bpo-33843: Remove deprecated stuff in cgi module (GH-7662)

Author: methane

Doc/library/cgi.rst

@@ -284,18 +284,6 @@ algorithms implemented in this module in other circumstances.
    passed to :func:`urllib.parse.parse_qs` unchanged.
 
 
-.. function:: parse_qs(qs, keep_blank_values=False, strict_parsing=False)
-
-   This function is deprecated in this module. Use :func:`urllib.parse.parse_qs`
-   instead. It is maintained here only for backward compatibility.
-
-
-.. function:: parse_qsl(qs, keep_blank_values=False, strict_parsing=False)
-
-   This function is deprecated in this module. Use :func:`urllib.parse.parse_qsl`
-   instead. It is maintained here only for backward compatibility.
-
-
 .. function:: parse_multipart(fp, pdict, encoding="utf-8", errors="replace")
 
    Parse input of type :mimetype:`multipart/form-data` (for  file uploads).
@@ -348,20 +336,6 @@ algorithms implemented in this module in other circumstances.
    Print a list of useful (used by CGI) environment variables in HTML.
 
 
-.. function:: escape(s, quote=False)
-
-   Convert the characters ``'&'``, ``'<'`` and ``'>'`` in string *s* to HTML-safe
-   sequences.  Use this if you need to display text that might contain such
-   characters in HTML.  If the optional flag *quote* is true, the quotation mark
-   character (``"``) is also translated; this helps for inclusion in an HTML
-   attribute value delimited by double quotes, as in ``<a href="...">``.  Note
-   that single quotes are never translated.
-
-   .. deprecated:: 3.2
-      This function is unsafe because *quote* is false by default, and therefore
-      deprecated.  Use :func:`html.escape` instead.
-
-
 .. _cgi-security:
 
 Caring about security

Doc/whatsnew/3.8.rst

@@ -136,6 +136,10 @@ Removed
   to help eliminate confusion as to what Python interpreter the ``pyvenv``
   script is tied to. (Contributed by Brett Cannon in :issue:`25427`.)
 
+* ``parse_qs``, ``parse_qsl``, and ``escape`` are removed from :mod:`cgi`
+  module.  They are deprecated from Python 3.2 or older.
+
+
 
 Porting to Python 3.8
 =====================

Lib/cgi.py

@@ -38,16 +38,14 @@
 import urllib.parse
 from email.parser import FeedParser
 from email.message import Message
-from warnings import warn
 import html
 import locale
 import tempfile
 
-__all__ = ["MiniFieldStorage", "FieldStorage",
-           "parse", "parse_qs", "parse_qsl", "parse_multipart",
+__all__ = ["MiniFieldStorage", "FieldStorage", "parse", "parse_multipart",
            "parse_header", "test", "print_exception", "print_environ",
            "print_form", "print_directory", "print_arguments",
-           "print_environ_usage", "escape"]
+           "print_environ_usage"]
 
 # Logging support
 # ===============
@@ -183,21 +181,6 @@ def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
                                  encoding=encoding)
 
 
-# parse query string function called from urlparse,
-# this is done in order to maintain backward compatibility.
-
-def parse_qs(qs, keep_blank_values=0, strict_parsing=0):
-    """Parse a query given as a string argument."""
-    warn("cgi.parse_qs is deprecated, use urllib.parse.parse_qs instead",
-         DeprecationWarning, 2)
-    return urllib.parse.parse_qs(qs, keep_blank_values, strict_parsing)
-
-def parse_qsl(qs, keep_blank_values=0, strict_parsing=0):
-    """Parse a query given as a string argument."""
-    warn("cgi.parse_qsl is deprecated, use urllib.parse.parse_qsl instead",
-         DeprecationWarning, 2)
-    return urllib.parse.parse_qsl(qs, keep_blank_values, strict_parsing)
-
 def parse_multipart(fp, pdict, encoding="utf-8", errors="replace"):
     """Parse multipart input.
 
@@ -974,18 +957,6 @@ def print_environ_usage():
 # Utilities
 # =========
 
-def escape(s, quote=None):
-    """Deprecated API."""
-    warn("cgi.escape is deprecated, use html.escape instead",
-         DeprecationWarning, stacklevel=2)
-    s = s.replace("&", "&") # Must be done first!
-    s = s.replace("<", "&lt;")
-    s = s.replace(">", "&gt;")
-    if quote:
-        s = s.replace('"', "&quot;")
-    return s
-
-
 def valid_boundary(s):
     import re
     if isinstance(s, bytes):

Lib/test/test_cgi.py

@@ -4,7 +4,6 @@
 import sys
 import tempfile
 import unittest
-import warnings
 from collections import namedtuple
 from io import StringIO, BytesIO
 from test import support
@@ -163,15 +162,6 @@ def test_fieldstorage_invalid(self):
         fs = cgi.FieldStorage(headers={'content-type':'text/plain'})
         self.assertRaises(TypeError, bool, fs)
 
-    def test_escape(self):
-        # cgi.escape() is deprecated.
-        with warnings.catch_warnings():
-            warnings.filterwarnings('ignore', r'cgi\.escape',
-                                     DeprecationWarning)
-            self.assertEqual("test & string", cgi.escape("test & string"))
-            self.assertEqual("&lt;test string&gt;", cgi.escape("<test string>"))
-            self.assertEqual("&quot;test string&quot;", cgi.escape('"test string"', True))
-
     def test_strict(self):
         for orig, expect in parse_strict_test_cases:
             # Test basic parsing
@@ -449,20 +439,6 @@ def testQSAndFormDataFile(self):
         v = gen_result(data, environ)
         self.assertEqual(result, v)
 
-    def test_deprecated_parse_qs(self):
-        # this func is moved to urllib.parse, this is just a sanity check
-        with check_warnings(('cgi.parse_qs is deprecated, use urllib.parse.'
-                             'parse_qs instead', DeprecationWarning)):
-            self.assertEqual({'a': ['A1'], 'B': ['B3'], 'b': ['B2']},
-                             cgi.parse_qs('a=A1&b=B2&B=B3'))
-
-    def test_deprecated_parse_qsl(self):
-        # this func is moved to urllib.parse, this is just a sanity check
-        with check_warnings(('cgi.parse_qsl is deprecated, use urllib.parse.'
-                             'parse_qsl instead', DeprecationWarning)):
-            self.assertEqual([('a', 'A1'), ('b', 'B2'), ('B', 'B3')],
-                             cgi.parse_qsl('a=A1&b=B2&B=B3'))
-
     def test_parse_header(self):
         self.assertEqual(
             cgi.parse_header("text/plain"),

Misc/NEWS.d/next/Library/2018-06-12-18-59-16.bpo-33843.qVAK8g.rst

@@ -0,0 +1 @@
+Remove deprecated ``cgi.escape``, ``cgi.parse_qs`` and ``cgi.parse_qsl``.