passenger 2.2.7 → 2.2.8

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of passenger might be problematic. Click here for more details.

Files changed (160) hide show
  1. data/NEWS +40 -0
  2. data/Rakefile +1 -1
  3. data/bin/passenger-install-apache2-module +1 -0
  4. data/bin/passenger-install-nginx-module +2 -0
  5. data/doc/Architectural overview.html +173 -138
  6. data/doc/Security of user switching support.html +147 -109
  7. data/doc/Users guide Apache.html +4 -43
  8. data/doc/Users guide Nginx.html +4 -43
  9. data/doc/cxxapi/Bucket_8h-source.html +1 -1
  10. data/doc/cxxapi/Configuration_8h-source.html +1 -1
  11. data/doc/cxxapi/DirectoryMapper_8h-source.html +1 -1
  12. data/doc/cxxapi/Hooks_8h-source.html +1 -1
  13. data/doc/cxxapi/annotated.html +1 -1
  14. data/doc/cxxapi/classHooks-members.html +1 -1
  15. data/doc/cxxapi/classHooks.html +1 -1
  16. data/doc/cxxapi/classPassenger_1_1DirectoryMapper-members.html +1 -1
  17. data/doc/cxxapi/classPassenger_1_1DirectoryMapper.html +1 -1
  18. data/doc/cxxapi/classes.html +1 -1
  19. data/doc/cxxapi/definitions_8h-source.html +1 -1
  20. data/doc/cxxapi/files.html +1 -1
  21. data/doc/cxxapi/functions.html +1 -1
  22. data/doc/cxxapi/functions_func.html +1 -1
  23. data/doc/cxxapi/graph_legend.html +1 -1
  24. data/doc/cxxapi/group__Configuration.html +1 -1
  25. data/doc/cxxapi/group__Core.html +1 -1
  26. data/doc/cxxapi/group__Hooks.html +1 -1
  27. data/doc/cxxapi/group__Support.html +1 -1
  28. data/doc/cxxapi/main.html +1 -1
  29. data/doc/cxxapi/modules.html +1 -1
  30. data/doc/rdoc/classes/GC.html +4 -4
  31. data/doc/rdoc/classes/PhusionPassenger.html +2 -1
  32. data/doc/rdoc/classes/PhusionPassenger/AbstractInstaller.html +8 -8
  33. data/doc/rdoc/classes/PhusionPassenger/AbstractRequestHandler.html +26 -26
  34. data/doc/rdoc/classes/PhusionPassenger/AbstractServer.html +98 -98
  35. data/doc/rdoc/classes/PhusionPassenger/AbstractServerCollection.html +61 -61
  36. data/doc/rdoc/classes/PhusionPassenger/AppInitError.html +4 -4
  37. data/doc/rdoc/classes/PhusionPassenger/Application.html +14 -14
  38. data/doc/rdoc/classes/PhusionPassenger/ConsoleTextTemplate.html +12 -12
  39. data/doc/rdoc/classes/PhusionPassenger/FrameworkInitError.html +4 -4
  40. data/doc/rdoc/classes/PhusionPassenger/HTMLTemplate.html +12 -12
  41. data/doc/rdoc/classes/PhusionPassenger/InitializationError.html +5 -5
  42. data/doc/rdoc/classes/PhusionPassenger/MessageChannel.html +42 -42
  43. data/doc/rdoc/classes/PhusionPassenger/Rack/ApplicationSpawner.html +33 -33
  44. data/doc/rdoc/classes/PhusionPassenger/Rack/RequestHandler.html +59 -59
  45. data/doc/rdoc/classes/PhusionPassenger/Railz/ApplicationSpawner.html +3 -3
  46. data/doc/rdoc/classes/PhusionPassenger/Railz/FrameworkSpawner.html +7 -7
  47. data/doc/rdoc/classes/PhusionPassenger/SpawnManager.html +23 -23
  48. data/doc/rdoc/classes/PhusionPassenger/UnknownError.html +4 -4
  49. data/doc/rdoc/classes/PhusionPassenger/Utils.html +2 -0
  50. data/doc/rdoc/classes/PhusionPassenger/Utils/PseudoIO.html +16 -16
  51. data/doc/rdoc/classes/PhusionPassenger/VersionNotFound.html +4 -4
  52. data/doc/rdoc/classes/PlatformInfo.html +1 -1
  53. data/doc/rdoc/classes/Signal.html +23 -15
  54. data/doc/rdoc/created.rid +1 -1
  55. data/doc/rdoc/files/DEVELOPERS_TXT.html +1 -1
  56. data/doc/rdoc/files/README.html +1 -1
  57. data/doc/rdoc/files/ext/phusion_passenger/native_support_c.html +1 -1
  58. data/doc/rdoc/files/lib/phusion_passenger/abstract_installer_rb.html +1 -1
  59. data/doc/rdoc/files/lib/phusion_passenger/abstract_request_handler_rb.html +1 -1
  60. data/doc/rdoc/files/lib/phusion_passenger/abstract_server_collection_rb.html +1 -1
  61. data/doc/rdoc/files/lib/phusion_passenger/abstract_server_rb.html +1 -1
