homura-runtime 0.3.3 → 0.3.4

data/vendor/rack/session/pool.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+# Released under the MIT License.
+# Copyright, 2022-2023, by Samuel Williams.
+
+require_relative 'abstract/id'
+
+module Rack
+  module Session
+    # Rack::Session::Pool provides simple cookie based session management.
+    # Session data is stored in a hash held by @pool.
+    # In the context of a multithreaded environment, sessions being
+    # committed to the pool is done in a merging manner.
+    #
+    # The :drop option is available in rack.session.options if you wish to
+    # explicitly remove the session from the session cache.
+    #
+    # Example:
+    #   myapp = MyRackApp.new
+    #   sessioned = Rack::Session::Pool.new(myapp,
+    #     :domain => 'foo.com',
+    #     :expire_after => 2592000
+    #   )
+    #   Rack::Handler::WEBrick.run sessioned
+
+    class Pool < Abstract::PersistedSecure
+      attr_reader :mutex, :pool
+      DEFAULT_OPTIONS = Abstract::ID::DEFAULT_OPTIONS.merge(drop: false, allow_fallback: true)
+
+      def initialize(app, options = {})
+        super
+        @pool = Hash.new
+        @mutex = Mutex.new
+        @allow_fallback = @default_options.delete(:allow_fallback)
+      end
+
+      def generate_sid(*args, use_mutex: true)
+        loop do
+          sid = super(*args)
+          break sid unless use_mutex ? @mutex.synchronize { @pool.key? sid.private_id } : @pool.key?(sid.private_id)
+        end
+      end
+
+      def find_session(req, sid)
+        @mutex.synchronize do
+          unless sid and session = get_session_with_fallback(sid)
+            sid, session = generate_sid(use_mutex: false), {}
+            @pool.store sid.private_id, session
+          end
+          [sid, session]
+        end
+      end
+
+      def write_session(req, session_id, new_session, options)
+        @mutex.synchronize do
+          @pool.store session_id.private_id, new_session
+          session_id
+        end
+      end
+
+      def delete_session(req, session_id, options)
+        @mutex.synchronize do
+          @pool.delete(session_id.public_id)
+          @pool.delete(session_id.private_id)
+          generate_sid(use_mutex: false) unless options[:drop]
+        end
+      end
+
+      private
+
+      def get_session_with_fallback(sid)
+        @pool[sid.private_id] || (@pool[sid.public_id] if @allow_fallback)
+      end
+    end
+  end
+end

data/vendor/rack/session/version.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+# Released under the MIT License.
+# Copyright, 2022-2023, by Samuel Williams.
+
+module Rack
+  module Session
+    VERSION = "2.0.0"
+  end
+end

data/vendor/rack/session.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+# Released under the MIT License.
+# Copyright, 2022-2023, by Samuel Williams.
+# Copyright, 2022, by Jeremy Evans.
+
+module Rack
+  module Session
+    autoload :Cookie, "rack/session/cookie"
+    autoload :Pool, "rack/session/pool"
+  end
+end

data/vendor/rack/show_exceptions.rb

@@ -0,0 +1,433 @@
+# frozen_string_literal: true
+
+require 'erb'
+
+require_relative 'constants'
+require_relative 'utils'
+require_relative 'request'
+
+module Rack
+  # Rack::ShowExceptions catches all exceptions raised from the app it
+  # wraps.  It shows a useful backtrace with the sourcefile and
+  # clickable context, the whole Rack environment and the request
+  # data.
+  #
+  # Be careful when you use this on public-facing sites as it could
+  # reveal information helpful to attackers.
+
+  class ShowExceptions
+    CONTEXT = 7
+
+    Frame = Struct.new(:filename, :lineno, :function,
+                       :pre_context_lineno, :pre_context,
+                       :context_line, :post_context_lineno,
+                       :post_context)
+
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      @app.call(env)
+    rescue StandardError, LoadError, SyntaxError => e
+      exception_string = dump_exception(e)
+
+      env[RACK_ERRORS].puts(exception_string)
+      env[RACK_ERRORS].flush
+
+      if accepts_html?(env)
+        content_type = "text/html"
+        body = pretty(env, e)
+      else
+        content_type = "text/plain"
+        body = exception_string
+      end
+
+      [
+        500,
+        {
+          CONTENT_TYPE => content_type,
+          CONTENT_LENGTH => body.bytesize.to_s,
+        },
+        [body],
+      ]
+    end
+
+    def prefers_plaintext?(env)
+      !accepts_html?(env)
+    end
+
+    def accepts_html?(env)
+      Rack::Utils.best_q_match(env["HTTP_ACCEPT"], %w[text/html])
+    end
+    private :accepts_html?
