cgi 0.3.1 → 0.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 90a6a863562fc49b43b4b3363838cfc00cd4080df4fa1a4939e505d651115ad2
-  data.tar.gz: 5eeb77d5c5e4a42c8683e6953174483d4c5d7c5c9a61dc78590df100a716985f
+  metadata.gz: 63cb59228083880bf0b411ca1b8d883fcb8ef938d84468a4c09aa08fe97f7176
+  data.tar.gz: bbb690ec4a13a52d974157db9fa817e7c7ab53a80c0dc4870718bf7468588c63
 SHA512:
-  metadata.gz: dc300664978f5278e2e366c85acf2ec7929505369c7abaa0ef3d0658e5de556d3eb1c8e66d497c6f8b88efeabcfa57c2871bfbd325dd1e1b72fdcc4edf03defd
-  data.tar.gz: 7f82863adb49bd898c376d16a5d8ade52c0ada8d5994a22a858e7b47f467a69c755f22d8f691fcc891df222b176d472c167ac3e4b6896b104353fb04da867a56
+  metadata.gz: 500bc48a86828e9ed8f870826f4ffcaf2a7256c1e63f5d08b8609b667beab3ba5712cb6f0cfc8aec1c5dac9b244486a16cb953cde7ac8e8f6a59675be138bf07
+  data.tar.gz: 71477e7c13e827d38e8be80304e2b9e4f3abd5c770a20173b1931bfa4e9fb7a31caa95a2119d61ba1fa18cfbbfa9987482cfd5e1d2b6ad2c53eafd80fedd219b

data/ext/cgi/escape/depend

@@ -1,17 +1,2 @@
-# AUTOGENERATED DEPENDENCIES START
 escape.o: $(RUBY_EXTCONF_H)
-escape.o: $(arch_hdrdir)/ruby/config.h
-escape.o: $(hdrdir)/ruby.h
-escape.o: $(hdrdir)/ruby/assert.h
-escape.o: $(hdrdir)/ruby/backward.h
-escape.o: $(hdrdir)/ruby/defines.h
-escape.o: $(hdrdir)/ruby/encoding.h
-escape.o: $(hdrdir)/ruby/intern.h
-escape.o: $(hdrdir)/ruby/missing.h
-escape.o: $(hdrdir)/ruby/onigmo.h
-escape.o: $(hdrdir)/ruby/oniguruma.h
-escape.o: $(hdrdir)/ruby/ruby.h
-escape.o: $(hdrdir)/ruby/st.h
-escape.o: $(hdrdir)/ruby/subst.h
 escape.o: escape.c
-# AUTOGENERATED DEPENDENCIES END

data/ext/cgi/escape/escape.c

@@ -32,12 +32,21 @@ preserve_original_state(VALUE orig, VALUE dest)
     rb_enc_associate(dest, rb_enc_get(orig));
 }
 
+static inline long
+escaped_length(VALUE str)
+{
+    const long len = RSTRING_LEN(str);
+    if (len >= LONG_MAX / HTML_ESCAPE_MAX_LEN) {
+        ruby_malloc_size_overflow(len, HTML_ESCAPE_MAX_LEN);
+    }
+    return len * HTML_ESCAPE_MAX_LEN;
+}
+
 static VALUE
 optimized_escape_html(VALUE str)
 {
     VALUE vbuf;
-    typedef char escape_buf[HTML_ESCAPE_MAX_LEN];
-    char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str));
+    char *buf = ALLOCV_N(char, vbuf, escaped_length(str));
     const char *cstr = RSTRING_PTR(str);
     const char *end = cstr + RSTRING_LEN(str);
 