  62. data/doc/rdoc/files/lib/phusion_passenger/admin_tools/control_process_rb.html +1 -1
  63. data/doc/rdoc/files/lib/phusion_passenger/admin_tools_rb.html +1 -1
  64. data/doc/rdoc/files/lib/phusion_passenger/application_rb.html +1 -1
  65. data/doc/rdoc/files/lib/phusion_passenger/console_text_template_rb.html +1 -1
  66. data/doc/rdoc/files/lib/phusion_passenger/constants_rb.html +1 -1
  67. data/doc/rdoc/files/lib/phusion_passenger/dependencies_rb.html +1 -1
  68. data/doc/rdoc/files/lib/phusion_passenger/events_rb.html +1 -1
  69. data/doc/rdoc/files/lib/phusion_passenger/exceptions_rb.html +1 -1
  70. data/doc/rdoc/files/lib/phusion_passenger/html_template_rb.html +1 -1
  71. data/doc/rdoc/files/lib/phusion_passenger/message_channel_rb.html +1 -1
  72. data/doc/rdoc/files/lib/phusion_passenger/packaging_rb.html +1 -1
  73. data/doc/rdoc/files/lib/phusion_passenger/platform_info_rb.html +1 -1
  74. data/doc/rdoc/files/lib/phusion_passenger/rack/application_spawner_rb.html +2 -2
  75. data/doc/rdoc/files/lib/phusion_passenger/rack/request_handler_rb.html +2 -2
  76. data/doc/rdoc/files/lib/phusion_passenger/railz/application_spawner_rb.html +1 -1
  77. data/doc/rdoc/files/lib/phusion_passenger/railz/cgi_fixed_rb.html +1 -1
  78. data/doc/rdoc/files/lib/phusion_passenger/railz/framework_spawner_rb.html +1 -1
  79. data/doc/rdoc/files/lib/phusion_passenger/railz/request_handler_rb.html +1 -1
  80. data/doc/rdoc/files/lib/phusion_passenger/simple_benchmarking_rb.html +1 -1
  81. data/doc/rdoc/files/lib/phusion_passenger/spawn_manager_rb.html +1 -1
  82. data/doc/rdoc/files/lib/phusion_passenger/utils_rb.html +9 -9
  83. data/doc/rdoc/files/lib/phusion_passenger/wsgi/application_spawner_rb.html +1 -1
  84. data/doc/rdoc/files/misc/rake/extensions_rb.html +1 -1
  85. data/doc/rdoc/fr_class_index.html +2 -0
  86. data/doc/rdoc/fr_file_index.html +1 -0
  87. data/doc/rdoc/fr_method_index.html +79 -72
  88. data/ext/apache2/Hooks.cpp +4 -2
  89. data/ext/common/StandardApplicationPool.h +4 -2
  90. data/ext/common/Version.h +1 -1
  91. data/ext/nginx/Configuration.c +1 -1
  92. data/ext/oxt/system_calls.cpp +11 -0
  93. data/ext/oxt/system_calls.hpp +2 -1
  94. data/ext/oxt/thread.hpp +97 -1
  95. data/lib/phusion_passenger/constants.rb +1 -1
  96. data/lib/phusion_passenger/dependencies.rb +32 -0
  97. data/lib/phusion_passenger/platform_info.rb +1 -1
  98. data/lib/phusion_passenger/rack/application_spawner.rb +4 -4
  99. data/lib/phusion_passenger/rack/request_handler.rb +2 -5
  100. data/lib/phusion_passenger/railz/application_spawner.rb +13 -2
  101. data/lib/phusion_passenger/utils.rb +12 -4
  102. data/{vendor/rack-1.0.0-git/lib/rack → lib/phusion_passenger/utils}/rewindable_input.rb +19 -3
  103. data/test/ApplicationPoolTest.cpp +1 -1
  104. metadata +13 -59
  105. data/vendor/README +0 -13
  106. data/vendor/README_FOR_PACKAGERS +0 -1
  107. data/vendor/rack-1.0.0-git/COPYING +0 -18
  108. data/vendor/rack-1.0.0-git/KNOWN-ISSUES +0 -18
  109. data/vendor/rack-1.0.0-git/README +0 -353
  110. data/vendor/rack-1.0.0-git/Rakefile +0 -164
  111. data/vendor/rack-1.0.0-git/lib/rack.rb +0 -90
  112. data/vendor/rack-1.0.0-git/lib/rack/adapter/camping.rb +0 -22
  113. data/vendor/rack-1.0.0-git/lib/rack/auth/abstract/handler.rb +0 -37
  114. data/vendor/rack-1.0.0-git/lib/rack/auth/abstract/request.rb +0 -37
  115. data/vendor/rack-1.0.0-git/lib/rack/auth/basic.rb +0 -58
  116. data/vendor/rack-1.0.0-git/lib/rack/auth/digest/md5.rb +0 -124
  117. data/vendor/rack-1.0.0-git/lib/rack/auth/digest/nonce.rb +0 -51
  118. data/vendor/rack-1.0.0-git/lib/rack/auth/digest/params.rb +0 -55
  119. data/vendor/rack-1.0.0-git/lib/rack/auth/digest/request.rb +0 -40
  120. data/vendor/rack-1.0.0-git/lib/rack/auth/openid.rb +0 -487
