kastner-rack 0.3.171

data/lib/rack/session/abstract/id.rb

@@ -0,0 +1,140 @@
+# AUTHOR: blink <blinketje@gmail.com>; blink#ruby-lang@irc.freenode.net
+# bugrep: Andreas Zehnder
+
+require 'rack/utils'
+require 'time'
+
+module Rack
+  module Session
+    module Abstract
+      # ID sets up a basic framework for implementing an id based sessioning
+      # service. Cookies sent to the client for maintaining sessions will only
+      # contain an id reference. Only #get_session and #set_session should
+      # need to be overwritten.
+      #
+      # All parameters are optional.
+      # * :key determines the name of the cookie, by default it is
+      #   'rack.session'
+      # * :domain and :path set the related cookie values, by default
+      #   domain is nil, and the path is '/'.
+      # * :expire_after is the number of seconds in which the session
+      #   cookie will expire. By default it is set not to provide any
+      #   expiry time.
+      class ID
+        attr_reader :key
+        DEFAULT_OPTIONS = {
+          :key =>           'rack.session',
+          :path =>          '/',
+          :domain =>        nil,
+          :expire_after =>  nil
+        }
+
+        def initialize(app, options={})
+          @default_options = self.class::DEFAULT_OPTIONS.merge(options)
+          @key = @default_options[:key]
+          @default_context = context app
+        end
+
+        def call(env)
+          @default_context.call(env)
+        end
+
+        def context(app)
+          Rack::Utils::Context.new self, app do |env|
+            load_session env
+            response = app.call(env)
+            commit_session env, response
+            response
+          end
+        end
+
+        private
+
+        # Extracts the session id from provided cookies and passes it and the
+        # environment to #get_session. It then sets the resulting session into
+        # 'rack.session', and places options and session metadata into
+        # 'rack.session.options'.
+        def load_session(env)
+          sid           = (env['HTTP_COOKIE']||'')[/#{@key}=([^,;]+)/,1]
+          sid, session  = get_session(env, sid)
+          unless session.is_a?(Hash)
+            puts 'Session: '+sid.inspect+"\n"+session.inspect if $DEBUG
+            raise TypeError, 'Session not a Hash'
+          end
+
+          options = @default_options.
+            merge({ :id => sid, :by => self, :at => Time.now })
+
+          env['rack.session'] = session
+          env['rack.session.options'] = options
+
+          return true
+        end
+
+        # Acquires the session from the environment and the session id from
+        # the session options and passes them to #set_session. It then
+        # proceeds to set a cookie up in the response with the session's id.
+        def commit_session(env, response)
+          unless response.is_a?(Array)
+            puts 'Response: '+response.inspect if $DEBUG
+            raise ArgumentError, 'Response is not an array.'
+          end
+
+          options = env['rack.session.options']
+          unless options.is_a?(Hash)
+            puts 'Options: '+options.inspect if $DEBUG
+            raise TypeError, 'Options not a Hash'
+          end
+
+          sid, time, z = options.values_at(:id, :at, :by)
+          unless self == z
+            warn "#{self} not managing this session."
+            return
+          end
+
+          unless env['rack.session'].is_a?(Hash)
+            warn 'Session: '+sid.inspect+"\n"+session.inspect if $DEBUG
+            raise TypeError, 'Session not a Hash'
+          end
+
+          unless set_session(env, sid)
+            warn "Session not saved." if $DEBUG
+            warn "#{env['rack.session'].inspect} has been lost."if $DEBUG
+            return false
+          end
+
+          cookie = Utils.escape(@key)+'='+Utils.escape(sid)
+          cookie<< "; domain=#{options[:domain]}" if options[:domain]
+          cookie<< "; path=#{options[:path]}" if options[:path]
+          if options[:expire_after]
+            expiry = time + options[:expire_after]
+            cookie<< "; expires=#{expiry.httpdate}"
+          end
+
+          case a = (h = response[1])['Set-Cookie']
+          when Array then  a << cookie
+          when String then h['Set-Cookie'] = [a, cookie]
+          when nil then    h['Set-Cookie'] = cookie
+          end
+
+          return true
+        end
+
+        # Should return [session_id, session]. All thread safety and session
+        # retrival proceedures should occur here.
+        # If nil is provided as the session id, generation of a new valid id
+        # should occur within.
