rack-contrib 1.8.0 → 2.3.0

data/lib/rack/contrib/jsonp.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
 
   # A Rack middleware for providing JSON-P support.
@@ -53,7 +55,7 @@ module Rack
 
         # Set new Content-Length, if it was set before we mutated the response body
         if headers['Content-Length']
-          length = response.to_ary.inject(0) { |len, part| len + bytesize(part) }
+          length = response.map(&:bytesize).reduce(0, :+)
           headers['Content-Length'] = length.to_s
         end
       end
@@ -87,8 +89,8 @@ module Rack
     # method of combining all of the data into a single string makes sense
     # since JSON is returned as a full string.
     #
-    def pad(callback, response, body = "")
-      response.each do |s|
+    def pad(callback, response)
+      body = response.to_enum.map do |s|
         # U+2028 and U+2029 are allowed inside strings in JSON (as all literal
         # Unicode characters) but JavaScript defines them as newline
         # seperators. Because no literal newlines are allowed in a string, this
@@ -96,8 +98,8 @@ module Rack
         # replacing them with the escaped version. This should be safe because
         # according to the JSON spec, these characters are *only* valid inside
         # a string and should therefore not be present any other places.
-        body << s.to_s.gsub(U2028, '\u2028').gsub(U2029, '\u2029')
-      end
+        s.gsub(U2028, '\u2028').gsub(U2029, '\u2029')
+      end.join
 
       # https://github.com/rack/rack-contrib/issues/46
       response.close if response.respond_to?(:close)
@@ -106,7 +108,7 @@ module Rack
     end
 
     def bad_request(body = "Bad Request")
-      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.size.to_s }, [body] ]
+      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.bytesize.to_s }, [body] ]
     end
 
   end

data/lib/rack/contrib/lazy_conditional_get.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
 
   ##
@@ -43,6 +45,10 @@ module Rack
   # know for sure that it does not modify the cached content, you can set the
   # `Rack-Lazy-Conditional-Get` on response to `skip`. This will not update the
   # global modification date.
+  #
+  # NOTE: This will not work properly in a multi-threaded environment with
+  # default cache object. A provided cache object should ensure thread-safety
+  # of the `get`/`set`/`[]`/`[]=` methods.
 
   class LazyConditionalGet
 
@@ -70,7 +76,10 @@ module Rack
       if reading? env and fresh? env
         return [304, {'Last-Modified' => env['HTTP_IF_MODIFIED_SINCE']}, []]
       end
+
       status, headers, body = @app.call env
+      headers = Utils::HeaderHash.new(headers)
+
       update_cache unless (reading?(env) or skipping?(headers))
       headers['Last-Modified'] = cached_value if stampable? headers
       [status, headers, body]

data/lib/rack/contrib/lighttpd_script_name_fix.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   # Lighttpd sets the wrong SCRIPT_NAME and PATH_INFO if you mount your
   # FastCGI app at "/". This middleware fixes this issue.

data/lib/rack/contrib/locale.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'i18n'
 
 module Rack
@@ -7,43 +9,76 @@ module Rack
     end
 
     def call(env)
-      old_locale = I18n.locale
-
-      begin
-        locale = accept_locale(env) || I18n.default_locale
-        locale = env['rack.locale'] = I18n.locale = locale.to_s
-        status, headers, body = @app.call(env)
-        headers['Content-Language'] = locale unless headers['Content-Language']
-        [status, headers, body]
-      ensure
-        I18n.locale = old_locale
+      locale_to_restore = I18n.locale
+
+      locale = user_preferred_locale(env["HTTP_ACCEPT_LANGUAGE"])
+      locale ||= I18n.default_locale
+
+      env['rack.locale'] = I18n.locale = locale.to_s
+      status, headers, body = @app.call(env)
+      headers = Utils::HeaderHash.new(headers)
+
+      unless headers['Content-Language']
+        headers['Content-Language'] = locale.to_s
       end
+
+      [status, headers, body]
+    ensure
+      I18n.locale = locale_to_restore
     end
 