  121. data/vendor/rack-1.0.0-git/lib/rack/builder.rb +0 -63
  122. data/vendor/rack-1.0.0-git/lib/rack/cascade.rb +0 -41
  123. data/vendor/rack-1.0.0-git/lib/rack/chunked.rb +0 -49
  124. data/vendor/rack-1.0.0-git/lib/rack/commonlogger.rb +0 -52
  125. data/vendor/rack-1.0.0-git/lib/rack/conditionalget.rb +0 -47
  126. data/vendor/rack-1.0.0-git/lib/rack/content_length.rb +0 -29
  127. data/vendor/rack-1.0.0-git/lib/rack/content_type.rb +0 -23
  128. data/vendor/rack-1.0.0-git/lib/rack/deflater.rb +0 -96
  129. data/vendor/rack-1.0.0-git/lib/rack/directory.rb +0 -153
  130. data/vendor/rack-1.0.0-git/lib/rack/file.rb +0 -88
  131. data/vendor/rack-1.0.0-git/lib/rack/handler.rb +0 -69
  132. data/vendor/rack-1.0.0-git/lib/rack/handler/cgi.rb +0 -61
  133. data/vendor/rack-1.0.0-git/lib/rack/handler/evented_mongrel.rb +0 -8
  134. data/vendor/rack-1.0.0-git/lib/rack/handler/fastcgi.rb +0 -88
  135. data/vendor/rack-1.0.0-git/lib/rack/handler/lsws.rb +0 -55
  136. data/vendor/rack-1.0.0-git/lib/rack/handler/mongrel.rb +0 -84
  137. data/vendor/rack-1.0.0-git/lib/rack/handler/scgi.rb +0 -59
  138. data/vendor/rack-1.0.0-git/lib/rack/handler/swiftiplied_mongrel.rb +0 -8
  139. data/vendor/rack-1.0.0-git/lib/rack/handler/thin.rb +0 -18
  140. data/vendor/rack-1.0.0-git/lib/rack/handler/webrick.rb +0 -67
  141. data/vendor/rack-1.0.0-git/lib/rack/head.rb +0 -19
  142. data/vendor/rack-1.0.0-git/lib/rack/lint.rb +0 -537
  143. data/vendor/rack-1.0.0-git/lib/rack/lobster.rb +0 -65
  144. data/vendor/rack-1.0.0-git/lib/rack/lock.rb +0 -16
  145. data/vendor/rack-1.0.0-git/lib/rack/methodoverride.rb +0 -27
  146. data/vendor/rack-1.0.0-git/lib/rack/mime.rb +0 -204
  147. data/vendor/rack-1.0.0-git/lib/rack/mock.rb +0 -184
  148. data/vendor/rack-1.0.0-git/lib/rack/recursive.rb +0 -57
  149. data/vendor/rack-1.0.0-git/lib/rack/reloader.rb +0 -106
  150. data/vendor/rack-1.0.0-git/lib/rack/request.rb +0 -248
  151. data/vendor/rack-1.0.0-git/lib/rack/response.rb +0 -183
  152. data/vendor/rack-1.0.0-git/lib/rack/session/abstract/id.rb +0 -142
  153. data/vendor/rack-1.0.0-git/lib/rack/session/cookie.rb +0 -91
  154. data/vendor/rack-1.0.0-git/lib/rack/session/memcache.rb +0 -109
  155. data/vendor/rack-1.0.0-git/lib/rack/session/pool.rb +0 -100
  156. data/vendor/rack-1.0.0-git/lib/rack/showexceptions.rb +0 -349
  157. data/vendor/rack-1.0.0-git/lib/rack/showstatus.rb +0 -106
  158. data/vendor/rack-1.0.0-git/lib/rack/static.rb +0 -38
  159. data/vendor/rack-1.0.0-git/lib/rack/urlmap.rb +0 -55
  160. data/vendor/rack-1.0.0-git/lib/rack/utils.rb +0 -522
@@ -1,59 +0,0 @@
1
- require 'scgi'
2
- require 'stringio'
3
- require 'rack/content_length'
4
- require 'rack/chunked'
5
-
6
- module Rack
7
- module Handler
8
- class SCGI < ::SCGI::Processor
9
- attr_accessor :app
10
-
11
- def self.run(app, options=nil)
12
- new(options.merge(:app=>app,
13
- :host=>options[:Host],
14
- :port=>options[:Port],
15
- :socket=>options[:Socket])).listen
16
- end
17
-
18
- def initialize(settings = {})
19
- @app = Rack::Chunked.new(Rack::ContentLength.new(settings[:app]))
20
- @log = Object.new
21
- def @log.info(*args); end
22
- def @log.error(*args); end
23
- super(settings)
24
- end
25
-
26
- def process_request(request, input_body, socket)
27
- env = {}.replace(request)
28
- env.delete "HTTP_CONTENT_TYPE"
29
- env.delete "HTTP_CONTENT_LENGTH"
30
- env["REQUEST_PATH"], env["QUERY_STRING"] = env["REQUEST_URI"].split('?', 2)
31
- env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"]
32
- env["PATH_INFO"] = env["REQUEST_PATH"]
33
- env["QUERY_STRING"] ||= ""
34
- env["SCRIPT_NAME"] = ""
35
- env.update({"rack.version" => [1,0],
36
- "rack.input" => StringIO.new(input_body),
37
- "rack.errors" => $stderr,