@@ -72,8 +81,8 @@ optimized_unescape_html(VALUE str)
     enum {UNICODE_MAX = 0x10ffff};
     rb_encoding *enc = rb_enc_get(str);
     unsigned long charlimit = (strcasecmp(rb_enc_name(enc), "UTF-8") == 0 ? UNICODE_MAX :
-			       strcasecmp(rb_enc_name(enc), "ISO-8859-1") == 0 ? 256 :
-			       128);
+                               strcasecmp(rb_enc_name(enc), "ISO-8859-1") == 0 ? 256 :
+                               128);
     long i, len, beg = 0;
     size_t clen, plen;
     int overflow;
@@ -85,89 +94,89 @@ optimized_unescape_html(VALUE str)
     cstr = RSTRING_PTR(str);
 
     for (i = 0; i < len; i++) {
-	unsigned long cc;
-	char c = cstr[i];
-	if (c != '&') continue;
-	plen = i - beg;
-	if (++i >= len) break;
-	c = (unsigned char)cstr[i];
+        unsigned long cc;
+        char c = cstr[i];
+        if (c != '&') continue;
+        plen = i - beg;
+        if (++i >= len) break;
+        c = (unsigned char)cstr[i];
 #define MATCH(s) (len - i >= (int)rb_strlen_lit(s) && \
-		  memcmp(&cstr[i], s, rb_strlen_lit(s)) == 0 && \
-		  (i += rb_strlen_lit(s) - 1, 1))
-	switch (c) {
-	  case 'a':
-	    ++i;
-	    if (MATCH("pos;")) {
-		c = '\'';
-	    }
-	    else if (MATCH("mp;")) {
-		c = '&';
-	    }
-	    else continue;
-	    break;
-	  case 'q':
-	    ++i;
-	    if (MATCH("uot;")) {
-		c = '"';
-	    }
-	    else continue;
-	    break;
-	  case 'g':
-	    ++i;
-	    if (MATCH("t;")) {
-		c = '>';
-	    }
-	    else continue;
-	    break;
-	  case 'l':
-	    ++i;
-	    if (MATCH("t;")) {
-		c = '<';
-	    }
-	    else continue;
-	    break;
-	  case '#':
-	    if (len - ++i >= 2 && ISDIGIT(cstr[i])) {
-		cc = ruby_scan_digits(&cstr[i], len-i, 10, &clen, &overflow);
-	    }
-	    else if ((cstr[i] == 'x' || cstr[i] == 'X') && len - ++i >= 2 && ISXDIGIT(cstr[i])) {
-		cc = ruby_scan_digits(&cstr[i], len-i, 16, &clen, &overflow);
-	    }
-	    else continue;
-	    i += clen;
-	    if (overflow || cc >= charlimit || cstr[i] != ';') continue;
-	    if (!dest) {
-		dest = rb_str_buf_new(len);
-	    }
-	    rb_str_cat(dest, cstr + beg, plen);
-	    if (charlimit > 256) {
-		rb_str_cat(dest, buf, rb_enc_mbcput((OnigCodePoint)cc, buf, enc));
-	    }
-	    else {
-		c = (unsigned char)cc;
-		rb_str_cat(dest, &c, 1);
-	    }
-	    beg = i + 1;
-	    continue;
-	  default:
-	    --i;
-	    continue;
-	}
-	if (!dest) {
-	    dest = rb_str_buf_new(len);
-	}
-	rb_str_cat(dest, cstr + beg, plen);
-	rb_str_cat(dest, &c, 1);
-	beg = i + 1;
+                  memcmp(&cstr[i], s, rb_strlen_lit(s)) == 0 && \
+                  (i += rb_strlen_lit(s) - 1, 1))
+        switch (c) {
+          case 'a':
+            ++i;
+            if (MATCH("pos;")) {
+                c = '\'';
+            }
+            else if (MATCH("mp;")) {
+                c = '&';
+            }
+            else continue;
+            break;
+          case 'q':
+            ++i;
+            if (MATCH("uot;")) {
+                c = '"';
+            }
+            else continue;
+            break;
+          case 'g':
+            ++i;
+            if (MATCH("t;")) {
+                c = '>';
+            }
+            else continue;
+            break;
+          case 'l':
+            ++i;
+            if (MATCH("t;")) {
+                c = '<';
+            }
+            else continue;
+            break;
+          case '#':
+            if (len - ++i >= 2 && ISDIGIT(cstr[i])) {
+                cc = ruby_scan_digits(&cstr[i], len-i, 10, &clen, &overflow);
+            }
+            else if ((cstr[i] == 'x' || cstr[i] == 'X') && len - ++i >= 2 && ISXDIGIT(cstr[i])) {
+                cc = ruby_scan_digits(&cstr[i], len-i, 16, &clen, &overflow);
+            }
+            else continue;
+            i += clen;
+            if (overflow || cc >= charlimit || cstr[i] != ';') continue;
+            if (!dest) {
+                dest = rb_str_buf_new(len);
+            }
+            rb_str_cat(dest, cstr + beg, plen);
+            if (charlimit > 256) {
+                rb_str_cat(dest, buf, rb_enc_mbcput((OnigCodePoint)cc, buf, enc));
+            }
+            else {
+                c = (unsigned char)cc;
+                rb_str_cat(dest, &c, 1);
+            }
+            beg = i + 1;
+            continue;
+          default:
+            --i;
+            continue;
+        }
+        if (!dest) {
+            dest = rb_str_buf_new(len);
+        }
+        rb_str_cat(dest, cstr + beg, plen);
+        rb_str_cat(dest, &c, 1);
+        beg = i + 1;
     }
 
