cgi 0.1.0.2 → 0.3.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 88d87c310da6bcfa8f2da7f97ff2fad32509e4ec853d44d8077b82e6402db9e8
-  data.tar.gz: cbe7e4b113e1243997974719ce4c8180eec4727f54e588144bcd4df5dd31efef
+  metadata.gz: ef7c6fbc3fed4edb75963f96b0b7a150dca2d296730f28eb42844e7582f73ddb
+  data.tar.gz: 6dff4891d8e6b75480346969bef5efd4e33c323a8e6dbe2196e07abf5d4b4366
 SHA512:
-  metadata.gz: 847bb3e61e6c1bb998ec2da58cee64a0ccc3ef1647cdd1a54a9bb7e73cd91555790a7d818c36fdd46abae33ddb78c1199e0890b150c4d40ccd00c68e3c577da3
-  data.tar.gz: d2aed253127848dfc91ab3610aed993b5f7d37591ee1a8460cf79b6e261c680c248f411ab3eaadc5e459ca9501ccdb0c4169db8860b554ad5e4431fb680d3d89
+  metadata.gz: 4b6abc351ceaf68ededa9d590fdd7adfb1fe8b32d4818128be7fb10867788cf32de65ea5d11cd4d7a38dc1a4adf19c1faee1b6a3689aeccea943178d18b09f8d
+  data.tar.gz: 1d805aede830aabc0c7d7ca577d8bd2bca541956d37cadeda9262a5e5ee01af5d940d4e135b907deadc16d20ef5a8357b2d4bb8817fc4241491f8305030e3d2e

data/ext/cgi/escape/depend

@@ -1,17 +1,2 @@
-# AUTOGENERATED DEPENDENCIES START
 escape.o: $(RUBY_EXTCONF_H)
-escape.o: $(arch_hdrdir)/ruby/config.h
-escape.o: $(hdrdir)/ruby.h
-escape.o: $(hdrdir)/ruby/assert.h
-escape.o: $(hdrdir)/ruby/backward.h
-escape.o: $(hdrdir)/ruby/defines.h
-escape.o: $(hdrdir)/ruby/encoding.h
-escape.o: $(hdrdir)/ruby/intern.h
-escape.o: $(hdrdir)/ruby/missing.h
-escape.o: $(hdrdir)/ruby/onigmo.h
-escape.o: $(hdrdir)/ruby/oniguruma.h
-escape.o: $(hdrdir)/ruby/ruby.h
-escape.o: $(hdrdir)/ruby/st.h
-escape.o: $(hdrdir)/ruby/subst.h
 escape.o: escape.c
-# AUTOGENERATED DEPENDENCIES END

data/ext/cgi/escape/escape.c

@@ -32,12 +32,21 @@ preserve_original_state(VALUE orig, VALUE dest)
     rb_enc_associate(dest, rb_enc_get(orig));
 }
 
+static inline long
+escaped_length(VALUE str)
+{
+    const long len = RSTRING_LEN(str);
+    if (len >= LONG_MAX / HTML_ESCAPE_MAX_LEN) {
+        ruby_malloc_size_overflow(len, HTML_ESCAPE_MAX_LEN);
+    }
+    return len * HTML_ESCAPE_MAX_LEN;
+}
+
 static VALUE
 optimized_escape_html(VALUE str)
 {
     VALUE vbuf;
-    typedef char escape_buf[HTML_ESCAPE_MAX_LEN];
-    char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str));
+    char *buf = ALLOCV_N(char, vbuf, escaped_length(str));
     const char *cstr = RSTRING_PTR(str);
     const char *end = cstr + RSTRING_LEN(str);
 
