highcharts-rails 3.0.1.5 → 3.0.2

metadata.gz.asc

@@ -2,17 +2,17 @@
 Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
 Comment: GPGTools - http://gpgtools.org
 
-iQIcBAABAgAGBQJRijrwAAoJEH1ncb0Txu7XrZYP/3Jke+pBEv4fm09l8qunONEH
-Rxjfz7z2ldfcZVwRj/WKGoeuBBoiU8q2E+n8784eYR2FNa23izbTEUyQaRVSg3EE
-MJ7PTu7GgIl5mWQun8nkkrUTRcVBC60tZ1kDb09TQIGkAMsj6rTbwnuJjdbTbJ7Z
-j0mhDuBJr5xV79L57rWFIHFYbB5+LCfVXMonA7i25mkx/SJRwbb2yu3V0XVSJJnP
-/NjHzj2uZicvIteymOaxOqAMZaYoqygltOqIBgurgPXv3aPTAs9dAdFKZ/ogD6kO
-t0uOK45cZZhcKR/oMjh0oTr+Ib7QrOw5x1FZjMSIRHUode5KgNKNAuxWN7pdRw9T
-l997kB55yz1jzcQqy9guX8Uh2Qyc36QlvAmdn+xP8RvYzpwyhQORg5Q8CG+ARR8u
-7zH3G4gymnltlSMzy8OrLAUsCOI7PeIeE8bQ6qOVBkL5bWk2iQy7MZJtyiIWSk2C
-8a+l9dwF9T/14xdF/NWBrvlv7RlLRtEtGm1QnV7brym14g0srxpL0+j9Wo71vref
-9Ixm0j/8hNQCAOjrT5sboDfsrICWt+4mrLvuc0sXzHt4fnXh3oEyiGqEixeFIn2t
-7ROhyuC1va6L2Ik/n4i99ipuvfprc/GtmD9fTXcodwZ+dAPf6VXRFmGFrD0xbdbU
-eVrqe9INHDRTcGXgsYXh
-=AvO3
+iQIcBAABAgAGBQJRsdk0AAoJEH1ncb0Txu7XMnEP/1NWjKVIYVVSJ261ZJicHnK2
+P2dGxyUSdFUB+fnSgiEwM8bFRM2f8q9sR7Qn3cek6OIP9MuK+jsAPA4R4IHCzT5/
+bFZKUC9c2oUHTHGcVq4G7BGDrC4IFjHyHolQE05Geqd3hEq/qRdDuEuy9xtjJo8a
+WO7VjUwil/4Z9XmsHxPNBOHSsCk62UkwwvwRnJYe/JDBqxE7REHuVZiYyM2kJLix
+BATvbRnJohxA8Y6tdJbmbUEAWwly2R9OTMAVYpR7/aL7TLluDBzObMKD1Bd/XxO1
+XV0e0OA8kT3gsop9ooc9LooQLzzgVCCMSkaZKffs1gtt5J5QiweLL0pqRopfyE3V
+dMPpK+wDxl9BXTklVqUBZDrZvN08BFfNubZDQ4cuxkRZ8ofG3aALZZzDQbpeIEn3
+A8D3doLF0SyaULizOX2wmLJGV2XCByQpO6Cvl6F3cBsPHWdClPcywyl15xRnjuBp
+dM6KBc/e0B6Rf0snY5JIfRLjQRJsUJIQ5TIPQaSluX0r19dMqpu2C6gacy10GR4B
+AejcjV4tDs1GiQGYOftMi/AK6yi6RHnZM53NYzWMOJy4Ocscwu+0taW5mveb+yCx
+BkRvLeLYuPHUqqdvREOI3PYyPBpzY/ExHAA6LE0oQy5jZMpO2fzBtFBEbB62DS4z
+Nqwx/SdcACasE7vifZ8v
+=MoXi
 -----END PGP SIGNATURE-----