+        def get_session(env, sid)
+          raise '#get_session needs to be implemented.'
+        end
+
+        # All thread safety and session storage proceedures should occur here.
+        # Should return true or false dependant on whether or not the session
+        # was saved or not.
+        def set_session(env, sid)
+          raise '#set_session needs to be implemented.'
+        end
+      end
+    end
+  end
+end

data/lib/rack/session/cookie.rb

@@ -0,0 +1,89 @@
+require 'openssl'
+
+module Rack
+
+  module Session
+
+    # Rack::Session::Cookie provides simple cookie based session management.
+    # The session is a Ruby Hash stored as base64 encoded marshalled data
+    # set to :key (default: rack.session).
+    # When the secret key is set, cookie data is checked for data integrity.
+    #
+    # Example:
+    #
+    #     use Rack::Session::Cookie, :key => 'rack.session',
+    #                                :domain => 'foo.com',
+    #                                :path => '/',
+    #                                :expire_after => 2592000,
+    #                                :secret => 'change_me'
+    #
+    #     All parameters are optional.
+
+    class Cookie
+
+      def initialize(app, options={})
+        @app = app
+        @key = options[:key] || "rack.session"
+        @secret = options[:secret]
+        @default_options = {:domain => nil,
+          :path => "/",
+          :expire_after => nil}.merge(options)
+      end
+
+      def call(env)
+        load_session(env)
+        status, headers, body = @app.call(env)
+        commit_session(env, status, headers, body)
+      end
+
+      private
+
+      def load_session(env)
+        request = Rack::Request.new(env)
+        session_data = request.cookies[@key]
+
+        if @secret && session_data
+          session_data, digest = session_data.split("--")
+          session_data = nil  unless digest == generate_hmac(session_data)
+        end
+
+        begin
+          session_data = session_data.unpack("m*").first
+          session_data = Marshal.load(session_data)
+          env["rack.session"] = session_data
+        rescue
+          env["rack.session"] = Hash.new
+        end
+
+        env["rack.session.options"] = @default_options.dup
+      end
+
+      def commit_session(env, status, headers, body)
+        session_data = Marshal.dump(env["rack.session"])
+        session_data = [session_data].pack("m*")
+
+        if @secret
+          session_data = "#{session_data}--#{generate_hmac(session_data)}"
+        end
+
+        if session_data.size > (4096 - @key.size)
+          env["rack.errors"].puts("Warning! Rack::Session::Cookie data size exceeds 4K. Content dropped.")
+          [status, headers, body]
+        else
+          options = env["rack.session.options"]
+          cookie = Hash.new
+          cookie[:value] = session_data
+          cookie[:expires] = Time.now + options[:expire_after] unless options[:expire_after].nil?
+          response = Rack::Response.new(body, status, headers)
+          response.set_cookie(@key, cookie.merge(options))
+          response.to_a
+        end
+      end
+
+      def generate_hmac(data)
+        OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, @secret, data)
+      end
+
+    end
+  end
+end

data/lib/rack/session/memcache.rb

@@ -0,0 +1,97 @@
+# AUTHOR: blink <blinketje@gmail.com>; blink#ruby-lang@irc.freenode.net
+
+require 'rack/session/abstract/id'
+require 'memcache'
+
+module Rack
+  module Session
+    # Rack::Session::Memcache provides simple cookie based session management.
+    # Session data is stored in memcached. The corresponding session key is
+    # maintained in the cookie.
+    # You may treat Session::Memcache as you would Session::Pool with the
+    # following caveats.
+    #
+    # * Setting :expire_after to 0 would note to the Memcache server to hang
+    #   onto the session data until it would drop it according to it's own
+    #   specifications. However, the cookie sent to the client would expire
+    #   immediately.
+    #
+    # Note that memcache does drop data before it may be listed to expire. For
+    # a full description of behaviour, please see memcache's documentation.
+
+    class Memcache < Abstract::ID
+      attr_reader :mutex, :pool
+      DEFAULT_OPTIONS = Abstract::ID::DEFAULT_OPTIONS.merge({
+        :namespace => 'rack:session',
+        :memcache_server => 'localhost:11211'
+      })
+
+      def initialize(app, options={})
+        super
+        @pool = MemCache.new @default_options[:memcache_server], @default_options
+        unless @pool.servers.any?{|s|s.alive?}
+          raise "#{self} unable to find server during initialization."