@@ -72,8 +81,8 @@ optimized_unescape_html(VALUE str)
     enum {UNICODE_MAX = 0x10ffff};
     rb_encoding *enc = rb_enc_get(str);
     unsigned long charlimit = (strcasecmp(rb_enc_name(enc), "UTF-8") == 0 ? UNICODE_MAX :
-			       strcasecmp(rb_enc_name(enc), "ISO-8859-1") == 0 ? 256 :
-			       128);
+                               strcasecmp(rb_enc_name(enc), "ISO-8859-1") == 0 ? 256 :
+                               128);
     long i, len, beg = 0;
     size_t clen, plen;
     int overflow;
@@ -85,89 +94,89 @@ optimized_unescape_html(VALUE str)
     cstr = RSTRING_PTR(str);
 
     for (i = 0; i < len; i++) {
-	unsigned long cc;
-	char c = cstr[i];
-	if (c != '&') continue;
-	plen = i - beg;
-	if (++i >= len) break;
-	c = (unsigned char)cstr[i];
+        unsigned long cc;
+        char c = cstr[i];
+        if (c != '&') continue;
+        plen = i - beg;
+        if (++i >= len) break;
+        c = (unsigned char)cstr[i];
 #define MATCH(s) (len - i >= (int)rb_strlen_lit(s) && \
-		  memcmp(&cstr[i], s, rb_strlen_lit(s)) == 0 && \
-		  (i += rb_strlen_lit(s) - 1, 1))
-	switch (c) {
-	  case 'a':
-	    ++i;
-	    if (MATCH("pos;")) {
-		c = '\'';
-	    }
-	    else if (MATCH("mp;")) {
-		c = '&';
-	    }
-	    else continue;
-	    break;
-	  case 'q':
-	    ++i;
-	    if (MATCH("uot;")) {
-		c = '"';
-	    }
-	    else continue;
-	    break;
-	  case 'g':
-	    ++i;
-	    if (MATCH("t;")) {
-		c = '>';
-	    }
-	    else continue;
-	    break;
-	  case 'l':
-	    ++i;
-	    if (MATCH("t;")) {
-		c = '<';
-	    }
-	    else continue;
-	    break;
-	  case '#':
-	    if (len - ++i >= 2 && ISDIGIT(cstr[i])) {
-		cc = ruby_scan_digits(&cstr[i], len-i, 10, &clen, &overflow);
-	    }
-	    else if ((cstr[i] == 'x' || cstr[i] == 'X') && len - ++i >= 2 && ISXDIGIT(cstr[i])) {
-		cc = ruby_scan_digits(&cstr[i], len-i, 16, &clen, &overflow);
-	    }
-	    else continue;
-	    i += clen;
-	    if (overflow || cc >= charlimit || cstr[i] != ';') continue;
-	    if (!dest) {
-		dest = rb_str_buf_new(len);
-	    }
-	    rb_str_cat(dest, cstr + beg, plen);
-	    if (charlimit > 256) {
-		rb_str_cat(dest, buf, rb_enc_mbcput((OnigCodePoint)cc, buf, enc));
-	    }
-	    else {
-		c = (unsigned char)cc;
-		rb_str_cat(dest, &c, 1);
-	    }
-	    beg = i + 1;
-	    continue;
-	  default:
-	    --i;
-	    continue;
-	}
-	if (!dest) {
-	    dest = rb_str_buf_new(len);
-	}
-	rb_str_cat(dest, cstr + beg, plen);
-	rb_str_cat(dest, &c, 1);
-	beg = i + 1;
+                  memcmp(&cstr[i], s, rb_strlen_lit(s)) == 0 && \
+                  (i += rb_strlen_lit(s) - 1, 1))
+        switch (c) {
+          case 'a':
+            ++i;
+            if (MATCH("pos;")) {
+                c = '\'';
+            }
+            else if (MATCH("mp;")) {
+                c = '&';
+            }
+            else continue;
+            break;
+          case 'q':
+            ++i;
+            if (MATCH("uot;")) {
+                c = '"';
+            }
+            else continue;
+            break;
+          case 'g':
+            ++i;
+            if (MATCH("t;")) {
+                c = '>';
+            }
+            else continue;
+            break;
+          case 'l':
+            ++i;
+            if (MATCH("t;")) {
+                c = '<';
+            }
+            else continue;
+            break;
+          case '#':
+            if (len - ++i >= 2 && ISDIGIT(cstr[i])) {
+                cc = ruby_scan_digits(&cstr[i], len-i, 10, &clen, &overflow);
+            }
+            else if ((cstr[i] == 'x' || cstr[i] == 'X') && len - ++i >= 2 && ISXDIGIT(cstr[i])) {
+                cc = ruby_scan_digits(&cstr[i], len-i, 16, &clen, &overflow);
+            }
+            else continue;
+            i += clen;
+            if (overflow || cc >= charlimit || cstr[i] != ';') continue;
+            if (!dest) {
+                dest = rb_str_buf_new(len);
+            }
+            rb_str_cat(dest, cstr + beg, plen);
+            if (charlimit > 256) {
+                rb_str_cat(dest, buf, rb_enc_mbcput((OnigCodePoint)cc, buf, enc));
+            }
+            else {
+                c = (unsigned char)cc;
+                rb_str_cat(dest, &c, 1);
+            }
+            beg = i + 1;
+            continue;
+          default:
+            --i;
+            continue;
+        }
+        if (!dest) {
+            dest = rb_str_buf_new(len);
+        }
+        rb_str_cat(dest, cstr + beg, plen);
+        rb_str_cat(dest, &c, 1);
+        beg = i + 1;
     }
 
