rack-contrib 2.2.0 → 2.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ca58db2b7968ad4691e8bec79eea2088dabc3da5d309358f7df76d668324d824
-  data.tar.gz: 51816bb6b59a598fea16eb100cc783b3c0ff58eb37aa3585bb8d65141f2aae4f
+  metadata.gz: '0328244bd18e70963a841937904e3bf27eebfef5de80a4d3e1e09328e4c93ff8'
+  data.tar.gz: 2ab61dc5347ad251d9654e3b94f705358081b8dd932b62a07cc95f42d611c3b3
 SHA512:
-  metadata.gz: 7442b5ad170ae2946f017d8ccd007d02455b7939fe42239378505b61983cd9a1f090549e87b07e08323a7cf99d04f026e8df0f326e34be166508187cca3735e7
-  data.tar.gz: 99985100672c65c9ee559a37281f5dddea4fcdc8481ddffd75c2f6e697197a1070339c5b70733d736f8ba33078d5f699f00097cd6ec96266c8f07edb008b727b
+  metadata.gz: 6a877560e6bfb9df7779a324fcbd803294fe9939563cd1360f27a93f377f567d35bb3ca28e9935e5f7d5babbb221082ba13abb4edf1819cc9e204f229840f41f
+  data.tar.gz: f657d4a1f6846c3e426dea6f5ef3dcb62369c23ae36f4eaa1abe689b6210327fa78aa102058399397f1e1731d60f2070915479578026fa78c8e98470f1b5f843

data/README.md

@@ -8,7 +8,6 @@ interface:
 * `Rack::BounceFavicon` - Returns a 404 for requests to `/favicon.ico`
 * `Rack::CSSHTTPRequest` - Adds CSSHTTPRequest support by encoding responses as CSS for cross-site AJAX-style data loading
 * `Rack::Callbacks` - Implements DSL for pure before/after filter like Middlewares.
-* `Rack::Config` - Shared configuration for cooperative middleware.
 * `Rack::Cookies` - Adds simple cookie jar hash to env
 * `Rack::Deflect` - Helps protect against DoS attacks.
 * `Rack::Evil` - Lets the rack application return a response to the client from any place.

data/lib/rack/contrib/access.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "ipaddr"
 
 module Rack
@@ -38,7 +40,7 @@ module Rack
           raise ArgumentError, "paths need to start with /"
         end
         location = location.chomp('/')
-        match = Regexp.new("^#{Regexp.quote(location).gsub('/', '/+')}(.*)", nil, 'n')
+        match = Regexp.new("^#{Regexp.quote(location).gsub('/', '/+')}(.*)", Regexp::NOENCODING)
 
         ipmasks.collect! do |ipmask|
           ipmask.is_a?(IPAddr) ? ipmask : IPAddr.new(ipmask)
@@ -48,9 +50,9 @@ module Rack
     end
 
     def call(env)
-      @original_request = Request.new(env)
+      request = Request.new(env)
       ipmasks = ipmasks_for_path(env)
-      return forbidden! unless ip_authorized?(ipmasks)
+      return forbidden! unless ip_authorized?(request, ipmasks)
       status, headers, body = @app.call(env)
       [status, headers, body]
     end
@@ -70,14 +72,14 @@ module Rack
     end
 
     def forbidden!
-      [403, { 'Content-Type' => 'text/html', 'Content-Length' => '0' }, []]
+      [403, { 'content-type' => 'text/html', 'content-length' => '0' }, []]
     end
 
-    def ip_authorized?(ipmasks)
+    def ip_authorized?(request, ipmasks)
       return true if ipmasks.nil?
 
       ipmasks.any? do |ip_mask|
-        ip_mask.include?(IPAddr.new(@original_request.ip))
+        ip_mask.include?(IPAddr.new(request.ip))
       end
     end
 

data/lib/rack/contrib/backstage.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   class Backstage
     File = ::File
@@ -8,10 +10,10 @@ module Rack
     end
 
     def call(env)
-      if File.exists?(@file)
+      if File.exist?(@file)
         content = File.read(@file)
-        length = "".respond_to?(:bytesize) ? content.bytesize.to_s : content.size.to_s
-        [503, {'Content-Type' => 'text/html', 'Content-Length' => length}, [content]]
+        length = content.bytesize.to_s
+        [503, {'content-type' => 'text/html', 'content-length' => length}, [content]]
       else
         @app.call(env)
       end

data/lib/rack/contrib/bounce_favicon.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   # Bounce those annoying favicon.ico requests
   class BounceFavicon
@@ -7,7 +9,7 @@ module Rack
 
     def call(env)
       if env["PATH_INFO"] == "/favicon.ico"
-        [404, {"Content-Type" => "text/html", "Content-Length" => "0"}, []]
+        [404, {"content-type" => "text/html", "content-length" => "0"}, []]
       else
         @app.call(env)
       end

data/lib/rack/contrib/callbacks.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   class Callbacks
     def initialize(&block)

data/lib/rack/contrib/common_cookies.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   # Rack middleware to use common cookies across domain and subdomains.
   class CommonCookies
@@ -5,26 +7,32 @@ module Rack
     LOCALHOST_OR_IP_REGEXP = /^([\d.]+|localhost)$/
     PORT = /:\d+$/
 