data/lib/highcharts/export_endpoint.rb

@@ -1,127 +0,0 @@
-# encoding: utf-8
-require 'cocaine'
-
-module Highcharts
-  class ExportEndpoint
-    class InsecureSVGError      < ArgumentError; end
-    class MissingLibrary        < RuntimeError; end
-    class FailedToGenerateChart < RuntimeError; end
-    class InvalidType           < ArgumentError; end
-
-    attr_reader :output, :options
-
-    def initialize(options = {})
-      @options = default_options.merge(options)
-    end
-
-    def default_options
-      {
-        java_path: "/usr/bin/java",
-        batik: "/usr/share/java/batik-rasterizer.jar",
-      }
-    end
-
-    def call(env)
-      dup._call(env)
-    end
-
-    def _call(env)
-      with_rescues do
-        raise MissingLibrary.new("Could not find batik-rasterizer.jar in #{options[:batik].inspect}") unless File.exists?(options[:batik].to_s)
-
-        request = Rack::Request.new(env)
-
-        filename = request.params["filename"].to_s
-        filename  = "chart" if filename.blank? || filename !~ /\A[A-Za-z0-9\-_ ]+\Z/
-
-        type     = request.params["type"].to_s
-        width    = request.params["width"].to_i
-        svg      = request.params["svg"].to_s
-
-        raise InsecureSVGError.new if svg.index("<!ENTITY") || svg.index("<!DOCTYPE")
-
-        if type == "image/svg+xml"
-          # We were sent SVG from the client, so can just render that back
-          return [200, {
-            'Content-Disposition' => "attachment; filename=\"#{filename}.svg\"",
-            'Content-Type'        => 'image/svg+xml'
-          }, [svg]]
-        end
-
-        width     = width > 0 ? width.to_s : "600"
-        extension = case type
-                    when "image/png"       then "png"
-                    when "image/jpeg"      then "jpg"
-                    when "application/pdf" then "pdf"
-                    when "image/svg+xml"   then "svg"
-                    else raise InvalidType.new("#{type} is not a valid type.")
-                    end
-
-        input     = write_svg_to_file(svg)
-        @output   = create_output_file(extension)
-
-        command.run(batik: options[:batik], outfile: output.path, type: type, width: width, infile: input.path)
-        input.close
-        content_length = output.size
-        output.rewind
-
-        raise FailedToGenerateChart.new("Nothing written to file") if !File.exists?(output.path) || content_length < 10
-
-        Rack::Response.new(self, 200, {
-          'Content-Disposition' => "attachment; filename=\"#{filename}.#{extension}\"",
-          'Content-Type'        => type
-        }).finish
-      end
-    end
-
-    # Pass the block along to the output file, and
-    # make sure to close the file afterwards
-    def each(&block)
-      output.each(&block)
-    ensure
-      output.close
-    end
-
-    def command
-      Cocaine::CommandLine.new(options[:java_path], "-jar :batik -m :type -d :outfile -w :width :infile")
-    end
-
-    def write_svg_to_file(contents)
-      file = ::Tempfile.new(["highcharts-input", ".svg"], Dir.tmpdir, encoding: 'utf-8')
-
-      # Replace bad bytes in the input without transcoding,
-      # making sure the contents is actually valid UTF-8.
-      # https://bugs.ruby-lang.org/issues/6321#note-17
-      file.puts contents.force_encoding("utf-8").
-                         encode("utf-8", "binary", undef: :replace)
-      file.flush
-      file
-    end
-
-    def create_output_file(extension)
-      file = ::Tempfile.new(["highcharts-chart", ".#{extension}"])
-      file.binmode
-      file
-    end
-
-    def with_rescues
-      yield
-    rescue Highcharts::ExportEndpoint::InsecureSVGError => e
-      [400, {'Content-Type' => 'text/plain'}, ["The posted SVG could contain code for a malicious attack"]]
-    rescue Highcharts::ExportEndpoint::InvalidType => e
-      [400, {'Content-Type' => 'text/plain'}, [e]]
-    rescue Cocaine::CommandNotFoundError => e
-      [503, {'Content-Type' => 'text/plain'}, ["Unable to find required binary. #{e}"]]
-    rescue Highcharts::ExportEndpoint::MissingLibrary => e
-      [503, {'Content-Type' => 'text/plain'}, ["Unable to find required library. #{e}"]]
-    rescue Highcharts::ExportEndpoint::FailedToGenerateChart => e
-      [500, {'Content-Type' => 'text/plain'}, ["Failed to generate chart. More details may be available in the server logs."]]
-    rescue => e
-      [500, {'Content-Type' => 'text/plain'}, ["Something went wrong. More details may be available in the server logs."]]
-    end
-
-    def error(code, message)
-      [code, {}, [message].flatten]
-    end
-  end
-end