     if (dest) {
-	rb_str_cat(dest, cstr + beg, len - beg);
-	preserve_original_state(str, dest);
-	return dest;
+        rb_str_cat(dest, cstr + beg, len - beg);
+        preserve_original_state(str, dest);
+        return dest;
     }
     else {
-	return rb_str_dup(str);
+        return rb_str_dup(str);
     }
 }
 
@@ -191,7 +200,7 @@ url_unreserved_char(unsigned char c)
 }
 
 static VALUE
-optimized_escape(VALUE str)
+optimized_escape(VALUE str, int plus_escape)
 {
     long i, len, beg = 0;
     VALUE dest = 0;
@@ -202,38 +211,38 @@ optimized_escape(VALUE str)
     cstr = RSTRING_PTR(str);
 
     for (i = 0; i < len; ++i) {
-	const unsigned char c = (unsigned char)cstr[i];
-	if (!url_unreserved_char(c)) {
-	    if (!dest) {
-		dest = rb_str_buf_new(len);
-	    }
-
-	    rb_str_cat(dest, cstr + beg, i - beg);
-	    beg = i + 1;
-
-	    if (c == ' ') {
-		rb_str_cat_cstr(dest, "+");
-	    }
-	    else {
-		buf[1] = upper_hexdigits[(c >> 4) & 0xf];
-		buf[2] = upper_hexdigits[c & 0xf];
-		rb_str_cat(dest, buf, 3);
-	    }
-	}
+        const unsigned char c = (unsigned char)cstr[i];
+        if (!url_unreserved_char(c)) {
+            if (!dest) {
+                dest = rb_str_buf_new(len);
+            }
+
+            rb_str_cat(dest, cstr + beg, i - beg);
+            beg = i + 1;
+
+            if (plus_escape && c == ' ') {
+                rb_str_cat_cstr(dest, "+");
+            }
+            else {
+                buf[1] = upper_hexdigits[(c >> 4) & 0xf];
+                buf[2] = upper_hexdigits[c & 0xf];
+                rb_str_cat(dest, buf, 3);
+            }
+        }
     }
 
     if (dest) {
-	rb_str_cat(dest, cstr + beg, len - beg);
-	preserve_original_state(str, dest);
-	return dest;
+        rb_str_cat(dest, cstr + beg, len - beg);
+        preserve_original_state(str, dest);
+        return dest;
     }
     else {
-	return rb_str_dup(str);
+        return rb_str_dup(str);
     }
 }
 
 static VALUE
-optimized_unescape(VALUE str, VALUE encoding)
+optimized_unescape(VALUE str, VALUE encoding, int unescape_plus)
 {
     long i, len, beg = 0;
     VALUE dest = 0;
@@ -245,52 +254,52 @@ optimized_unescape(VALUE str, VALUE encoding)
     cstr = RSTRING_PTR(str);
 
