cgi 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: cdab469fad9274c1f62d5a4a7d4ffd445bdfb0b596b2abd66e098dffd9e48aab
+  data.tar.gz: 696d10e4d2ecc54f882d190478cac27c5a5b1e879c14eacc0e2ce86b2e00f08a
+SHA512:
+  metadata.gz: edcf932436436eeb2367704011aad3c31220491278bfd6ca06e358799d18b3548fd73cb3714ca84f2cede0aed6d4161b5072c287db98f960ada0c3c96b0247d7
+  data.tar.gz: 96eee5f302ebed6ce10b262b394474d3e96712ae7f6ebc5699cb6c17485d0685aa598aaf9fdbce9b6f46df1360bf4ecb9277d082f1c4a858dd884b6aee5852a9

data/.gitignore

@@ -0,0 +1,12 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/Gemfile.lock
+*.bundle
+*.so
+*.dll

data/.travis.yml

@@ -0,0 +1,7 @@
+---
+sudo: false
+language: ruby
+cache: bundler
+rvm:
+  - 2.6.3
+before_install: gem install bundler -v 2.0.2

data/Gemfile

@@ -0,0 +1,8 @@
+source "https://rubygems.org"
+
+group :development do
+  gem "bundler"
+  gem "rake"
+  gem "rake-compiler"
+  gem "test-unit"
+end

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (C) 1993-2013 Yukihiro Matsumoto. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.

data/README.md

@@ -0,0 +1,97 @@
+## Introduction
+
+CGI is a large class, providing several categories of methods, many of which
+are mixed in from other modules.  Some of the documentation is in this class,
+some in the modules CGI::QueryExtension and CGI::HtmlExtension.  See
+CGI::Cookie for specific information on handling cookies, and cgi/session.rb
+(CGI::Session) for information on sessions.
+
+For queries, CGI provides methods to get at environmental variables,
+parameters, cookies, and multipart request data.  For responses, CGI provides
+methods for writing output and generating HTML.
+
+Read on for more details.  Examples are provided at the bottom.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'cgi'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install cgi
+
+## Usage
+
+### Get form values
+
+```ruby
+require "cgi"
+cgi = CGI.new
+value = cgi['field_name']   # <== value string for 'field_name'
+  # if not 'field_name' included, then return "".
+fields = cgi.keys            # <== array of field names
+
+# returns true if form has 'field_name'
+cgi.has_key?('field_name')
+cgi.has_key?('field_name')
+cgi.include?('field_name')
+```
+
+CAUTION! cgi['field_name'] returned an Array with the old
+cgi.rb(included in Ruby 1.6)
+
+### Get form values as hash
+
+```ruby
+require "cgi"
+cgi = CGI.new
+params = cgi.params
+```
+
+cgi.params is a hash.
+
+```ruby
+cgi.params['new_field_name'] = ["value"]  # add new param
+cgi.params['field_name'] = ["new_value"]  # change value
+cgi.params.delete('field_name')           # delete param
+cgi.params.clear                          # delete all params
+```
+
+### Save form values to file
+
+```ruby
+require "pstore"
+db = PStore.new("query.db")
+db.transaction do
+  db["params"] = cgi.params
+end
+```
+
+
+### Restore form values from file
+
+```ruby
+require "pstore"
+db = PStore.new("query.db")
+db.transaction do
+  cgi.params = db["params"]
+end
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/ruby/cgi.

data/Rakefile

@@ -0,0 +1,13 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test/lib"
+  t.ruby_opts << "-rhelper"
+  t.test_files = FileList['test/**/test_*.rb']
+end
+
+require 'rake/extensiontask'
+Rake::ExtensionTask.new("cgi/escape")
+
+task :default => :test

data/bin/console

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "cgi"
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install

data/cgi.gemspec

@@ -0,0 +1,25 @@
+lib = File.expand_path("lib", __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "cgi/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "cgi"
+  spec.version       = CGI::VERSION
+  spec.authors       = ["Hiroshi SHIBATA"]
+  spec.email         = ["hsbt@ruby-lang.org"]
+
+  spec.summary       = %q{Support for the Common Gateway Interface protocol.}
+  spec.description   = %q{Support for the Common Gateway Interface protocol.}
+  spec.homepage      = "https://github.com/ruby/cgi"
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = spec.homepage
+
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+  spec.license = "BSD-2-Clause"
+end

