cgi 0.2.2 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of cgi might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ace24be8534275d31cbc0f26323f6240fe2bad4e848a0bf299ab0c7b3ef4f23c
4
- data.tar.gz: d2e454f42196b2bda9a5923014d4d067a3429d414c1c9445fed80fc4a7cc0773
3
+ metadata.gz: c6b7b44043961650520d8b04fb0df56f62e3d34a0f033339272005a61d968000
4
+ data.tar.gz: ac6cd96b5782920f33d41405fa5a93d91e69327ff97d40498b2d930ca9bf2484
5
5
  SHA512:
6
- metadata.gz: edaff93f2331fb886bdbd1dd5a03b1a53ae07af4d42136cf8852ab717aa4d458a96fe459ba07869072e0d580aa083ae8ac47fac5aea0cabc2a347afbf38ac4db
7
- data.tar.gz: 0fa14edc91fe176241d0efc71bd4dfd834135f093507cb2b2410934f469bd19a4538664651a86aa9fc2ae035e7efd6a159cf1752beffef01d57327cab4d76500
6
+ metadata.gz: e6b18bbd30338184d2c6ce9a5405d57c1de7b72cf6969a0735ab2dade5138741dc0d427592f02d33be062a30b23936714ab70a911ee668f0aa4c13ca4093ac38
7
+ data.tar.gz: cc0a96e60bb0dfb4a9876ba284b2d3941548e7d3a3e13583bfd777e7cb56abbc7493f2f691ab30b0f7ef0d6ce97e2fd52ee0f071a61b77e0a2ac71632ab9c6f3
@@ -7,18 +7,16 @@ jobs:
7
7
  name: build (${{ matrix.ruby }} / ${{ matrix.os }})
8
8
  strategy:
9
9
  matrix:
10
- ruby: [ 2.7, 2.6, 2.5, head ]
10
+ ruby: [ '3.0', 2.7, 2.6, 2.5, head ]
11
11
  os: [ ubuntu-latest, macos-latest ]
12
12
  runs-on: ${{ matrix.os }}
13
13
  steps:
14
- - uses: actions/checkout@master
14
+ - uses: actions/checkout@v2
15
15
  - name: Set up Ruby
16
16
  uses: ruby/setup-ruby@v1
17
17
  with:
18
18
  ruby-version: ${{ matrix.ruby }}
19
19
  - name: Install dependencies
20
- run: |
21
- gem install bundler --no-document
22
- bundle install
20
+ run: bundle install
23
21
  - name: Run test
24
22
  run: rake test
data/Rakefile CHANGED
@@ -10,4 +10,11 @@ end
10
10
  require 'rake/extensiontask'
11
11
  Rake::ExtensionTask.new("cgi/escape")
12
12
 
13
+ task :sync_tool do
14
+ require 'fileutils'
15
+ FileUtils.cp "../ruby/tool/lib/core_assertions.rb", "./test/lib"
16
+ FileUtils.cp "../ruby/tool/lib/envutil.rb", "./test/lib"
17
+ FileUtils.cp "../ruby/tool/lib/find_executable.rb", "./test/lib"
18
+ end
19
+
13
20
  task :default => :test
data/cgi.gemspec CHANGED
@@ -26,6 +26,6 @@ Gem::Specification.new do |spec|
26
26
  `git ls-files -z 2>/dev/null`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
27
27
  end
28
28
  spec.bindir = "exe"
29
- spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
29
+ spec.executables = []
30
30
  spec.require_paths = ["lib"]
31
31
  end
@@ -36,8 +36,7 @@ static VALUE
36
36
  optimized_escape_html(VALUE str)
37
37
  {
38
38
  VALUE vbuf;
39
- typedef char escape_buf[HTML_ESCAPE_MAX_LEN];
40
- char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str));
39
+ char *buf = ALLOCV_N(char, vbuf, RSTRING_LEN(str) * HTML_ESCAPE_MAX_LEN);
41
40
  const char *cstr = RSTRING_PTR(str);
42
41
  const char *end = cstr + RSTRING_LEN(str);
43
42
 
data/lib/cgi/cookie.rb CHANGED
@@ -40,10 +40,6 @@ class CGI
40
40
  class Cookie < Array
41
41
  @@accept_charset="UTF-8" unless defined?(@@accept_charset)
42
42
 
