat : Cross-Site Scripting, Syntax: " + v_inp else: v_keo = v_inp.getvalue("v_query") # Converte para dicionario o_data = dict() # Pre-estrutura para o formato json o_data["term"] = "O termo pesquisado - " + v_keo # Da a saida no formato json v_json = json.dumps(o_data) # Variable : obtem status de resposta para client browser : status = "200 OK" # Variable : obtem cabeçalho http para o browser do client headers = [("Content-type", "application/json; charset=utf-8")] # Function : Envio de variable para o client browser : o_output(status, headers) # Method Return Instruction : return v_json RE: Why, TypeError: expected string or bytes-like object ? - bowlofred - May-07-2020 Please show how you call this and the complete error message (with all the traceback). RE: Why, TypeError: expected string or bytes-like object ? - JohnnyCoffee - May-08-2020 (May-07-2020, 11:52 PM)bowlofred Wrote: Please show how you call this and the complete error message (with all the traceback). Ok :
RE: Why, TypeError: expected string or bytes-like object ? - bowlofred - May-08-2020 You're passing v_inp as the string to examine for a pattern match via re.search() . But what you've posted doesn't show where that comes from (the actual function call). If what is passed in is not a string, then regex method will not like it.>>> s1 = "foobar" # a string >>> s2 = 85 # not a string >>> re.search(r"foo", s1) <_sre.SRE_Match object; span=(0, 3), match='foo'> >>> re.search(r"foo", s2) Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python3.6/re.py", line 182, in search return _compile(pattern, flags).search(string) TypeError: expected string or bytes-like objectYou could possibly force it by coercing it to a string, but it's probably better to see what's calling it and if it's passing the right object. >>> re.search(r"foo", str(s2)) >>> |