     private
 
-    # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.4
-    def accept_locale(env)
-      accept_langs = env["HTTP_ACCEPT_LANGUAGE"]
-      return if accept_langs.nil?
-
-      languages_and_qvalues = accept_langs.split(",").map { |l|
-        l += ';q=1.0' unless l =~ /;q=\d+(?:\.\d+)?$/
-        l.split(';q=')
-      }
-
-      language_and_qvalue = languages_and_qvalues.sort_by { |(locale, qvalue)|
-        qvalue.to_f
-      }.reverse.detect { |(locale, qvalue)|
-        if I18n.enforce_available_locales
-          locale == '*' || I18n.available_locales.include?(locale.to_sym)
-        else
-          true
+    # Accept-Language header is covered mainly by RFC 7231
+    # https://tools.ietf.org/html/rfc7231
+    #
+    # Related sections:
+    #
+    # * https://tools.ietf.org/html/rfc7231#section-5.3.1
+    # * https://tools.ietf.org/html/rfc7231#section-5.3.5
+    # * https://tools.ietf.org/html/rfc4647#section-3.4
+    #
+    # There is an obsolete RFC 2616 (https://tools.ietf.org/html/rfc2616)
+    #
+    # Edge cases:
+    #
+    # * Value can be a comma separated list with optional whitespaces:
+    #   Accept-Language: da, en-gb;q=0.8, en;q=0.7
+    #
+    # * Quality value can contain optional whitespaces as well:
+    #   Accept-Language: ru-UA, ru; q=0.8, uk; q=0.6, en-US; q=0.4, en; q=0.2
+    #
+    # * Quality prefix 'q=' can be in upper case (Q=)
+    #
+    # * Ignore case when match locale with I18n available locales
+    #
+    def user_preferred_locale(header)
+      return if header.nil?
+
+      locales = header.gsub(/\s+/, '').split(",").map do |language_tag|
+        locale, quality = language_tag.split(/;q=/i)
+        quality = quality ? quality.to_f : 1.0
+        [locale, quality]
+      end.reject do |(locale, quality)|
+        locale == '*' || quality == 0
+      end.sort_by do |(_, quality)|
+        quality
+      end.map(&:first)
+
+      return if locales.empty?
+
+      if I18n.enforce_available_locales
+        locale = locales.reverse.find { |locale| I18n.available_locales.any? { |al| match?(al, locale) } }
+        if locale
+          I18n.available_locales.find { |al| match?(al, locale) }
         end
-      }
+      else
+        locales.last
+      end
+    end
 
-      lang = language_and_qvalue && language_and_qvalue.first
-      lang == '*' ? nil : lang
+    def match?(s1, s2)
+      s1.to_s.casecmp(s2.to_s) == 0
     end
   end
 end

data/lib/rack/contrib/mailexceptions.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'net/smtp'
 require 'mail'
 require 'erb'
@@ -90,7 +92,7 @@ module Rack
         mail.delivery_method :test
       elsif config[:smtp]
         smtp = config[:smtp]
-        # for backward compability, replace the :server key with :address
+        # for backward compatibility, replace the :server key with :address
         address = smtp.delete :server
         smtp[:address] = address if address
         mail.delivery_method :smtp, smtp
@@ -104,7 +106,7 @@ module Rack
 
     def extract_body(env)
       if io = env['rack.input']
-        io.rewind if io.respond_to?(:rewind)
+        io.rewind
         io.read
       end
     end

data/lib/rack/contrib/nested_params.rb

@@ -1,5 +1,6 @@
-require 'cgi'
-require 'strscan'
+# frozen_string_literal: true
+
+require 'rack/utils'
 
 module Rack
   # Rack middleware for parsing POST/PUT body data into nested parameters
@@ -20,130 +21,14 @@ module Rack
 