38
-
39
- "rack.multithread" => true,
40
- "rack.multiprocess" => true,
41
- "rack.run_once" => false,
42
-
43
- "rack.url_scheme" => ["yes", "on", "1"].include?(env["HTTPS"]) ? "https" : "http"
44
- })
45
- status, headers, body = app.call(env)
46
- begin
47
- socket.write("Status: #{status}\r\n")
48
- headers.each do |k, vs|
49
- vs.split("\n").each { |v| socket.write("#{k}: #{v}\r\n")}
50
- end
51
- socket.write("\r\n")
52
- body.each {|s| socket.write(s)}
53
- ensure
54
- body.close if body.respond_to? :close
55
- end
56
- end
57
- end
58
- end
59
- end
@@ -1,8 +0,0 @@
1
- require 'swiftcore/swiftiplied_mongrel'
2
-
3
- module Rack
4
- module Handler
5
- class SwiftipliedMongrel < Handler::Mongrel
6
- end
7
- end
8
- end
@@ -1,18 +0,0 @@
1
- require "thin"
2
- require "rack/content_length"
3
- require "rack/chunked"
4
-
5
- module Rack
6
- module Handler
7
- class Thin
8
- def self.run(app, options={})
9
- app = Rack::Chunked.new(Rack::ContentLength.new(app))
10
- server = ::Thin::Server.new(options[:Host] || '0.0.0.0',
11
- options[:Port] || 8080,
12
- app)
13
- yield server if block_given?
14
- server.start
15
- end
16
- end
17
- end
18
- end
@@ -1,67 +0,0 @@
1
- require 'webrick'
2
- require 'stringio'
3
- require 'rack/content_length'
4
-
5
- module Rack
6
- module Handler
7
- class WEBrick < ::WEBrick::HTTPServlet::AbstractServlet
8
- def self.run(app, options={})
9
- server = ::WEBrick::HTTPServer.new(options)
10
- server.mount "/", Rack::Handler::WEBrick, app
11
- trap(:INT) { server.shutdown }
12
- yield server if block_given?
13
- server.start
14
- end
15
-
16
- def initialize(server, app)
17
- super server
18
- @app = Rack::ContentLength.new(app)
19
- end
20
-
21
- def service(req, res)
22
- env = req.meta_vars
23
- env.delete_if { |k, v| v.nil? }
24
-
25
- env.update({"rack.version" => [1,0],
26
- "rack.input" => StringIO.new(req.body.to_s),
27
- "rack.errors" => $stderr,
28
-
29
- "rack.multithread" => true,
30
- "rack.multiprocess" => false,
31
- "rack.run_once" => false,
32
-
33
- "rack.url_scheme" => ["yes", "on", "1"].include?(ENV["HTTPS"]) ? "https" : "http"
34
- })
35
-
36
- env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"]
37
- env["QUERY_STRING"] ||= ""
38
- env["REQUEST_PATH"] ||= "/"
39
- if env["PATH_INFO"] == ""
40
- env.delete "PATH_INFO"
41
- else
42
- path, n = req.request_uri.path, env["SCRIPT_NAME"].length
43
- env["PATH_INFO"] = path[n, path.length-n]
44
- end
45
-
46
- status, headers, body = @app.call(env)
47
- begin
48
- res.status = status.to_i
49
- headers.each { |k, vs|
50
- if k.downcase == "set-cookie"
51
- res.cookies.concat vs.split("\n")
52
- else
53
- vs.split("\n").each { |v|
54
- res[k] = v
55
- }
56
- end
57
- }
58
- body.each { |part|
59
- res.body << part
60
- }
61
- ensure
62
- body.close if body.respond_to? :close
63
- end
64
- end
65
- end
66
- end
67
- end
@@ -1,19 +0,0 @@
1
- module Rack
2
-
3
- class Head
4
- def initialize(app)
5
- @app = app
6
- end
7
-
8
- def call(env)
9
- status, headers, body = @app.call(env)
10
-
11
- if env["REQUEST_METHOD"] == "HEAD"
12
- [status, headers, []]
13
- else
14
- [status, headers, body]
15
- end
16
- end
17
- end
18
-
19
- end
@@ -1,537 +0,0 @@
1
- require 'rack/utils'
2
-
3
- module Rack
4
- # Rack::Lint validates your application and the requests and
5
- # responses according to the Rack spec.
6
-
7
- class Lint
8
- def initialize(app)
9
- @app = app
10
- end
11
-
12
- # :stopdoc:
13
-
14
- class LintError < RuntimeError; end
15
- module Assertion
16
- def assert(message, &block)
17
- unless block.call
18
- raise LintError, message
19
- end
20
- end
21
- end
22
- include Assertion
23
-
24
- ## This specification aims to formalize the Rack protocol. You
25
- ## can (and should) use Rack::Lint to enforce it.
