narf 0.5.1 → 0.6.1

data/doc/rdoc/classes/Web/CGI.src/M000107.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/cgi.rb, line 628</span>
+<pre><span class="cmt"># File lib/web/cgi.rb, line 629</span>
     <span class="kw">def</span> CGI::process( options={}, &amp;block )
       <span class="kw">if</span> CGI::server_sniff == :fcgi
         FCGI::each_request{ |fcgi|

data/doc/rdoc/classes/Web/Narflates.html

@@ -79,14 +79,16 @@ template merged with values:
 </p>
 <pre>
     --- script.rb:
-    Web.print_template &quot;mytemplate.html&quot;,
+    Web::process do
+      Web.print_template &quot;mytemplate.html&quot;,
                        &quot;field1&quot; =&gt; &quot;val1&quot;,
                        &quot;field2&quot; =&gt; &quot;val2&quot;,
-                       &quot;field3&quot; =&gt; &quot;val3&quot;,
+                      &quot;field3&quot; =&gt; &quot;val3&quot;,
                        &quot;field4&quot; =&gt; &quot;3&quot;,
                        &quot;values&quot; =&gt; [{ &quot;name&quot; =&gt; &quot;one&quot;, &quot;value&quot; =&gt; &quot;1&quot;},
                                     { &quot;name&quot; =&gt; &quot;two&quot;, &quot;value&quot; =&gt; &quot;2&quot;},
                                     { &quot;name' =&gt; &quot;three&quot;, &quot;value&quot; =&gt; &quot;3&quot;}]
+    end
 
     --- mytemplate.html:
     &lt;narf:input type=&quot;text&quot; name=&quot;field1&quot;&gt;

data/doc/rdoc/classes/Web/Testing.src/M000027.html

@@ -19,10 +19,7 @@
 
       options[:path_info] = path_info
       options[:script_name] = script_name
-
-      Web.set_cgi CGI.new(options)
-      
-      load_request( script_path, webpath )
+      load_request( options, script_path, webpath )
     <span class="kw">end</span></pre>
 </body>
 </html>

data/doc/rdoc/classes/Web/Testing.src/M000028.html

@@ -50,9 +50,8 @@
 
       options[:path_info] = path_info     <span class="cmt">#oldRequest.path_info</span>
       options[:script_name] = script_name <span class="cmt">#oldRequest.script_name</span>
-      Web.set_cgi CGI.new( options )
 
-      load_request( script_path, webpath )
+      load_request( options, script_path, webpath )
     <span class="kw">end</span></pre>
 </body>
 </html>

data/doc/rdoc/classes/Web/Testing.src/M000029.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/testing.rb, line 326</span>
+<pre><span class="cmt"># File lib/web/testing.rb, line 325</span>
     <span class="kw">def</span> assert_template_used filename, msg=<span class="str">&quot;&quot;</span>
       Web.assert_template_used filename, msg
     <span class="kw">end</span></pre>

data/doc/rdoc/classes/Web/Testing.src/M000030.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/testing.rb, line 331</span>
+<pre><span class="cmt"># File lib/web/testing.rb, line 330</span>
     <span class="kw">def</span> assert_template_not_used filename, msg=<span class="str">&quot;&quot;</span>
       Web.assert_template_not_used filename, msg
     <span class="kw">end</span></pre>

data/doc/rdoc/classes/Web/Testing.src/M000031.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/testing.rb, line 336</span>
+<pre><span class="cmt"># File lib/web/testing.rb, line 335</span>
     <span class="kw">def</span> assert_vars_includes expected
       Web.assert_vars_includes expected
     <span class="kw">end</span></pre>

data/doc/rdoc/classes/Web/Testing.src/M000032.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/testing.rb, line 341</span>
+<pre><span class="cmt"># File lib/web/testing.rb, line 340</span>
     <span class="kw">def</span> assert_form_includes formname, expected
       Web.assert_form_includes formname, expected
     <span class="kw">end</span></pre>

