rack-contrib 2.1.0 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0c7731ec4011969a7792a075037754884383bd79288d308f842db8d3566d69f9
-  data.tar.gz: 16ea5eb6e86c262eaf5382f7bd48d84a5d96f77730ef2afa3595da5ff63c01b7
+  metadata.gz: ca58db2b7968ad4691e8bec79eea2088dabc3da5d309358f7df76d668324d824
+  data.tar.gz: 51816bb6b59a598fea16eb100cc783b3c0ff58eb37aa3585bb8d65141f2aae4f
 SHA512:
-  metadata.gz: ba48f0a22d13513a34589c096b87fa836fd762799dd46a05ee17e0f8b07ec8bf41489aaf59e18f63c59f7c8d53bee10e9e2b1492fa7a5a12b70587f4eb644e46
-  data.tar.gz: ae7ca36ea51cfcb66053bd97baef862eb161f91fd08badce5283f05765263a354a2e9f5214e75ca4eb9f4fa5ad4505ad2a305d2899fca8d95736cd2fd847f945
+  metadata.gz: 7442b5ad170ae2946f017d8ccd007d02455b7939fe42239378505b61983cd9a1f090549e87b07e08323a7cf99d04f026e8df0f326e34be166508187cca3735e7
+  data.tar.gz: 99985100672c65c9ee559a37281f5dddea4fcdc8481ddffd75c2f6e697197a1070339c5b70733d736f8ba33078d5f699f00097cd6ec96266c8f07edb008b727b

data/README.md

@@ -13,6 +13,7 @@ interface:
 * `Rack::Deflect` - Helps protect against DoS attacks.
 * `Rack::Evil` - Lets the rack application return a response to the client from any place.
 * `Rack::HostMeta` - Configures `/host-meta` using a block
+* `Rack::JSONBodyParser` - Adds JSON request bodies to the Rack parameters hash.
 * `Rack::JSONP` - Adds JSON-P support by stripping out the callback param and padding the response with the appropriate callback format.
 * `Rack::LazyConditionalGet` - Caches a global `Last-Modified` date and updates it each time there is a request that is not `GET` or `HEAD`.
 * `Rack::LighttpdScriptNameFix` - Fixes how lighttpd sets the `SCRIPT_NAME` and `PATH_INFO` variables in certain configurations.
@@ -20,7 +21,7 @@ interface:
 * `Rack::MailExceptions` - Rescues exceptions raised from the app and sends a useful email with the exception, stacktrace, and contents of the environment.
 * `Rack::NestedParams` - parses form params with subscripts (e.g., * "`post[title]=Hello`") into a nested/recursive Hash structure (based on Rails' implementation).
 * `Rack::NotFound` - A default 404 application.
-* `Rack::PostBodyContentTypeParser` - Adds support for JSON request bodies. The Rack parameter hash is populated by deserializing the JSON data provided in the request body when the Content-Type is application/json.
+* `Rack::PostBodyContentTypeParser` - [Deprecated]: Adds support for JSON request bodies. The Rack parameter hash is populated by deserializing the JSON data provided in the request body when the Content-Type is application/json
 * `Rack::Printout` - Prints the environment and the response per request
 * `Rack::ProcTitle` - Displays request information in process title (`$0`) for monitoring/inspection with ps(1).
 * `Rack::Profiler` - Uses ruby-prof to measure request time.

data/lib/rack/contrib.rb

@@ -24,6 +24,7 @@ module Rack
   autoload :HostMeta,                   "rack/contrib/host_meta"
   autoload :GarbageCollector,           "rack/contrib/garbagecollector"
   autoload :JSONP,                      "rack/contrib/jsonp"
+  autoload :JSONBodyParser,             "rack/contrib/json_body_parser"
   autoload :LazyConditionalGet,         "rack/contrib/lazy_conditional_get"
   autoload :LighttpdScriptNameFix,      "rack/contrib/lighttpd_script_name_fix"
   autoload :Locale,                     "rack/contrib/locale"

data/lib/rack/contrib/csshttprequest.rb

@@ -31,7 +31,7 @@ module Rack
     end
 
     def modify_headers!(headers, encoded_response)
-      headers['Content-Length'] = encoded_response.length.to_s
+      headers['Content-Length'] = encoded_response.bytesize.to_s
       headers['Content-Type'] = 'text/css'
       nil
     end

