actionpack 4.1.6 → 4.1.7
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionpack might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/action_dispatch/middleware/static.rb +21 -1
- data/lib/action_pack/gem_version.rb +1 -1
- metadata +8 -9
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fd553597f482cd30ac29dec61f759fbfc0dc1005
|
4
|
+
data.tar.gz: 1a22032cc1c4b44051182dff1fba4762885f83f0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cf3fba7f2188f04480178dfc0e9e1a6265da868dfd7f11d35ec0b024155c9ce4f8bdccda3dfae58b96de23f3ff7de118ecda483b37301814c9711e268cf9dde8
|
7
|
+
data.tar.gz: 6deca2a2a3f989a1b2e385a09ba2d616e0e0d43e2cf9b1cb3d4ee91dfccc426b1a08b696f9e285ab489cca6d7d752e5a8cda15b39612ab86b88847b7b6eb7ac5
|
@@ -14,7 +14,8 @@ module ActionDispatch
|
|
14
14
|
path = unescape_path(path)
|
15
15
|
return false unless path.valid_encoding?
|
16
16
|
|
17
|
-
full_path = path.empty? ? @root : File.join(@root,
|
17
|
+
full_path = path.empty? ? @root : File.join(@root,
|
18
|
+
clean_path_info(escape_glob_chars(path)))
|
18
19
|
paths = "#{full_path}#{ext}"
|
19
20
|
|
20
21
|
matches = Dir[paths]
|
@@ -43,6 +44,25 @@ module ActionDispatch
|
|
43
44
|
def escape_glob_chars(path)
|
44
45
|
path.gsub(/[*?{}\[\]]/, "\\\\\\&")
|
45
46
|
end
|
47
|
+
|
48
|
+
private
|
49
|
+
|
50
|
+
PATH_SEPS = Regexp.union(*[::File::SEPARATOR, ::File::ALT_SEPARATOR].compact)
|
51
|
+
|
52
|
+
def clean_path_info(path_info)
|
53
|
+
parts = path_info.split PATH_SEPS
|
54
|
+
|
55
|
+
clean = []
|
56
|
+
|
57
|
+
parts.each do |part|
|
58
|
+
next if part.empty? || part == '.'
|
59
|
+
part == '..' ? clean.pop : clean << part
|
60
|
+
end
|
61
|
+
|
62
|
+
clean.unshift '/' if parts.empty? || parts.first.empty?
|
63
|
+
|
64
|
+
::File.join(*clean)
|
65
|
+
end
|
46
66
|
end
|
47
67
|
|
48
68
|
class Static
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: actionpack
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.1.
|
4
|
+
version: 4.1.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Heinemeier Hansson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-10-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 4.1.
|
19
|
+
version: 4.1.7
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 4.1.
|
26
|
+
version: 4.1.7
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rack
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -58,28 +58,28 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - '='
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: 4.1.
|
61
|
+
version: 4.1.7
|
62
62
|
type: :runtime
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - '='
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: 4.1.
|
68
|
+
version: 4.1.7
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
70
|
name: activemodel
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
73
|
- - '='
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: 4.1.
|
75
|
+
version: 4.1.7
|
76
76
|
type: :development
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
80
|
- - '='
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version: 4.1.
|
82
|
+
version: 4.1.7
|
83
83
|
description: Web apps on Rails. Simple, battle-tested conventions for building and
|
84
84
|
testing MVC web applications. Works with any Rack-compatible server.
|
85
85
|
email: david@loudthinking.com
|
@@ -263,4 +263,3 @@ signing_key:
|
|
263
263
|
specification_version: 4
|
264
264
|
summary: Web-flow and rendering framework putting the VC in MVC (part of Rails).
|
265
265
|
test_files: []
|
266
|
-
has_rdoc:
|