cgi 0.2.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of cgi might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.github/workflows/test.yml +3 -5
- data/Rakefile +7 -0
- data/cgi.gemspec +1 -1
- data/ext/cgi/escape/escape.c +1 -2
- data/lib/cgi/cookie.rb +9 -36
- data/lib/cgi/core.rb +17 -28
- data/lib/cgi/util.rb +9 -13
- data/lib/cgi.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c6b7b44043961650520d8b04fb0df56f62e3d34a0f033339272005a61d968000
|
4
|
+
data.tar.gz: ac6cd96b5782920f33d41405fa5a93d91e69327ff97d40498b2d930ca9bf2484
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e6b18bbd30338184d2c6ce9a5405d57c1de7b72cf6969a0735ab2dade5138741dc0d427592f02d33be062a30b23936714ab70a911ee668f0aa4c13ca4093ac38
|
7
|
+
data.tar.gz: cc0a96e60bb0dfb4a9876ba284b2d3941548e7d3a3e13583bfd777e7cb56abbc7493f2f691ab30b0f7ef0d6ce97e2fd52ee0f071a61b77e0a2ac71632ab9c6f3
|
data/.github/workflows/test.yml
CHANGED
@@ -7,18 +7,16 @@ jobs:
|
|
7
7
|
name: build (${{ matrix.ruby }} / ${{ matrix.os }})
|
8
8
|
strategy:
|
9
9
|
matrix:
|
10
|
-
ruby: [ 2.7, 2.6, 2.5, head ]
|
10
|
+
ruby: [ '3.0', 2.7, 2.6, 2.5, head ]
|
11
11
|
os: [ ubuntu-latest, macos-latest ]
|
12
12
|
runs-on: ${{ matrix.os }}
|
13
13
|
steps:
|
14
|
-
- uses: actions/checkout@
|
14
|
+
- uses: actions/checkout@v2
|
15
15
|
- name: Set up Ruby
|
16
16
|
uses: ruby/setup-ruby@v1
|
17
17
|
with:
|
18
18
|
ruby-version: ${{ matrix.ruby }}
|
19
19
|
- name: Install dependencies
|
20
|
-
run:
|
21
|
-
gem install bundler --no-document
|
22
|
-
bundle install
|
20
|
+
run: bundle install
|
23
21
|
- name: Run test
|
24
22
|
run: rake test
|
data/Rakefile
CHANGED
@@ -10,4 +10,11 @@ end
|
|
10
10
|
require 'rake/extensiontask'
|
11
11
|
Rake::ExtensionTask.new("cgi/escape")
|
12
12
|
|
13
|
+
task :sync_tool do
|
14
|
+
require 'fileutils'
|
15
|
+
FileUtils.cp "../ruby/tool/lib/core_assertions.rb", "./test/lib"
|
16
|
+
FileUtils.cp "../ruby/tool/lib/envutil.rb", "./test/lib"
|
17
|
+
FileUtils.cp "../ruby/tool/lib/find_executable.rb", "./test/lib"
|
18
|
+
end
|
19
|
+
|
13
20
|
task :default => :test
|
data/cgi.gemspec
CHANGED
@@ -26,6 +26,6 @@ Gem::Specification.new do |spec|
|
|
26
26
|
`git ls-files -z 2>/dev/null`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
27
27
|
end
|
28
28
|
spec.bindir = "exe"
|
29
|
-
spec.executables =
|
29
|
+
spec.executables = []
|
30
30
|
spec.require_paths = ["lib"]
|
31
31
|
end
|
data/ext/cgi/escape/escape.c
CHANGED
@@ -36,8 +36,7 @@ static VALUE
|
|
36
36
|
optimized_escape_html(VALUE str)
|
37
37
|
{
|
38
38
|
VALUE vbuf;
|
39
|
-
|
40
|
-
char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str));
|
39
|
+
char *buf = ALLOCV_N(char, vbuf, RSTRING_LEN(str) * HTML_ESCAPE_MAX_LEN);
|
41
40
|
const char *cstr = RSTRING_PTR(str);
|
42
41
|
const char *end = cstr + RSTRING_LEN(str);
|
43
42
|
|
data/lib/cgi/cookie.rb
CHANGED
@@ -40,10 +40,6 @@ class CGI
|
|
40
40
|
class Cookie < Array
|
41
41
|
@@accept_charset="UTF-8" unless defined?(@@accept_charset)
|
42
42
|
|
43
|
-
TOKEN_RE = %r"\A[[!-~]&&[^()<>@,;:\\\"/?=\[\]{}]]+\z"
|
44
|
-
PATH_VALUE_RE = %r"\A[[ -~]&&[^;]]*\z"
|
45
|
-
DOMAIN_VALUE_RE = %r"\A(?<label>(?!-)[-A-Za-z0-9]+(?<!-))(?:\.\g<label>)*\z"