     for (i = 0; i < len; ++i) {
-	char buf[1];
-	const char c = cstr[i];
-	int clen = 0;
-	if (c == '%') {
-	    if (i + 3 > len) break;
-	    if (!ISXDIGIT(cstr[i+1])) continue;
-	    if (!ISXDIGIT(cstr[i+2])) continue;
-	    buf[0] = ((char_to_number(cstr[i+1]) << 4)
-		      | char_to_number(cstr[i+2]));
-	    clen = 2;
-	}
-	else if (c == '+') {
-	    buf[0] = ' ';
-	}
-	else {
-	    continue;
-	}
-
-	if (!dest) {
-	    dest = rb_str_buf_new(len);
-	}
-
-	rb_str_cat(dest, cstr + beg, i - beg);
-	i += clen;
-	beg = i + 1;
-
-	rb_str_cat(dest, buf, 1);
+        char buf[1];
+        const char c = cstr[i];
+        int clen = 0;
+        if (c == '%') {
+            if (i + 3 > len) break;
+            if (!ISXDIGIT(cstr[i+1])) continue;
+            if (!ISXDIGIT(cstr[i+2])) continue;
+            buf[0] = ((char_to_number(cstr[i+1]) << 4)
+                      | char_to_number(cstr[i+2]));
+            clen = 2;
+        }
+        else if (unescape_plus && c == '+') {
+            buf[0] = ' ';
+        }
+        else {
+            continue;
+        }
+
+        if (!dest) {
+            dest = rb_str_buf_new(len);
+        }
+
+        rb_str_cat(dest, cstr + beg, i - beg);
+        i += clen;
+        beg = i + 1;
+
+        rb_str_cat(dest, buf, 1);
     }
 
     if (dest) {
-	rb_str_cat(dest, cstr + beg, len - beg);
-	preserve_original_state(str, dest);
-	cr = ENC_CODERANGE_UNKNOWN;
+        rb_str_cat(dest, cstr + beg, len - beg);
+        preserve_original_state(str, dest);
+        cr = ENC_CODERANGE_UNKNOWN;
     }
     else {
-	dest = rb_str_dup(str);
-	cr = ENC_CODERANGE(str);
+        dest = rb_str_dup(str);
+        cr = ENC_CODERANGE(str);
     }
     origenc = rb_enc_get_index(str);
     if (origenc != encidx) {
-	rb_enc_associate_index(dest, encidx);
-	if (!ENC_CODERANGE_CLEAN_P(rb_enc_str_coderange(dest))) {
-	    rb_enc_associate_index(dest, origenc);
-	    if (cr != ENC_CODERANGE_UNKNOWN)
-		ENC_CODERANGE_SET(dest, cr);
-	}
+        rb_enc_associate_index(dest, encidx);
+        if (!ENC_CODERANGE_CLEAN_P(rb_enc_str_coderange(dest))) {
+            rb_enc_associate_index(dest, origenc);
+            if (cr != ENC_CODERANGE_UNKNOWN)
+                ENC_CODERANGE_SET(dest, cr);
+        }
     }
     return dest;
 }
@@ -308,10 +317,10 @@ cgiesc_escape_html(VALUE self, VALUE str)
     StringValue(str);
 
     if (rb_enc_str_asciicompat_p(str)) {
-	return optimized_escape_html(str);
+        return optimized_escape_html(str);
     }
     else {
-	return rb_call_super(1, &str);
+        return rb_call_super(1, &str);
     }
 }
 
@@ -328,10 +337,10 @@ cgiesc_unescape_html(VALUE self, VALUE str)
     StringValue(str);
 
     if (rb_enc_str_asciicompat_p(str)) {
-	return optimized_unescape_html(str);
+        return optimized_unescape_html(str);
     }
     else {
-	return rb_call_super(1, &str);
+        return rb_call_super(1, &str);
     }
 }
 
@@ -339,7 +348,7 @@ cgiesc_unescape_html(VALUE self, VALUE str)
  *  call-seq:
  *     CGI.escape(string) -> string
  *
- *  Returns URL-escaped string.
+ *  Returns URL-escaped string (+application/x-www-form-urlencoded+).
  *
  */
 static VALUE
@@ -348,10 +357,10 @@ cgiesc_escape(VALUE self, VALUE str)
     StringValue(str);
 
     if (rb_enc_str_asciicompat_p(str)) {
-	return optimized_escape(str);
+        return optimized_escape(str, 1);
     }
     else {
-	return rb_call_super(1, &str);
+        return rb_call_super(1, &str);
     }
 }
 