     if (dest) {
-	rb_str_cat(dest, cstr + beg, len - beg);
-	preserve_original_state(str, dest);
-	return dest;
+        rb_str_cat(dest, cstr + beg, len - beg);
+        preserve_original_state(str, dest);
+        return dest;
     }
     else {
-	return rb_str_dup(str);
+        return rb_str_dup(str);
     }
 }
 
@@ -191,7 +200,7 @@ url_unreserved_char(unsigned char c)
 }
 
 static VALUE
-optimized_escape(VALUE str)
+optimized_escape(VALUE str, int plus_escape)
 {
     long i, len, beg = 0;
     VALUE dest = 0;
@@ -202,38 +211,38 @@ optimized_escape(VALUE str)
     cstr = RSTRING_PTR(str);
 
     for (i = 0; i < len; ++i) {
-	const unsigned char c = (unsigned char)cstr[i];
-	if (!url_unreserved_char(c)) {
-	    if (!dest) {
-		dest = rb_str_buf_new(len);
-	    }
-
-	    rb_str_cat(dest, cstr + beg, i - beg);
-	    beg = i + 1;
-
-	    if (c == ' ') {
-		rb_str_cat_cstr(dest, "+");
-	    }
-	    else {
-		buf[1] = upper_hexdigits[(c >> 4) & 0xf];
-		buf[2] = upper_hexdigits[c & 0xf];
-		rb_str_cat(dest, buf, 3);
-	    }
-	}
+        const unsigned char c = (unsigned char)cstr[i];
+        if (!url_unreserved_char(c)) {
+            if (!dest) {
+                dest = rb_str_buf_new(len);
+            }
+
+            rb_str_cat(dest, cstr + beg, i - beg);
+            beg = i + 1;
+
+            if (plus_escape && c == ' ') {
+                rb_str_cat_cstr(dest, "+");
+            }
+            else {
+                buf[1] = upper_hexdigits[(c >> 4) & 0xf];
+                buf[2] = upper_hexdigits[c & 0xf];
+                rb_str_cat(dest, buf, 3);
+            }
+        }
     }
 
     if (dest) {
-	rb_str_cat(dest, cstr + beg, len - beg);
-	preserve_original_state(str, dest);
-	return dest;
+        rb_str_cat(dest, cstr + beg, len - beg);
+        preserve_original_state(str, dest);
+        return dest;
     }
     else {
-	return rb_str_dup(str);
+        return rb_str_dup(str);
     }
 }
 