data/lib/rack/contrib/json_body_parser.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Rack
+  # A Rack middleware that makes JSON-encoded request bodies available in the
+  # request.params hash. By default it parses POST, PATCH, and PUT requests
+  # whose media type is <tt>application/json</tt>. You can configure it to match
+  # any verb or media type via the <tt>:verbs</tt> and <tt>:media</tt> options.
+  #
+  #
+  # == Examples:
+  #
+  # === Parse POST and GET requests only
+  #   use Rack::JSONBodyParser, verbs: ['POST', 'GET']
+  #
+  # === Parse POST|PATCH|PUT requests whose Content-Type matches 'json'
+  #   use Rack::JSONBodyParser, media: /json/
+  #
+  # === Parse POST requests whose Content-Type is 'application/json' or 'application/vnd+json'
+  #   use Rack::JSONBodyParser, verbs: ['POST'], media: ['application/json', 'application/vnd.api+json']
+  #
+  class JSONBodyParser
+    CONTENT_TYPE_MATCHERS = {
+      String => lambda { |option, header|
+        Rack::MediaType.type(header) == option
+      },
+      Array => lambda { |options, header|
+        media_type = Rack::MediaType.type(header)
+        options.any? { |opt| media_type == opt }
+      },
+      Regexp => lambda {
+        if //.respond_to?(:match?)
+          # Use Ruby's fast regex matcher when available
+          ->(option, header) { option.match? header }
+        else
+          # Fall back to the slower matcher for rubies older than 2.4
+          ->(option, header) { option.match header }
+        end
+      }.call(),
+    }.freeze
+
+    DEFAULT_PARSER = ->(body) { JSON.parse(body, create_additions: false) }
+
+    def initialize(
+      app,
+      verbs: %w[POST PATCH PUT],
+      media: 'application/json',
+      &block
+    )
+      @app = app
+      @verbs, @media = verbs, media
+      @matcher = CONTENT_TYPE_MATCHERS.fetch(@media.class)
+      @parser = block || DEFAULT_PARSER
+    end
+
+    def call(env)
+      if @verbs.include?(env[Rack::REQUEST_METHOD]) &&
+         @matcher.call(@media, env['CONTENT_TYPE'])
+
+        update_form_hash_with_json_body(env)
+      end
+      @app.call(env)
+    rescue JSON::ParserError
+      body = { error: 'Failed to parse body as JSON' }.to_json
+      header = { 'Content-Type' => 'application/json' }
+      Rack::Response.new(body, 400, header).finish
+    end
+
+    private
+
+    def update_form_hash_with_json_body(env)
+      body = env[Rack::RACK_INPUT]
+      return unless (body_content = body.read) && !body_content.empty?
+
+      body.rewind # somebody might try to read this stream
+      env.update(
+        Rack::RACK_REQUEST_FORM_HASH => @parser.call(body_content),
+        Rack::RACK_REQUEST_FORM_INPUT => body
+      )
+    end
+  end
+end

data/lib/rack/contrib/jsonp.rb

@@ -106,7 +106,7 @@ module Rack
     end
 
     def bad_request(body = "Bad Request")
-      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.size.to_s }, [body] ]
+      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.bytesize.to_s }, [body] ]
     end
 
   end

data/lib/rack/contrib/locale.rb

@@ -7,43 +7,75 @@ module Rack
     end
 
     def call(env)
-      old_locale = I18n.locale
-
-      begin
-        locale = accept_locale(env) || I18n.default_locale
-        locale = env['rack.locale'] = I18n.locale = locale.to_s
-        status, headers, body = @app.call(env)
-        headers['Content-Language'] = locale unless headers['Content-Language']
-        [status, headers, body]
-      ensure
-        I18n.locale = old_locale
+      locale_to_restore = I18n.locale
+
+      locale = user_preferred_locale(env["HTTP_ACCEPT_LANGUAGE"])
+      locale ||= I18n.default_locale
+
+      env['rack.locale'] = I18n.locale = locale.to_s
+      status, headers, body = @app.call(env)
+
+      unless headers['Content-Language']
+        headers['Content-Language'] = locale.to_s
       end
+
+      [status, headers, body]
+    ensure
+      I18n.locale = locale_to_restore
     end
 
