cgi 0.1.0.1 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: de6f4f6a0ff1e6b0e525b68b7bc03e700146bbd881648094674128ab59979e38
-  data.tar.gz: 1c3c231e1e9c0374b4d80528c1cb8bc9414d8c65aaf53927edb85f9a184699d8
+  metadata.gz: c59b54c540f8dfd3c9cef427e4598a27bb9bd7e8153bbed89c68c2fb922103bd
+  data.tar.gz: f2cba0d010a587aaae58e466cb16c4d4a4361bf18aff3bc2adb38e10032ddfbf
 SHA512:
-  metadata.gz: 27096879d4596c9b333fd70fb36874984870cd133388e31271cbad902ed4ca3785f62ef94f056ba09e47027a8cc161c24aede0723f35323a5c008cb8cc236a25
-  data.tar.gz: d5c33d0414644d31f51de5c5637c5625b5a3cb90405587fc30d1bbb5e1fc153483e6b3b5ce7054891ab0b81b076eaac98f0eda4dc47bb3feedfdf74ded6b091e
+  metadata.gz: 6127931c98c74e21472eb971e6fa59d97a75b944e17758ee1d31485622c845cabf076bcf53ada40b996edba1067abcd5522ff9f94f7eae75cfc020df292adf84
+  data.tar.gz: 76b61d86486908ab6d53193ced1e49b94de23a7df3a09ba37146c8fa3b6c68200eee2c1e206eb856d8c203ab8b4ea02b62831aeb0d7b5ca994a95a5dcef6a3b1

data/cgi.gemspec

@@ -1,27 +1,25 @@
-begin
-  require_relative "lib/cgi/version"
-rescue LoadError # Fallback to load version file in ruby core repository
-  require_relative "version"
-end
+lib = File.expand_path("lib", __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "cgi/version"
 
 Gem::Specification.new do |spec|
   spec.name          = "cgi"
   spec.version       = CGI::VERSION
-  spec.authors       = ["Yukihiro Matsumoto"]
-  spec.email         = ["matz@ruby-lang.org"]
+  spec.authors       = ["Hiroshi SHIBATA"]
+  spec.email         = ["hsbt@ruby-lang.org"]
 
   spec.summary       = %q{Support for the Common Gateway Interface protocol.}
   spec.description   = %q{Support for the Common Gateway Interface protocol.}
   spec.homepage      = "https://github.com/ruby/cgi"
-  spec.license       = "BSD-2-Clause"
 
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = spec.homepage
 
   spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
-    `git ls-files -z 2>/dev/null`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
   spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
+  spec.license = "BSD-2-Clause"
 end

data/ext/cgi/escape/escape.c

@@ -30,6 +30,8 @@ static inline void
 preserve_original_state(VALUE orig, VALUE dest)
 {
     rb_enc_associate(dest, rb_enc_get(orig));
+
+    RB_OBJ_INFECT_RAW(dest, orig);
 }
 
 static VALUE

data/lib/cgi/cookie.rb

@@ -57,7 +57,7 @@ class CGI
     #
     #   name:: the name of the cookie.  Required.
     #   value:: the cookie's value or list of values.
-    #   path:: the path for which this cookie applies.  Defaults to
+    #   path:: the path for which this cookie applies.  Defaults to the
     #          the value of the +SCRIPT_NAME+ environment variable.
     #   domain:: the domain for which this cookie applies.
     #   expires:: the time at which this cookie expires, as a +Time+ object.
@@ -73,7 +73,8 @@ class CGI
       @expires = nil
       if name.kind_of?(String)
         @name = name
-        @path = (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
+        %r|^(.*/)|.match(ENV["SCRIPT_NAME"])
+        @path = ($1 or "")
         @secure = false
         @httponly = false
         return super(value)
@@ -87,7 +88,12 @@ class CGI
       @name = options["name"]
       value = Array(options["value"])
       # simple support for IE
-      @path = options["path"] || (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
+      if options["path"]
+        @path = options["path"]
+      else
+        %r|^(.*/)|.match(ENV["SCRIPT_NAME"])
+        @path = ($1 or "")
+      end
       @domain = options["domain"]
       @expires = options["expires"]
       @secure = options["secure"] == true
@@ -140,7 +146,7 @@ class CGI
       buf = "#{@name}=#{val}".dup
       buf << "; domain=#{@domain}" if @domain
       buf << "; path=#{@path}"     if @path
-      buf << "; expires=#{CGI.rfc1123_date(@expires)}" if @expires
+      buf << "; expires=#{CGI::rfc1123_date(@expires)}" if @expires
       buf << "; secure"            if @secure
       buf << "; HttpOnly"          if @httponly
       buf