 static VALUE
-optimized_unescape(VALUE str, VALUE encoding)
+optimized_unescape(VALUE str, VALUE encoding, int unescape_plus)
 {
     long i, len, beg = 0;
     VALUE dest = 0;
@@ -245,52 +254,52 @@ optimized_unescape(VALUE str, VALUE encoding)
     cstr = RSTRING_PTR(str);
 
     for (i = 0; i < len; ++i) {
-	char buf[1];
-	const char c = cstr[i];
-	int clen = 0;
-	if (c == '%') {
-	    if (i + 3 > len) break;
-	    if (!ISXDIGIT(cstr[i+1])) continue;
-	    if (!ISXDIGIT(cstr[i+2])) continue;
-	    buf[0] = ((char_to_number(cstr[i+1]) << 4)
-		      | char_to_number(cstr[i+2]));
-	    clen = 2;
-	}
-	else if (c == '+') {
-	    buf[0] = ' ';
-	}
-	else {
-	    continue;
-	}
-
-	if (!dest) {
-	    dest = rb_str_buf_new(len);
-	}
-
-	rb_str_cat(dest, cstr + beg, i - beg);
-	i += clen;
-	beg = i + 1;
-
-	rb_str_cat(dest, buf, 1);
+        char buf[1];
+        const char c = cstr[i];
+        int clen = 0;
+        if (c == '%') {
+            if (i + 3 > len) break;
+            if (!ISXDIGIT(cstr[i+1])) continue;
+            if (!ISXDIGIT(cstr[i+2])) continue;
+            buf[0] = ((char_to_number(cstr[i+1]) << 4)
+                      | char_to_number(cstr[i+2]));
+            clen = 2;
+        }
+        else if (unescape_plus && c == '+') {
+            buf[0] = ' ';
+        }
+        else {
+            continue;
+        }
+
+        if (!dest) {
+            dest = rb_str_buf_new(len);
+        }
+
+        rb_str_cat(dest, cstr + beg, i - beg);
+        i += clen;
+        beg = i + 1;
+
+        rb_str_cat(dest, buf, 1);
     }
 
     if (dest) {
-	rb_str_cat(dest, cstr + beg, len - beg);
-	preserve_original_state(str, dest);
-	cr = ENC_CODERANGE_UNKNOWN;
+        rb_str_cat(dest, cstr + beg, len - beg);
+        preserve_original_state(str, dest);
+        cr = ENC_CODERANGE_UNKNOWN;
     }
     else {
-	dest = rb_str_dup(str);
-	cr = ENC_CODERANGE(str);
+        dest = rb_str_dup(str);
+        cr = ENC_CODERANGE(str);
     }
     origenc = rb_enc_get_index(str);
     if (origenc != encidx) {
-	rb_enc_associate_index(dest, encidx);
-	if (!ENC_CODERANGE_CLEAN_P(rb_enc_str_coderange(dest))) {
-	    rb_enc_associate_index(dest, origenc);
-	    if (cr != ENC_CODERANGE_UNKNOWN)
-		ENC_CODERANGE_SET(dest, cr);
-	}
+        rb_enc_associate_index(dest, encidx);
+        if (!ENC_CODERANGE_CLEAN_P(rb_enc_str_coderange(dest))) {
+            rb_enc_associate_index(dest, origenc);
+            if (cr != ENC_CODERANGE_UNKNOWN)
+                ENC_CODERANGE_SET(dest, cr);
+        }
     }
     return dest;
 }
@@ -308,10 +317,10 @@ cgiesc_escape_html(VALUE self, VALUE str)
     StringValue(str);
 
     if (rb_enc_str_asciicompat_p(str)) {
-	return optimized_escape_html(str);
+        return optimized_escape_html(str);
     }
     else {
-	return rb_call_super(1, &str);
+        return rb_call_super(1, &str);
     }
 }
 