     private
 
-    # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.4
-    def accept_locale(env)
-      accept_langs = env["HTTP_ACCEPT_LANGUAGE"]
-      return if accept_langs.nil?
-
-      languages_and_qvalues = accept_langs.split(",").map { |l|
-        l += ';q=1.0' unless l =~ /;q=\d+(?:\.\d+)?$/
-        l.split(';q=')
-      }
-
-      language_and_qvalue = languages_and_qvalues.sort_by { |(locale, qvalue)|
-        qvalue.to_f
-      }.reverse.detect { |(locale, qvalue)|
-        if I18n.enforce_available_locales
-          locale == '*' || I18n.available_locales.include?(locale.to_sym)
-        else
-          true
+    # Accept-Language header is covered mainly by RFC 7231
+    # https://tools.ietf.org/html/rfc7231
+    #
+    # Related sections:
+    #
+    # * https://tools.ietf.org/html/rfc7231#section-5.3.1
+    # * https://tools.ietf.org/html/rfc7231#section-5.3.5
+    # * https://tools.ietf.org/html/rfc4647#section-3.4
+    #
+    # There is an obsolete RFC 2616 (https://tools.ietf.org/html/rfc2616)
+    #
+    # Edge cases:
+    #
+    # * Value can be a comma separated list with optional whitespaces:
+    #   Accept-Language: da, en-gb;q=0.8, en;q=0.7
+    #
+    # * Quality value can contain optional whitespaces as well:
+    #   Accept-Language: ru-UA, ru; q=0.8, uk; q=0.6, en-US; q=0.4, en; q=0.2
+    #
+    # * Quality prefix 'q=' can be in upper case (Q=)
+    #
+    # * Ignore case when match locale with I18n available locales
+    #
+    def user_preferred_locale(header)
+      return if header.nil?
+
+      locales = header.gsub(/\s+/, '').split(",").map do |language_tag|
+        locale, quality = language_tag.split(/;q=/i)
+        quality = quality ? quality.to_f : 1.0
+        [locale, quality]
+      end.reject do |(locale, quality)|
+        locale == '*' || quality == 0
+      end.sort_by do |(_, quality)|
+        quality
+      end.map(&:first)
+
+      return if locales.empty?
+
+      if I18n.enforce_available_locales
+        locale = locales.reverse.find { |locale| I18n.available_locales.any? { |al| match?(al, locale) } }
+        if locale
+          I18n.available_locales.find { |al| match?(al, locale) }
         end
-      }
+      else
+        locales.last
+      end
+    end
 
-      lang = language_and_qvalue && language_and_qvalue.first
-      lang == '*' ? nil : lang
+    def match?(s1, s2)
+      s1.to_s.casecmp(s2.to_s) == 0
     end
   end
 end

data/lib/rack/contrib/post_body_content_type_parser.rb

@@ -6,10 +6,51 @@ end
 
 module Rack
 
+  # <b>DEPRECATED:</b> <tt>JSONBodyParser</tt> is a drop-in replacement that is faster and more configurable.
+  #
   # A Rack middleware for parsing POST/PUT body data when Content-Type is
   # not one of the standard supported types, like <tt>application/json</tt>.
   #
-  # TODO: Find a better name.
+  # === How to use the middleware
+  #
+  # Example of simple +config.ru+ file:
+  #
+  #  require 'rack'
+  #  require 'rack/contrib'
+  #
+  #  use ::Rack::PostBodyContentTypeParser
+  #
+  #  app = lambda do |env|
+  #    request = Rack::Request.new(env)
+  #    body = "Hello #{request.params['name']}"
+  #    [200, {'Content-Type' => 'text/plain'}, [body]]
+  #  end
+  #
+  #  run app
+  #
+  # Example with passing block argument:
+  #
+  #   use ::Rack::PostBodyContentTypeParser do |body|
+  #     { 'params' => JSON.parse(body) }
+  #   end
+  #
+  # Example with passing proc argument:
+  #
+  #   parser = ->(body) { { 'params' => JSON.parse(body) } }
+  #   use ::Rack::PostBodyContentTypeParser, &parser
+  #
+  #
+  # === Failed JSON parsing
+  #
+  # Returns "400 Bad request" response if invalid JSON document was sent:
+  #
+  # Raw HTTP response:
+  #
+  #   HTTP/1.1 400 Bad Request
+  #   Content-Type: text/plain
+  #   Content-Length: 28
+  #
+  #   failed to parse body as JSON
   #
   class PostBodyContentTypeParser
 