43
- TOKEN_RE = %r"\A[[!-~]&&[^()<>@,;:\\\"/?=\[\]{}]]+\z"
44
- PATH_VALUE_RE = %r"\A[[ -~]&&[^;]]*\z"
45
- DOMAIN_VALUE_RE = %r"\A(?<label>(?!-)[-A-Za-z0-9]+(?<!-))(?:\.\g<label>)*\z"
46
-
47
43
  # Create a new CGI::Cookie object.
48
44
  #
49
45
  # :call-seq:
@@ -76,8 +72,8 @@ class CGI
76
72
  @domain = nil
77
73
  @expires = nil
78
74
  if name.kind_of?(String)
79
- self.name = name
80
- self.path = (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
75
+ @name = name
76
+ @path = (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
81
77
  @secure = false
82
78
  @httponly = false
83
79
  return super(value)
@@ -88,11 +84,11 @@ class CGI
88
84
  raise ArgumentError, "`name' required"
89
85
  end
90
86
 
91
- self.name = options["name"]
87
+ @name = options["name"]
92
88
  value = Array(options["value"])
93
89
  # simple support for IE
94
- self.path = options["path"] || (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
95
- self.domain = options["domain"]
90
+ @path = options["path"] || (%r|\A(.*/)| =~ ENV["SCRIPT_NAME"] ? $1 : "")
91
+ @domain = options["domain"]
96
92
  @expires = options["expires"]
97
93
  @secure = options["secure"] == true
98
94
  @httponly = options["httponly"] == true
@@ -101,35 +97,11 @@ class CGI
101
97
  end
102
98
 
103
99
  # Name of this cookie, as a +String+
104
- attr_reader :name
105
- # Set name of this cookie
106
- def name=(str)
107
- if str and !TOKEN_RE.match?(str)
108
- raise ArgumentError, "invalid name: #{str.dump}"
109
- end
110
- @name = str
111
- end
112
-
100
+ attr_accessor :name
113
101
  # Path for which this cookie applies, as a +String+
114
- attr_reader :path
115
- # Set path for which this cookie applies
116
- def path=(str)
117
- if str and !PATH_VALUE_RE.match?(str)
118
- raise ArgumentError, "invalid path: #{str.dump}"
119
- end
120
- @path = str
121
- end
122
-
102
+ attr_accessor :path
123
103
  # Domain for which this cookie applies, as a +String+
124
- attr_reader :domain
125
- # Set domain for which this cookie applies
126
- def domain=(str)
127
- if str and ((str = str.b).bytesize > 255 or !DOMAIN_VALUE_RE.match?(str))
128
- raise ArgumentError, "invalid domain: #{str.dump}"
129
- end
130
- @domain = str
131
- end
132
-
104
+ attr_accessor :domain
133
105
  # Time at which this cookie expires, as a +Time+
134
106
  attr_accessor :expires
135
107
  # True if this cookie is secure; false otherwise
@@ -187,6 +159,7 @@ class CGI
187
159
  raw_cookie.split(/;\s?/).each do |pairs|
188
160
  name, values = pairs.split('=',2)
189
161
  next unless name and values
162
+ name = CGI.unescape(name)
190
163
  values ||= ""
191
164
  values = values.split('&').collect{|v| CGI.unescape(v,@@accept_charset) }
192
165
  if cookies.has_key?(name)
data/lib/cgi/core.rb CHANGED
@@ -188,28 +188,17 @@ class CGI
188
188
  # Using #header with the HTML5 tag maker will create a <header> element.
189
189
  alias :header :http_header
190
190
 
