merb-core 0.9.10 → 0.9.11

data/lib/merb-core/dispatch/request_parsers.rb

@@ -0,0 +1,236 @@
+module Merb
+  module Parse
+  
+    # ==== Parameters
+    # query_string<String>:: The query string.
+    # delimiter<String>:: The query string divider. Defaults to "&".
+    # preserve_order<Boolean>:: Preserve order of args. Defaults to false.
+    #
+    # ==== Returns
+    # Mash:: The parsed query string (Dictionary if preserve_order is set).
+    #
+    # ==== Examples
+    #   Merb::Parse.query("bar=nik&post[body]=heya")
+    #     # => { :bar => "nik", :post => { :body => "heya" } }
+    #
+    # @api plugin
+    def self.query(query_string, delimiter = '&;', preserve_order = false)
+      query = preserve_order ? Dictionary.new : {}
+      for pair in (query_string || '').split(/[#{delimiter}] */n)
+        key, value = unescape(pair).split('=',2)
+        next if key.nil?
+        if key.include?('[')
+          normalize_params(query, key, value)
+        else
+          query[key] = value
+        end
+      end
+      preserve_order ? query : query.to_mash
+    end
+
+    NAME_REGEX         = /Content-Disposition:.* name="?([^\";]*)"?/ni.freeze
+    CONTENT_TYPE_REGEX = /Content-Type: (.*)\r\n/ni.freeze
+    FILENAME_REGEX     = /Content-Disposition:.* filename="?([^\";]*)"?/ni.freeze
+    CRLF               = "\r\n".freeze
+    EOL                = CRLF
+  
+    # ==== Parameters
+    # request<IO>:: The raw request.
+    # boundary<String>:: The boundary string.
+    # content_length<Fixnum>:: The length of the content.
+    #
+    # ==== Raises
+    # ControllerExceptions::MultiPartParseError:: Failed to parse request.
+    #
+    # ==== Returns
+    # Hash:: The parsed request.
+    #
+    # @api plugin
+    def self.multipart(request, boundary, content_length)
+      boundary = "--#{boundary}"
+      paramhsh = {}
+      buf      = ""
+      input    = request
+      input.binmode if defined? input.binmode
+      boundary_size = boundary.size + EOL.size
+      bufsize       = 16384
+      content_length -= boundary_size
+      # status is boundary delimiter line
+      status = input.read(boundary_size)
+      return {} if status == nil || status.empty?
+      raise ControllerExceptions::MultiPartParseError, "bad content body:\n'#{status}' should == '#{boundary + EOL}'"  unless status == boundary + EOL
+      # second argument to Regexp.quote is for KCODE
+      rx = /(?:#{EOL})?#{Regexp.quote(boundary,'n')}(#{EOL}|--)/
+      loop {
+        head      = nil
+        body      = ''
+        filename  = content_type = name = nil
+        read_size = 0
+        until head && buf =~ rx
+          i = buf.index("\r\n\r\n")
+          if( i == nil && read_size == 0 && content_length == 0 )
+            content_length = -1
+            break
+          end
+          if !head && i
+            head = buf.slice!(0, i+2) # First \r\n
+            buf.slice!(0, 2)          # Second \r\n
+
+            # String#[] with 2nd arg here is returning
+            # a group from match data
+            filename     = head[FILENAME_REGEX, 1]
+            content_type = head[CONTENT_TYPE_REGEX, 1]
+            name         = head[NAME_REGEX, 1]
+
+            if filename && !filename.empty?
+              body = Tempfile.new(:Merb)
+              body.binmode if defined? body.binmode
+            end
+            next
+          end
+
+          # Save the read body part.
+          if head && (boundary_size+4 < buf.size)
+            body << buf.slice!(0, buf.size - (boundary_size+4))
+          end
+
+          read_size = bufsize < content_length ? bufsize : content_length
+          if( read_size > 0 )
+            c = input.read(read_size)
+            raise ControllerExceptions::MultiPartParseError, "bad content body"  if c.nil? || c.empty?
+            buf << c
