Bump cherrypy from 18.8.0 to 18.9.0 (#2266)

* Bump cherrypy from 18.8.0 to 18.9.0 Bumps [cherrypy](https://github.com/cherrypy/cherrypy) from 18.8.0 to 18.9.0. - [Changelog](https://github.com/cherrypy/cherrypy/blob/main/CHANGES.rst) - [Commits](https://github.com/cherrypy/cherrypy/compare/v18.8.0...v18.9.0) --- updated-dependencies: - dependency-name: cherrypy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update cherrypy==18.9.0 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: JonnyWong16 <9099342+JonnyWong16@users.noreply.github.com> [skip ci]
2025-07-13 08:42:59 -07:00 · 2024-03-24 15:25:44 -07:00 · 2024-03-24 15:25:44 -07:00 · faef9a94c4
commit faef9a94c4
parent cfefa928be
673 changed files with 159850 additions and 11583 deletions
--- a/lib/win32comext/axscript/client/pyscript_rexec.py
+++ b/lib/win32comext/axscript/client/pyscript_rexec.py
@ -0,0 +1,49 @@
+# A version of the ActiveScripting engine that enables rexec support
+# This version supports hosting by IE - however, due to Python's
+# rexec module being neither completely trusted nor private, it is
+# *not* enabled by default.
+# As of Python 2.2, rexec is simply not available - thus, if you use this,
+# a HTML page can do almost *anything* at all on your machine.
+
+# You almost certainly do NOT want to use thus!
+
+import pythoncom
+from win32com.axscript import axscript
+
+from . import pyscript
+
+INTERFACE_USES_DISPEX = 0x00000004  # Object knows to use IDispatchEx
+INTERFACE_USES_SECURITY_MANAGER = (
+    0x00000008  # Object knows to use IInternetHostSecurityManager
+)
+
+
+class PyScriptRExec(pyscript.PyScript):
+    # Setup the auto-registration stuff...
+    _reg_verprogid_ = "Python.AXScript-rexec.2"
+    _reg_progid_ = "Python"  # Same ProgID as the standard engine.
+    # 	_reg_policy_spec_ = default
+    _reg_catids_ = [axscript.CATID_ActiveScript, axscript.CATID_ActiveScriptParse]
+    _reg_desc_ = "Python ActiveX Scripting Engine (with rexec support)"
+    _reg_clsid_ = "{69c2454b-efa2-455b-988c-c3651c4a2f69}"
+    _reg_class_spec_ = "win32com.axscript.client.pyscript_rexec.PyScriptRExec"
+    _reg_remove_keys_ = [(".pys",), ("pysFile",)]
+    _reg_threading_ = "Apartment"
+
+    def _GetSupportedInterfaceSafetyOptions(self):
+        # print "**** calling", pyscript.PyScript._GetSupportedInterfaceSafetyOptions, "**->", pyscript.PyScript._GetSupportedInterfaceSafetyOptions(self)
+        return (
+            INTERFACE_USES_DISPEX
+            | INTERFACE_USES_SECURITY_MANAGER
+            | axscript.INTERFACESAFE_FOR_UNTRUSTED_DATA
+            | axscript.INTERFACESAFE_FOR_UNTRUSTED_CALLER
+        )
+
+
+if __name__ == "__main__":
+    print("WARNING: By registering this engine, you are giving remote HTML code")
+    print("the ability to execute *any* code on your system.")
+    print()
+    print("You almost certainly do NOT want to do this.")
+    print("You have been warned, and are doing this at your own (significant) risk")
+    pyscript.Register(PyScriptRExec)