191
- def _no_crlf_check(str)
192
- if str
193
- str = str.to_s
194
- raise "A HTTP status or header field must not include CR and LF" if str =~ /[\r\n]/
195
- str
196
- else
197
- nil
198
- end
199
- end
200
- private :_no_crlf_check
201
-
202
191
  def _header_for_string(content_type) #:nodoc:
203
192
  buf = ''.dup
204
193
  if nph?()
205
- buf << "#{_no_crlf_check($CGI_ENV['SERVER_PROTOCOL']) || 'HTTP/1.0'} 200 OK#{EOL}"
194
+ buf << "#{$CGI_ENV['SERVER_PROTOCOL'] || 'HTTP/1.0'} 200 OK#{EOL}"
206
195
  buf << "Date: #{CGI.rfc1123_date(Time.now)}#{EOL}"
207
- buf << "Server: #{_no_crlf_check($CGI_ENV['SERVER_SOFTWARE'])}#{EOL}"
196
+ buf << "Server: #{$CGI_ENV['SERVER_SOFTWARE']}#{EOL}"
208
197
  buf << "Connection: close#{EOL}"
209
198
  end
210
- buf << "Content-Type: #{_no_crlf_check(content_type)}#{EOL}"
199
+ buf << "Content-Type: #{content_type}#{EOL}"
211
200
  if @output_cookies
212
- @output_cookies.each {|cookie| buf << "Set-Cookie: #{_no_crlf_check(cookie)}#{EOL}" }
201
+ @output_cookies.each {|cookie| buf << "Set-Cookie: #{cookie}#{EOL}" }
213
202
  end
214
203
  return buf
215
204
  end # _header_for_string
@@ -224,9 +213,9 @@ class CGI
224
213
  ## NPH
225
214
  options.delete('nph') if defined?(MOD_RUBY)
226
215
  if options.delete('nph') || nph?()
227
- protocol = _no_crlf_check($CGI_ENV['SERVER_PROTOCOL']) || 'HTTP/1.0'
216
+ protocol = $CGI_ENV['SERVER_PROTOCOL'] || 'HTTP/1.0'
228
217
  status = options.delete('status')
229
- status = HTTP_STATUS[status] || _no_crlf_check(status) || '200 OK'
218
+ status = HTTP_STATUS[status] || status || '200 OK'
230
219
  buf << "#{protocol} #{status}#{EOL}"
231
220
  buf << "Date: #{CGI.rfc1123_date(Time.now)}#{EOL}"
232
221
  options['server'] ||= $CGI_ENV['SERVER_SOFTWARE'] || ''
@@ -234,38 +223,38 @@ class CGI
234
223
  end
235
224
  ## common headers
236
225
  status = options.delete('status')
237
- buf << "Status: #{HTTP_STATUS[status] || _no_crlf_check(status)}#{EOL}" if status
226
+ buf << "Status: #{HTTP_STATUS[status] || status}#{EOL}" if status
238
227
  server = options.delete('server')
239
- buf << "Server: #{_no_crlf_check(server)}#{EOL}" if server
228
+ buf << "Server: #{server}#{EOL}" if server
240
229
  connection = options.delete('connection')
241
- buf << "Connection: #{_no_crlf_check(connection)}#{EOL}" if connection
230
+ buf << "Connection: #{connection}#{EOL}" if connection
242
231
  type = options.delete('type')
243
- buf << "Content-Type: #{_no_crlf_check(type)}#{EOL}" #if type
232
+ buf << "Content-Type: #{type}#{EOL}" #if type
244
233
  length = options.delete('length')
245
- buf << "Content-Length: #{_no_crlf_check(length)}#{EOL}" if length
234
+ buf << "Content-Length: #{length}#{EOL}" if length
246
235
  language = options.delete('language')
247
- buf << "Content-Language: #{_no_crlf_check(language)}#{EOL}" if language
236
+ buf << "Content-Language: #{language}#{EOL}" if language
248
237
  expires = options.delete('expires')
249
238
  buf << "Expires: #{CGI.rfc1123_date(expires)}#{EOL}" if expires
250
239
  ## cookie
251
240
  if cookie = options.delete('cookie')
252
241
  case cookie
253
242
  when String, Cookie
254
- buf << "Set-Cookie: #{_no_crlf_check(cookie)}#{EOL}"
243
+ buf << "Set-Cookie: #{cookie}#{EOL}"
255
244
  when Array
256
245
  arr = cookie
257
- arr.each {|c| buf << "Set-Cookie: #{_no_crlf_check(c)}#{EOL}" }
246
+ arr.each {|c| buf << "Set-Cookie: #{c}#{EOL}" }
258
247
  when Hash
259
248
  hash = cookie
260
- hash.each_value {|c| buf << "Set-Cookie: #{_no_crlf_check(c)}#{EOL}" }
249
+ hash.each_value {|c| buf << "Set-Cookie: #{c}#{EOL}" }
261
250
  end
262
251
  end
263
252
  if @output_cookies
264
- @output_cookies.each {|c| buf << "Set-Cookie: #{_no_crlf_check(c)}#{EOL}" }
253
+ @output_cookies.each {|c| buf << "Set-Cookie: #{c}#{EOL}" }
265
254
  end
266
255
  ## other headers
267
256
  options.each do |key, value|
268
- buf << "#{_no_crlf_check(key)}: #{_no_crlf_check(value)}#{EOL}"
257
+ buf << "#{key}: #{value}#{EOL}"
269
258
  end
270
259
  return buf
271
260
  end # _header_for_hash
data/lib/cgi/util.rb CHANGED
@@ -49,9 +49,12 @@ module CGI::Util
49
49
  table = Hash[TABLE_FOR_ESCAPE_HTML__.map {|pair|pair.map {|s|s.encode(enc)}}]
50
50
  string = string.gsub(/#{"['&\"<>]".encode(enc)}/, table)
51
51
  string.encode!(origenc) if origenc
52
- return string
52
+ string
53
+ else
54
+ string = string.b
55
+ string.gsub!(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
56
+ string.force_encoding(enc)
53
57
  end
54
- string.gsub(/['&\"<>]/, TABLE_FOR_ESCAPE_HTML__)
55
58
  end
56
59
 