data/lib/cgi/core.rb

@@ -261,7 +261,7 @@ class CGI
   private :_header_for_hash
 
   def nph?  #:nodoc:
-    return /IIS\/(\d+)/ =~ $CGI_ENV['SERVER_SOFTWARE'] && $1.to_i < 5
+    return /IIS\/(\d+)/.match($CGI_ENV['SERVER_SOFTWARE']) && $1.to_i < 5
   end
 
   def _header_for_modruby(buf)  #:nodoc:
@@ -375,14 +375,14 @@ class CGI
 
   # Parse an HTTP query string into a hash of key=>value pairs.
   #
-  #   params = CGI.parse("query_string")
+  #   params = CGI::parse("query_string")
   #     # {"name1" => ["value1", "value2", ...],
   #     #  "name2" => ["value1", "value2", ...], ... }
   #
-  def self.parse(query)
+  def CGI::parse(query)
     params = {}
     query.split(/[&;]/).each do |pairs|
-      key, value = pairs.split('=',2).collect{|v| CGI.unescape(v) }
+      key, value = pairs.split('=',2).collect{|v| CGI::unescape(v) }
 
       next unless key
 
@@ -544,11 +544,11 @@ class CGI
         /Content-Disposition:.* filename=(?:"(.*?)"|([^;\r\n]*))/i.match(head)
         filename = $1 || $2 || ''.dup
         filename = CGI.unescape(filename) if unescape_filename?()
-        body.instance_variable_set(:@original_filename, filename)
+        body.instance_variable_set(:@original_filename, filename.taint)
         ## content type
         /Content-Type: (.*)/i.match(head)
         (content_type = $1 || ''.dup).chomp!
-        body.instance_variable_set(:@content_type, content_type)
+        body.instance_variable_set(:@content_type, content_type.taint)
         ## query parameter name
         /Content-Disposition:.* name=(?:"(.*?)"|([^;\r\n]*))/i.match(head)
         name = $1 || $2 || ''
@@ -607,7 +607,6 @@ class CGI
     end
     def unescape_filename?  #:nodoc:
       user_agent = $CGI_ENV['HTTP_USER_AGENT']
-      return false unless user_agent
       return /Mac/i.match(user_agent) && /Mozilla/i.match(user_agent) && !/MSIE/i.match(user_agent)
     end
 
@@ -649,7 +648,7 @@ class CGI
     # Reads query parameters in the @params field, and cookies into @cookies.
     def initialize_query()
       if ("POST" == env_table['REQUEST_METHOD']) and
-        %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?| =~ env_table['CONTENT_TYPE']
+        %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?|.match(env_table['CONTENT_TYPE'])
         current_max_multipart_length = @max_multipart_length.respond_to?(:call) ? @max_multipart_length.call : @max_multipart_length
         raise StandardError.new("too large multipart data.") if env_table['CONTENT_LENGTH'].to_i > current_max_multipart_length
         boundary = $1.dup
@@ -657,7 +656,7 @@ class CGI
         @params = read_multipart(boundary, Integer(env_table['CONTENT_LENGTH']))
       else
         @multipart = false
-        @params = CGI.parse(
+        @params = CGI::parse(
                     case env_table['REQUEST_METHOD']
                     when "GET", "HEAD"
                       if defined?(MOD_RUBY)
@@ -687,7 +686,7 @@ class CGI
         end
       end
 
-      @cookies = CGI::Cookie.parse((env_table['HTTP_COOKIE'] or env_table['COOKIE']))
+      @cookies = CGI::Cookie::parse((env_table['HTTP_COOKIE'] or env_table['COOKIE']))
     end
     private :initialize_query
 

data/lib/cgi/html.rb

@@ -30,10 +30,10 @@ class CGI
       attributes.each do|name, value|
         next unless value
         s << " "
-        s << CGI.escapeHTML(name.to_s)
+        s << CGI::escapeHTML(name.to_s)
         if value != true
           s << '="'
-          s << CGI.escapeHTML(value.to_s)
+          s << CGI::escapeHTML(value.to_s)
           s << '"'
         end
       end
@@ -423,7 +423,7 @@ class CGI
       buf << super(attributes)
 