data/doc/rdoc/classes/Web/Testing.src/M000033.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/testing.rb, line 346</span>
+<pre><span class="cmt"># File lib/web/testing.rb, line 345</span>
     <span class="kw">def</span> assert_content expected, msg=<span class="str">&quot;&quot;</span>
       Web.assert_content expected, msg
     <span class="kw">end</span></pre>

data/doc/rdoc/classes/Web/Testing.src/M000034.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/testing.rb, line 351</span>
+<pre><span class="cmt"># File lib/web/testing.rb, line 350</span>
     <span class="kw">def</span> assert_header key, value, msg=<span class="str">&quot;&quot;</span>
       Web.assert_header key, value, msg
     <span class="kw">end</span></pre>

data/doc/rdoc/classes/Web/Testing.src/M000035.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/testing.rb, line 356</span>
+<pre><span class="cmt"># File lib/web/testing.rb, line 355</span>
     <span class="kw">def</span> assert_cookie key, value, msg=<span class="str">&quot;&quot;</span>
       Web.assert_cookie key, value, msg
     <span class="kw">end</span></pre>

data/doc/rdoc/classes/Web/Testing.src/M000036.html

@@ -7,7 +7,7 @@
 <link rel=StyleSheet href="../../.././rdoc-style.css" type="text/css" media="screen" />
 </head>
 <body bgcolor="white">
-<pre><span class="cmt"># File lib/web/testing.rb, line 362</span>
+<pre><span class="cmt"># File lib/web/testing.rb, line 361</span>
     <span class="kw">def</span> assert_options( formname, expected={})
       options = Web.get_formreader.get_options(formname)
       expected.each{ |k,v|

data/doc/rdoc/created.rid

@@ -1 +1 @@
-Sun Oct 03 11:48:05 EDT 2004
+Tue Nov 02 01:22:31 EST 2004

data/doc/rdoc/files/README.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Fri Sep 03 19:03:47 EDT 2004</td>
+           <td class="small-title-font">Tue Nov 02 01:15:43 EST 2004</td>
          </tr>
         </table>
     </td></tr></table></td>
@@ -124,7 +124,9 @@ for this:
 <h3>Hello World</h3>
 <pre>
     require 'web'
-    Web &lt;&lt; 'Hello World'
+    Web::process do
+      Web &lt;&lt; 'Hello World'
+    end
 </pre>
 <h3>Testing an App</h3>
 <p>
@@ -142,7 +144,9 @@ where script.rb is:
     #!/usr/bin/ruby
     require 'web'
 
-    Web &lt;&lt; &quot;param is #{Web[&quot;param&quot;]}&quot;
+    Web::process do
+      Web &lt;&lt; &quot;param is #{Web[&quot;param&quot;]}&quot;
+    end
 </pre>
 <p>
 and test.rb is:

data/doc/rdoc/files/doc/apache_cgi_txt.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Sun Oct 03 11:14:33 EDT 2004</td>
+           <td class="small-title-font">Tue Nov 02 01:21:59 EST 2004</td>
          </tr>
         </table>
     </td></tr></table></td>
@@ -60,14 +60,8 @@ run it with a shebang:
     #!/usr/local/bin/narf
 </pre>
 <p>
-This file may likely has a buffer overflow in it. Please be cautious with
-this until I can get verification that it is ok.
-</p>
-<p>
-Cheers,
-</p>
-<p>
-patrick@hexane.org
+This file may have a buffer overflow in it. Please be cautious with this
+until I can get verification that it is ok.
 </p>
 </div>
 

data/doc/rdoc/files/doc/fastcgi_txt.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Sun Oct 03 11:14:52 EDT 2004</td>
+           <td class="small-title-font">Tue Nov 02 01:20:38 EST 2004</td>
          </tr>
         </table>
     </td></tr></table></td>
@@ -58,7 +58,7 @@ you will need to make sure that the cgi script executes in a Web::process
 block:
 </p>
 <pre>
-    #!/usr/local/bin/ruby
+    #!/usr/local/bin/ruby -rweb
 