+            content_length -= c.size
+          end
+        end
+
+        # Save the rest.
+        if i = buf.index(rx)
+          # correct value of i for some edge cases
+          if (i > 2) && (j = buf.index(rx, i-2)) && (j < i)
+             i = j
+           end
+          body << buf.slice!(0, i)
+          buf.slice!(0, boundary_size+2)
+
+          content_length = -1  if $1 == "--"
+        end
+
+        if filename && !filename.empty?
+          body.rewind
+          data = {
+            :filename => File.basename(filename),
+            :content_type => content_type,
+            :tempfile => body,
+            :size => File.size(body.path)
+          }
+        else
+          data = body
+        end
+        paramhsh = normalize_params(paramhsh,name,data)
+        break  if buf.empty? || content_length == -1
+      }
+      paramhsh
+    end
+
+    # ==== Parameters
+    # value<Array, Hash, Dictionary ~to_s>:: The value for the query string.
+    # prefix<~to_s>:: The prefix to add to the query string keys.
+    #
+    # ==== Returns
+    # String:: The query string.
+    #
+    # ==== Alternatives
+    # If the value is a string, the prefix will be used as the key.
+    #
+    # ==== Examples
+    #   params_to_query_string(10, "page")
+    #     # => "page=10"
+    #   params_to_query_string({ :page => 10, :word => "ruby" })
+    #     # => "page=10&word=ruby"
+    #   params_to_query_string({ :page => 10, :word => "ruby" }, "search")
+    #     # => "search[page]=10&search[word]=ruby"
+    #   params_to_query_string([ "ice-cream", "cake" ], "shopping_list")
+    #     # => "shopping_list[]=ice-cream&shopping_list[]=cake"
+    #
+    # @api plugin
+    def self.params_to_query_string(value, prefix = nil)
+      case value
+      when Array
+        value.map { |v|
+          params_to_query_string(v, "#{prefix}[]")
+        } * "&"
+      when Hash, Dictionary
+        value.map { |k, v|
+          params_to_query_string(v, prefix ? "#{prefix}[#{escape(k)}]" : escape(k))
+        } * "&"
+      else
+        "#{prefix}=#{escape(value)}"
+      end
+    end
+
+    # ==== Parameters
+    # s<String>:: String to URL escape.
+    #
+    # ==== returns
+    # String:: The escaped string.
+    #
+    # @api public
+    def self.escape(s)
+      s.to_s.gsub(/([^ a-zA-Z0-9_.-]+)/n) {
+        '%'+$1.unpack('H2'*$1.size).join('%').upcase
+      }.tr(' ', '+')
+    end
+
+    # ==== Parameter
+    # s<String>:: String to URL unescape.
+    #
+    # ==== returns
+    # String:: The unescaped string.
+    #
+    # @api public
+    def self.unescape(s)
+      s.tr('+', ' ').gsub(/((?:%[0-9a-fA-F]{2})+)/n){
+        [$1.delete('%')].pack('H*')
+      }
+    end
+
+    private
+
+    # Converts a query string snippet to a hash and adds it to existing
+    # parameters.
+    #
+    # ==== Parameters
+    # parms<Hash>:: Parameters to add the normalized parameters to.
+    # name<String>:: The key of the parameter to normalize.
+    # val<String>:: The value of the parameter.
+    #
+    # ==== Returns
+    # Hash:: Normalized parameters
+    #
+    # @api private
+    def self.normalize_params(parms, name, val=nil)
+      name =~ %r([\[\]]*([^\[\]]+)\]*)
+      key = $1 || ''
+      after = $' || ''
+
+      if after == ""
+        parms[key] = val
+      elsif after == "[]"
+        (parms[key] ||= []) << val
+      elsif after =~ %r(^\[\]\[([^\[\]]+)\]$)
+        child_key = $1
+        parms[key] ||= []
+        if parms[key].last.is_a?(Hash) && !parms[key].last.key?(child_key)
+          parms[key].last.update(child_key => val)
+        else
+          parms[key] << { child_key => val }
+        end
+      else
+        parms[key] ||= {}
+        parms[key] = normalize_params(parms[key], after, val)
+      end
+      parms
+    end  
+  
+  end
+end