26
- ##
27
- ## When you develop middleware, be sure to add a Lint before and
28
- ## after to catch all mistakes.
29
-
30
- ## = Rack applications
31
-
32
- ## A Rack application is an Ruby object (not a class) that
33
- ## responds to +call+.
34
- def call(env=nil)
35
- dup._call(env)
36
- end
37
-
38
- def _call(env)
39
- ## It takes exactly one argument, the *environment*
40
- assert("No env given") { env }
41
- check_env env
42
-
43
- env['rack.input'] = InputWrapper.new(env['rack.input'])
44
- env['rack.errors'] = ErrorWrapper.new(env['rack.errors'])
45
-
46
- ## and returns an Array of exactly three values:
47
- status, headers, @body = @app.call(env)
48
- ## The *status*,
49
- check_status status
50
- ## the *headers*,
51
- check_headers headers
52
- ## and the *body*.
53
- check_content_type status, headers
54
- check_content_length status, headers, env
55
- [status, headers, self]
56
- end
57
-
58
- ## == The Environment
59
- def check_env(env)
60
- ## The environment must be an true instance of Hash (no
61
- ## subclassing allowed) that includes CGI-like headers.
62
- ## The application is free to modify the environment.
63
- assert("env #{env.inspect} is not a Hash, but #{env.class}") {
64
- env.instance_of? Hash
65
- }
66
-
67
- ##
68
- ## The environment is required to include these variables
69
- ## (adopted from PEP333), except when they'd be empty, but see
70
- ## below.
71
-
72
- ## <tt>REQUEST_METHOD</tt>:: The HTTP request method, such as
73
- ## "GET" or "POST". This cannot ever
74
- ## be an empty string, and so is
75
- ## always required.
76
-
77
- ## <tt>SCRIPT_NAME</tt>:: The initial portion of the request
78
- ## URL's "path" that corresponds to the
79
- ## application object, so that the
80
- ## application knows its virtual
81
- ## "location". This may be an empty
82
- ## string, if the application corresponds
83
- ## to the "root" of the server.
84
-
85
- ## <tt>PATH_INFO</tt>:: The remainder of the request URL's
86
- ## "path", designating the virtual
87
- ## "location" of the request's target
88
- ## within the application. This may be an
89
- ## empty string, if the request URL targets
90
- ## the application root and does not have a
91
- ## trailing slash. This value may be
92
- ## percent-encoded when I originating from
93
- ## a URL.
94
-
95
- ## <tt>QUERY_STRING</tt>:: The portion of the request URL that
96
- ## follows the <tt>?</tt>, if any. May be
97
- ## empty, but is always required!
98
-
99
- ## <tt>SERVER_NAME</tt>, <tt>SERVER_PORT</tt>:: When combined with <tt>SCRIPT_NAME</tt> and <tt>PATH_INFO</tt>, these variables can be used to complete the URL. Note, however, that <tt>HTTP_HOST</tt>, if present, should be used in preference to <tt>SERVER_NAME</tt> for reconstructing the request URL. <tt>SERVER_NAME</tt> and <tt>SERVER_PORT</tt> can never be empty strings, and so are always required.
100
-
101
- ## <tt>HTTP_</tt> Variables:: Variables corresponding to the
102
- ## client-supplied HTTP request
103
- ## headers (i.e., variables whose
104
- ## names begin with <tt>HTTP_</tt>). The
105
- ## presence or absence of these
106
- ## variables should correspond with
107
- ## the presence or absence of the
108
- ## appropriate HTTP header in the
109
- ## request.
110
-
111
- ## In addition to this, the Rack environment must include these
112
- ## Rack-specific variables:
113
-
114
- ## <tt>rack.version</tt>:: The Array [1,0], representing this version of Rack.
115
- ## <tt>rack.url_scheme</tt>:: +http+ or +https+, depending on the request URL.
116
- ## <tt>rack.input</tt>:: See below, the input stream.
117
- ## <tt>rack.errors</tt>:: See below, the error stream.
118
- ## <tt>rack.multithread</tt>:: true if the application object may be simultaneously invoked by another thread in the same process, false otherwise.
119
- ## <tt>rack.multiprocess</tt>:: true if an equivalent application object may be simultaneously invoked by another process, false otherwise.
120
- ## <tt>rack.run_once</tt>:: true if the server expects (but does not guarantee!) that the application will only be invoked this one time during the life of its containing process. Normally, this will only be true for a server based on CGI (or something similar).
121
- ##
122
-
123
- ## Additional environment specifications have approved to
124
- ## standardized middleware APIs. None of these are required to
125
- ## be implemented by the server.
126
-
127
- ## <tt>rack.session</tt>:: A hash like interface for storing request session data.