@@ -359,7 +368,7 @@ static VALUE
 accept_charset(int argc, VALUE *argv, VALUE self)
 {
     if (argc > 0)
-	return argv[0];
+        return argv[0];
     return rb_cvar_get(CLASS_OF(self), id_accept_charset);
 }
 
@@ -367,7 +376,7 @@ accept_charset(int argc, VALUE *argv, VALUE self)
  *  call-seq:
  *     CGI.unescape(string, encoding=@@accept_charset) -> string
  *
- *  Returns URL-unescaped string.
+ *  Returns URL-unescaped string (+application/x-www-form-urlencoded+).
  *
  */
 static VALUE
@@ -378,17 +387,64 @@ cgiesc_unescape(int argc, VALUE *argv, VALUE self)
     StringValue(str);
 
     if (rb_enc_str_asciicompat_p(str)) {
-	VALUE enc = accept_charset(argc-1, argv+1, self);
-	return optimized_unescape(str, enc);
+        VALUE enc = accept_charset(argc-1, argv+1, self);
+        return optimized_unescape(str, enc, 1);
     }
     else {
-	return rb_call_super(argc, argv);
+        return rb_call_super(argc, argv);
+    }
+}
+
+/*
+ *  call-seq:
+ *     CGI.escapeURIComponent(string) -> string
+ *
+ *  Returns URL-escaped string following RFC 3986.
+ *
+ */
+static VALUE
+cgiesc_escape_uri_component(VALUE self, VALUE str)
+{
+    StringValue(str);
+
+    if (rb_enc_str_asciicompat_p(str)) {
+        return optimized_escape(str, 0);
+    }
+    else {
+        return rb_call_super(1, &str);
+    }
+}
+
+/*
+ *  call-seq:
+ *     CGI.unescapeURIComponent(string, encoding=@@accept_charset) -> string
+ *
+ *  Returns URL-unescaped string following RFC 3986.
+ *
+ */
+static VALUE
+cgiesc_unescape_uri_component(int argc, VALUE *argv, VALUE self)
+{
+    VALUE str = (rb_check_arity(argc, 1, 2), argv[0]);
+
+    StringValue(str);
+
+    if (rb_enc_str_asciicompat_p(str)) {
+        VALUE enc = accept_charset(argc-1, argv+1, self);
+        return optimized_unescape(str, enc, 0);
+    }
+    else {
+        return rb_call_super(argc, argv);
     }
 }
 
 void
 Init_escape(void)
 {
+#ifdef HAVE_RB_EXT_RACTOR_SAFE
+    rb_ext_ractor_safe(true);
+#endif
+
     id_accept_charset = rb_intern_const("@@accept_charset");
     InitVM(escape);
 }
@@ -401,6 +457,8 @@ InitVM_escape(void)
     rb_mUtil   = rb_define_module_under(rb_cCGI, "Util");
     rb_define_method(rb_mEscape, "escapeHTML", cgiesc_escape_html, 1);
     rb_define_method(rb_mEscape, "unescapeHTML", cgiesc_unescape_html, 1);
+    rb_define_method(rb_mEscape, "escapeURIComponent", cgiesc_escape_uri_component, 1);
+    rb_define_method(rb_mEscape, "unescapeURIComponent", cgiesc_unescape_uri_component, -1);
     rb_define_method(rb_mEscape, "escape", cgiesc_escape, 1);
     rb_define_method(rb_mEscape, "unescape", cgiesc_unescape, -1);
     rb_prepend_module(rb_mUtil, rb_mEscape);

data/lib/cgi/cookie.rb

@@ -42,7 +42,7 @@ class CGI
 
     TOKEN_RE = %r"\A[[!-~]&&[^()<>@,;:\\\"/?=\[\]{}]]+\z"
     PATH_VALUE_RE = %r"\A[[ -~]&&[^;]]*\z"
-    DOMAIN_VALUE_RE = %r"\A(?<label>(?!-)[-A-Za-z0-9]+(?<!-))(?:\.\g<label>)*\z"
+    DOMAIN_VALUE_RE = %r"\A\.?(?<label>(?!-)[-A-Za-z0-9]+(?<!-))(?:\.\g<label>)*\z"
 