     Web::process{
       Web &lt;&lt; 'Hello World!'

data/doc/rdoc/files/lib/web/cgi_rb.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Fri Oct 01 20:10:58 EDT 2004</td>
+           <td class="small-title-font">Sun Oct 03 16:48:10 EDT 2004</td>
          </tr>
         </table>
     </td></tr></table></td>

data/doc/rdoc/files/lib/web/parser_rb.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Sun Oct 03 11:32:07 EDT 2004</td>
+           <td class="small-title-font">Sun Oct 31 17:01:53 EST 2004</td>
          </tr>
         </table>
     </td></tr></table></td>

data/doc/rdoc/files/lib/web/template_rb.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Sun Sep 26 15:20:23 EDT 2004</td>
+           <td class="small-title-font">Tue Nov 02 01:18:42 EST 2004</td>
          </tr>
         </table>
     </td></tr></table></td>

data/doc/rdoc/files/lib/web/testing_rb.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Sun Oct 03 11:31:25 EDT 2004</td>
+           <td class="small-title-font">Sun Oct 03 16:49:53 EDT 2004</td>
          </tr>
         </table>
     </td></tr></table></td>

data/doc/rdoc/files/lib/web/wiki_rb.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Sun Oct 03 11:34:00 EDT 2004</td>
+           <td class="small-title-font">Sun Oct 03 16:46:52 EDT 2004</td>
          </tr>
         </table>
     </td></tr></table></td>

data/doc/rdoc/files/lib/web_rb.html

@@ -29,7 +29,7 @@
          </tr>
          <tr>
            <td class="small-title-font">Modified:</td>
-           <td class="small-title-font">Sun Oct 03 10:39:14 EDT 2004</td>
+           <td class="small-title-font">Tue Nov 02 01:16:55 EST 2004</td>
          </tr>
         </table>
     </td></tr></table></td>

data/lib/web.rb

@@ -78,12 +78,15 @@ end
 # Use the Web module to interact with the client.  The module
 # delegates to a Web::CGI object, which does the actual work.
 #
-#     #!/usr/bin/narf
-#     Web["field"]                      # access parameters
-#     Web.cookies["muppet"]             # access cookies
-#     Web.session["key"] ||= "value"    # get and set session values
-#     Web.set_cookie( "muppet", "cookie monster" ) # set cookies
-#     Web.puts "something"              # print 'something' out
+#     #!/usr/bin/ruby
+#     require 'web'
+#     Web::process do
+#       Web["field"]                      # access parameters
+#       Web.cookies["muppet"]             # access cookies
+#       Web.session["key"] ||= "value"    # get and set session values
+#       Web.set_cookie( "muppet", "cookie monster" ) # set cookies
+#       Web.puts "something"              # print 'something' out
+#     end
 #
 # If the request contained multipart/form-data, uploaded files are returned as
 # Web::Upload objects.  Other parameters are treated as strings.
@@ -176,18 +179,10 @@ module Web
       end
     end
 
-    # this is a bit incomplete -- only encodes ampersands
-    def Web::html_encode(string)
-      return nil unless string
-      newstring = string.dup
-      { /&/ => '&' }.each{ |char, entity|
-        newstring.gsub!( char, entity )
-      }
-      newstring
-    end
-    
-    # Escape URL encode
-    #     url_encoded_string = Web::escape("string")
+    # URL-encode a string.
+    #   url_encoded_string = Web::escape("'Stop!' said Fred")
+    #      # => "%27Stop%21%27+said+Fred"
+    # (from cgi.rb)
     def Web::escape(string)
       return nil unless string
       string.gsub(/([^ a-zA-Z0-9_.-]+)/n) do
@@ -195,8 +190,11 @@ module Web
       end.tr(' ', '+')
     end
     