128
- ## The store must implement:
129
- if session = env['rack.session']
130
- ## store(key, value) (aliased as []=);
131
- assert("session #{session.inspect} must respond to store and []=") {
132
- session.respond_to?(:store) && session.respond_to?(:[]=)
133
- }
134
-
135
- ## fetch(key, default = nil) (aliased as []);
136
- assert("session #{session.inspect} must respond to fetch and []") {
137
- session.respond_to?(:fetch) && session.respond_to?(:[])
138
- }
139
-
140
- ## delete(key);
141
- assert("session #{session.inspect} must respond to delete") {
142
- session.respond_to?(:delete)
143
- }
144
-
145
- ## clear;
146
- assert("session #{session.inspect} must respond to clear") {
147
- session.respond_to?(:clear)
148
- }
149
- end
150
-
151
- ## The server or the application can store their own data in the
152
- ## environment, too. The keys must contain at least one dot,
153
- ## and should be prefixed uniquely. The prefix <tt>rack.</tt>
154
- ## is reserved for use with the Rack core distribution and other
155
- ## accepted specifications and must not be used otherwise.
156
- ##
157
-
158
- %w[REQUEST_METHOD SERVER_NAME SERVER_PORT
159
- QUERY_STRING
160
- rack.version rack.input rack.errors
161
- rack.multithread rack.multiprocess rack.run_once].each { |header|
162
- assert("env missing required key #{header}") { env.include? header }
163
- }
164
-
165
- ## The environment must not contain the keys
166
- ## <tt>HTTP_CONTENT_TYPE</tt> or <tt>HTTP_CONTENT_LENGTH</tt>
167
- ## (use the versions without <tt>HTTP_</tt>).
168
- %w[HTTP_CONTENT_TYPE HTTP_CONTENT_LENGTH].each { |header|
169
- assert("env contains #{header}, must use #{header[5,-1]}") {
170
- not env.include? header
171
- }
172
- }
173
-
174
- ## The CGI keys (named without a period) must have String values.
175
- env.each { |key, value|
176
- next if key.include? "." # Skip extensions
177
- assert("env variable #{key} has non-string value #{value.inspect}") {
178
- value.instance_of? String
179
- }
180
- }
181
-
182
- ##
183
- ## There are the following restrictions:
184
-
185
- ## * <tt>rack.version</tt> must be an array of Integers.
186
- assert("rack.version must be an Array, was #{env["rack.version"].class}") {
187
- env["rack.version"].instance_of? Array
188
- }
189
- ## * <tt>rack.url_scheme</tt> must either be +http+ or +https+.
190
- assert("rack.url_scheme unknown: #{env["rack.url_scheme"].inspect}") {
191
- %w[http https].include? env["rack.url_scheme"]
192
- }
193
-
194
- ## * There must be a valid input stream in <tt>rack.input</tt>.
195
- check_input env["rack.input"]
196
- ## * There must be a valid error stream in <tt>rack.errors</tt>.
197
- check_error env["rack.errors"]
198
-
199
- ## * The <tt>REQUEST_METHOD</tt> must be a valid token.
200
- assert("REQUEST_METHOD unknown: #{env["REQUEST_METHOD"]}") {
201
- env["REQUEST_METHOD"] =~ /\A[0-9A-Za-z!\#$%&'*+.^_`|~-]+\z/
202
- }
203
-
204
- ## * The <tt>SCRIPT_NAME</tt>, if non-empty, must start with <tt>/</tt>
205
- assert("SCRIPT_NAME must start with /") {
206
- !env.include?("SCRIPT_NAME") ||
207
- env["SCRIPT_NAME"] == "" ||
208
- env["SCRIPT_NAME"] =~ /\A\//
209
- }
210
- ## * The <tt>PATH_INFO</tt>, if non-empty, must start with <tt>/</tt>
211
- assert("PATH_INFO must start with /") {
212
- !env.include?("PATH_INFO") ||
213
- env["PATH_INFO"] == "" ||
214
- env["PATH_INFO"] =~ /\A\//
215
- }
216
- ## * The <tt>CONTENT_LENGTH</tt>, if given, must consist of digits only.
217
- assert("Invalid CONTENT_LENGTH: #{env["CONTENT_LENGTH"]}") {
218
- !env.include?("CONTENT_LENGTH") || env["CONTENT_LENGTH"] =~ /\A\d+\z/
219
- }
220
-
221
- ## * One of <tt>SCRIPT_NAME</tt> or <tt>PATH_INFO</tt> must be
222
- ## set. <tt>PATH_INFO</tt> should be <tt>/</tt> if
223
- ## <tt>SCRIPT_NAME</tt> is empty.
224
- assert("One of SCRIPT_NAME or PATH_INFO must be set (make PATH_INFO '/' if SCRIPT_NAME is empty)") {
225
- env["SCRIPT_NAME"] || env["PATH_INFO"]
226
- }
227
- ## <tt>SCRIPT_NAME</tt> never should be <tt>/</tt>, but instead be empty.
228
- assert("SCRIPT_NAME cannot be '/', make it '' and PATH_INFO '/'") {
229
- env["SCRIPT_NAME"] != "/"
230
- }
231
- end
232
-
233
- ## === The Input Stream
234
- ##
235
- ## The input stream is an IO-like object which contains the raw HTTP
236
- ## POST data. If it is a file then it must be opened in binary mode.