@@ -25,6 +66,7 @@ module Rack
     APPLICATION_JSON = 'application/json'.freeze
 
     def initialize(app, &block)
+      warn "[DEPRECATION] `PostBodyContentTypeParser` is deprecated. Use `JSONBodyParser` as a drop-in replacement."
       @app = app
       @block = block || Proc.new { |body| JSON.parse(body, :create_additions => false) }
     end
@@ -40,7 +82,7 @@ module Rack
     end
 
     def bad_request(body = 'Bad Request')
-      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.size.to_s }, [body] ]
+      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.bytesize.to_s }, [body] ]
     end
   end
 end

data/lib/rack/contrib/response_cache.rb

@@ -3,9 +3,12 @@ require 'rack'
 
 # Rack::ResponseCache is a Rack middleware that caches responses for successful
 # GET requests with no query string to disk or any ruby object that has an
-# []= method (so it works with memcached).  When caching to disk, it works similar to
-# Rails' page caching, allowing you to cache dynamic pages to static files that can
-# be served directly by a front end webserver.
+# []= method (so it works with memcached). As with Rails' page caching, this
+# middleware only writes to the cache -- it never reads. The logic of whether a
+# cached response should be served is left either to your web server, via
+# something like the <tt>try_files</tt> directive in nginx, or to your
+# cache-reading middleware of choice, mounted before Rack::ResponseCache in the
+# stack.
 class Rack::ResponseCache
   # The default proc used if a block is not provided to .new
   # It unescapes the PATH_INFO of the environment, and makes sure that it doesn't
@@ -15,7 +18,14 @@ class Rack::ResponseCache
   # of the path to index.html.
   DEFAULT_PATH_PROC = proc do |env, res|
     path = Rack::Utils.unescape(env['PATH_INFO'])
-    if !path.include?('..') and match = /text\/((?:x|ht)ml|css)/o.match(res[1]['Content-Type'])
+    headers = res[1]
+    # Content-Type is almost always at headers['Content-Type'], but to fully
+    # comply with HTTP RFC 7230, we fall back to a case-insensitive lookup
+    content_type = headers.fetch('Content-Type') do |titlecase_key|
+      _, val = headers.find { |key, _| key.casecmp(titlecase_key) == 0 }
+      val
+    end
+    if !path.include?('..') and match = /text\/((?:x|ht)ml|css)/o.match(content_type)
       type = match[1]
       path = "#{path}.#{type}" unless /\.#{type}\z/.match(path)
       path = File.join(File.dirname(path), 'index.html') if type == 'html' and File.basename(path) == '.html'

data/lib/rack/contrib/static_cache.rb

@@ -1,3 +1,5 @@
+require 'time'
+
 module Rack
 
   #
@@ -68,7 +70,6 @@ module Rack
         @version_regex = options.fetch(:version_regex, /-[\d.]+([.][a-zA-Z][\w]+)?$/)
       end
       @duration_in_seconds = self.duration_in_seconds
-      @duration_in_words    = self.duration_in_words
     end
 
     def call(env)
@@ -83,14 +84,15 @@ module Rack
         status, headers, body = @file_server.call(env)
         if @no_cache[url].nil?
           headers['Cache-Control'] ="max-age=#{@duration_in_seconds}, public"
-          headers['Expires'] = @duration_in_words
+          headers['Expires'] = duration_in_words
         end
+        headers['Date'] = Time.now.httpdate
         [status, headers, body]
       end
     end
 
     def duration_in_words
-      (Time.now + self.duration_in_seconds).strftime '%a, %d %b %Y %H:%M:%S GMT'
+      (Time.now.utc + self.duration_in_seconds).httpdate
     end
 
     def duration_in_seconds

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-contrib
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.0
 platform: ruby
 authors:
 - rack-devel
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-04 00:00:00.000000000 Z
+date: 2020-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -28,16 +28,22 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: git-version-bump
   requirement: !ruby/object:Gem::Requirement
@@ -224,6 +230,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.17'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
 description: Contributed Rack Middleware and Utilities
 email: rack-devel@googlegroups.com
 executables: []
@@ -250,6 +270,7 @@ files:
 - lib/rack/contrib/expectation_cascade.rb
 - lib/rack/contrib/garbagecollector.rb
 - lib/rack/contrib/host_meta.rb
+- lib/rack/contrib/json_body_parser.rb
 - lib/rack/contrib/jsonp.rb
 - lib/rack/contrib/lazy_conditional_get.rb
 - lib/rack/contrib/lighttpd_script_name_fix.rb
@@ -296,8 +317,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.7
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 2
 summary: Contributed Rack Middleware and Utilities