cgi 0.3.6 → 0.4.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ef7c6fbc3fed4edb75963f96b0b7a150dca2d296730f28eb42844e7582f73ddb
-  data.tar.gz: 6dff4891d8e6b75480346969bef5efd4e33c323a8e6dbe2196e07abf5d4b4366
+  metadata.gz: a2223dc33d62279bcf8cb78f68d8fb46f22c8d9e396243e22d43ded77291dfe5
+  data.tar.gz: 70b263423e005129ac529dd41f59324accedd2cf6fd8c260965286ff0f03a399
 SHA512:
-  metadata.gz: 4b6abc351ceaf68ededa9d590fdd7adfb1fe8b32d4818128be7fb10867788cf32de65ea5d11cd4d7a38dc1a4adf19c1faee1b6a3689aeccea943178d18b09f8d
-  data.tar.gz: 1d805aede830aabc0c7d7ca577d8bd2bca541956d37cadeda9262a5e5ee01af5d940d4e135b907deadc16d20ef5a8357b2d4bb8817fc4241491f8305030e3d2e
+  metadata.gz: 9d63be598547392b545cabca27ed6f6765ffa9d8e778335118fa29592c36d8276cc68af052db7abe8e2373c8818072523df6e6aaf65393d09c7c5d16600af6cd
+  data.tar.gz: 5a27bb456ab0ecee2e504b737f1b7e8f8e2dd3d56f253fd9c08b5ef42fb145dbc1fbb5e3cec9e98866b19d42aa63d58b4b36affa94a25be9e9f46fa2bc03c942

data/{LICENSE.txt → BSDL}

@@ -4,10 +4,10 @@ Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions
 are met:
 1. Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
+   notice, this list of conditions and the following disclaimer.
 2. Redistributions in binary form must reproduce the above copyright
-notice, this list of conditions and the following disclaimer in the
-documentation and/or other materials provided with the distribution.
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
 
 THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

data/COPYING

@@ -0,0 +1,56 @@
+Ruby is copyrighted free software by Yukihiro Matsumoto <matz@netlab.jp>.
+You can redistribute it and/or modify it under either the terms of the
+2-clause BSDL (see the file BSDL), or the conditions below:
+
+1. You may make and give away verbatim copies of the source form of the
+   software without restriction, provided that you duplicate all of the
+   original copyright notices and associated disclaimers.
+
+2. You may modify your copy of the software in any way, provided that
+   you do at least ONE of the following:
+
+   a. place your modifications in the Public Domain or otherwise
+      make them Freely Available, such as by posting said
+      modifications to Usenet or an equivalent medium, or by allowing
+      the author to include your modifications in the software.
+
+   b. use the modified software only within your corporation or
+      organization.
+
+   c. give non-standard binaries non-standard names, with
+      instructions on where to get the original software distribution.
+
+   d. make other distribution arrangements with the author.
+
+3. You may distribute the software in object code or binary form,
+   provided that you do at least ONE of the following:
+
+   a. distribute the binaries and library files of the software,
+      together with instructions (in the manual page or equivalent)
+      on where to get the original distribution.
+
+   b. accompany the distribution with the machine-readable source of
+      the software.
+
+   c. give non-standard binaries non-standard names, with
+      instructions on where to get the original software distribution.
+
+   d. make other distribution arrangements with the author.
+
+4. You may modify and include the part of the software into any other
+   software (possibly commercial).  But some files in the distribution
+   are not written by the author, so that they are not under these terms.
+
+   For the list of those files and their copying conditions, see the
+   file LEGAL.
+
+5. The scripts and library files supplied as input to or produced as
+   output from the software do not automatically fall under the
+   copyright of the software, but belong to whomever generated them,
+   and may be sold commercially, and may be aggregated with this
+   software.
+
+6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
+   IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+   WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+   PURPOSE.