+        end
+        @mutex = Mutex.new
+      end
+
+      private
+
+      def get_session(env, sid)
+        session = sid && @pool.get(sid)
+        unless session and session.is_a?(Hash)
+          session = {}
+          lc = 0
+          @mutex.synchronize do
+            begin
+              raise RuntimeError, 'Unique id finding looping excessively' if (lc+=1) > 1000
+              sid = "%08x" % rand(0xffffffff)
+              ret = @pool.add(sid, session)
+            end until /^STORED/ =~ ret
+          end
+        end
+        class << session
+          @deleted = []
+          def delete key
+            (@deleted||=[]) << key
+            super
+          end
+        end
+        [sid, session]
+      rescue MemCache::MemCacheError, Errno::ECONNREFUSED # MemCache server cannot be contacted
+        warn "#{self} is unable to find server."
+        warn $!.inspect
+        return [ nil, {} ]
+      end
+
+      def set_session(env, sid)
+        session = env['rack.session']
+        options = env['rack.session.options']
+        expiry  = options[:expire_after] || 0
+        o, s = @mutex.synchronize do
+          old_session = @pool.get(sid)
+          unless old_session.is_a?(Hash)
+            warn 'Session not properly initialized.' if $DEBUG
+            old_session = {}
+            @pool.add sid, old_session, expiry
+          end
+          session.instance_eval do
+            @deleted.each{|k| old_session.delete(k) } if defined? @deleted
+          end
+          @pool.set sid, old_session.merge(session), expiry
+          [old_session, session]
+        end
+        s.each do |k,v|
+          next unless o.has_key?(k) and v != o[k]
+          warn "session value assignment collision at #{k.inspect}:"+
+            "\n\t#{o[k].inspect}\n\t#{v.inspect}"
+        end if $DEBUG and env['rack.multithread']
+        return true
+      rescue MemCache::MemCacheError, Errno::ECONNREFUSED # MemCache server cannot be contacted
+        warn "#{self} is unable to find server."
+        warn $!.inspect
+        return false
+      end
+    end
+  end
+end

data/lib/rack/session/pool.rb

@@ -0,0 +1,73 @@
+# AUTHOR: blink <blinketje@gmail.com>; blink#ruby-lang@irc.freenode.net
+# THANKS:
+#   apeiros, for session id generation, expiry setup, and threadiness
+#   sergio, threadiness and bugreps
+
+require 'rack/session/abstract/id'
+require 'thread'
+
+module Rack
+  module Session
+    # Rack::Session::Pool provides simple cookie based session management.
+    # Session data is stored in a hash held by @pool.
+    # In the context of a multithreaded environment, sessions being
+    # committed to the pool is done in a merging manner.
+    #
+    # Example:
+    #   myapp = MyRackApp.new
+    #   sessioned = Rack::Session::Pool.new(myapp,
+    #     :key => 'rack.session',
+    #     :domain => 'foo.com',
+    #     :path => '/',
+    #     :expire_after => 2592000
+    #   )
+    #   Rack::Handler::WEBrick.run sessioned
+
+    class Pool < Abstract::ID
+      attr_reader :mutex, :pool
+      DEFAULT_OPTIONS = Abstract::ID::DEFAULT_OPTIONS.dup
+
+      def initialize(app, options={})
+        super
+        @pool = Hash.new
+        @mutex = Mutex.new
+      end
+
+      private
+
+      def get_session(env, sid)
+        session = @mutex.synchronize do
+          unless sess = @pool[sid] and ((expires = sess[:expire_at]).nil? or expires > Time.now)
+            @pool.delete_if{|k,v| expiry = v[:expire_at] and expiry < Time.now }
+            begin
+              sid = "%08x" % rand(0xffffffff)
+            end while @pool.has_key?(sid)
+          end
+          @pool[sid] ||= {}
+        end
+        [sid, session]
+      end
+
+      def set_session(env, sid)
+        options = env['rack.session.options']
+        expiry = options[:expire_after] && options[:at]+options[:expire_after]
+        @mutex.synchronize do
+          old_session = @pool[sid]
+          old_session[:expire_at] = expiry if expiry
+          session = old_session.merge(env['rack.session'])
+          @pool[sid] = session
+          session.each do |k,v|
+            next unless old_session.has_key?(k) and v != old_session[k]
+            warn "session value assignment collision at #{k}: #{old_session[k]} <- #{v}"
+          end if $DEBUG and env['rack.multithread']
+        end
+        return true
+      rescue
+        warn "#{self} is unable to find server."