data/ext/cgi/escape/depend

@@ -0,0 +1,17 @@
+# AUTOGENERATED DEPENDENCIES START
+escape.o: $(RUBY_EXTCONF_H)
+escape.o: $(arch_hdrdir)/ruby/config.h
+escape.o: $(hdrdir)/ruby.h
+escape.o: $(hdrdir)/ruby/assert.h
+escape.o: $(hdrdir)/ruby/backward.h
+escape.o: $(hdrdir)/ruby/defines.h
+escape.o: $(hdrdir)/ruby/encoding.h
+escape.o: $(hdrdir)/ruby/intern.h
+escape.o: $(hdrdir)/ruby/missing.h
+escape.o: $(hdrdir)/ruby/onigmo.h
+escape.o: $(hdrdir)/ruby/oniguruma.h
+escape.o: $(hdrdir)/ruby/ruby.h
+escape.o: $(hdrdir)/ruby/st.h
+escape.o: $(hdrdir)/ruby/subst.h
+escape.o: escape.c
+# AUTOGENERATED DEPENDENCIES END

data/ext/cgi/escape/escape.c

@@ -0,0 +1,409 @@
+#include "ruby.h"
+#include "ruby/encoding.h"
+
+RUBY_EXTERN unsigned long ruby_scan_digits(const char *str, ssize_t len, int base, size_t *retlen, int *overflow);
+RUBY_EXTERN const char ruby_hexdigits[];
+RUBY_EXTERN const signed char ruby_digit36_to_number_table[];
+#define lower_hexdigits (ruby_hexdigits+0)
+#define upper_hexdigits (ruby_hexdigits+16)
+#define char_to_number(c) ruby_digit36_to_number_table[(unsigned char)(c)]
+
+static VALUE rb_cCGI, rb_mUtil, rb_mEscape;
+static ID id_accept_charset;
+
+#define HTML_ESCAPE_MAX_LEN 6
+
+static const struct {
+    uint8_t len;
+    char str[HTML_ESCAPE_MAX_LEN+1];
+} html_escape_table[UCHAR_MAX+1] = {
+#define HTML_ESCAPE(c, str) [c] = {rb_strlen_lit(str), str}
+    HTML_ESCAPE('\'', "'"),
+    HTML_ESCAPE('&', "&"),
+    HTML_ESCAPE('"', """),
+    HTML_ESCAPE('<', "&lt;"),
+    HTML_ESCAPE('>', "&gt;"),
+#undef HTML_ESCAPE
+};
+
+static inline void
+preserve_original_state(VALUE orig, VALUE dest)
+{
+    rb_enc_associate(dest, rb_enc_get(orig));
+
+    RB_OBJ_INFECT_RAW(dest, orig);
+}
+
+static VALUE
+optimized_escape_html(VALUE str)
+{
+    VALUE vbuf;
+    char *buf = ALLOCV_N(char, vbuf, RSTRING_LEN(str) * HTML_ESCAPE_MAX_LEN);
+    const char *cstr = RSTRING_PTR(str);
+    const char *end = cstr + RSTRING_LEN(str);
+
+    char *dest = buf;
+    while (cstr < end) {
+        const unsigned char c = *cstr++;
+        uint8_t len = html_escape_table[c].len;
+        if (len) {
+            memcpy(dest, html_escape_table[c].str, len);
+            dest += len;
+        }
+        else {
+            *dest++ = c;
+        }
+    }
+
+    VALUE escaped;
+    if (RSTRING_LEN(str) < (dest - buf)) {
+        escaped = rb_str_new(buf, dest - buf);
+        preserve_original_state(str, escaped);
+    }
+    else {
+        escaped = rb_str_dup(str);
+    }
+    ALLOCV_END(vbuf);
+    return escaped;
+}
+
+static VALUE
+optimized_unescape_html(VALUE str)
+{
+    enum {UNICODE_MAX = 0x10ffff};
+    rb_encoding *enc = rb_enc_get(str);
+    unsigned long charlimit = (strcasecmp(rb_enc_name(enc), "UTF-8") == 0 ? UNICODE_MAX :
+			       strcasecmp(rb_enc_name(enc), "ISO-8859-1") == 0 ? 256 :
+			       128);
+    long i, len, beg = 0;
+    size_t clen, plen;
+    int overflow;
+    const char *cstr;
+    char buf[6];
+    VALUE dest = 0;
+
+    len  = RSTRING_LEN(str);
+    cstr = RSTRING_PTR(str);
+
+    for (i = 0; i < len; i++) {
+	unsigned long cc;
+	char c = cstr[i];
+	if (c != '&') continue;
+	plen = i - beg;
+	if (++i >= len) break;
+	c = (unsigned char)cstr[i];
+#define MATCH(s) (len - i >= (int)rb_strlen_lit(s) && \
+		  memcmp(&cstr[i], s, rb_strlen_lit(s)) == 0 && \
+		  (i += rb_strlen_lit(s) - 1, 1))
+	switch (c) {
+	  case 'a':
+	    ++i;
+	    if (MATCH("pos;")) {
