mongrel_secure_download-redux 0.0.1.198 → 0.0.2.199

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. data/README +1 -1
  2. data/Rakefile +1 -1
  3. data/lib/mongrel_secure_download-redux/init.rb +4 -4
  4. metadata +5 -5
data/README CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  == VERSION
4
4
 
5
- This documentation refers to mongrel_secure_download-redux version 0.0.1
5
+ This documentation refers to mongrel_secure_download-redux version 0.0.2
6
6
 
7
7
 
8
8
  == DESCRIPTION
data/Rakefile CHANGED
@@ -7,7 +7,7 @@ begin
7
7
  },
8
8
 
9
9
  :gem => {
10
- :version => '0.0.1',
10
+ :version => '0.0.2',
11
11
  :summary => 'Re-implementation of the Mongrel Secure Download Plugin',
12
12
  :files => FileList['lib/**/*.rb'].to_a,
13
13
  :extra_files => FileList['[A-Z]*', 'resources/*'].to_a,
data/lib/mongrel_secure_download-redux/init.rb CHANGED
@@ -12,14 +12,14 @@ class SecureDownloadRedux < GemPlugin::Plugin '/handlers'
12
12
 
13
13
  URL_RE = %r{\A(?:ht|f)tps?://}io
14
14
 
15
- attr_reader :response, :secret, :prefix, :path, :timestamp, :token
15
+ attr_reader :response, :secret, :base, :path, :timestamp, :token
16
16
 
17
17
  def process(request, response)
18
18
  query = Mongrel::HttpRequest.query_parse(request.params['QUERY_STRING'])
19
19
 
20
20
  @response = response
21
21
  @secret = @options[:secret]
22
- @prefix = @options[:prefix] || '.'
22
+ @base = @options[:base] || '.'
23
23
  @path = query['path']
24
24
  @timestamp = query['timestamp']
25
25
  @token = query['token']
@@ -81,10 +81,10 @@ class SecureDownloadRedux < GemPlugin::Plugin '/handlers'
81
81
  alias_method :send_url, :send_url_redirect2
82
82
 
83
83
  def send_file
84
- path = File.expand_path(File.join(prefix, @path))
84
+ path = File.expand_path(File.join(base, @path))
85
85
 
86
86
  # Prevent double-dot vulnerability!
87
- return unless path =~ %r{\A#{Regexp.escape(File.expand_path(prefix))}}
87
+ return unless path =~ %r{\A#{Regexp.escape(File.expand_path(base))}}
88
88
 
89
89
  file = File.stat(path)
90
90
  size = file.size
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mongrel_secure_download-redux
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1.198
4
+ version: 0.0.2.199
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jens Wille
@@ -42,22 +42,22 @@ extra_rdoc_files:
42
42
  files:
43
43
  - lib/mongrel_secure_download-redux/init.rb
44
44
  - COPYING
45
- - README
46
45
  - Rakefile
46
+ - README
47
47
  - resources/defaults.yaml
48
48
  has_rdoc: true
49
49
  homepage: http://prometheus.rubyforge.org/mongrel_secure_download-redux
50
50
  post_install_message:
51
51
  rdoc_options:
52
- - --title
53
- - mongrel_secure_download-redux Application documentation
52
+ - --all
54
53
  - --main
55
54
  - README
56
55
  - --line-numbers
57
- - --all
58
56
  - --inline-source
59
57
  - --charset
60
58
  - UTF-8
59
+ - --title
60
+ - mongrel_secure_download-redux Application documentation
61
61
  require_paths:
62
62
  - lib
63
63
  required_ruby_version: !ruby/object:Gem::Requirement