     def call(env)
       if form_vars = env[FORM_VARS]
-        env[FORM_HASH] = parse_query_parameters(form_vars)
+        Rack::Utils.parse_nested_query(form_vars)
       elsif env[CONTENT_TYPE] == URL_ENCODED
         post_body = env[POST_BODY]
         env[FORM_INPUT] = post_body
-        env[FORM_HASH] = parse_query_parameters(post_body.read)
-        post_body.rewind if post_body.respond_to?(:rewind)
+        env[FORM_HASH] = Rack::Utils.parse_nested_query(post_body.read)
+        post_body.rewind
       end
       @app.call(env)
     end
-
-    ## the rest is nabbed from Rails ##
-
-    def parse_query_parameters(query_string)
-      return {} if query_string.nil? or query_string.empty?
-
-      pairs = query_string.split('&').collect do |chunk|
-        next if chunk.empty?
-        key, value = chunk.split('=', 2)
-        next if key.empty?
-        value = value.nil? ? nil : CGI.unescape(value)
-        [ CGI.unescape(key), value ]
-      end.compact
-
-      UrlEncodedPairParser.new(pairs).result
-    end
-
-    class UrlEncodedPairParser < StringScanner
-      attr_reader :top, :parent, :result
-
-      def initialize(pairs = [])
-        super('')
-        @result = {}
-        pairs.each { |key, value| parse(key, value) }
-      end
-
-      KEY_REGEXP = %r{([^\[\]=&]+)}
-      BRACKETED_KEY_REGEXP = %r{\[([^\[\]=&]+)\]}
-
-      # Parse the query string
-      def parse(key, value)
-        self.string = key
-        @top, @parent = result, nil
-
-        # First scan the bare key
-        key = scan(KEY_REGEXP) or return
-        key = post_key_check(key)
-
-        # Then scan as many nestings as present
-        until eos?
-          r = scan(BRACKETED_KEY_REGEXP) or return
-          key = self[1]
-          key = post_key_check(key)
-        end
-
-        bind(key, value)
-      end
-
-      private
-        # After we see a key, we must look ahead to determine our next action. Cases:
-        #
-        #   [] follows the key. Then the value must be an array.
-        #   = follows the key. (A value comes next)
-        #   & or the end of string follows the key. Then the key is a flag.
-        #   otherwise, a hash follows the key.
-        def post_key_check(key)
-          if scan(/\[\]/) # a[b][] indicates that b is an array
-            container(key, Array)
-            nil
-          elsif check(/\[[^\]]/) # a[b] indicates that a is a hash
-            container(key, Hash)
-            nil
-          else # End of key? We do nothing.
-            key
-          end
-        end
-
-        # Add a container to the stack.
-        def container(key, klass)
-          type_conflict! klass, top[key] if top.is_a?(Hash) && top.key?(key) && ! top[key].is_a?(klass)
-          value = bind(key, klass.new)
-          type_conflict! klass, value unless value.is_a?(klass)
-          push(value)
-        end
-
-        # Push a value onto the 'stack', which is actually only the top 2 items.
-        def push(value)
-          @parent, @top = @top, value
-        end
-
-        # Bind a key (which may be nil for items in an array) to the provided value.
-        def bind(key, value)
-          if top.is_a? Array
-            if key
-              if top[-1].is_a?(Hash) && ! top[-1].key?(key)
-                top[-1][key] = value
-              else
-                top << {key => value}
-              end
-              push top.last
-              return top[key]
-            else
-              top << value
-              return value
-            end
-          elsif top.is_a? Hash
-            key = CGI.unescape(key)
-            parent << (@top = {}) if top.key?(key) && parent.is_a?(Array)
-
-            if top.include?(key) && value.is_a?(String)
-              warn "Rack::NestedParams' parsing behavior will change in rack-contrib 2.0"
-              warn "Currently 'foo=1&foo=2' is parsed to {'foo' => '1'}, in 2.0 it will be parsed to {'foo' => '2'}"
-            end
-
-            top[key] ||= value
-            return top[key]
-          else
-            raise ArgumentError, "Don't know what to do: top is #{top.inspect}"
-          end
-        end
-
-        def type_conflict!(klass, value)
-          raise TypeError, "Conflicting types for parameter containers. Expected an instance of #{klass} but found an instance of #{value.class}. This can be caused by colliding Array and Hash parameters like qs[]=value&qs[key]=value. (The parameters received were #{value.inspect}.)"
-        end
-    end
-
   end
 end