+        warn "#{env['rack.session'].inspect} has been lost."
+        warn $!.inspect
+        return false
+      end
+    end
+  end
+end

data/lib/rack/showexceptions.rb

@@ -0,0 +1,348 @@
+require 'ostruct'
+require 'erb'
+require 'rack/request'
+
+module Rack
+  # Rack::ShowExceptions catches all exceptions raised from the app it
+  # wraps.  It shows a useful backtrace with the sourcefile and
+  # clickable context, the whole Rack environment and the request
+  # data.
+  #
+  # Be careful when you use this on public-facing sites as it could
+  # reveal information helpful to attackers.
+
+  class ShowExceptions
+    CONTEXT = 7
+
+    def initialize(app)
+      @app = app
+      @template = ERB.new(TEMPLATE)
+    end
+
+    def call(env)
+      @app.call(env)
+    rescue StandardError, LoadError, SyntaxError => e
+      backtrace = pretty(env, e)
+      [500,
+       {"Content-Type" => "text/html",
+        "Content-Length" => backtrace.join.size.to_s},
+       backtrace]
+    end
+
+    def pretty(env, exception)
+      req = Rack::Request.new(env)
+      path = (req.script_name + req.path_info).squeeze("/")
+
+      frames = exception.backtrace.map { |line|
+        frame = OpenStruct.new
+        if line =~ /(.*?):(\d+)(:in `(.*)')?/
+          frame.filename = $1
+          frame.lineno = $2.to_i
+          frame.function = $4
+
+          begin
+            lineno = frame.lineno-1
+            lines = ::File.readlines(frame.filename)
+            frame.pre_context_lineno = [lineno-CONTEXT, 0].max
+            frame.pre_context = lines[frame.pre_context_lineno...lineno]
+            frame.context_line = lines[lineno].chomp
+            frame.post_context_lineno = [lineno+CONTEXT, lines.size].min
+            frame.post_context = lines[lineno+1..frame.post_context_lineno]
+          rescue
+          end
+
+          frame
+        else
+          nil
+        end
+      }.compact
+
+      env["rack.errors"].puts "#{exception.class}: #{exception.message}"
+      env["rack.errors"].puts exception.backtrace.map { |l| "\t" + l }
+      env["rack.errors"].flush
+
+      [@template.result(binding)]
+    end
+
+    def h(obj)                  # :nodoc:
+      case obj
+      when String
+        Utils.escape_html(obj)
+      else
+        Utils.escape_html(obj.inspect)
+      end
+    end
+
+    # :stopdoc:
+
+# adapted from Django <djangoproject.com>
+# Copyright (c) 2005, the Lawrence Journal-World
+# Used under the modified BSD license:
+# http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5
+TEMPLATE = <<'HTML'
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="en">
+<head>
+  <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+  <meta name="robots" content="NONE,NOARCHIVE" />
+  <title><%=h exception.class %> at <%=h path %></title>
+  <style type="text/css">
+    html * { padding:0; margin:0; }
+    body * { padding:10px 20px; }
+    body * * { padding:0; }
+    body { font:small sans-serif; }
+    body>div { border-bottom:1px solid #ddd; }
+    h1 { font-weight:normal; }
+    h2 { margin-bottom:.8em; }
+    h2 span { font-size:80%; color:#666; font-weight:normal; }
+    h3 { margin:1em 0 .5em 0; }
+    h4 { margin:0 0 .5em 0; font-weight: normal; }
+    table {
+        border:1px solid #ccc; border-collapse: collapse; background:white; }
+    tbody td, tbody th { vertical-align:top; padding:2px 3px; }
+    thead th {
+        padding:1px 6px 1px 3px; background:#fefefe; text-align:left;
+        font-weight:normal; font-size:11px; border:1px solid #ddd; }
+    tbody th { text-align:right; color:#666; padding-right:.5em; }
+    table.vars { margin:5px 0 2px 40px; }
+    table.vars td, table.req td { font-family:monospace; }
+    table td.code { width:100%;}
+    table td.code div { overflow:hidden; }