|
46
|
-
|
47
43
|
# Create a new CGI::Cookie object.
|
48
44
|
#
|
49
45
|
# :call-seq:
|
@@ -76,8 +72,8 @@ class CGI
|
|
76
72
|
@domain = nil
|
77
73
|
@expires = nil
|
78
74
|
if name.kind_of?(String)
|
79
|
-
|
80
|
-
|
75
|
+
@name = name
|
76
|
+
@path = (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
|
81
77
|
@secure = false
|
82
78
|
@httponly = false
|
83
79
|
return super(value)
|
@@ -88,11 +84,11 @@ class CGI
|
|
88
84
|
raise ArgumentError, "`name' required"
|
89
85
|
end
|
90
86
|
|
91
|
-
|
87
|
+
@name = options["name"]
|
92
88
|
value = Array(options["value"])
|
93
89
|
# simple support for IE
|
94
|
-
|
95
|
-
|
90
|
+
@path = options["path"] || (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
|
91
|
+
@domain = options["domain"]
|
96
92
|
@expires = options["expires"]
|
97
93
|
@secure = options["secure"] == true
|
98
94
|
@httponly = options["httponly"] == true
|
@@ -101,35 +97,11 @@ class CGI
|
|
101
97
|
end
|
102
98
|
|
103
99
|
# Name of this cookie, as a +String+
|
104
|
-
|
105
|
-
# Set name of this cookie
|
106
|
-
def name=(str)
|
107
|
-
if str and !TOKEN_RE.match?(str)
|
108
|
-
raise ArgumentError, "invalid name: #{str.dump}"
|
109
|
-
end
|
110
|
-
@name = str
|
111
|
-
end
|
112
|
-
|
100
|
+
attr_accessor :name
|
113
101
|
# Path for which this cookie applies, as a +String+
|
114
|
-
|
115
|
-
# Set path for which this cookie applies
|
116
|
-
def path=(str)
|
117
|
-
if str and !PATH_VALUE_RE.match?(str)
|
118
|
-
raise ArgumentError, "invalid path: #{str.dump}"
|
119
|
-
end
|
120
|
-
@path = str
|
121
|
-
end
|
122
|
-
|
102
|
+
attr_accessor :path
|
123
103
|
# Domain for which this cookie applies, as a +String+
|
124
|
-
|
125
|
-
# Set domain for which this cookie applies
|
126
|
-
def domain=(str)
|
127
|
-
if str and ((str = str.b).bytesize > 255 or !DOMAIN_VALUE_RE.match?(str))
|
128
|
-
raise ArgumentError, "invalid domain: #{str.dump}"
|
129
|
-
end
|
130
|
-
@domain = str
|
131
|
-
end
|
132
|
-
|
104
|
+
attr_accessor :domain
|
133
105
|
# Time at which this cookie expires, as a +Time+
|
134
106
|
attr_accessor :expires
|
135
107
|
# True if this cookie is secure; false otherwise
|
@@ -187,6 +159,7 @@ class CGI
|
|
187
159
|
raw_cookie.split(/;\s?/).each do |pairs|
|
188
160
|
name, values = pairs.split('=',2)
|
189
161
|
next unless name and values
|
162
|
+
name = CGI.unescape(name)
|
190
163
|
values ||= ""
|
191
164
|
values = values.split('&').collect{|v| CGI.unescape(v,@@accept_charset) }
|
192
165
|
if cookies.has_key?(name)