57
60
  begin
@@ -90,7 +93,8 @@ module CGI::Util
90
93
  when Encoding::ISO_8859_1; 256
91
94
  else 128
92
95
  end
93
- string.gsub(/&(apos|amp|quot|gt|lt|\#[0-9]+|\#[xX][0-9A-Fa-f]+);/) do
96
+ string = string.b
97
+ string.gsub!(/&(apos|amp|quot|gt|lt|\#[0-9]+|\#[xX][0-9A-Fa-f]+);/) do
94
98
  match = $1.dup
95
99
  case match
96
100
  when 'apos' then "'"
@@ -116,6 +120,7 @@ module CGI::Util
116
120
  "&#{match};"
117
121
  end
118
122
  end
123
+ string.force_encoding enc
119
124
  end
120
125
 
121
126
  # Synonym for CGI.escapeHTML(str)
@@ -174,21 +179,12 @@ module CGI::Util
174
179
  # Synonym for CGI.unescapeElement(str)
175
180
  alias unescape_element unescapeElement
176
181
 
177
- # Abbreviated day-of-week names specified by RFC 822
178
- RFC822_DAYS = %w[ Sun Mon Tue Wed Thu Fri Sat ]
179
-
180
- # Abbreviated month names specified by RFC 822
181
- RFC822_MONTHS = %w[ Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec ]
182
-
183
182
  # Format a +Time+ object as a String using the format specified by RFC 1123.
184
183
  #
185
184
  # CGI.rfc1123_date(Time.now)
186
185
  # # Sat, 01 Jan 2000 00:00:00 GMT
187
186
  def rfc1123_date(time)
188
- t = time.clone.gmtime
189
- return format("%s, %.2d %s %.4d %.2d:%.2d:%.2d GMT",
190
- RFC822_DAYS[t.wday], t.day, RFC822_MONTHS[t.month-1], t.year,
191
- t.hour, t.min, t.sec)
187
+ time.getgm.strftime("%a, %d %b %Y %T GMT")
192
188
  end
193
189
 
194
190
  # Prettify (indent) an HTML string.
data/lib/cgi.rb CHANGED
@@ -288,7 +288,7 @@
288
288
  #
289
289
 
290
290
  class CGI
291
- VERSION = "0.2.2"
291
+ VERSION = "0.3.0"
292
292
  end
293
293
 
294
294
  require 'cgi/core'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cgi
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Yukihiro Matsumoto
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-11-22 00:00:00.000000000 Z
11
+ date: 2021-10-14 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Support for the Common Gateway Interface protocol.
14
14
  email:
@@ -58,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
58
58
  - !ruby/object:Gem::Version
59
59
  version: '0'
60
60
  requirements: []
61
- rubygems_version: 3.4.0.dev
61
+ rubygems_version: 3.3.0.dev
62
62
  signing_key:
63
63
  specification_version: 4
64
64
  summary: Support for the Common Gateway Interface protocol.