data/ext/cgi/escape/escape.c

@@ -83,7 +83,7 @@ optimized_unescape_html(VALUE str)
     unsigned long charlimit = (strcasecmp(rb_enc_name(enc), "UTF-8") == 0 ? UNICODE_MAX :
                                strcasecmp(rb_enc_name(enc), "ISO-8859-1") == 0 ? 256 :
                                128);
-    long i, len, beg = 0;
+    long i, j, len, beg = 0;
     size_t clen, plen;
     int overflow;
     const char *cstr;
@@ -100,6 +100,7 @@ optimized_unescape_html(VALUE str)
         plen = i - beg;
         if (++i >= len) break;
         c = (unsigned char)cstr[i];
+        j = i;
 #define MATCH(s) (len - i >= (int)rb_strlen_lit(s) && \
                   memcmp(&cstr[i], s, rb_strlen_lit(s)) == 0 && \
                   (i += rb_strlen_lit(s) - 1, 1))
@@ -112,28 +113,40 @@ optimized_unescape_html(VALUE str)
             else if (MATCH("mp;")) {
                 c = '&';
             }
-            else continue;
+            else {
+                i = j;
+                continue;
+            }
             break;
           case 'q':
             ++i;
             if (MATCH("uot;")) {
                 c = '"';
             }
-            else continue;
+            else {
+                i = j;
+                continue;
+            }
             break;
           case 'g':
             ++i;
             if (MATCH("t;")) {
                 c = '>';
             }
-            else continue;
+            else {
+                i = j;
+                continue;
+            }
             break;
           case 'l':
             ++i;
             if (MATCH("t;")) {
                 c = '<';
             }
-            else continue;
+            else {
+                i = j;
+                continue;
+            }
             break;
           case '#':
             if (len - ++i >= 2 && ISDIGIT(cstr[i])) {
@@ -142,9 +155,15 @@ optimized_unescape_html(VALUE str)
             else if ((cstr[i] == 'x' || cstr[i] == 'X') && len - ++i >= 2 && ISXDIGIT(cstr[i])) {
                 cc = ruby_scan_digits(&cstr[i], len-i, 16, &clen, &overflow);
             }
-            else continue;
+            else {
+                i = j;
+                continue;
+            }
             i += clen;
-            if (overflow || cc >= charlimit || cstr[i] != ';') continue;
+            if (overflow || cc >= charlimit || cstr[i] != ';') {
+                i = j;
+                continue;
+            }
             if (!dest) {
                 dest = rb_str_buf_new(len);
             }
@@ -458,7 +477,9 @@ InitVM_escape(void)
     rb_define_method(rb_mEscape, "escapeHTML", cgiesc_escape_html, 1);
     rb_define_method(rb_mEscape, "unescapeHTML", cgiesc_unescape_html, 1);
     rb_define_method(rb_mEscape, "escapeURIComponent", cgiesc_escape_uri_component, 1);
+    rb_define_alias(rb_mEscape, "escape_uri_component", "escapeURIComponent");
     rb_define_method(rb_mEscape, "unescapeURIComponent", cgiesc_unescape_uri_component, -1);
+    rb_define_alias(rb_mEscape, "unescape_uri_component", "unescapeURIComponent");
     rb_define_method(rb_mEscape, "escape", cgiesc_escape, 1);
     rb_define_method(rb_mEscape, "unescape", cgiesc_unescape, -1);
     rb_prepend_module(rb_mUtil, rb_mEscape);

data/ext/cgi/escape/extconf.rb

@@ -1,3 +1,7 @@
 require 'mkmf'
 
-create_makefile 'cgi/escape'
+if RUBY_ENGINE == 'truffleruby'
+  File.write("Makefile", dummy_makefile($srcdir).join(""))
+else
+  create_makefile 'cgi/escape'
+end

data/lib/cgi/cookie.rb

@@ -190,9 +190,10 @@ class CGI
         values ||= ""
         values = values.split('&').collect{|v| CGI.unescape(v,@@accept_charset) }
         if cookies.has_key?(name)
-          values = cookies[name].value + values
+          cookies[name].concat(values)
+        else
+          cookies[name] = Cookie.new(name, *values)
         end
-        cookies[name] = Cookie.new(name, *values)
       end
 
       cookies

data/lib/cgi/session/pstore.rb

@@ -11,7 +11,10 @@
 # cgi/session.rb for more details on session storage managers.
 
 require_relative '../session'
-require 'pstore'
+begin
+  require 'pstore'
+rescue LoadError
+end
 
 class CGI
   class Session
@@ -82,7 +85,7 @@ class CGI
         File::unlink path
       end
 