-    # Unescape URL encoded
-    #     string = Web::unescape("url encoded string")
+    
+    # URL-decode a string.
+    #   string = Web::unescape("%27Stop%21%27+said+Fred")
+    #      # => "'Stop!' said Fred"
+    # (from cgi.rb)
     def Web::unescape(string)
       return nil unless string
       string.tr('+', ' ').gsub(/((?:%[0-9a-fA-F]{2})+)/n) do
@@ -204,6 +202,115 @@ module Web
       end
     end
     
+
+    # Escape special characters in HTML, namely &\"<>
+    #   Web::escape_html('Usage: foo "bar" <baz>')
+    #      # => "Usage: foo &quot;bar&quot; &lt;baz&gt;"
+    # (from cgi.rb)
+    def Web::escape_html(string)
+      return nil unless string
+      string.gsub(/&/n, '&amp;').gsub(/\"/n, '&quot;').gsub(/>/n, '&gt;').gsub(/</n, '&lt;')
+    end
+    
+
+    # Unescape a string that has been HTML-escaped
+    #   Web::unescape_html("Usage: foo &quot;bar&quot; &lt;baz&gt;")
+    #      # => "Usage: foo \"bar\" <baz>"
+    # (from cgi.rb)
+    def Web::unescape_html(string)
+      return nil unless string
+      string.gsub(/&(.*?);/n) do
+        match = $1.dup
+        case match
+        when /\Aamp\z/ni           then '&'
+        when /\Aquot\z/ni          then '"'
+        when /\Agt\z/ni            then '>'
+        when /\Alt\z/ni            then '<'
+        when /\A#0*(\d+)\z/n       then
+          if Integer($1) < 256
+            Integer($1).chr
+          else
+            if Integer($1) < 65536 and ($KCODE[0] == ?u or $KCODE[0] == ?U)
+              [Integer($1)].pack("U")
+            else
+              "&##{$1};"
+            end
+          end
+        when /\A#x([0-9a-f]+)\z/ni then
+          if $1.hex < 256
+            $1.hex.chr
+          else
+            if $1.hex < 65536 and ($KCODE[0] == ?u or $KCODE[0] == ?U)
+              [$1.hex].pack("U")
+            else
+              "&#x#{$1};"
+            end
+          end
+        else
+          "&#{match};"
+        end
+      end
+    end
+    
+
+    # Escape only the tags of certain HTML elements in +string+.
+    #
+    # Takes an element or elements or array of elements.  Each element
+    # is specified by the name of the element, without angle brackets.
+    # This matches both the start and the end tag of that element.
+    # The attribute list of the open tag will also be escaped (for
+    # instance, the double-quotes surrounding attribute values).
+    #
+    #   print Web::escape_element('<BR><A HREF="url"></A>', "A", "IMG")
+    #     # "<BR>&lt;A HREF=&quot;url&quot;&gt;&lt;/A&gt"
+    #
+    #   print Web::escape_element('<BR><A HREF="url"></A>', ["A", "IMG"])
+    #     # "<BR>&lt;A HREF=&quot;url&quot;&gt;&lt;/A&gt"
+    #
+    # (from cgi.rb)
+    def Web::escape_element(string, *elements)
+      return nil unless string
+      elements = elements[0] if elements[0].kind_of?(Array)
+      unless elements.empty?
+        string.gsub(/<\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?>/ni) do
+          Web::escape_html($&)
+        end
+      else
+        string
+      end
+    end
+
+    
+    # Undo escaping such as that done by Web::escape_element()
+    #
+    #   print Web::unescape_element(
+    #           Web::escapeHTML('<BR><A HREF="url"></A>'), "A", "IMG")
+    #     # "&lt;BR&gt;<A HREF="url"></A>"
+    # 
+    #   print Web::unescape_element(
+    #           Web::escapeHTML('<BR><A HREF="url"></A>'), ["A", "IMG"])
+    #     # "&lt;BR&gt;<A HREF="url"></A>"
+    # (from cgi.rb)
+    def Web::unescape_element(string, *elements)
+      return nil unless string
+      elements = elements[0] if elements[0].kind_of?(Array)
+      unless elements.empty?
+        string.gsub(/&lt;\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?&gt;/ni) do
+          Web::unescape_html($&)
+        end
+      else
+        string
+      end
+    end
+    
+    class << self
+      alias escapeHTML escape_html
+      alias html_encode escape_html
+      alias unescapeHTML unescape_html
+      alias escapeElement escape_element
+      alias unescapeElement unescape_element
+    end
+
     RFC822_DAYS = %w[ Sun Mon Tue Wed Thu Fri Sat ]
     RFC822_MONTHS = %w[ Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec ]
     # Make RFC1123 date string