@@ -328,10 +337,10 @@ cgiesc_unescape_html(VALUE self, VALUE str)
     StringValue(str);
 
     if (rb_enc_str_asciicompat_p(str)) {
-	return optimized_unescape_html(str);
+        return optimized_unescape_html(str);
     }
     else {
-	return rb_call_super(1, &str);
+        return rb_call_super(1, &str);
     }
 }
 
@@ -339,7 +348,7 @@ cgiesc_unescape_html(VALUE self, VALUE str)
  *  call-seq:
  *     CGI.escape(string) -> string
  *
- *  Returns URL-escaped string.
+ *  Returns URL-escaped string (+application/x-www-form-urlencoded+).
  *
  */
 static VALUE
@@ -348,10 +357,10 @@ cgiesc_escape(VALUE self, VALUE str)
     StringValue(str);
 
     if (rb_enc_str_asciicompat_p(str)) {
-	return optimized_escape(str);
+        return optimized_escape(str, 1);
     }
     else {
-	return rb_call_super(1, &str);
+        return rb_call_super(1, &str);
     }
 }
 
@@ -359,7 +368,7 @@ static VALUE
 accept_charset(int argc, VALUE *argv, VALUE self)
 {
     if (argc > 0)
-	return argv[0];
+        return argv[0];
     return rb_cvar_get(CLASS_OF(self), id_accept_charset);
 }
 
@@ -367,7 +376,7 @@ accept_charset(int argc, VALUE *argv, VALUE self)
  *  call-seq:
  *     CGI.unescape(string, encoding=@@accept_charset) -> string
  *
- *  Returns URL-unescaped string.
+ *  Returns URL-unescaped string (+application/x-www-form-urlencoded+).
  *
  */
 static VALUE
@@ -378,11 +387,54 @@ cgiesc_unescape(int argc, VALUE *argv, VALUE self)
     StringValue(str);
 
     if (rb_enc_str_asciicompat_p(str)) {
-	VALUE enc = accept_charset(argc-1, argv+1, self);
-	return optimized_unescape(str, enc);
+        VALUE enc = accept_charset(argc-1, argv+1, self);
+        return optimized_unescape(str, enc, 1);
+    }
+    else {
+        return rb_call_super(argc, argv);
+    }
+}
+
+/*
+ *  call-seq:
+ *     CGI.escapeURIComponent(string) -> string
+ *
+ *  Returns URL-escaped string following RFC 3986.
+ *
+ */
+static VALUE
+cgiesc_escape_uri_component(VALUE self, VALUE str)
+{
+    StringValue(str);
+
+    if (rb_enc_str_asciicompat_p(str)) {
+        return optimized_escape(str, 0);
+    }
+    else {
+        return rb_call_super(1, &str);
+    }
+}
+
+/*
+ *  call-seq:
+ *     CGI.unescapeURIComponent(string, encoding=@@accept_charset) -> string
+ *
+ *  Returns URL-unescaped string following RFC 3986.
+ *
+ */
+static VALUE
+cgiesc_unescape_uri_component(int argc, VALUE *argv, VALUE self)
+{
+    VALUE str = (rb_check_arity(argc, 1, 2), argv[0]);
+
+    StringValue(str);
+
+    if (rb_enc_str_asciicompat_p(str)) {
+        VALUE enc = accept_charset(argc-1, argv+1, self);
+        return optimized_unescape(str, enc, 0);
     }
     else {
-	return rb_call_super(argc, argv);
+        return rb_call_super(argc, argv);
     }
 }
 