-    end
+    end if defined?(::PStore)
   end
 end
 # :enddoc:

data/lib/cgi/session.rb

@@ -279,7 +279,7 @@ class CGI
     # fields are surrounded by a <fieldset> tag in HTML 4 generation, which
     # is _not_ invisible on many browsers; you may wish to disable the
     # use of fieldsets with code similar to the following
-    # (see http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-list/37805)
+    # (see https://blade.ruby-lang.org/ruby-list/37805)
     #
     #   cgi = CGI.new("html4")
     #   class << cgi

data/lib/cgi/util.rb

@@ -36,7 +36,7 @@ module CGI::Util
 
   # URL-encode a string following RFC 3986
   # Space characters (+" "+) are encoded with (+"%20"+)
-  #   url_encoded_string = CGI.escape("'Stop!' said Fred")
+  #   url_encoded_string = CGI.escapeURIComponent("'Stop!' said Fred")
   #      # => "%27Stop%21%27%20said%20Fred"
   def escapeURIComponent(string)
     encoding = string.encoding
@@ -46,9 +46,10 @@ module CGI::Util
     end
     buffer.force_encoding(encoding)
   end
+  alias escape_uri_component escapeURIComponent
 
   # URL-decode a string following RFC 3986 with encoding(optional).
-  #   string = CGI.unescape("%27Stop%21%27+said%20Fred")
+  #   string = CGI.unescapeURIComponent("%27Stop%21%27+said%20Fred")
   #      # => "'Stop!'+said Fred"
   def unescapeURIComponent(string, encoding = @@accept_charset)
     str = string.b
@@ -59,6 +60,8 @@ module CGI::Util
     str.valid_encoding? ? str : str.force_encoding(string.encoding)
   end
 
+  alias unescape_uri_component unescapeURIComponent
+
   # The set of special characters and their escaped values
   TABLE_FOR_ESCAPE_HTML__ = {
     "'" => ''',
@@ -90,9 +93,12 @@ module CGI::Util
     end
   end
 
-  begin
-    require 'cgi/escape'
-  rescue LoadError
+  # TruffleRuby runs the pure-Ruby variant faster, do not use the C extension there
+  unless RUBY_ENGINE == 'truffleruby'
+    begin
+      require 'cgi/escape'
+    rescue LoadError
+    end
   end
 
   # Unescape a string that has been HTML-escaped
@@ -178,7 +184,7 @@ module CGI::Util
   def escapeElement(string, *elements)
     elements = elements[0] if elements[0].kind_of?(Array)
     unless elements.empty?
-      string.gsub(/<\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?>/i) do
+      string.gsub(/<\/?(?:#{elements.join("|")})\b[^<>]*+>?/im) do
         CGI.escapeHTML($&)
       end
     else
@@ -198,7 +204,7 @@ module CGI::Util
   def unescapeElement(string, *elements)
     elements = elements[0] if elements[0].kind_of?(Array)
     unless elements.empty?
-      string.gsub(/&lt;\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?&gt;/i) do
+      string.gsub(/&lt;\/?(?:#{elements.join("|")})\b(?>[^&]+|&(?![gl]t;)\w+;)*(?:&gt;)?/im) do
         unescapeHTML($&)
       end
     else

data/lib/cgi.rb

@@ -288,7 +288,7 @@
 #
 
 class CGI
-  VERSION = "0.3.6"
+  VERSION = "0.4.2"
 end
 
 require 'cgi/core'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cgi
 version: !ruby/object:Gem::Version
-  version: 0.3.6
+  version: 0.4.2
 platform: ruby
 authors:
 - Yukihiro Matsumoto
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-28 00:00:00.000000000 Z
+date: 2025-02-26 00:00:00.000000000 Z
 dependencies: []
 description: Support for the Common Gateway Interface protocol.
 email:
@@ -18,7 +18,8 @@ extensions:
 - ext/cgi/escape/extconf.rb
 extra_rdoc_files: []
 files:
-- LICENSE.txt
+- BSDL
+- COPYING
 - README.md
 - ext/cgi/escape/depend
 - ext/cgi/escape/escape.c
@@ -52,7 +53,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.0.dev
+rubygems_version: 3.5.11
 signing_key:
 specification_version: 4
 summary: Support for the Common Gateway Interface protocol.