+
+    def dump_exception(exception)
+      if exception.respond_to?(:detailed_message)
+        message = exception.detailed_message(highlight: false)
+      # :nocov:
+      # Ruby 3.2 added Exception#detailed_message, so the else
+      # branch cannot be hit on the current Ruby version.
+      else
+        message = exception.message
+      # :nocov:
+      end
+      # homura patch: Opal strings are immutable.
+      string = "#{exception.class}: #{message}\n".dup
+      string += exception.backtrace.map { |l| "\t#{l}" }.join("\n") if exception.backtrace
+      string
+    end
+
+    # homura patch: the upstream implementation uses
+    # `template.result(binding)`, and the ERB template compiles at render
+    # time to a Ruby fragment that Opal in turn hands off to
+    # `Opal.Binding.$new(function($code) { return eval($code); }, ...)`.
+    # Cloudflare Workers rejects that with "Code generation from strings
+    # disallowed" on the first dispatch through ShowExceptions. We rebuild
+    # the same rescue page as a plain Ruby string builder so the entire
+    # pretty-printing path stays inside the Workers sandbox.
+    def pretty(env, exception)
+      req    = Rack::Request.new(env)
+      path   = (req.script_name + req.path_info).squeeze('/')
+      frames = (exception.backtrace || []).map { |line|
+        if line =~ /(.*?):(\d+)(:in `(.*)')?/
+          frame = Frame.new
+          frame.filename = $1
+          frame.lineno   = $2.to_i
+          frame.function = $4
+          frame
+        end
+      }.compact
+
+      buffer = +'<!DOCTYPE html><html lang="en"><head>'
+      buffer += '<meta http-equiv="content-type" content="text/html; charset=utf-8"/>'
+      buffer += "<title>#{h(exception.class)} at #{h(path)}</title>"
+      buffer += '<style>body{font:14px -apple-system,sans-serif;margin:20px;color:#222}'
+      buffer += 'h1{font-weight:normal;color:#900}'
+      buffer += 'h2{margin-top:1.2em;font-size:1em;color:#555}'
+      buffer += 'pre{background:#f5f5f5;padding:10px;overflow:auto;white-space:pre-wrap}'
+      buffer += 'ol.traceback{font-family:monospace}'
+      buffer += 'ol.traceback li{margin-bottom:.3em}</style></head><body>'
+      buffer += "<h1>#{h(exception.class)} at #{h(path)}</h1>"
+      buffer += "<h2>#{h(exception.message)}</h2>"
+      buffer += '<h3>Traceback</h3>'
+      buffer += '<ol class="traceback">'
+      frames.each do |frame|
+        buffer += '<li>'
+        buffer += "<code>#{h(frame.filename)}:#{frame.lineno}</code>"
+        buffer += " in <code>#{h(frame.function)}</code>" if frame.function
+        buffer += '</li>'
+      end
+      buffer += '</ol>'
+      buffer += '<h3>Request</h3>'
+      buffer += '<pre>'
+      buffer += "#{h(req.request_method)} #{h(req.fullpath)}\n"
+      buffer += "Host: #{h(req.host_with_port)}\n"
+      buffer += '</pre>'
+      buffer += '<h3>Environment</h3>'
+      buffer += '<pre>'
+      env.sort_by { |k, _| k.to_s }.each do |k, v|
+        next unless k.is_a?(String)
+        next if k.start_with?('rack.')
+        next if k == 'cloudflare.env' || k == 'cloudflare.ctx'
+        buffer += "#{h(k)} = #{h(v.inspect)}\n"
+      end
+      buffer += '</pre>'
+      buffer += '</body></html>'
+      buffer
+    end
+
+    def template
+      TEMPLATE
+    end
+
+    def h(obj)                  # :nodoc:
+      case obj
+      when String
+        Utils.escape_html(obj)
+      else
+        Utils.escape_html(obj.inspect)
+      end
+    end
+
+    # :stopdoc:
+
+    # adapted from Django <www.djangoproject.com>
+    # Copyright (c) Django Software Foundation and individual contributors.