+		c = '\'';
+	    }
+	    else if (MATCH("mp;")) {
+		c = '&';
+	    }
+	    else continue;
+	    break;
+	  case 'q':
+	    ++i;
+	    if (MATCH("uot;")) {
+		c = '"';
+	    }
+	    else continue;
+	    break;
+	  case 'g':
+	    ++i;
+	    if (MATCH("t;")) {
+		c = '>';
+	    }
+	    else continue;
+	    break;
+	  case 'l':
+	    ++i;
+	    if (MATCH("t;")) {
+		c = '<';
+	    }
+	    else continue;
+	    break;
+	  case '#':
+	    if (len - ++i >= 2 && ISDIGIT(cstr[i])) {
+		cc = ruby_scan_digits(&cstr[i], len-i, 10, &clen, &overflow);
+	    }
+	    else if ((cstr[i] == 'x' || cstr[i] == 'X') && len - ++i >= 2 && ISXDIGIT(cstr[i])) {
+		cc = ruby_scan_digits(&cstr[i], len-i, 16, &clen, &overflow);
+	    }
+	    else continue;
+	    i += clen;
+	    if (overflow || cc >= charlimit || cstr[i] != ';') continue;
+	    if (!dest) {
+		dest = rb_str_buf_new(len);
+	    }
+	    rb_str_cat(dest, cstr + beg, plen);
+	    if (charlimit > 256) {
+		rb_str_cat(dest, buf, rb_enc_mbcput((OnigCodePoint)cc, buf, enc));
+	    }
+	    else {
+		c = (unsigned char)cc;
+		rb_str_cat(dest, &c, 1);
+	    }
+	    beg = i + 1;
+	    continue;
+	  default:
+	    --i;
+	    continue;
+	}
+	if (!dest) {
+	    dest = rb_str_buf_new(len);
+	}
+	rb_str_cat(dest, cstr + beg, plen);
+	rb_str_cat(dest, &c, 1);
+	beg = i + 1;
+    }
+
+    if (dest) {
+	rb_str_cat(dest, cstr + beg, len - beg);
+	preserve_original_state(str, dest);
+	return dest;
+    }
+    else {
+	return rb_str_dup(str);
+    }
+}
+
+static unsigned char
+url_unreserved_char(unsigned char c)
+{
+    switch (c) {
+      case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9':
+      case 'a': case 'b': case 'c': case 'd': case 'e': case 'f': case 'g': case 'h': case 'i': case 'j':
+      case 'k': case 'l': case 'm': case 'n': case 'o': case 'p': case 'q': case 'r': case 's': case 't':
+      case 'u': case 'v': case 'w': case 'x': case 'y': case 'z':
+      case 'A': case 'B': case 'C': case 'D': case 'E': case 'F': case 'G': case 'H': case 'I': case 'J':
+      case 'K': case 'L': case 'M': case 'N': case 'O': case 'P': case 'Q': case 'R': case 'S': case 'T':
+      case 'U': case 'V': case 'W': case 'X': case 'Y': case 'Z':
+      case '-': case '.': case '_': case '~':
+        return 1;
+      default:
+        break;
+    }
+    return 0;
+}
+
+static VALUE
+optimized_escape(VALUE str)
+{
+    long i, len, beg = 0;
+    VALUE dest = 0;
+    const char *cstr;
+    char buf[4] = {'%'};
+
+    len  = RSTRING_LEN(str);
+    cstr = RSTRING_PTR(str);
+
+    for (i = 0; i < len; ++i) {
+	const unsigned char c = (unsigned char)cstr[i];
+	if (!url_unreserved_char(c)) {
+	    if (!dest) {
+		dest = rb_str_buf_new(len);
+	    }
+
+	    rb_str_cat(dest, cstr + beg, i - beg);
+	    beg = i + 1;
+
+	    if (c == ' ') {
+		rb_str_cat_cstr(dest, "+");
+	    }
+	    else {
+		buf[1] = upper_hexdigits[(c >> 4) & 0xf];
+		buf[2] = upper_hexdigits[c & 0xf];
+		rb_str_cat(dest, buf, 3);
+	    }
+	}
+    }
+
+    if (dest) {
+	rb_str_cat(dest, cstr + beg, len - beg);
+	preserve_original_state(str, dest);
+	return dest;
+    }
+    else {
+	return rb_str_dup(str);
+    }
+}
+
+static VALUE
+optimized_unescape(VALUE str, VALUE encoding)
+{
+    long i, len, beg = 0;
+    VALUE dest = 0;
+    const char *cstr;
+    rb_encoding *enc = rb_to_encoding(encoding);
+    int cr, origenc, encidx = rb_enc_to_index(enc);
+
+    len  = RSTRING_LEN(str);
+    cstr = RSTRING_PTR(str);
