cuba 3.0.0 → 3.0.1.rc1

Sign up to get free protection for your applications and to get access to all the features.
data/README.md CHANGED
@@ -148,6 +148,33 @@ Cuba.define do
148
148
  end
149
149
  ```
150
150
 
151
+ Security
152
+ --------
153
+
154
+ The favorite security layer for Cuba is
155
+ [Rack::Protection](https://github.com/rkh/rack-protection). It is not
156
+ included by default because there are legitimate uses for plain Cuba
157
+ (for instance, when designing an API).
158
+
159
+ If you are building a web application, by all means make sure to
160
+ include a security layer. As it is the convention for unsafe
161
+ operations, only POST, PUT and DELETE requests are monitored.
162
+
163
+ ``` ruby
164
+ require "cuba"
165
+ require "rack/protection"
166
+
167
+ Cuba.use Rack::Session::Cookie
168
+ Cuba.use Rack::Protection
169
+ Cuba.use Rack::Protection::RemoteReferrer
170
+
171
+ Cuba.define do
172
+
173
+ # Now your app is protected against a wide range of attacks.
174
+ ...
175
+ end
176
+ ```
177
+
151
178
  HTTP Verbs
152
179
  ----------
153
180
 
@@ -177,7 +204,7 @@ Captures
177
204
  You may have noticed that some matchers yield a value to the block. The rules
178
205
  for determining if a matcher will yield a value are simple:
179
206
 
180
- 1. Regex captures: `"posts/(\d+)-(.*)"` will yield two values, corresponding to each capture.
207
+ 1. Regex captures: `"posts/(\\d+)-(.*)"` will yield two values, corresponding to each capture.
181
208
  2. Placeholders: `"users/:id"` will yield the value in the position of :id.
182
209
  3. Symbols: `:foobar` will yield if a segment is available.
183
210
  4. File extensions: `extension("css")` will yield the basename of the matched file.
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "cuba"
3
- s.version = "3.0.0"
3
+ s.version = "3.0.1.rc1"
4
4
  s.summary = "Microframework for web applications."
5
5
  s.description = "Cuba is a microframework for web applications."
6
6
  s.authors = ["Michel Martens"]
@@ -7,7 +7,7 @@ class Cuba
7
7
 
8
8
  attr :headers
9
9
 
10
- def initialize(status = 200, headers = { "Content-Type" => "text/html" })
10
+ def initialize(status = 200, headers = { "Content-Type" => "text/html; charset=utf-8" })
11
11
  @status = status
12
12
  @headers = headers
13
13
  @body = []
@@ -88,9 +88,6 @@ class Cuba
88
88
  child.settings.replace(settings)
89
89
  end
90
90
 
91
- attr :env
92
- attr :req
93
- attr :res
94
91
  attr :captures
95
92
 
96
93
  def initialize(&blk)
@@ -106,10 +103,22 @@ class Cuba
106
103
  dup.call!(env)
107
104
  end
108
105
 
106
+ def req
107
+ Thread.current[:_cuba_req]
108
+ end
109
+
110
+ def res
111
+ Thread.current[:_cuba_res]
112
+ end
113
+
114
+ def env
115
+ Thread.current[:_cuba_env]
116
+ end
117
+
109
118
  def call!(env)
110
- @env = env
111
- @req = Rack::Request.new(env)
112
- @res = Cuba::Response.new
119
+ Thread.current[:_cuba_env] = env
120
+ Thread.current[:_cuba_req] = Rack::Request.new(env)
121
+ Thread.current[:_cuba_res] = Cuba::Response.new
113
122
 
114
123
  # This `catch` statement will either receive a
115
124
  # rack response tuple via a `halt`, or will
@@ -123,3 +123,40 @@ test "consumes a slash if needed" do
123
123
 
124
124
  assert_response resp, ["foo/bar.css"]
125
125
  end
126
+
127
+ test "regex captures in string format" do
128
+ Cuba.define do
129
+ on get, "posts/(\\d+)-(.*)" do |id, slug|
130
+ res.write id
131
+ res.write slug
132
+ end
133
+ end
134
+
135
+
136
+ env = { "REQUEST_METHOD" => "GET",