+    # Used under the modified BSD license:
+    # http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5
+    TEMPLATE = ERB.new(<<-'HTML'.gsub(/^      /, ''))
+      <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+      <html lang="en">
+      <head>
+        <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+        <meta name="robots" content="NONE,NOARCHIVE" />
+        <title><%=h exception.class %> at <%=h path %></title>
+        <style type="text/css">
+          html * { padding:0; margin:0; }
+          body * { padding:10px 20px; }
+          body * * { padding:0; }
+          body { font:small sans-serif; }
+          body>div { border-bottom:1px solid #ddd; }
+          h1 { font-weight:normal; }
+          h2 { margin-bottom:.8em; }
+          h2 span { font-size:80%; color:#666; font-weight:normal; }
+          h3 { margin:1em 0 .5em 0; }
+          h4 { margin:0 0 .5em 0; font-weight: normal; }
+          table {
+              border:1px solid #ccc; border-collapse: collapse; background:white; }
+          tbody td, tbody th { vertical-align:top; padding:2px 3px; }
+          thead th {
+              padding:1px 6px 1px 3px; background:#fefefe; text-align:left;
+              font-weight:normal; font-size:11px; border:1px solid #ddd; }
+          tbody th { text-align:right; color:#666; padding-right:.5em; }
+          table.vars { margin:5px 0 2px 40px; }
+          table.vars td, table.req td { font-family:monospace; }
+          table td.code { width:100%;}
+          table td.code div { overflow:hidden; }
+          table.source th { color:#666; }
+          table.source td {
+              font-family:monospace; white-space:pre; border-bottom:1px solid #eee; }
+          ul.traceback { list-style-type:none; }
+          ul.traceback li.frame { margin-bottom:1em; }
+          div.context { margin: 10px 0; }
+          div.context ol {
+              padding-left:30px; margin:0 10px; list-style-position: inside; }
+          div.context ol li {
+              font-family:monospace; white-space:pre; color:#666; cursor:pointer; }
+          div.context ol.context-line li { color:black; background-color:#ccc; }
+          div.context ol.context-line li span { float: right; }
+          div.commands { margin-left: 40px; }
+          div.commands a { color:black; text-decoration:none; }
+          #summary { background: #ffc; }
+          #summary h2 { font-family: monospace; font-weight: normal; color: #666; white-space: pre-wrap; }
+          #summary ul#quicklinks { list-style-type: none; margin-bottom: 2em; }
+          #summary ul#quicklinks li { float: left; padding: 0 1em; }
+          #summary ul#quicklinks>li+li { border-left: 1px #666 solid; }
+          #explanation { background:#eee; }
+          #template, #template-not-exist { background:#f6f6f6; }
+          #template-not-exist ul { margin: 0 0 0 20px; }
+          #traceback { background:#eee; }
+          #requestinfo { background:#f6f6f6; padding-left:120px; }
+          #summary table { border:none; background:transparent; }
+          #requestinfo h2, #requestinfo h3 { position:relative; margin-left:-100px; }
+          #requestinfo h3 { margin-bottom:-1em; }
+          .error { background: #ffc; }
+          .specific { color:#cc3300; font-weight:bold; }
+        </style>
+        <script type="text/javascript">
+        //<!--
+          function getElementsByClassName(oElm, strTagName, strClassName){
+              // Written by Jonathan Snook, http://www.snook.ca/jon;
+              // Add-ons by Robert Nyman, http://www.robertnyman.com
+              var arrElements = (strTagName == "*" && document.all)? document.all :
+              oElm.getElementsByTagName(strTagName);
+              var arrReturnElements = new Array();
+              strClassName = strClassName.replace(/\-/g, "\\-");
+              var oRegExp = new RegExp("(^|\\s)" + strClassName + "(\\s|$$)");
+              var oElement;
+              for(var i=0; i<arrElements.length; i++){
+                  oElement = arrElements[i];
+                  if(oRegExp.test(oElement.className)){
+                      arrReturnElements.push(oElement);
+                  }
+              }
+              return (arrReturnElements)
+          }
+          function hideAll(elems) {
+            for (var e = 0; e < elems.length; e++) {
+              elems[e].style.display = 'none';
+            }
+          }
+          window.onload = function() {
+            hideAll(getElementsByClassName(document, 'table', 'vars'));
+            hideAll(getElementsByClassName(document, 'ol', 'pre-context'));
+            hideAll(getElementsByClassName(document, 'ol', 'post-context'));
+          }
+          function toggle() {
+            for (var i = 0; i < arguments.length; i++) {
+              var e = document.getElementById(arguments[i]);
+              if (e) {
+                e.style.display = e.style.display == 'none' ? 'block' : 'none';
+              }
+            }
+            return false;
+          }
+          function varToggle(link, id) {
+            toggle('v' + id);
+            var s = link.getElementsByTagName('span')[0];
+            var uarr = String.fromCharCode(0x25b6);
+            var darr = String.fromCharCode(0x25bc);
+            s.innerHTML = s.innerHTML == uarr ? darr : uarr;
+            return false;
+          }
+          //-->