     # Create a new CGI::Cookie object.
     #

data/lib/cgi/session/pstore.rb

@@ -44,20 +44,8 @@ class CGI
       # This session's PStore file will be created if it does
       # not exist, or opened if it does.
       def initialize(session, option={})
-        dir = option['tmpdir'] || Dir::tmpdir
-        prefix = option['prefix'] || ''
-        id = session.session_id
-        require 'digest/md5'
-        md5 = Digest::MD5.hexdigest(id)[0,16]
-        path = dir+"/"+prefix+md5
-        if File::exist?(path)
-          @hash = nil
-        else
-          unless session.new_session
-            raise CGI::Session::NoSession, "uninitialized session"
-          end
-          @hash = {}
-        end
+        option = {'suffix'=>''}.update(option)
+        path, @hash = session.new_store_file(option)
         @p = ::PStore.new(path)
         @p.transaction do |p|
           File.chmod(0600, p.path)

data/lib/cgi/session.rb

@@ -189,6 +189,47 @@ class CGI
     end
     private :create_new_id
 
+
+    # Create a new file to store the session data.
+    #
+    # This file will be created if it does not exist, or opened if it
+    # does.
+    #
+    # This path is generated under _tmpdir_ from _prefix_, the
+    # digested session id, and _suffix_.
+    #
+    # +option+ is a hash of options for the initializer.  The
+    # following options are recognised:
+    #
+    # tmpdir:: the directory to use for storing the FileStore
+    #          file.  Defaults to Dir::tmpdir (generally "/tmp"
+    #          on Unix systems).
+    # prefix:: the prefix to add to the session id when generating
+    #          the filename for this session's FileStore file.
+    #          Defaults to "cgi_sid_".
+    # suffix:: the prefix to add to the session id when generating
+    #          the filename for this session's FileStore file.
+    #          Defaults to the empty string.
+    def new_store_file(option={}) # :nodoc:
+      dir = option['tmpdir'] || Dir::tmpdir
+      prefix = option['prefix']
+      suffix = option['suffix']
+      require 'digest/md5'
+      md5 = Digest::MD5.hexdigest(session_id)[0,16]
+      path = dir+"/"
+      path << prefix if prefix
+      path << md5
+      path << suffix if suffix
+      if File::exist? path
+        hash = nil
+      elsif new_session
+        hash = {}
+      else
+        raise NoSession, "uninitialized session"
+      end
+      return path, hash
+    end
+
     # Create a new CGI::Session object for +request+.
     #
     # +request+ is an instance of the +CGI+ class (see cgi.rb).
@@ -373,21 +414,8 @@ class CGI
       # This session's FileStore file will be created if it does
       # not exist, or opened if it does.
       def initialize(session, option={})
-        dir = option['tmpdir'] || Dir::tmpdir
-        prefix = option['prefix'] || 'cgi_sid_'
-        suffix = option['suffix'] || ''
-        id = session.session_id
-        require 'digest/md5'
-        md5 = Digest::MD5.hexdigest(id)[0,16]
-        @path = dir+"/"+prefix+md5+suffix
-        if File::exist? @path
-          @hash = nil
-        else
-          unless session.new_session
-            raise CGI::Session::NoSession, "uninitialized session"
-          end
-          @hash = {}
-        end
+        option = {'prefix' => 'cgi_sid_'}.update(option)
+        @path, @hash = session.new_store_file(option)
       end
 
       # Restore session state from the session's FileStore file.

data/lib/cgi/util.rb

@@ -5,24 +5,57 @@ class CGI
   extend Util
 end
 module CGI::Util
-  @@accept_charset="UTF-8" unless defined?(@@accept_charset)
-  # URL-encode a string.
+  @@accept_charset = Encoding::UTF_8 unless defined?(@@accept_charset)
+
+  # URL-encode a string into application/x-www-form-urlencoded.
+  # Space characters (+" "+) are encoded with plus signs (+"+"+)
   #   url_encoded_string = CGI.escape("'Stop!' said Fred")
   #      # => "%27Stop%21%27+said+Fred"
   def escape(string)
     encoding = string.encoding
-    string.b.gsub(/([^ a-zA-Z0-9_.\-~]+)/) do |m|
+    buffer = string.b
+    buffer.gsub!(/([^ a-zA-Z0-9_.\-~]+)/) do |m|
       '%' + m.unpack('H2' * m.bytesize).join('%').upcase
-    end.tr(' ', '+').force_encoding(encoding)
+    end
+    buffer.tr!(' ', '+')
+    buffer.force_encoding(encoding)
   end
 