+    table.source th { color:#666; }
+    table.source td {
+        font-family:monospace; white-space:pre; border-bottom:1px solid #eee; }
+    ul.traceback { list-style-type:none; }
+    ul.traceback li.frame { margin-bottom:1em; }
+    div.context { margin: 10px 0; }
+    div.context ol {
+        padding-left:30px; margin:0 10px; list-style-position: inside; }
+    div.context ol li {
+        font-family:monospace; white-space:pre; color:#666; cursor:pointer; }
+    div.context ol.context-line li { color:black; background-color:#ccc; }
+    div.context ol.context-line li span { float: right; }
+    div.commands { margin-left: 40px; }
+    div.commands a { color:black; text-decoration:none; }
+    #summary { background: #ffc; }
+    #summary h2 { font-weight: normal; color: #666; }
+    #summary ul#quicklinks { list-style-type: none; margin-bottom: 2em; }
+    #summary ul#quicklinks li { float: left; padding: 0 1em; }
+    #summary ul#quicklinks>li+li { border-left: 1px #666 solid; }
+    #explanation { background:#eee; }
+    #template, #template-not-exist { background:#f6f6f6; }
+    #template-not-exist ul { margin: 0 0 0 20px; }
+    #traceback { background:#eee; }
+    #requestinfo { background:#f6f6f6; padding-left:120px; }
+    #summary table { border:none; background:transparent; }
+    #requestinfo h2, #requestinfo h3 { position:relative; margin-left:-100px; }
+    #requestinfo h3 { margin-bottom:-1em; }
+    .error { background: #ffc; }
+    .specific { color:#cc3300; font-weight:bold; }
+  </style>
+  <script type="text/javascript">
+  //<!--
+    function getElementsByClassName(oElm, strTagName, strClassName){
+        // Written by Jonathan Snook, http://www.snook.ca/jon;
+        // Add-ons by Robert Nyman, http://www.robertnyman.com
+        var arrElements = (strTagName == "*" && document.all)? document.all :
+        oElm.getElementsByTagName(strTagName);
+        var arrReturnElements = new Array();
+        strClassName = strClassName.replace(/\-/g, "\\-");
+        var oRegExp = new RegExp("(^|\\s)" + strClassName + "(\\s|$$)");
+        var oElement;
+        for(var i=0; i<arrElements.length; i++){
+            oElement = arrElements[i];
+            if(oRegExp.test(oElement.className)){
+                arrReturnElements.push(oElement);
+            }
+        }
+        return (arrReturnElements)
+    }
+    function hideAll(elems) {
+      for (var e = 0; e < elems.length; e++) {
+        elems[e].style.display = 'none';
+      }
+    }
+    window.onload = function() {
+      hideAll(getElementsByClassName(document, 'table', 'vars'));
+      hideAll(getElementsByClassName(document, 'ol', 'pre-context'));
+      hideAll(getElementsByClassName(document, 'ol', 'post-context'));
+    }
+    function toggle() {
+      for (var i = 0; i < arguments.length; i++) {
+        var e = document.getElementById(arguments[i]);
+        if (e) {
+          e.style.display = e.style.display == 'none' ? 'block' : 'none';
+        }
+      }
+      return false;
+    }
+    function varToggle(link, id) {
+      toggle('v' + id);
+      var s = link.getElementsByTagName('span')[0];
+      var uarr = String.fromCharCode(0x25b6);
+      var darr = String.fromCharCode(0x25bc);
+      s.innerHTML = s.innerHTML == uarr ? darr : uarr;
+      return false;
+    }
+    //-->
+  </script>
+</head>
+<body>
+
+<div id="summary">
+  <h1><%=h exception.class %> at <%=h path %></h1>
+  <h2><%=h exception.message %></h2>
+  <table><tr>
+    <th>Ruby</th>
+    <td><code><%=h frames.first.filename %></code>: in <code><%=h frames.first.function %></code>, line <%=h frames.first.lineno %></td>
+  </tr><tr>
+    <th>Web</th>
+    <td><code><%=h req.request_method %> <%=h(req.host + path)%></code></td>
+  </tr></table>
+
+  <h3>Jump to:</h3>
+  <ul id="quicklinks">