       if pretty
-        CGI.pretty(buf, pretty)
+        CGI::pretty(buf, pretty)
       else
         buf
       end

data/lib/cgi/session/pstore.rb

@@ -50,6 +50,7 @@ class CGI
         require 'digest/md5'
         md5 = Digest::MD5.hexdigest(id)[0,16]
         path = dir+"/"+prefix+md5
+        path.untaint
         if File::exist?(path)
           @hash = nil
         else

data/lib/cgi/session.rb

@@ -403,7 +403,7 @@ class CGI
             for line in f
               line.chomp!
               k, v = line.split('=',2)
-              @hash[CGI.unescape(k)] = Marshal.restore(CGI.unescape(v))
+              @hash[CGI::unescape(k)] = Marshal.restore(CGI::unescape(v))
             end
           ensure
             f&.close
@@ -421,7 +421,7 @@ class CGI
           lockf.flock File::LOCK_EX
           f = File.open(@path+".new", File::CREAT|File::TRUNC|File::WRONLY, 0600)
           for k,v in @hash
-            f.printf "%s=%s\n", CGI.escape(k), CGI.escape(String(Marshal.dump(v)))
+            f.printf "%s=%s\n", CGI::escape(k), CGI::escape(String(Marshal.dump(v)))
           end
           f.close
           File.rename @path+".new", @path

data/lib/cgi/util.rb

@@ -7,7 +7,7 @@ end
 module CGI::Util
   @@accept_charset="UTF-8" unless defined?(@@accept_charset)
   # URL-encode a string.
-  #   url_encoded_string = CGI.escape("'Stop!' said Fred")
+  #   url_encoded_string = CGI::escape("'Stop!' said Fred")
   #      # => "%27Stop%21%27+said+Fred"
   def escape(string)
     encoding = string.encoding
@@ -17,7 +17,7 @@ module CGI::Util
   end
 
   # URL-decode a string with encoding(optional).
-  #   string = CGI.unescape("%27Stop%21%27+said+Fred")
+  #   string = CGI::unescape("%27Stop%21%27+said+Fred")
   #      # => "'Stop!' said Fred"
   def unescape(string,encoding=@@accept_charset)
     str=string.tr('+', ' ').b.gsub(/((?:%[0-9a-fA-F]{2})+)/) do |m|
@@ -36,7 +36,7 @@ module CGI::Util
   }
 
   # Escape special characters in HTML, namely '&\"<>
-  #   CGI.escapeHTML('Usage: foo "bar" <baz>')
+  #   CGI::escapeHTML('Usage: foo "bar" <baz>')
   #      # => "Usage: foo &quot;bar&quot; &lt;baz&gt;"
   def escapeHTML(string)
     enc = string.encoding
@@ -60,7 +60,7 @@ module CGI::Util
   end
 
   # Unescape a string that has been HTML-escaped
-  #   CGI.unescapeHTML("Usage: foo &quot;bar&quot; &lt;baz&gt;")
+  #   CGI::unescapeHTML("Usage: foo &quot;bar&quot; &lt;baz&gt;")
   #      # => "Usage: foo \"bar\" <baz>"
   def unescapeHTML(string)
     enc = string.encoding
@@ -118,10 +118,10 @@ module CGI::Util
     end
   end
 
-  # Synonym for CGI.escapeHTML(str)
+  # Synonym for CGI::escapeHTML(str)
   alias escape_html escapeHTML
 
-  # Synonym for CGI.unescapeHTML(str)
+  # Synonym for CGI::unescapeHTML(str)
   alias unescape_html unescapeHTML
 
   # Escape only the tags of certain HTML elements in +string+.
@@ -132,30 +132,30 @@ module CGI::Util
   # The attribute list of the open tag will also be escaped (for
   # instance, the double-quotes surrounding attribute values).
   #
-  #   print CGI.escapeElement('<BR><A HREF="url"></A>', "A", "IMG")
+  #   print CGI::escapeElement('<BR><A HREF="url"></A>', "A", "IMG")
   #     # "<BR>&lt;A HREF=&quot;url&quot;&gt;&lt;/A&gt"
   #
-  #   print CGI.escapeElement('<BR><A HREF="url"></A>', ["A", "IMG"])
+  #   print CGI::escapeElement('<BR><A HREF="url"></A>', ["A", "IMG"])
   #     # "<BR>&lt;A HREF=&quot;url&quot;&gt;&lt;/A&gt"
   def escapeElement(string, *elements)
     elements = elements[0] if elements[0].kind_of?(Array)
     unless elements.empty?
       string.gsub(/<\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?>/i) do
-        CGI.escapeHTML($&)
+        CGI::escapeHTML($&)
       end
     else
       string
     end
   end
 