-  # URL-decode a string with encoding(optional).
+  # URL-decode an application/x-www-form-urlencoded string with encoding(optional).
   #   string = CGI.unescape("%27Stop%21%27+said+Fred")
   #      # => "'Stop!' said Fred"
-  def unescape(string,encoding=@@accept_charset)
-    str=string.tr('+', ' ').b.gsub(/((?:%[0-9a-fA-F]{2})+)/) do |m|
+  def unescape(string, encoding = @@accept_charset)
+    str = string.tr('+', ' ')
+    str = str.b
+    str.gsub!(/((?:%[0-9a-fA-F]{2})+)/) do |m|
       [m.delete('%')].pack('H*')
-    end.force_encoding(encoding)
+    end
+    str.force_encoding(encoding)
+    str.valid_encoding? ? str : str.force_encoding(string.encoding)
+  end
+
+  # URL-encode a string following RFC 3986
+  # Space characters (+" "+) are encoded with (+"%20"+)
+  #   url_encoded_string = CGI.escape("'Stop!' said Fred")
+  #      # => "%27Stop%21%27%20said%20Fred"
+  def escapeURIComponent(string)
+    encoding = string.encoding
+    buffer = string.b
+    buffer.gsub!(/([^a-zA-Z0-9_.\-~]+)/) do |m|
+      '%' + m.unpack('H2' * m.bytesize).join('%').upcase
+    end
+    buffer.force_encoding(encoding)
+  end
+
+  # URL-decode a string following RFC 3986 with encoding(optional).
+  #   string = CGI.unescape("%27Stop%21%27+said%20Fred")
+  #      # => "'Stop!'+said Fred"
+  def unescapeURIComponent(string, encoding = @@accept_charset)
+    str = string.b
+    str.gsub!(/((?:%[0-9a-fA-F]{2})+)/) do |m|
+      [m.delete('%')].pack('H*')
+    end
+    str.force_encoding(encoding)
     str.valid_encoding? ? str : str.force_encoding(string.encoding)
   end
 
@@ -49,9 +82,12 @@ module CGI::Util
       table = Hash[TABLE_FOR_ESCAPE_HTML__.map {|pair|pair.map {|s|s.encode(enc)}}]
       string = string.gsub(/#{"['&\"<>]".encode(enc)}/, table)
       string.encode!(origenc) if origenc
-      return string
+      string
+    else
+      string = string.b
+      string.gsub!(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
+      string.force_encoding(enc)
     end
-    string.gsub(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
   end
 
   begin
@@ -90,7 +126,8 @@ module CGI::Util
                 when Encoding::ISO_8859_1; 256
                 else 128
                 end
-    string.gsub(/&(apos|amp|quot|gt|lt|\#[0-9]+|\#[xX][0-9A-Fa-f]+);/) do
+    string = string.b
+    string.gsub!(/&(apos|amp|quot|gt|lt|\#[0-9]+|\#[xX][0-9A-Fa-f]+);/) do
       match = $1.dup
       case match
       when 'apos'                then "'"
@@ -116,6 +153,7 @@ module CGI::Util
         "&#{match};"
       end
     end
+    string.force_encoding enc
   end
 
   # Synonym for CGI.escapeHTML(str)
@@ -174,21 +212,12 @@ module CGI::Util
   # Synonym for CGI.unescapeElement(str)
   alias unescape_element unescapeElement
 
-  # Abbreviated day-of-week names specified by RFC 822
-  RFC822_DAYS = %w[ Sun Mon Tue Wed Thu Fri Sat ]
-
-  # Abbreviated month names specified by RFC 822
-  RFC822_MONTHS = %w[ Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec ]
-
   # Format a +Time+ object as a String using the format specified by RFC 1123.
   #
   #   CGI.rfc1123_date(Time.now)
   #     # Sat, 01 Jan 2000 00:00:00 GMT
   def rfc1123_date(time)
-    t = time.clone.gmtime
-    return format("%s, %.2d %s %.4d %.2d:%.2d:%.2d GMT",
-                  RFC822_DAYS[t.wday], t.day, RFC822_MONTHS[t.month-1], t.year,
-                  t.hour, t.min, t.sec)
+    time.getgm.strftime("%a, %d %b %Y %T GMT")
   end
 