+
+    for (i = 0; i < len; ++i) {
+	char buf[1];
+	const char c = cstr[i];
+	int clen = 0;
+	if (c == '%') {
+	    if (i + 3 > len) break;
+	    if (!ISXDIGIT(cstr[i+1])) continue;
+	    if (!ISXDIGIT(cstr[i+2])) continue;
+	    buf[0] = ((char_to_number(cstr[i+1]) << 4)
+		      | char_to_number(cstr[i+2]));
+	    clen = 2;
+	}
+	else if (c == '+') {
+	    buf[0] = ' ';
+	}
+	else {
+	    continue;
+	}
+
+	if (!dest) {
+	    dest = rb_str_buf_new(len);
+	}
+
+	rb_str_cat(dest, cstr + beg, i - beg);
+	i += clen;
+	beg = i + 1;
+
+	rb_str_cat(dest, buf, 1);
+    }
+
+    if (dest) {
+	rb_str_cat(dest, cstr + beg, len - beg);
+	preserve_original_state(str, dest);
+	cr = ENC_CODERANGE_UNKNOWN;
+    }
+    else {
+	dest = rb_str_dup(str);
+	cr = ENC_CODERANGE(str);
+    }
+    origenc = rb_enc_get_index(str);
+    if (origenc != encidx) {
+	rb_enc_associate_index(dest, encidx);
+	if (!ENC_CODERANGE_CLEAN_P(rb_enc_str_coderange(dest))) {
+	    rb_enc_associate_index(dest, origenc);
+	    if (cr != ENC_CODERANGE_UNKNOWN)
+		ENC_CODERANGE_SET(dest, cr);
+	}
+    }
+    return dest;
+}
+
+/*
+ *  call-seq:
+ *     CGI.escapeHTML(string) -> string
+ *
+ *  Returns HTML-escaped string.
+ *
+ */
+static VALUE
+cgiesc_escape_html(VALUE self, VALUE str)
+{
+    StringValue(str);
+
+    if (rb_enc_str_asciicompat_p(str)) {
+	return optimized_escape_html(str);
+    }
+    else {
+	return rb_call_super(1, &str);
+    }
+}
+
+/*
+ *  call-seq:
+ *     CGI.unescapeHTML(string) -> string
+ *
+ *  Returns HTML-unescaped string.
+ *
+ */
+static VALUE
+cgiesc_unescape_html(VALUE self, VALUE str)
+{
+    StringValue(str);
+
+    if (rb_enc_str_asciicompat_p(str)) {
+	return optimized_unescape_html(str);
+    }
+    else {
+	return rb_call_super(1, &str);
+    }
+}
+
+/*
+ *  call-seq:
+ *     CGI.escape(string) -> string
+ *
+ *  Returns URL-escaped string.
+ *
+ */
+static VALUE
+cgiesc_escape(VALUE self, VALUE str)
+{
+    StringValue(str);
+
+    if (rb_enc_str_asciicompat_p(str)) {
+	return optimized_escape(str);
+    }
+    else {
+	return rb_call_super(1, &str);
+    }
+}
+
+static VALUE
+accept_charset(int argc, VALUE *argv, VALUE self)
+{
+    if (argc > 0)
+	return argv[0];
+    return rb_cvar_get(CLASS_OF(self), id_accept_charset);
+}
+
+/*
+ *  call-seq:
+ *     CGI.unescape(string, encoding=@@accept_charset) -> string
+ *
+ *  Returns URL-unescaped string.
+ *
+ */
+static VALUE
+cgiesc_unescape(int argc, VALUE *argv, VALUE self)
+{
+    VALUE str = (rb_check_arity(argc, 1, 2), argv[0]);
+
+    StringValue(str);
+
+    if (rb_enc_str_asciicompat_p(str)) {
+	VALUE enc = accept_charset(argc-1, argv+1, self);
+	return optimized_unescape(str, enc);
+    }
+    else {
+	return rb_call_super(argc, argv);
+    }
+}
+
+void
+Init_escape(void)
+{
+    id_accept_charset = rb_intern_const("@@accept_charset");
+    InitVM(escape);
+}
+
+void
+InitVM_escape(void)
+{
+    rb_cCGI    = rb_define_class("CGI", rb_cObject);
+    rb_mEscape = rb_define_module_under(rb_cCGI, "Escape");
+    rb_mUtil   = rb_define_module_under(rb_cCGI, "Util");
+    rb_define_method(rb_mEscape, "escapeHTML", cgiesc_escape_html, 1);
+    rb_define_method(rb_mEscape, "unescapeHTML", cgiesc_unescape_html, 1);
+    rb_define_method(rb_mEscape, "escape", cgiesc_escape, 1);
+    rb_define_method(rb_mEscape, "unescape", cgiesc_unescape, -1);
+    rb_prepend_module(rb_mUtil, rb_mEscape);
+    rb_extend_object(rb_cCGI, rb_mEscape);
+}