data/lib/web/parser.rb

@@ -189,20 +189,32 @@ module Web
         raise EOFError, "no content body"
       end
       
+      # ok... so what the hell does this do?
+      # I promise never to denigrate the accomplishments
+      # of my predecessors again :-)
+      #    ~ pat
       until -1 == content_length
         head = nil
         body = Tempfile.new("Web")
         body.binmode
         
+        # until we have:
+        #   * a header
+        #   * and a buffer that has a boundary
+        # so far, make sense to me.
         until head and /#{boundary}(?:#{EOL}|--)/n.match(buf)
-          
+          # if we have a header....
           if head
+            # !??!??!?!?!
             trim_size = (EOL + boundary + EOL).size
             if trim_size < buf.size
               body.print buf[0 ... (buf.size - trim_size)]
               buf[0 ... (buf.size - trim_size)] = ""
             end
+          
+          # If we have a double space (the smell of a header...)
           elsif /#{EOL}#{EOL}/n.match(buf)
+            # extract the header, and erase it from the buffer
             buf = buf.sub(/\A((?:.|\n)*?#{EOL})#{EOL}/n) do
               head = $1.dup
               ""
@@ -210,18 +222,18 @@ module Web
             next
           end
           
+          # read a chunk from the input
           c = if bufsize < content_length
                 input.read(bufsize) or ''
               else
                 input.read(content_length) or ''
               end
+          # add it to the input, reduce our countdown
           buf.concat c
           content_length -= c.size
-          
         end
         
-        
-        /Content-Disposition:.* filename="?([^\";]*)"?/ni.match(head)
+       /Content-Disposition:.* filename="?([^\";]*)"?/ni.match(head)
         filename = ($1 or "").dup
         if /Mac/ni.match(env['http_user_agent']) and
             /Mozilla/ni.match(env['http_user_agent']) and
@@ -232,7 +244,9 @@ module Web
         /Content-Type: (.*)/ni.match(head)
         content_type = ($1 or "").strip
         
-        buf = buf.sub(/\A((?:.|\n)*?)(?:#{EOL})?#{boundary}(#{EOL}|--)/n) do
+        # is this the part that is eating too much?
+        #buf = buf.sub(/\A(.*?)(?:#{EOL})?#{boundary}(#{EOL}|--)/mn) do
+        buf = buf.sub(/\A((?:.|\n)*?)(?:[\r\n]{1,2})?#{boundary}([\r\n]{1,2}|--)/n) do
           body.print $1
           if "--" == $2
             content_length = -1
@@ -241,7 +255,8 @@ module Web
         end
         
         body.rewind
-        
+
+     
         if (content_type.empty?)
           upload = body.read
         else
@@ -250,7 +265,10 @@ module Web
 
         /Content-Disposition:.* name="?([^\";]*)"?/ni.match(head)
         name = $1.dup
-        
+
+
+        body.rewind
+
         if params.has_key?(name)
           params[name].push(upload)
         else