@@ -405,6 +457,8 @@ InitVM_escape(void)
     rb_mUtil   = rb_define_module_under(rb_cCGI, "Util");
     rb_define_method(rb_mEscape, "escapeHTML", cgiesc_escape_html, 1);
     rb_define_method(rb_mEscape, "unescapeHTML", cgiesc_unescape_html, 1);
+    rb_define_method(rb_mEscape, "escapeURIComponent", cgiesc_escape_uri_component, 1);
+    rb_define_method(rb_mEscape, "unescapeURIComponent", cgiesc_unescape_uri_component, -1);
     rb_define_method(rb_mEscape, "escape", cgiesc_escape, 1);
     rb_define_method(rb_mEscape, "unescape", cgiesc_unescape, -1);
     rb_prepend_module(rb_mUtil, rb_mEscape);

data/lib/cgi/session/pstore.rb

@@ -44,20 +44,8 @@ class CGI
       # This session's PStore file will be created if it does
       # not exist, or opened if it does.
       def initialize(session, option={})
-        dir = option['tmpdir'] || Dir::tmpdir
-        prefix = option['prefix'] || ''
-        id = session.session_id
-        require 'digest/md5'
-        md5 = Digest::MD5.hexdigest(id)[0,16]
-        path = dir+"/"+prefix+md5
-        if File::exist?(path)
-          @hash = nil
-        else
-          unless session.new_session
-            raise CGI::Session::NoSession, "uninitialized session"
-          end
-          @hash = {}
-        end
+        option = {'suffix'=>''}.update(option)
+        path, @hash = session.new_store_file(option)
         @p = ::PStore.new(path)
         @p.transaction do |p|
           File.chmod(0600, p.path)

data/lib/cgi/session.rb

@@ -189,6 +189,47 @@ class CGI
     end
     private :create_new_id
 
+
+    # Create a new file to store the session data.
+    #
+    # This file will be created if it does not exist, or opened if it
+    # does.
+    #
+    # This path is generated under _tmpdir_ from _prefix_, the
+    # digested session id, and _suffix_.
+    #
+    # +option+ is a hash of options for the initializer.  The
+    # following options are recognised:
+    #
+    # tmpdir:: the directory to use for storing the FileStore
+    #          file.  Defaults to Dir::tmpdir (generally "/tmp"
+    #          on Unix systems).
+    # prefix:: the prefix to add to the session id when generating
+    #          the filename for this session's FileStore file.
+    #          Defaults to "cgi_sid_".
+    # suffix:: the prefix to add to the session id when generating
+    #          the filename for this session's FileStore file.
+    #          Defaults to the empty string.
+    def new_store_file(option={}) # :nodoc:
+      dir = option['tmpdir'] || Dir::tmpdir
+      prefix = option['prefix']
+      suffix = option['suffix']
+      require 'digest/md5'
+      md5 = Digest::MD5.hexdigest(session_id)[0,16]
+      path = dir+"/"
+      path << prefix if prefix
+      path << md5
+      path << suffix if suffix
+      if File::exist? path
+        hash = nil
+      elsif new_session
+        hash = {}
+      else
+        raise NoSession, "uninitialized session"
+      end
+      return path, hash
+    end
+
     # Create a new CGI::Session object for +request+.
     #
     # +request+ is an instance of the +CGI+ class (see cgi.rb).
@@ -373,21 +414,8 @@ class CGI
       # This session's FileStore file will be created if it does
       # not exist, or opened if it does.
       def initialize(session, option={})
-        dir = option['tmpdir'] || Dir::tmpdir
-        prefix = option['prefix'] || 'cgi_sid_'
-        suffix = option['suffix'] || ''
-        id = session.session_id
-        require 'digest/md5'
-        md5 = Digest::MD5.hexdigest(id)[0,16]
-        @path = dir+"/"+prefix+md5+suffix
-        if File::exist? @path
-          @hash = nil
-        else
-          unless session.new_session
-            raise CGI::Session::NoSession, "uninitialized session"
-          end
-          @hash = {}
-        end
+        option = {'prefix' => 'cgi_sid_'}.update(option)
+        @path, @hash = session.new_store_file(option)
       end
 