+    HEADERS_KLASS = Rack.release < "3" ? Utils::HeaderHash : Headers
+    private_constant :HEADERS_KLASS
+
     def initialize(app)
       @app = app
     end
 
     def call(env)
-      @app.call(env).tap do |(status, headers, response)|
-        @host = env['HTTP_HOST'].sub PORT, ''
-        share_cookie headers
-      end
+      status, headers, body = @app.call(env)
+      headers = HEADERS_KLASS.new.merge(headers)
+
+      host = env['HTTP_HOST'].sub PORT, ''
+      share_cookie(headers, host)
+
+      [status, headers, body]
     end
 
     private
 
-    def domain
-      @host =~ DOMAIN_REGEXP
+    def domain(host)
+      host =~ DOMAIN_REGEXP
       ".#{$1}.#{$2}"
     end
 
-    def share_cookie(headers)
-      headers['Set-Cookie'] &&= common_cookie(headers) if @host !~ LOCALHOST_OR_IP_REGEXP
+    def share_cookie(headers, host)
+      headers['Set-Cookie'] &&= common_cookie(headers, host) if host !~ LOCALHOST_OR_IP_REGEXP
     end
 
     def cookie(headers)
@@ -32,8 +40,8 @@ module Rack
       cookies.is_a?(Array) ? cookies.join("\n") : cookies
     end
 
-    def common_cookie(headers)
-      cookie(headers).gsub(/; domain=[^;]*/, '').gsub(/$/, "; domain=#{domain}")
+    def common_cookie(headers, host)
+      cookie(headers).gsub(/; domain=[^;]*/, '').gsub(/$/, "; domain=#{domain(host)}")
     end
   end
-end
+end

data/lib/rack/contrib/config.rb

@@ -1,16 +1,4 @@
-module Rack
+# frozen_string_literal: true
 
-  # Rack::Config modifies the environment using the block given during
-  # initialization.
-  class Config
-    def initialize(app, &block)
-      @app = app
-      @block = block
-    end
-
-    def call(env)
-      @block.call(env)
-      @app.call(env)
-    end
-  end
-end
+require 'rack'
+require 'rack/config'

data/lib/rack/contrib/cookies.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   class Cookies
     class CookieJar < Hash

data/lib/rack/contrib/csshttprequest.rb

@@ -1,9 +1,13 @@
+# frozen_string_literal: true
+
 require 'csshttprequest'
 
 module Rack
 
   # A Rack middleware for providing CSSHTTPRequest responses.
   class CSSHTTPRequest
+    HEADERS_KLASS = Rack.release < "3" ? Utils::HeaderHash : Headers
+    private_constant :HEADERS_KLASS
 
     def initialize(app)
       @app = app
@@ -13,9 +17,12 @@ module Rack
     # the CSSHTTPRequest encoder
     def call(env)
       status, headers, response = @app.call(env)
+      headers = HEADERS_KLASS.new.merge(headers)
+
       if chr_request?(env)
-        response = encode(response)
-        modify_headers!(headers, response)
+        encoded_response = encode(response)
+        modify_headers!(headers, encoded_response)
+        response = [encoded_response]
       end
       [status, headers, response]
     end
@@ -25,9 +32,8 @@ module Rack
         !(/\.chr$/.match(env['PATH_INFO'])).nil? || Rack::Request.new(env).params['_format'] == 'chr'
     end
 
-    def encode(response, assembled_body="")
-      response.each { |s| assembled_body << s.to_s } # call down the stack
-      return ::CSSHTTPRequest.encode(assembled_body)
+    def encode(body)
+      ::CSSHTTPRequest.encode(body.to_enum.to_a.join)
     end
 
     def modify_headers!(headers, encoded_response)

data/lib/rack/contrib/deflect.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'thread'
 