+        </script>
+      </head>
+      <body>
+
+      <div id="summary">
+        <h1><%=h exception.class %> at <%=h path %></h1>
+      <% if exception.respond_to?(:detailed_message) %>
+        <h2><%=h exception.detailed_message(highlight: false) %></h2>
+      <% else %>
+        <h2><%=h exception.message %></h2>
+      <% end %>
+        <table><tr>
+          <th>Ruby</th>
+          <td>
+      <% if first = frames.first %>
+            <code><%=h first.filename %></code>: in <code><%=h first.function %></code>, line <%=h frames.first.lineno %>
+      <% else %>
+            unknown location
+      <% end %>
+          </td>
+        </tr><tr>
+          <th>Web</th>
+          <td><code><%=h req.request_method %> <%=h(req.host + path)%></code></td>
+        </tr></table>
+
+        <h3>Jump to:</h3>
+        <ul id="quicklinks">
+          <li><a href="#get-info">GET</a></li>
+          <li><a href="#post-info">POST</a></li>
+          <li><a href="#cookie-info">Cookies</a></li>
+          <li><a href="#env-info">ENV</a></li>
+        </ul>
+      </div>
+
+      <div id="traceback">
+        <h2>Traceback <span>(innermost first)</span></h2>
+        <ul class="traceback">
+      <% frames.each { |frame| %>
+            <li class="frame">
+              <code><%=h frame.filename %></code>: in <code><%=h frame.function %></code>
+
+                <% if frame.context_line %>
+                <div class="context" id="c<%=h frame.object_id %>">
+                    <% if frame.pre_context %>
+                    <ol start="<%=h frame.pre_context_lineno+1 %>" class="pre-context" id="pre<%=h frame.object_id %>">
+                      <% frame.pre_context.each { |line| %>
+                      <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h line %></li>
+                      <% } %>
+                    </ol>
+                    <% end %>
+
+                  <ol start="<%=h frame.lineno %>" class="context-line">
+                    <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h frame.context_line %><span>...</span></li></ol>
+
+                    <% if frame.post_context %>
+                    <ol start='<%=h frame.lineno+1 %>' class="post-context" id="post<%=h frame.object_id %>">
+                      <% frame.post_context.each { |line| %>
+                      <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h line %></li>
+                      <% } %>
+                    </ol>
+                    <% end %>
+                </div>
+                <% end %>
+            </li>
+      <% } %>
+        </ul>
+      </div>
+
+      <div id="requestinfo">
+        <h2>Request information</h2>
+
+        <h3 id="get-info">GET</h3>
+        <% if req.GET and not req.GET.empty? %>
+          <table class="req">
+            <thead>
+              <tr>
+                <th>Variable</th>
+                <th>Value</th>
+              </tr>
+            </thead>
+            <tbody>
+                <% req.GET.sort_by { |k, v| k.to_s }.each { |key, val| %>
+                <tr>
+                  <td><%=h key %></td>
+                  <td class="code"><div><%=h val.inspect %></div></td>
+                </tr>
+                <% } %>
+            </tbody>
+          </table>
+        <% else %>
+          <p>No GET data.</p>
+        <% end %>
+
+        <h3 id="post-info">POST</h3>
+        <% if ((req.POST and not req.POST.empty?) rescue (no_post_data = "Invalid POST data"; nil)) %>
+          <table class="req">
+            <thead>
+              <tr>
+                <th>Variable</th>
+                <th>Value</th>
+              </tr>
+            </thead>
+            <tbody>
+                <% req.POST.sort_by { |k, v| k.to_s }.each { |key, val| %>
+                <tr>
+                  <td><%=h key %></td>
+                  <td class="code"><div><%=h val.inspect %></div></td>
+                </tr>
+                <% } %>
+            </tbody>
+          </table>
+        <% else %>
+          <p><%= no_post_data || "No POST data" %>.</p>
+        <% end %>
+
+
+        <h3 id="cookie-info">COOKIES</h3>
+        <% unless req.cookies.empty? %>
+          <table class="req">
+            <thead>
+              <tr>
+                <th>Variable</th>
+                <th>Value</th>
+              </tr>
+            </thead>
+            <tbody>
+              <% req.cookies.each { |key, val| %>
+                <tr>
+                  <td><%=h key %></td>
+                  <td class="code"><div><%=h val.inspect %></div></td>
+                </tr>
+              <% } %>
+            </tbody>
+          </table>
+        <% else %>
+          <p>No cookie data.</p>
+        <% end %>
+
+        <h3 id="env-info">Rack ENV</h3>
+          <table class="req">
+            <thead>
+              <tr>
+                <th>Variable</th>
+                <th>Value</th>
+              </tr>
+            </thead>
+            <tbody>
+                <% env.sort_by { |k, v| k.to_s }.each { |key, val| %>
+                <tr>
+                  <td><%=h key %></td>
+                  <td class="code"><div><%=h val.inspect %></div></td>
+                </tr>
+                <% } %>
+            </tbody>
+          </table>
+
+      </div>
+
+      <div id="explanation">
+        <p>
+          You're seeing this error because you use <code>Rack::ShowExceptions</code>.