       # Restore session state from the session's FileStore file.

data/lib/cgi/util.rb

@@ -5,24 +5,57 @@ class CGI
   extend Util
 end
 module CGI::Util
-  @@accept_charset="UTF-8" unless defined?(@@accept_charset)
-  # URL-encode a string.
+  @@accept_charset = Encoding::UTF_8 unless defined?(@@accept_charset)
+
+  # URL-encode a string into application/x-www-form-urlencoded.
+  # Space characters (+" "+) are encoded with plus signs (+"+"+)
   #   url_encoded_string = CGI.escape("'Stop!' said Fred")
   #      # => "%27Stop%21%27+said+Fred"
   def escape(string)
     encoding = string.encoding
-    string.b.gsub(/([^ a-zA-Z0-9_.\-~]+)/) do |m|
+    buffer = string.b
+    buffer.gsub!(/([^ a-zA-Z0-9_.\-~]+)/) do |m|
       '%' + m.unpack('H2' * m.bytesize).join('%').upcase
-    end.tr(' ', '+').force_encoding(encoding)
+    end
+    buffer.tr!(' ', '+')
+    buffer.force_encoding(encoding)
   end
 
-  # URL-decode a string with encoding(optional).
+  # URL-decode an application/x-www-form-urlencoded string with encoding(optional).
   #   string = CGI.unescape("%27Stop%21%27+said+Fred")
   #      # => "'Stop!' said Fred"
-  def unescape(string,encoding=@@accept_charset)
-    str=string.tr('+', ' ').b.gsub(/((?:%[0-9a-fA-F]{2})+)/) do |m|
+  def unescape(string, encoding = @@accept_charset)
+    str = string.tr('+', ' ')
+    str = str.b
+    str.gsub!(/((?:%[0-9a-fA-F]{2})+)/) do |m|
+      [m.delete('%')].pack('H*')
+    end
+    str.force_encoding(encoding)
+    str.valid_encoding? ? str : str.force_encoding(string.encoding)
+  end
+
+  # URL-encode a string following RFC 3986
+  # Space characters (+" "+) are encoded with (+"%20"+)
+  #   url_encoded_string = CGI.escape("'Stop!' said Fred")
+  #      # => "%27Stop%21%27%20said%20Fred"
+  def escapeURIComponent(string)
+    encoding = string.encoding
+    buffer = string.b
+    buffer.gsub!(/([^a-zA-Z0-9_.\-~]+)/) do |m|
+      '%' + m.unpack('H2' * m.bytesize).join('%').upcase
+    end
+    buffer.force_encoding(encoding)
+  end
+
+  # URL-decode a string following RFC 3986 with encoding(optional).
+  #   string = CGI.unescape("%27Stop%21%27+said%20Fred")
+  #      # => "'Stop!'+said Fred"
+  def unescapeURIComponent(string, encoding = @@accept_charset)
+    str = string.b
+    str.gsub!(/((?:%[0-9a-fA-F]{2})+)/) do |m|
       [m.delete('%')].pack('H*')
-    end.force_encoding(encoding)
+    end
+    str.force_encoding(encoding)
     str.valid_encoding? ? str : str.force_encoding(string.encoding)
   end
 

data/lib/cgi.rb

@@ -162,7 +162,7 @@
 #   cgi.has_key?('field_name')
 #   cgi.include?('field_name')
 #
-# CAUTION! cgi['field_name'] returned an Array with the old
+# CAUTION! <code>cgi['field_name']</code> returned an Array with the old
 # cgi.rb(included in Ruby 1.6)
 #
 # === Get form values as hash
@@ -288,7 +288,7 @@
 #
 
 class CGI
-  VERSION = "0.3.1"
+  VERSION = "0.3.3"
 end
 
 require 'cgi/core'