data/lib/rack/contrib/not_found.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   # Rack::NotFound is a default endpoint. Optionally initialize with the
   # path to a custom 404 page, to override the standard response body.
@@ -19,7 +21,7 @@ module Rack
       else
         @content = F.read(path)
       end
-      @length = @content.size.to_s
+      @length = @content.bytesize.to_s
 
       @content_type = content_type
     end

data/lib/rack/contrib/post_body_content_type_parser.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 begin
   require 'json'
 rescue LoadError => e
@@ -6,10 +8,51 @@ end
 
 module Rack
 
+  # <b>DEPRECATED:</b> <tt>JSONBodyParser</tt> is a drop-in replacement that is faster and more configurable.
+  #
   # A Rack middleware for parsing POST/PUT body data when Content-Type is
   # not one of the standard supported types, like <tt>application/json</tt>.
   #
-  # TODO: Find a better name.
+  # === How to use the middleware
+  #
+  # Example of simple +config.ru+ file:
+  #
+  #  require 'rack'
+  #  require 'rack/contrib'
+  #
+  #  use ::Rack::PostBodyContentTypeParser
+  #
+  #  app = lambda do |env|
+  #    request = Rack::Request.new(env)
+  #    body = "Hello #{request.params['name']}"
+  #    [200, {'Content-Type' => 'text/plain'}, [body]]
+  #  end
+  #
+  #  run app
+  #
+  # Example with passing block argument:
+  #
+  #   use ::Rack::PostBodyContentTypeParser do |body|
+  #     { 'params' => JSON.parse(body) }
+  #   end
+  #
+  # Example with passing proc argument:
+  #
+  #   parser = ->(body) { { 'params' => JSON.parse(body) } }
+  #   use ::Rack::PostBodyContentTypeParser, &parser
+  #
+  #
+  # === Failed JSON parsing
+  #
+  # Returns "400 Bad request" response if invalid JSON document was sent:
+  #
+  # Raw HTTP response:
+  #
+  #   HTTP/1.1 400 Bad Request
+  #   Content-Type: text/plain
+  #   Content-Length: 28
+  #
+  #   failed to parse body as JSON
   #
   class PostBodyContentTypeParser
 
@@ -24,14 +67,16 @@ module Rack
     #
     APPLICATION_JSON = 'application/json'.freeze
 
-    def initialize(app)
+    def initialize(app, &block)
+      warn "[DEPRECATION] `PostBodyContentTypeParser` is deprecated. Use `JSONBodyParser` as a drop-in replacement."
       @app = app
+      @block = block || Proc.new { |body| JSON.parse(body, :create_additions => false) }
     end
 
     def call(env)
       if Rack::Request.new(env).media_type == APPLICATION_JSON && (body = env[POST_BODY].read).length != 0
         env[POST_BODY].rewind # somebody might try to read this stream
-        env.update(FORM_HASH => JSON.parse(body, :create_additions => false), FORM_INPUT => env[POST_BODY])
+        env.update(FORM_HASH => @block.call(body), FORM_INPUT => env[POST_BODY])
       end
       @app.call(env)
     rescue JSON::ParserError
@@ -39,7 +84,7 @@ module Rack
     end
 
     def bad_request(body = 'Bad Request')
-      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.size.to_s }, [body] ]
+      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.bytesize.to_s }, [body] ]
     end
   end
 end