data/lib/merb-core/dispatch/router/route.rb

@@ -223,7 +223,7 @@ module Merb
           
           ruby << "  query_params.delete_if { |key, value| value.nil? }\n"
           ruby << "  unless query_params.empty?\n"
-          ruby << '    url << "?#{Merb::Request.params_to_query_string(query_params)}"' << "\n"
+          ruby << '    url << "?#{Merb::Parse.params_to_query_string(query_params)}"' << "\n"
           ruby << "  end\n"
           ruby << '  url << "##{fragment}" if fragment' << "\n"
           ruby << "  url\n"

data/lib/merb-core/dispatch/session/cookie.rb

@@ -126,7 +126,7 @@ module Merb
     def to_cookie
       unless self.empty?
         data = self.serialize
-        value = Merb::Request.escape "#{data}--#{generate_digest(data)}"
+        value = Merb::Parse.escape "#{data}--#{generate_digest(data)}"
         if value.size > MAX
           msg = "Cookies have limit of 4K. Session contents: #{data.inspect}"
           Merb.logger.error!(msg)
@@ -164,7 +164,7 @@ module Merb
       if cookie.blank?
         {}
       else
-        data, digest = Merb::Request.unescape(cookie).split('--')
+        data, digest = Merb::Parse.unescape(cookie).split('--')
         return {} if data.blank? || digest.blank?
         unless digest == generate_digest(data)
           clear

data/lib/merb-core/rack.rb

@@ -21,7 +21,6 @@ module Merb
     autoload :Tracer,              'merb-core/rack/middleware/tracer'
     autoload :ContentLength,       'merb-core/rack/middleware/content_length'
     autoload :ConditionalGet,      'merb-core/rack/middleware/conditional_get'
-    autoload :Csrf,                'merb-core/rack/middleware/csrf'
     autoload :StreamWrapper,       'merb-core/rack/stream_wrapper'
     autoload :Helpers,             'merb-core/rack/helpers'
   end # Rack

data/lib/merb-core/rack/adapter/abstract.rb

@@ -168,7 +168,9 @@ module Merb
           # If it was not fork_for_class_load, we already set up
           # ctrl-c handlers in the master thread.
         elsif Merb::Config[:fork_for_class_load]
-          Merb.trap('INT') { 1 }
+          if Merb::Config[:console_trap]
+            Merb::Server.add_irb_trap
+          end
         end
 
         # In daemonized mode or not, support HUPing the process to

data/lib/merb-core/rack/middleware/static.rb

@@ -33,14 +33,14 @@ module Merb
         # ==== Returns
         # Boolean:: True if file exists under the server root and is readable.
         def file_exist?(path)
-          full_path = ::File.join(@static_server.root, ::Merb::Request.unescape(path))
+          full_path = ::File.join(@static_server.root, ::Merb::Parse.unescape(path))
           ::File.file?(full_path) && ::File.readable?(full_path)
         end
 
         # ==== Parameters
         # env<Hash>:: Environment variables to pass on to the server.
         def serve_static(env)
-          env[Merb::Const::PATH_INFO] = ::Merb::Request.unescape(env[Merb::Const::PATH_INFO])
+          env[Merb::Const::PATH_INFO] = ::Merb::Parse.unescape(env[Merb::Const::PATH_INFO])
           @static_server.call(env)
         end
       

data/lib/merb-core/server.rb

@@ -266,7 +266,7 @@ module Merb
           Merb.fatal! "Failed to store Merb logs in #{File.dirname(file)}, " \
             "permission denied. ", e
         end
-        Merb.logger.warn! "Storing #{type} file to #{file}..." if Merb::Config[:verbose]
+        Merb.logger.warn! "Storing pid #{Process.pid} file to #{file}..." if Merb::Config[:verbose]
         begin
           File.open(file, 'w'){ |f| f.write(Process.pid.to_s) }
         rescue Errno::EACCES => e

data/lib/merb-core/tasks/gem_management.rb

@@ -292,7 +292,7 @@ module GemManagement
       end
     end
   end
-
+  
   private
 
