highcharts-rails 3.0.1.5 → 3.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
metadata.gz.asc CHANGED
@@ -2,17 +2,17 @@
2
2
  Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
3
3
  Comment: GPGTools - http://gpgtools.org
4
4
 
5
- iQIcBAABAgAGBQJRijrwAAoJEH1ncb0Txu7XrZYP/3Jke+pBEv4fm09l8qunONEH
6
- Rxjfz7z2ldfcZVwRj/WKGoeuBBoiU8q2E+n8784eYR2FNa23izbTEUyQaRVSg3EE
7
- MJ7PTu7GgIl5mWQun8nkkrUTRcVBC60tZ1kDb09TQIGkAMsj6rTbwnuJjdbTbJ7Z
8
- j0mhDuBJr5xV79L57rWFIHFYbB5+LCfVXMonA7i25mkx/SJRwbb2yu3V0XVSJJnP
9
- /NjHzj2uZicvIteymOaxOqAMZaYoqygltOqIBgurgPXv3aPTAs9dAdFKZ/ogD6kO
10
- t0uOK45cZZhcKR/oMjh0oTr+Ib7QrOw5x1FZjMSIRHUode5KgNKNAuxWN7pdRw9T
11
- l997kB55yz1jzcQqy9guX8Uh2Qyc36QlvAmdn+xP8RvYzpwyhQORg5Q8CG+ARR8u
12
- 7zH3G4gymnltlSMzy8OrLAUsCOI7PeIeE8bQ6qOVBkL5bWk2iQy7MZJtyiIWSk2C
13
- 8a+l9dwF9T/14xdF/NWBrvlv7RlLRtEtGm1QnV7brym14g0srxpL0+j9Wo71vref
14
- 9Ixm0j/8hNQCAOjrT5sboDfsrICWt+4mrLvuc0sXzHt4fnXh3oEyiGqEixeFIn2t
15
- 7ROhyuC1va6L2Ik/n4i99ipuvfprc/GtmD9fTXcodwZ+dAPf6VXRFmGFrD0xbdbU
16
- eVrqe9INHDRTcGXgsYXh
17
- =AvO3
5
+ iQIcBAABAgAGBQJRsdk0AAoJEH1ncb0Txu7XMnEP/1NWjKVIYVVSJ261ZJicHnK2
6
+ P2dGxyUSdFUB+fnSgiEwM8bFRM2f8q9sR7Qn3cek6OIP9MuK+jsAPA4R4IHCzT5/
7
+ bFZKUC9c2oUHTHGcVq4G7BGDrC4IFjHyHolQE05Geqd3hEq/qRdDuEuy9xtjJo8a
8
+ WO7VjUwil/4Z9XmsHxPNBOHSsCk62UkwwvwRnJYe/JDBqxE7REHuVZiYyM2kJLix
9
+ BATvbRnJohxA8Y6tdJbmbUEAWwly2R9OTMAVYpR7/aL7TLluDBzObMKD1Bd/XxO1
10
+ XV0e0OA8kT3gsop9ooc9LooQLzzgVCCMSkaZKffs1gtt5J5QiweLL0pqRopfyE3V
11
+ dMPpK+wDxl9BXTklVqUBZDrZvN08BFfNubZDQ4cuxkRZ8ofG3aALZZzDQbpeIEn3
12
+ A8D3doLF0SyaULizOX2wmLJGV2XCByQpO6Cvl6F3cBsPHWdClPcywyl15xRnjuBp
13
+ dM6KBc/e0B6Rf0snY5JIfRLjQRJsUJIQ5TIPQaSluX0r19dMqpu2C6gacy10GR4B
14
+ AejcjV4tDs1GiQGYOftMi/AK6yi6RHnZM53NYzWMOJy4Ocscwu+0taW5mveb+yCx
15
+ BkRvLeLYuPHUqqdvREOI3PYyPBpzY/ExHAA6LE0oQy5jZMpO2fzBtFBEbB62DS4z
16
+ Nqwx/SdcACasE7vifZ8v
17
+ =MoXi
18
18
  -----END PGP SIGNATURE-----
@@ -1,127 +0,0 @@
1
- # encoding: utf-8
2
- require 'cocaine'
3
-
4
- module Highcharts
5
- class ExportEndpoint
6
- class InsecureSVGError < ArgumentError; end
7
- class MissingLibrary < RuntimeError; end
8
- class FailedToGenerateChart < RuntimeError; end
9
- class InvalidType < ArgumentError; end
10
-
11
- attr_reader :output, :options
12
-
13
- def initialize(options = {})
14
- @options = default_options.merge(options)
15
- end
16
-
17
- def default_options
18
- {
19
- java_path: "/usr/bin/java",
20
- batik: "/usr/share/java/batik-rasterizer.jar",
21
- }
22
- end
23
-
24
- def call(env)
25
- dup._call(env)
26
- end
27
-
28
- def _call(env)
29
- with_rescues do
30
- raise MissingLibrary.new("Could not find batik-rasterizer.jar in #{options[:batik].inspect}") unless File.exists?(options[:batik].to_s)
31
-
32
- request = Rack::Request.new(env)
33
-
34
- filename = request.params["filename"].to_s
35
- filename = "chart" if filename.blank? || filename !~ /\A[A-Za-z0-9\-_ ]+\Z/
36
-
37
- type = request.params["type"].to_s
38
- width = request.params["width"].to_i
39
- svg = request.params["svg"].to_s
40
-
41
- raise InsecureSVGError.new if svg.index("<!ENTITY") || svg.index("<!DOCTYPE")
42
-
43