237
- def check_input(input)
238
- ## The input stream must respond to +gets+, +each+, +read+ and +rewind+.
239
- [:gets, :each, :read, :rewind].each { |method|
240
- assert("rack.input #{input} does not respond to ##{method}") {
241
- input.respond_to? method
242
- }
243
- }
244
- end
245
-
246
- class InputWrapper
247
- include Assertion
248
-
249
- def initialize(input)
250
- @input = input
251
- end
252
-
253
- def size
254
- @input.size
255
- end
256
-
257
- ## * +gets+ must be called without arguments and return a string,
258
- ## or +nil+ on EOF.
259
- def gets(*args)
260
- assert("rack.input#gets called with arguments") { args.size == 0 }
261
- v = @input.gets
262
- assert("rack.input#gets didn't return a String") {
263
- v.nil? or v.instance_of? String
264
- }
265
- v
266
- end
267
-
268
- ## * +read+ behaves like IO#read. Its signature is <tt>read([length, [buffer]])</tt>.
269
- ## If given, +length+ must be an non-negative Integer (>= 0) or +nil+, and +buffer+ must
270
- ## be a String and may not be nil. If +length+ is given and not nil, then this method
271
- ## reads at most +length+ bytes from the input stream. If +length+ is not given or nil,
272
- ## then this method reads all data until EOF.
273
- ## When EOF is reached, this method returns nil if +length+ is given and not nil, or ""
274
- ## if +length+ is not given or is nil.
275
- ## If +buffer+ is given, then the read data will be placed into +buffer+ instead of a
276
- ## newly created String object.
277
- def read(*args)
278
- assert("rack.input#read called with too many arguments") {
279
- args.size <= 2
280
- }
281
- if args.size >= 1
282
- assert("rack.input#read called with non-integer and non-nil length") {
283
- args.first.kind_of?(Integer) || args.first.nil?
284
- }
285
- assert("rack.input#read called with a negative length") {
286
- args.first.nil? || args.first >= 0
287
- }
288
- end
289
- if args.size >= 2
290
- assert("rack.input#read called with non-String buffer") {
291
- args[1].kind_of?(String)
292
- }
293
- end
294
-
295
- v = @input.read(*args)
296
-
297
- assert("rack.input#read didn't return nil or a String") {
298
- v.nil? or v.instance_of? String
299
- }
300
- if args[0].nil?
301
- assert("rack.input#read(nil) returned nil on EOF") {
302
- !v.nil?
303
- }
304
- end
305
-
306
- v
307
- end
308
-
309
- ## * +each+ must be called without arguments and only yield Strings.
310
- def each(*args)
311
- assert("rack.input#each called with arguments") { args.size == 0 }
312
- @input.each { |line|
313
- assert("rack.input#each didn't yield a String") {
314
- line.instance_of? String
315
- }
316
- yield line
317
- }
318
- end
319
-
320
- ## * +rewind+ must be called without arguments. It rewinds the input
321
- ## stream back to the beginning. It must not raise Errno::ESPIPE:
322
- ## that is, it may not be a pipe or a socket. Therefore, handler
323
- ## developers must buffer the input data into some rewindable object
324
- ## if the underlying input stream is not rewindable.
325
- def rewind(*args)
326
- assert("rack.input#rewind called with arguments") { args.size == 0 }
327
- assert("rack.input#rewind raised Errno::ESPIPE") {
328
- begin
329
- @input.rewind
330
- true
331
- rescue Errno::ESPIPE
332
- false
333
- end
334
- }
335
- end
336
-
337
- ## * +close+ must never be called on the input stream.
338
- def close(*args)
339
- assert("rack.input#close must not be called") { false }
340
- end
341
- end
342
-
343
- ## === The Error Stream
344
- def check_error(error)
345
- ## The error stream must respond to +puts+, +write+ and +flush+.
346
- [:puts, :write, :flush].each { |method|
347
- assert("rack.error #{error} does not respond to ##{method}") {
348
- error.respond_to? method
349
- }
350
- }
351
- end
352
-
353
- class ErrorWrapper
354
- include Assertion
355
-
356
- def initialize(error)
357
- @error = error
358
- end
359
-
360
- ## * +puts+ must be called with a single argument that responds to +to_s+.
361
- def puts(str)
362
- @error.puts str
363
- end
364
-
365
- ## * +write+ must be called with a single argument that is a String.
366
- def write(str)
367
- assert("rack.errors#write not called with a String") { str.instance_of? String }
368
- @error.write str
369
- end
370
-
371
- ## * +flush+ must be called without arguments and must be called
372
- ## in order to make the error appear for sure.
373
- def flush
374
- @error.flush
375
- end
376
-
377
- ## * +close+ must never be called on the error stream.
378
- def close(*args)
379
- assert("rack.errors#close must not be called") { false }
380
- end
381
- end
382
-
383
- ## == The Response
384
-
385
- ## === The Status
386
- def check_status(status)
387
- ## This is an HTTP status. When parsed as integer (+to_i+), it must be
388
- ## greater than or equal to 100.