   def executable_wrapper(spec, bin_file_name, minigems = true)
@@ -316,6 +316,7 @@ end
 if File.directory?(gems_dir = File.join(Dir.pwd, 'gems')) ||
    File.directory?(gems_dir = File.join(File.dirname(__FILE__), '..', 'gems'))
   $BUNDLE = true; Gem.clear_paths; Gem.path.unshift(gems_dir)
+  ENV["PATH"] = "\#{File.dirname(__FILE__)}:\#{gems_dir}/bin:\#{ENV["PATH"]}"
   if (local_gem = Dir[File.join(gems_dir, "specifications", "#{spec.name}-*.gemspec")].last)
     version = File.basename(local_gem)[/-([\\.\\d]+)\\.gemspec$/, 1]
   end

data/lib/merb-core/test/helpers.rb

@@ -2,9 +2,10 @@
 # testing helpers
 module Merb::Test::Helpers; end
 
+require "merb-core/test/helpers/cookie_jar"
 require "merb-core/test/helpers/mock_request_helper"
+require "merb-core/test/helpers/route_helper"
 require "merb-core/test/helpers/request_helper"
 require "merb-core/test/helpers/multipart_request_helper"
 require "merb-core/test/helpers/controller_helper"
-require "merb-core/test/helpers/route_helper"
 require "merb-core/test/helpers/view_helper"

data/lib/merb-core/test/helpers/cookie_jar.rb

@@ -0,0 +1,106 @@
+require 'uri'
+
+module Merb
+  module Test
+    class Cookie
+      
+      attr_reader :name, :value
+      
+      def initialize(raw, default_host)
+        # separate the name / value pair from the cookie options
+        @name_value_raw, options = raw.split(/[;,] */n, 2)
+        
+        @name, @value = Merb::Parse.query(@name_value_raw, ';').to_a.first
+        @options = Merb::Parse.query(options, ';')
+        
+        @options.delete_if { |k, v| !v || v.empty? }
+        
+        @options["domain"] ||= default_host
+      end
+      
+      def raw
+        @name_value_raw
+      end
+      
+      def empty?
+        @value.nil? || @value.empty?
+      end
+      
+      def domain
+        @options["domain"]
+      end
+      
+      def path
+        @options["path"] || "/"
+      end
+      
+      def expires
+        Time.parse(@options["expires"]) if @options["expires"]
+      end
+      
+      def expired?
+        expires && expires < Time.now
+      end
+      
+      def valid?(uri)
+        uri.host =~ Regexp.new("#{Regexp.escape(domain)}$") &&
+        uri.path =~ Regexp.new("^#{Regexp.escape(path)}")
+      end
+      
+      def matches?(uri)
+        ! expired? && valid?(uri)
+      end
+      
+      def <=>(other)
+        # Orders the cookies from least specific to most
+        [name, path, domain.reverse] <=> [other.name, other.path, other.domain.reverse]
+      end
+      
+    end
+
+    class CookieJar
+      
+      def initialize
+        @jars = {}
+      end
+      
+      def update(jar, uri, raw_cookies)
+        return unless raw_cookies
+        # Initialize all the the received cookies
+        cookies = []
+        raw_cookies.each do |raw|
+          c = Cookie.new(raw, uri.host)
+          cookies << c if c.valid?(uri)
+        end
+        
+        @jars[jar] ||= []
+        
+        # Remove all the cookies that will be updated
+        @jars[jar].delete_if do |existing|
+          cookies.find { |c| [c.name, c.domain, c.path] == [existing.name, existing.domain, existing.path] }
+        end
+        
+        @jars[jar].concat cookies
+        
+        @jars[jar].sort!
+      end
+      
+      def for(jar, uri)
+        cookies = {}
+        
+        @jars[jar] ||= []
+        # The cookies are sorted by most specific first. So, we loop through
+        # all the cookies in order and add it to a hash by cookie name if
+        # the cookie can be sent to the current URI. It's added to the hash
+        # so that when we are done, the cookies will be unique by name and
+        # we'll have grabbed the most specific to the URI.
+        @jars[jar].each do |cookie|
+          cookies[cookie.name] = cookie.raw if cookie.matches?(uri)
+        end
+        
+        cookies.values.join
+      end
+      
+    end
+  end
+end