+        </p>
+      </div>
+
+      </body>
+      </html>
+    HTML
+  end
+end

data/vendor/rack/show_status.rb

@@ -0,0 +1,121 @@
+# frozen_string_literal: true
+
+require 'erb'
+
+require_relative 'constants'
+require_relative 'utils'
+require_relative 'request'
+require_relative 'body_proxy'
+
+module Rack
+  # Rack::ShowStatus catches all empty responses and replaces them
+  # with a site explaining the error.
+  #
+  # Additional details can be put into <tt>rack.showstatus.detail</tt>
+  # and will be shown as HTML.  If such details exist, the error page
+  # is always rendered, even if the reply was not empty.
+
+  class ShowStatus
+    def initialize(app)
+      @app = app
+      @template = ERB.new(TEMPLATE)
+    end
+
+    def call(env)
+      status, headers, body = response = @app.call(env)
+      empty = headers[CONTENT_LENGTH].to_i <= 0
+
+      # client or server error, or explicit message
+      if (status.to_i >= 400 && empty) || env[RACK_SHOWSTATUS_DETAIL]
+        # This double assignment is to prevent an "unused variable" warning.
+        # Yes, it is dumb, but I don't like Ruby yelling at me.
+        req = req = Rack::Request.new(env)
+
+        message = Rack::Utils::HTTP_STATUS_CODES[status.to_i] || status.to_s
+
+        # This double assignment is to prevent an "unused variable" warning.
+        # Yes, it is dumb, but I don't like Ruby yelling at me.
+        detail = detail = env[RACK_SHOWSTATUS_DETAIL] || message
+
+        html = @template.result(binding)
+        size = html.bytesize
+
+        response[2] = Rack::BodyProxy.new([html]) do
+          body.close if body.respond_to?(:close)
+        end
+
+        headers[CONTENT_TYPE] = "text/html"
+        headers[CONTENT_LENGTH] = size.to_s
+      end
+
+      response
+    end
+
+    def h(obj)                  # :nodoc:
+      case obj
+      when String
+        Utils.escape_html(obj)
+      else
+        Utils.escape_html(obj.inspect)
+      end
+    end
+
+    # :stopdoc:
+
+# adapted from Django <www.djangoproject.com>
+# Copyright (c) Django Software Foundation and individual contributors.
+# Used under the modified BSD license:
+# http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5
+TEMPLATE = <<'HTML'
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="en">
+<head>
+  <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+  <title><%=h message %> at <%=h req.script_name + req.path_info %></title>
+  <meta name="robots" content="NONE,NOARCHIVE" />
+  <style type="text/css">
+    html * { padding:0; margin:0; }
+    body * { padding:10px 20px; }
+    body * * { padding:0; }
+    body { font:small sans-serif; background:#eee; }
+    body>div { border-bottom:1px solid #ddd; }
+    h1 { font-weight:normal; margin-bottom:.4em; }
+    h1 span { font-size:60%; color:#666; font-weight:normal; }
+    table { border:none; border-collapse: collapse; width:100%; }
+    td, th { vertical-align:top; padding:2px 3px; }
+    th { width:12em; text-align:right; color:#666; padding-right:.5em; }
+    #info { background:#f6f6f6; }
+    #info ol { margin: 0.5em 4em; }
+    #info ol li { font-family: monospace; }
+    #summary { background: #ffc; }
+    #explanation { background:#eee; border-bottom: 0px none; }
+  </style>
+</head>
+<body>
+  <div id="summary">
+    <h1><%=h message %> <span>(<%= status.to_i %>)</span></h1>
+    <table class="meta">
+      <tr>
+        <th>Request Method:</th>
+        <td><%=h req.request_method %></td>
+      </tr>
+      <tr>
+        <th>Request URL:</th>
+      <td><%=h req.url %></td>
+      </tr>
+    </table>
+  </div>
+  <div id="info">
+    <p><%=h detail %></p>
+  </div>
+
+  <div id="explanation">
+    <p>
+    You're seeing this error because you use <code>Rack::ShowStatus</code>.
+    </p>
+  </div>
+</body>
+</html>
+HTML
+  end
+end