137
+ "PATH_INFO" => "/posts/123-postal-service",
138
+ "SCRIPT_NAME" => "/" }
139
+
140
+ _, _, resp = Cuba.call(env)
141
+
142
+
143
+ assert_response resp, ["123", "postal-service"]
144
+ end
145
+
146
+ test "regex captures in regex format" do
147
+ Cuba.define do
148
+ on get, %r{posts/(\d+)-(.*)} do |id, slug|
149
+ res.write id
150
+ res.write slug
151
+ end
152
+ end
153
+
154
+ env = { "REQUEST_METHOD" => "GET",
155
+ "PATH_INFO" => "/posts/123-postal-service",
156
+ "SCRIPT_NAME" => "/" }
157
+
158
+ _, _, resp = Cuba.call(env)
159
+
160
+
161
+ assert_response resp, ["123", "postal-service"]
162
+ end
@@ -78,7 +78,7 @@ test "reset and use" do
78
78
  status, headers, resp = Cuba.call(env)
79
79
 
80
80
  assert 200 == status
81
- assert "text/html" == headers["Content-Type"]
81
+ assert "text/html; charset=utf-8" == headers["Content-Type"]
82
82
  assert_response resp, ["2nd Default"]
83
83
 
84
84
  assert "1" == env["m.first"]
@@ -16,6 +16,8 @@ test "redirect" do
16
16
  status, headers, body = Cuba.call(env)
17
17
 
18
18
  assert_equal status, 302
19
- assert_equal headers, {"Content-Type"=>"text/html", "Location"=>"/hello"}
19
+ assert_equal headers, {
20
+ "Content-Type" => "text/html; charset=utf-8",
21
+ "Location" => "/hello" }
20
22
  assert_response body, []
21
23
  end
metadata CHANGED
@@ -1,19 +1,19 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cuba
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
5
- prerelease:
4
+ version: 3.0.1.rc1
5
+ prerelease: 6
6
6
  platform: ruby
7
7
  authors:
8
8
  - Michel Martens
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-03-22 00:00:00.000000000 Z
12
+ date: 2012-06-25 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rack
16
- requirement: &2151873280 !ruby/object:Gem::Requirement
16
+ requirement: &2151841840 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
21
21
  version: '0'
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *2151873280
24
+ version_requirements: *2151841840
25
25
  - !ruby/object:Gem::Dependency
26
26
  name: cutest
27
- requirement: &2151872600 !ruby/object:Gem::Requirement
27
+ requirement: &2151838760 !ruby/object:Gem::Requirement
28
28
  none: false
29
29
  requirements:
30
30
  - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
32
32
  version: '0'
33
33
  type: :development
34
34
  prerelease: false
35
- version_requirements: *2151872600
35
+ version_requirements: *2151838760
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: capybara
38
- requirement: &2151870140 !ruby/object:Gem::Requirement
38
+ requirement: &2151837240 !ruby/object:Gem::Requirement
39
39
  none: false
40
40
  requirements:
41
41
  - - ! '>='
@@ -43,7 +43,7 @@ dependencies:
43
43
  version: '0'
44
44
  type: :development
45
45
  prerelease: false
46
- version_requirements: *2151870140
46
+ version_requirements: *2151837240
47
47
  description: Cuba is a microframework for web applications.
48
48
  email:
49
49
  - michel@soveran.com
@@ -96,12 +96,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
96
96
  required_rubygems_version: !ruby/object:Gem::Requirement
97
97
  none: false
98
98
  requirements:
99
- - - ! '>='
99
+ - - ! '>'
100
100
  - !ruby/object:Gem::Version
101
- version: '0'
101
+ version: 1.3.1
102
102
  requirements: []
103
103
  rubyforge_project:
104
- rubygems_version: 1.8.10
104
+ rubygems_version: 1.8.11
105
105
  signing_key:
106
106
  specification_version: 3
107
107
  summary: Microframework for web applications.