|
data/lib/cgi/core.rb
CHANGED
@@ -188,28 +188,17 @@ class CGI
|
|
188
188
|
# Using #header with the HTML5 tag maker will create a <header> element.
|
189
189
|
alias :header :http_header
|
190
190
|
|
191
|
-
def _no_crlf_check(str)
|
192
|
-
if str
|
193
|
-
str = str.to_s
|
194
|
-
raise "A HTTP status or header field must not include CR and LF" if str =~ /[\r\n]/
|
195
|
-
str
|
196
|
-
else
|
197
|
-
nil
|
198
|
-
end
|
199
|
-
end
|
200
|
-
private :_no_crlf_check
|
201
|
-
|
202
191
|
def _header_for_string(content_type) #:nodoc:
|
203
192
|
buf = ''.dup
|
204
193
|
if nph?()
|
205
|
-
buf << "#{
|
194
|
+
buf << "#{$CGI_ENV['SERVER_PROTOCOL'] || 'HTTP/1.0'} 200 OK#{EOL}"
|
206
195
|
buf << "Date: #{CGI.rfc1123_date(Time.now)}#{EOL}"
|
207
|
-
buf << "Server: #{
|
196
|
+
buf << "Server: #{$CGI_ENV['SERVER_SOFTWARE']}#{EOL}"
|
208
197
|
buf << "Connection: close#{EOL}"
|
209
198
|
end
|
210
|
-
buf << "Content-Type: #{
|
199
|
+
buf << "Content-Type: #{content_type}#{EOL}"
|
211
200
|
if @output_cookies
|
212
|
-
@output_cookies.each {|cookie| buf << "Set-Cookie: #{
|
201
|
+
@output_cookies.each {|cookie| buf << "Set-Cookie: #{cookie}#{EOL}" }
|
213
202
|
end
|
214
203
|
return buf
|
215
204
|
end # _header_for_string
|
@@ -224,9 +213,9 @@ class CGI
|
|
224
213
|
## NPH
|
225
214
|
options.delete('nph') if defined?(MOD_RUBY)
|
226
215
|
if options.delete('nph') || nph?()
|
227
|
-
protocol =
|
216
|
+
protocol = $CGI_ENV['SERVER_PROTOCOL'] || 'HTTP/1.0'
|
228
217
|
status = options.delete('status')
|
229
|
-
status = HTTP_STATUS[status] ||
|
218
|
+
status = HTTP_STATUS[status] || status || '200 OK'
|
230
219
|
buf << "#{protocol} #{status}#{EOL}"
|
231
220
|
buf << "Date: #{CGI.rfc1123_date(Time.now)}#{EOL}"
|
232
221
|
options['server'] ||= $CGI_ENV['SERVER_SOFTWARE'] || ''
|
@@ -234,38 +223,38 @@ class CGI
|
|
234
223
|
end
|
235
224
|
## common headers
|
236
225
|
status = options.delete('status')
|
237
|
-
buf << "Status: #{HTTP_STATUS[status] ||
|
226
|
+
buf << "Status: #{HTTP_STATUS[status] || status}#{EOL}" if status
|
238
227
|
server = options.delete('server')
|
239
|
-
buf << "Server: #{
|
228
|
+
buf << "Server: #{server}#{EOL}" if server
|
240
229
|
connection = options.delete('connection')
|
241
|
-
buf << "Connection: #{
|
230
|
+
buf << "Connection: #{connection}#{EOL}" if connection
|
242
231
|
type = options.delete('type')
|
243
|
-
buf << "Content-Type: #{
|
232
|
+
buf << "Content-Type: #{type}#{EOL}" #if type
|
244
233
|
length = options.delete('length')
|
245
|
-
buf << "Content-Length: #{
|
234
|
+
buf << "Content-Length: #{length}#{EOL}" if length
|
246
235
|
language = options.delete('language')
|
247
|
-
buf << "Content-Language: #{
|
236
|
+
buf << "Content-Language: #{language}#{EOL}" if language
|
248
237
|
expires = options.delete('expires')
|
249
238
|
buf << "Expires: #{CGI.rfc1123_date(expires)}#{EOL}" if expires
|
250
239
|
## cookie
|
251
240
|
if cookie = options.delete('cookie')
|
252
241
|
case cookie
|
253
242
|
when String, Cookie
|
254
|
-
buf << "Set-Cookie: #{
|
243
|
+
buf << "Set-Cookie: #{cookie}#{EOL}"
|
255
244
|
when Array
|
256
245
|
arr = cookie
|
257
|
-
arr.each {|c| buf << "Set-Cookie: #{
|
246
|
+
arr.each {|c| buf << "Set-Cookie: #{c}#{EOL}" }
|
258
247
|
when Hash
|
259