389
- assert("Status must be >=100 seen as integer") { status.to_i >= 100 }
390
- end
391
-
392
- ## === The Headers
393
- def check_headers(header)
394
- ## The header must respond to +each+, and yield values of key and value.
395
- assert("headers object should respond to #each, but doesn't (got #{header.class} as headers)") {
396
- header.respond_to? :each
397
- }
398
- header.each { |key, value|
399
- ## The header keys must be Strings.
400
- assert("header key must be a string, was #{key.class}") {
401
- key.instance_of? String
402
- }
403
- ## The header must not contain a +Status+ key,
404
- assert("header must not contain Status") { key.downcase != "status" }
405
- ## contain keys with <tt>:</tt> or newlines in their name,
406
- assert("header names must not contain : or \\n") { key !~ /[:\n]/ }
407
- ## contain keys names that end in <tt>-</tt> or <tt>_</tt>,
408
- assert("header names must not end in - or _") { key !~ /[-_]\z/ }
409
- ## but only contain keys that consist of
410
- ## letters, digits, <tt>_</tt> or <tt>-</tt> and start with a letter.
411
- assert("invalid header name: #{key}") { key =~ /\A[a-zA-Z][a-zA-Z0-9_-]*\z/ }
412
-
413
- ## The values of the header must be Strings,
414
- assert("a header value must be a String, but the value of " +
415
- "'#{key}' is a #{value.class}") { value.kind_of? String }
416
- ## consisting of lines (for multiple header values, e.g. multiple
417
- ## <tt>Set-Cookie</tt> values) seperated by "\n".
418
- value.split("\n").each { |item|
419
- ## The lines must not contain characters below 037.
420
- assert("invalid header value #{key}: #{item.inspect}") {
421
- item !~ /[\000-\037]/
422
- }
423
- }
424
- }
425
- end
426
-
427
- ## === The Content-Type
428
- def check_content_type(status, headers)
429
- headers.each { |key, value|
430
- ## There must be a <tt>Content-Type</tt>, except when the
431
- ## +Status+ is 1xx, 204 or 304, in which case there must be none
432
- ## given.
433
- if key.downcase == "content-type"
434
- assert("Content-Type header found in #{status} response, not allowed") {
435
- not Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include? status.to_i
436
- }
437
- return
438
- end
439
- }
440
- assert("No Content-Type header found") {
441
- Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include? status.to_i
442
- }
443
- end
444
-
445
- ## === The Content-Length
446
- def check_content_length(status, headers, env)
447
- headers.each { |key, value|
448
- if key.downcase == 'content-length'
449
- ## There must not be a <tt>Content-Length</tt> header when the
450
- ## +Status+ is 1xx, 204 or 304.
451
- assert("Content-Length header found in #{status} response, not allowed") {
452
- not Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include? status.to_i
453
- }
454
-
455
- bytes = 0
456
- string_body = true
457
-
458
- if @body.respond_to?(:to_ary)
459
- @body.each { |part|
460
- unless part.kind_of?(String)
461
- string_body = false
462
- break
463
- end
464
-
465
- bytes += Rack::Utils.bytesize(part)
466
- }
467
-
468
- if env["REQUEST_METHOD"] == "HEAD"
469
- assert("Response body was given for HEAD request, but should be empty") {
470
- bytes == 0
471
- }
472
- else
473
- if string_body
474
- assert("Content-Length header was #{value}, but should be #{bytes}") {
475
- value == bytes.to_s
476
- }
477
- end
478
- end
479
- end
480
-
481
- return
482
- end
483
- }
484
- end
485
-
486
- ## === The Body
487
- def each
488
- @closed = false
489
- ## The Body must respond to +each+
490
- @body.each { |part|
491
- ## and must only yield String values.
492
- assert("Body yielded non-string value #{part.inspect}") {
493
- part.instance_of? String
494
- }
495
- yield part
496
- }
497
- ##
498
- ## The Body itself should not be an instance of String, as this will
499
- ## break in Ruby 1.9.
500
- ##
501
- ## If the Body responds to +close+, it will be called after iteration.
502
- # XXX howto: assert("Body has not been closed") { @closed }
503
-
504
-
505
- ##
506
- ## If the Body responds to +to_path+, it must return a String
507
- ## identifying the location of a file whose contents are identical
508
- ## to that produced by calling +each+; this may be used by the
509
- ## server as an alternative, possibly more efficient way to
510
- ## transport the response.
511
-
512
- if @body.respond_to?(:to_path)
513
- assert("The file identified by body.to_path does not exist") {
514
- ::File.exist? @body.to_path
515
- }
516
- end
517
-
518
- ##
519
- ## The Body commonly is an Array of Strings, the application
520
- ## instance itself, or a File-like object.
521
- end
522
-
523
- def close
524
- @closed = true
525
- @body.close if @body.respond_to?(:close)
526
- end
527
-
528
- # :startdoc:
529
-
530
- end
531
- end
532
-
533
- ## == Thanks
534
- ## Some parts of this specification are adopted from PEP333: Python
535
- ## Web Server Gateway Interface
536
- ## v1.0 (http://www.python.org/dev/peps/pep-0333/). I'd like to thank
537
- ## everyone involved in that effort.