   # Prettify (indent) an HTML string.

data/lib/cgi.rb

@@ -162,7 +162,7 @@
 #   cgi.has_key?('field_name')
 #   cgi.include?('field_name')
 #
-# CAUTION! cgi['field_name'] returned an Array with the old
+# CAUTION! <code>cgi['field_name']</code> returned an Array with the old
 # cgi.rb(included in Ruby 1.6)
 #
 # === Get form values as hash
@@ -288,6 +288,7 @@
 #
 
 class CGI
+  VERSION = "0.3.6"
 end
 
 require 'cgi/core'

metadata

@@ -1,31 +1,25 @@
 --- !ruby/object:Gem::Specification
 name: cgi
 version: !ruby/object:Gem::Version
-  version: 0.1.0.2
+  version: 0.3.6
 platform: ruby
 authors:
 - Yukihiro Matsumoto
 autorequire:
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2022-11-22 00:00:00.000000000 Z
+date: 2022-11-28 00:00:00.000000000 Z
 dependencies: []
 description: Support for the Common Gateway Interface protocol.
 email:
 - matz@ruby-lang.org
 executables: []
-extensions: []
+extensions:
+- ext/cgi/escape/extconf.rb
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".travis.yml"
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
-- bin/console
-- bin/setup
-- cgi.gemspec
 - ext/cgi/escape/depend
 - ext/cgi/escape/escape.c
 - ext/cgi/escape/extconf.rb
@@ -36,9 +30,9 @@ files:
 - lib/cgi/session.rb
 - lib/cgi/session/pstore.rb
 - lib/cgi/util.rb
-- lib/cgi/version.rb
 homepage: https://github.com/ruby/cgi
 licenses:
+- Ruby
 - BSD-2-Clause
 metadata:
   homepage_uri: https://github.com/ruby/cgi
@@ -51,7 +45,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/.gitignore

@@ -1,12 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/
-/Gemfile.lock
-*.bundle
-*.so
-*.dll

data/.travis.yml

@@ -1,7 +0,0 @@
----
-sudo: false
-language: ruby
-cache: bundler
-rvm:
-  - 2.6.3
-before_install: gem install bundler -v 2.0.2

data/Gemfile

@@ -1,8 +0,0 @@
-source "https://rubygems.org"
-
-group :development do
-  gem "bundler"
-  gem "rake"
-  gem "rake-compiler"
-  gem "test-unit"
-end

data/Rakefile

@@ -1,13 +0,0 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << "test/lib"
-  t.ruby_opts << "-rhelper"
-  t.test_files = FileList['test/**/test_*.rb']
-end
-
-require 'rake/extensiontask'
-Rake::ExtensionTask.new("cgi/escape")
-
-task :default => :test

data/bin/console

@@ -1,7 +0,0 @@
-#!/usr/bin/env ruby
-
-require "bundler/setup"
-require "cgi"
-
-require "irb"
-IRB.start(__FILE__)

data/bin/setup

@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install

data/cgi.gemspec

@@ -1,27 +0,0 @@
-begin
-  require_relative "lib/cgi/version"
-rescue LoadError # Fallback to load version file in ruby core repository
-  require_relative "version"
-end
-
-Gem::Specification.new do |spec|
-  spec.name          = "cgi"
-  spec.version       = CGI::VERSION
-  spec.authors       = ["Yukihiro Matsumoto"]
-  spec.email         = ["matz@ruby-lang.org"]
-
-  spec.summary       = %q{Support for the Common Gateway Interface protocol.}
-  spec.description   = %q{Support for the Common Gateway Interface protocol.}
-  spec.homepage      = "https://github.com/ruby/cgi"
-  spec.license       = "BSD-2-Clause"
-
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = spec.homepage
-
-  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
-    `git ls-files -z 2>/dev/null`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
-end

data/lib/cgi/version.rb

@@ -1,3 +0,0 @@
-class CGI
-  VERSION = "0.1.0.2"
-end