248
|
hash = cookie
|
260
|
-
hash.each_value {|c| buf << "Set-Cookie: #{
|
249
|
+
hash.each_value {|c| buf << "Set-Cookie: #{c}#{EOL}" }
|
261
250
|
end
|
262
251
|
end
|
263
252
|
if @output_cookies
|
264
|
-
@output_cookies.each {|c| buf << "Set-Cookie: #{
|
253
|
+
@output_cookies.each {|c| buf << "Set-Cookie: #{c}#{EOL}" }
|
265
254
|
end
|
266
255
|
## other headers
|
267
256
|
options.each do |key, value|
|
268
|
-
buf << "#{
|
257
|
+
buf << "#{key}: #{value}#{EOL}"
|
269
258
|
end
|
270
259
|
return buf
|
271
260
|
end # _header_for_hash
|
data/lib/cgi/util.rb
CHANGED
@@ -49,9 +49,12 @@ module CGI::Util
|
|
49
49
|
table = Hash[TABLE_FOR_ESCAPE_HTML__.map {|pair|pair.map {|s|s.encode(enc)}}]
|
50
50
|
string = string.gsub(/#{"['&\"<>]".encode(enc)}/, table)
|
51
51
|
string.encode!(origenc) if origenc
|
52
|
-
|
52
|
+
string
|
53
|
+
else
|
54
|
+
string = string.b
|
55
|
+
string.gsub!(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
|
56
|
+
string.force_encoding(enc)
|
53
57
|
end
|
54
|
-
string.gsub(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
|
55
58
|
end
|
56
59
|
|
57
60
|
begin
|
@@ -90,7 +93,8 @@ module CGI::Util
|
|
90
93
|
when Encoding::ISO_8859_1; 256
|
91
94
|
else 128
|
92
95
|
end
|
93
|
-
string.
|
96
|
+
string = string.b
|
97
|
+
string.gsub!(/&(apos|amp|quot|gt|lt|\#[0-9]+|\#[xX][0-9A-Fa-f]+);/) do
|
94
98
|
match = $1.dup
|
95
99
|
case match
|
96
100
|
when 'apos' then "'"
|
@@ -116,6 +120,7 @@ module CGI::Util
|
|
116
120
|
"&#{match};"
|
117
121
|
end
|
118
122
|
end
|
123
|
+
string.force_encoding enc
|
119
124
|
end
|
120
125
|
|
121
126
|
# Synonym for CGI.escapeHTML(str)
|
@@ -174,21 +179,12 @@ module CGI::Util
|
|
174
179
|
# Synonym for CGI.unescapeElement(str)
|
175
180
|
alias unescape_element unescapeElement
|
176
181
|
|
177
|
-
# Abbreviated day-of-week names specified by RFC 822
|
178
|
-
RFC822_DAYS = %w[ Sun Mon Tue Wed Thu Fri Sat ]
|
179
|
-
|
180
|
-
# Abbreviated month names specified by RFC 822
|
181
|
-
RFC822_MONTHS = %w[ Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec ]
|
182
|
-
|
183
182
|
# Format a +Time+ object as a String using the format specified by RFC 1123.
|
184
183
|
#
|
185
184
|
# CGI.rfc1123_date(Time.now)
|
186
185
|
# # Sat, 01 Jan 2000 00:00:00 GMT
|
187
186
|
def rfc1123_date(time)
|
188
|
-
|
189
|
-
return format("%s, %.2d %s %.4d %.2d:%.2d:%.2d GMT",
|
190
|
-
RFC822_DAYS[t.wday], t.day, RFC822_MONTHS[t.month-1], t.year,
|
191
|
-
t.hour, t.min, t.sec)
|
187
|
+
time.getgm.strftime("%a, %d %b %Y %T GMT")
|
192
188
|
end
|
193
189
|
|
194
190
|
# Prettify (indent) an HTML string.
|
data/lib/cgi.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cgi
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Yukihiro Matsumoto
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-10-14 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: Support for the Common Gateway Interface protocol.
|
14
14
|
email:
|
@@ -58,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
58
58
|
- !ruby/object:Gem::Version
|
59
59
|
version: '0'
|
60
60
|
requirements: []
|
61
|
-
rubygems_version: 3.
|
61
|
+
rubygems_version: 3.3.0.dev
|
62
62
|
signing_key:
|
63
63
|
specification_version: 4
|
64
64
|
summary: Support for the Common Gateway Interface protocol.
|