-  # Undo escaping such as that done by CGI.escapeElement()
+  # Undo escaping such as that done by CGI::escapeElement()
   #
-  #   print CGI.unescapeElement(
-  #           CGI.escapeHTML('<BR><A HREF="url"></A>'), "A", "IMG")
+  #   print CGI::unescapeElement(
+  #           CGI::escapeHTML('<BR><A HREF="url"></A>'), "A", "IMG")
   #     # "&lt;BR&gt;<A HREF="url"></A>"
   #
-  #   print CGI.unescapeElement(
-  #           CGI.escapeHTML('<BR><A HREF="url"></A>'), ["A", "IMG"])
+  #   print CGI::unescapeElement(
+  #           CGI::escapeHTML('<BR><A HREF="url"></A>'), ["A", "IMG"])
   #     # "&lt;BR&gt;<A HREF="url"></A>"
   def unescapeElement(string, *elements)
     elements = elements[0] if elements[0].kind_of?(Array)
@@ -168,10 +168,10 @@ module CGI::Util
     end
   end
 
-  # Synonym for CGI.escapeElement(str)
+  # Synonym for CGI::escapeElement(str)
   alias escape_element escapeElement
 
-  # Synonym for CGI.unescapeElement(str)
+  # Synonym for CGI::unescapeElement(str)
   alias unescape_element unescapeElement
 
   # Abbreviated day-of-week names specified by RFC 822
@@ -182,7 +182,7 @@ module CGI::Util
 
   # Format a +Time+ object as a String using the format specified by RFC 1123.
   #
-  #   CGI.rfc1123_date(Time.now)
+  #   CGI::rfc1123_date(Time.now)
   #     # Sat, 01 Jan 2000 00:00:00 GMT
   def rfc1123_date(time)
     t = time.clone.gmtime
@@ -196,13 +196,13 @@ module CGI::Util
   # +string+ is the HTML string to indent.  +shift+ is the indentation
   # unit to use; it defaults to two spaces.
   #
-  #   print CGI.pretty("<HTML><BODY></BODY></HTML>")
+  #   print CGI::pretty("<HTML><BODY></BODY></HTML>")
   #     # <HTML>
   #     #   <BODY>
   #     #   </BODY>
   #     # </HTML>
   #
-  #   print CGI.pretty("<HTML><BODY></BODY></HTML>", "\t")
+  #   print CGI::pretty("<HTML><BODY></BODY></HTML>", "\t")
   #     # <HTML>
   #     #         <BODY>
   #     #         </BODY>

data/lib/cgi/version.rb

@@ -1,3 +1,3 @@
 class CGI
-  VERSION = "0.1.0.1"
+  VERSION = "0.1.1"
 end

data/lib/cgi.rb

@@ -253,7 +253,7 @@
 #           end
 #         end +
 #         cgi.pre do
-#           CGI.escapeHTML(
+#           CGI::escapeHTML(
 #             "params: #{cgi.params.inspect}\n" +
 #             "cookies: #{cgi.cookies.inspect}\n" +
 #             ENV.collect do |key, value|

metadata

@@ -1,18 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: cgi
 version: !ruby/object:Gem::Version
-  version: 0.1.0.1
+  version: 0.1.1
 platform: ruby
 authors:
-- Yukihiro Matsumoto
-autorequire:
+- Hiroshi SHIBATA
+autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-11-21 00:00:00.000000000 Z
+date: 2021-11-24 00:00:00.000000000 Z
 dependencies: []
 description: Support for the Common Gateway Interface protocol.
 email:
-- matz@ruby-lang.org
+- hsbt@ruby-lang.org
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -43,7 +43,7 @@ licenses:
 metadata:
   homepage_uri: https://github.com/ruby/cgi
   source_code_uri: https://github.com/ruby/cgi
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -58,8 +58,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.0.dev
-signing_key:
+rubygems_version: 3.3.0.dev
+signing_key: 
 specification_version: 4
 summary: Support for the Common Gateway Interface protocol.
 test_files: []