- if type == "image/svg+xml"
44
- # We were sent SVG from the client, so can just render that back
45
- return [200, {
46
- 'Content-Disposition' => "attachment; filename=\"#{filename}.svg\"",
47
- 'Content-Type' => 'image/svg+xml'
48
- }, [svg]]
49
- end
50
-
51
- width = width > 0 ? width.to_s : "600"
52
- extension = case type
53
- when "image/png" then "png"
54
- when "image/jpeg" then "jpg"
55
- when "application/pdf" then "pdf"
56
- when "image/svg+xml" then "svg"
57
- else raise InvalidType.new("#{type} is not a valid type.")
58
- end
59
-
60
- input = write_svg_to_file(svg)
61
- @output = create_output_file(extension)
62
-
63
- command.run(batik: options[:batik], outfile: output.path, type: type, width: width, infile: input.path)
64
- input.close
65
- content_length = output.size
66
- output.rewind
67
-
68
- raise FailedToGenerateChart.new("Nothing written to file") if !File.exists?(output.path) || content_length < 10
69
-
70
- Rack::Response.new(self, 200, {
71
- 'Content-Disposition' => "attachment; filename=\"#{filename}.#{extension}\"",
72
- 'Content-Type' => type
73
- }).finish
74
- end
75
- end
76
-
77
- # Pass the block along to the output file, and
78
- # make sure to close the file afterwards
79
- def each(&block)
80
- output.each(&block)
81
- ensure
82
- output.close
83
- end
84
-
85
- def command
86
- Cocaine::CommandLine.new(options[:java_path], "-jar :batik -m :type -d :outfile -w :width :infile")
87
- end
88
-
89
- def write_svg_to_file(contents)
90
- file = ::Tempfile.new(["highcharts-input", ".svg"], Dir.tmpdir, encoding: 'utf-8')
91
-
92
- # Replace bad bytes in the input without transcoding,
93
- # making sure the contents is actually valid UTF-8.
94
- # https://bugs.ruby-lang.org/issues/6321#note-17
95
- file.puts contents.force_encoding("utf-8").
96
- encode("utf-8", "binary", undef: :replace)
97
- file.flush
98
- file
99
- end
100
-
101
- def create_output_file(extension)
102
- file = ::Tempfile.new(["highcharts-chart", ".#{extension}"])
103
- file.binmode
104
- file
105
- end
106
-
107
- def with_rescues
108
- yield
109
- rescue Highcharts::ExportEndpoint::InsecureSVGError => e
110
- [400, {'Content-Type' => 'text/plain'}, ["The posted SVG could contain code for a malicious attack"]]
111
- rescue Highcharts::ExportEndpoint::InvalidType => e
112
- [400, {'Content-Type' => 'text/plain'}, [e]]
113
- rescue Cocaine::CommandNotFoundError => e
114
- [503, {'Content-Type' => 'text/plain'}, ["Unable to find required binary. #{e}"]]
115
- rescue Highcharts::ExportEndpoint::MissingLibrary => e
116
- [503, {'Content-Type' => 'text/plain'}, ["Unable to find required library. #{e}"]]
117
- rescue Highcharts::ExportEndpoint::FailedToGenerateChart => e
118
- [500, {'Content-Type' => 'text/plain'}, ["Failed to generate chart. More details may be available in the server logs."]]
119
- rescue => e
120
- [500, {'Content-Type' => 'text/plain'}, ["Something went wrong. More details may be available in the server logs."]]
121
- end
122
-
123
- def error(code, message)
124
- [code, {}, [message].flatten]
125
- end
126
- end
127
- end