+    <li><a href="#get-info">GET</a></li>
+    <li><a href="#post-info">POST</a></li>
+    <li><a href="#cookie-info">Cookies</a></li>
+    <li><a href="#env-info">ENV</a></li>
+  </ul>
+</div>
+
+<div id="traceback">
+  <h2>Traceback <span>(innermost first)</span></h2>
+  <ul class="traceback">
+<% frames.each { |frame| %>
+      <li class="frame">
+        <code><%=h frame.filename %></code>: in <code><%=h frame.function %></code>
+
+          <% if frame.context_line %>
+          <div class="context" id="c<%=h frame.object_id %>">
+              <% if frame.pre_context %>
+              <ol start="<%=h frame.pre_context_lineno+1 %>" class="pre-context" id="pre<%=h frame.object_id %>">
+                <% frame.pre_context.each { |line| %>
+                <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h line %></li>
+                <% } %>
+              </ol>
+              <% end %>
+
+            <ol start="<%=h frame.lineno %>" class="context-line">
+              <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h frame.context_line %><span>...</span></li></ol>
+
+              <% if frame.post_context %>
+              <ol start='<%=h frame.lineno+1 %>' class="post-context" id="post<%=h frame.object_id %>">
+                <% frame.post_context.each { |line| %>
+                <li onclick="toggle('pre<%=h frame.object_id %>', 'post<%=h frame.object_id %>')"><%=h line %></li>
+                <% } %>
+              </ol>
+              <% end %>
+          </div>
+          <% end %>
+      </li>
+<% } %>
+  </ul>
+</div>
+
+<div id="requestinfo">
+  <h2>Request information</h2>
+
+  <h3 id="get-info">GET</h3>
+  <% unless req.GET.empty? %>
+    <table class="req">
+      <thead>
+        <tr>
+          <th>Variable</th>
+          <th>Value</th>
+        </tr>
+      </thead>
+      <tbody>
+          <% req.GET.sort_by { |k, v| k.to_s }.each { |key, val| %>
+          <tr>
+            <td><%=h key %></td>
+            <td class="code"><div><%=h val.inspect %></div></td>
+          </tr>
+          <% } %>
+      </tbody>
+    </table>
+  <% else %>
+    <p>No GET data.</p>
+  <% end %>
+
+  <h3 id="post-info">POST</h3>
+  <% unless req.POST.empty? %>
+    <table class="req">
+      <thead>
+        <tr>
+          <th>Variable</th>
+          <th>Value</th>
+        </tr>
+      </thead>
+      <tbody>
+          <% req.POST.sort_by { |k, v| k.to_s }.each { |key, val| %>
+          <tr>
+            <td><%=h key %></td>
+            <td class="code"><div><%=h val.inspect %></div></td>
+          </tr>
+          <% } %>
+      </tbody>
+    </table>
+  <% else %>
+    <p>No POST data.</p>
+  <% end %>
+
+
+  <h3 id="cookie-info">COOKIES</h3>
+  <% unless req.cookies.empty? %>
+    <table class="req">
+      <thead>
+        <tr>
+          <th>Variable</th>
+          <th>Value</th>
+        </tr>
+      </thead>
+      <tbody>
+        <% req.cookies.each { |key, val| %>
+          <tr>
+            <td><%=h key %></td>
+            <td class="code"><div><%=h val.inspect %></div></td>
+          </tr>
+        <% } %>
+      </tbody>
+    </table>
+  <% else %>
+    <p>No cookie data.</p>
+  <% end %>
+
+  <h3 id="env-info">Rack ENV</h3>
+    <table class="req">
+      <thead>
+        <tr>
+          <th>Variable</th>
+          <th>Value</th>
+        </tr>
+      </thead>
+      <tbody>
+          <% env.sort_by { |k, v| k.to_s }.each { |key, val| %>
+          <tr>
+            <td><%=h key %></td>
+            <td class="code"><div><%=h val %></div></td>
+          </tr>
+          <% } %>
+      </tbody>
+    </table>
+
+</div>
+
+<div id="explanation">
+  <p>
+    You're seeing this error because you use <code>Rack::ShowException</code>.
+  </p>
+</div>
+
+</body>
+</html>
+HTML
+
+    # :startdoc:
+  end
+end