metadata

@@ -1,31 +1,25 @@
 --- !ruby/object:Gem::Specification
 name: cgi
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.3
 platform: ruby
 authors:
 - Yukihiro Matsumoto
-autorequire: 
-bindir: exe
+autorequire:
+bindir: bin
 cert_chain: []
-date: 2021-11-24 00:00:00.000000000 Z
+date: 2022-09-22 00:00:00.000000000 Z
 dependencies: []
 description: Support for the Common Gateway Interface protocol.
 email:
 - matz@ruby-lang.org
 executables: []
-extensions: []
+extensions:
+- ext/cgi/escape/extconf.rb
 extra_rdoc_files: []
 files:
-- ".github/workflows/test.yml"
-- ".gitignore"
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
-- bin/console
-- bin/setup
-- cgi.gemspec
 - ext/cgi/escape/depend
 - ext/cgi/escape/escape.c
 - ext/cgi/escape/extconf.rb
@@ -43,7 +37,7 @@ licenses:
 metadata:
   homepage_uri: https://github.com/ruby/cgi
   source_code_uri: https://github.com/ruby/cgi
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -58,8 +52,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.0.dev
-signing_key: 
+rubygems_version: 3.4.0.dev
+signing_key:
 specification_version: 4
 summary: Support for the Common Gateway Interface protocol.
 test_files: []

data/.github/workflows/test.yml

@@ -1,22 +0,0 @@
-name: test
-
-on: [push, pull_request]
-
-jobs:
-  build:
-    name: build (${{ matrix.ruby }} / ${{ matrix.os }})
-    strategy:
-      matrix:
-        ruby: [ '3.0', 2.7, 2.6, 2.5, head ]
-        os: [ ubuntu-latest, macos-latest ]
-    runs-on: ${{ matrix.os }}
-    steps:
-    - uses: actions/checkout@v2
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: ${{ matrix.ruby }}
-    - name: Install dependencies
-      run: bundle install
-    - name: Run test
-      run: rake test

data/.gitignore

@@ -1,12 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/
-/Gemfile.lock
-*.bundle
-*.so
-*.dll

data/Gemfile

@@ -1,8 +0,0 @@
-source "https://rubygems.org"
-
-group :development do
-  gem "bundler"
-  gem "rake"
-  gem "rake-compiler"
-  gem "test-unit"
-end

data/Rakefile

@@ -1,20 +0,0 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << "test/lib"
-  t.ruby_opts << "-rhelper"
-  t.test_files = FileList['test/**/test_*.rb']
-end
-
-require 'rake/extensiontask'
-Rake::ExtensionTask.new("cgi/escape")
-
-task :sync_tool do
-  require 'fileutils'
-  FileUtils.cp "../ruby/tool/lib/core_assertions.rb", "./test/lib"
-  FileUtils.cp "../ruby/tool/lib/envutil.rb", "./test/lib"
-  FileUtils.cp "../ruby/tool/lib/find_executable.rb", "./test/lib"
-end
-
-task :default => :test

data/bin/console

@@ -1,7 +0,0 @@
-#!/usr/bin/env ruby
-
-require "bundler/setup"
-require "cgi"
-
-require "irb"
-IRB.start(__FILE__)

data/bin/setup

@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install

data/cgi.gemspec

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-name = File.basename(__FILE__, ".gemspec")
-version = ["lib", Array.new(name.count("-")+1, "..").join("/")].find do |dir|
-  break File.foreach(File.join(__dir__, dir, "#{name.tr('-', '/')}.rb")) do |line|
-    /^\s*VERSION\s*=\s*"(.*)"/ =~ line and break $1
-  end rescue nil
-end
-
-Gem::Specification.new do |spec|
-  spec.name          = name
-  spec.version       = version
-  spec.authors       = ["Yukihiro Matsumoto"]
-  spec.email         = ["matz@ruby-lang.org"]
-
-  spec.summary       = %q{Support for the Common Gateway Interface protocol.}
-  spec.description   = %q{Support for the Common Gateway Interface protocol.}
-  spec.homepage      = "https://github.com/ruby/cgi"
-  spec.licenses      = ["Ruby", "BSD-2-Clause"]
-  spec.required_ruby_version = ">= 2.5.0"
-
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = spec.homepage
-
-  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
-    `git ls-files -z 2>/dev/null`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  end
-  spec.bindir        = "exe"
-  spec.executables   = []
-  spec.require_paths = ["lib"]
-end