 # TODO: optional stats
@@ -63,14 +65,14 @@ module Rack
     end
 
     def deflect!
-      [403, { 'Content-Type' => 'text/html', 'Content-Length' => '0' }, []]
+      [403, { 'content-type' => 'text/html', 'content-length' => '0' }, []]
     end
 
     def deflect? env
-      @remote_addr = env['REMOTE_ADDR']
-      return false if options[:whitelist].include? @remote_addr
-      return true  if options[:blacklist].include? @remote_addr
-      sync { watch }
+      remote_addr = env['REMOTE_ADDR']
+      return false if options[:whitelist].include? remote_addr
+      return true  if options[:blacklist].include? remote_addr
+      sync { watch(remote_addr) }
     end
 
     def log message
@@ -82,55 +84,55 @@ module Rack
       @mutex.synchronize(&block)
     end
 
-    def map
-      @remote_addr_map[@remote_addr] ||= {
+    def map(remote_addr)
+      @remote_addr_map[remote_addr] ||= {
         :expires => Time.now + options[:interval],
         :requests => 0
       }
     end
 
-    def watch
-      increment_requests
-      clear! if watch_expired? and not blocked?
-      clear! if blocked? and block_expired?
-      block! if watching? and exceeded_request_threshold?
-      blocked?
+    def watch(remote_addr)
+      increment_requests(remote_addr)
+      clear!(remote_addr) if watch_expired?(remote_addr) and not blocked?(remote_addr)
+      clear!(remote_addr) if blocked?(remote_addr) and block_expired?(remote_addr)
+      block!(remote_addr) if watching?(remote_addr) and exceeded_request_threshold?(remote_addr)
+      blocked?(remote_addr)
     end
 
-    def block!
-      return if blocked?
-      log "blocked #{@remote_addr}"
-      map[:block_expires] = Time.now + options[:block_duration]
+    def block!(remote_addr)
+      return if blocked?(remote_addr)
+      log "blocked #{remote_addr}"
+      map(remote_addr)[:block_expires] = Time.now + options[:block_duration]
     end
 
-    def blocked?
-      map.has_key? :block_expires
+    def blocked?(remote_addr)
+      map(remote_addr).has_key? :block_expires
     end
 
-    def block_expired?
-      map[:block_expires] < Time.now rescue false
+    def block_expired?(remote_addr)
+      map(remote_addr)[:block_expires] < Time.now rescue false
     end
 
-    def watching?
-      @remote_addr_map.has_key? @remote_addr
+    def watching?(remote_addr)
+      @remote_addr_map.has_key? remote_addr
     end
 
-    def clear!
-      return unless watching?
-      log "released #{@remote_addr}" if blocked?
-      @remote_addr_map.delete @remote_addr
+    def clear!(remote_addr)
+      return unless watching?(remote_addr)
+      log "released #{remote_addr}" if blocked?(remote_addr)
+      @remote_addr_map.delete remote_addr
     end
 
-    def increment_requests
-      map[:requests] += 1
+    def increment_requests(remote_addr)
+      map(remote_addr)[:requests] += 1
     end
 
-    def exceeded_request_threshold?
-      map[:requests] > options[:request_threshold]
+    def exceeded_request_threshold?(remote_addr)
+      map(remote_addr)[:requests] > options[:request_threshold]
     end
 
-    def watch_expired?
-      map[:expires] <= Time.now
+    def watch_expired?(remote_addr)
+      map(remote_addr)[:expires] <= Time.now
     end
 
   end

data/lib/rack/contrib/enforce_valid_encoding.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   # Ensure that the path and query string presented to the application
   # contains only valid characters.  If the validation fails, then a
@@ -16,7 +18,7 @@ module Rack
          Rack::Utils.unescape(full_path).valid_encoding?
         @app.call env
       else
-        [400, {'Content-Type'=>'text/plain'}, ['Bad Request']]
+        [400, {'content-type'=>'text/plain'}, ['Bad Request']]
       end
     end
   end

data/lib/rack/contrib/evil.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   class Evil
     # Lets you return a response to the client immediately from anywhere ( M V or C ) in the code.

data/lib/rack/contrib/expectation_cascade.rb

@@ -1,10 +1,12 @@
+# frozen_string_literal: true
+
 module Rack
   class ExpectationCascade
-    Expect = "Expect".freeze
+    Expect = "HTTP_EXPECT".freeze
     ContinueExpectation = "100-continue".freeze
 
-    ExpectationFailed = [417, {"Content-Type" => "text/html"}, []].freeze
-    NotFound = [404, {"Content-Type" => "text/html"}, []].freeze
+    ExpectationFailed = [417, {"content-type" => "text/html"}, []]
+    NotFound = [404, {"content-type" => "text/html"}, []]
 
     attr_reader :apps
 

data/lib/rack/contrib/garbagecollector.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   # Forces garbage collection after each request.
   class GarbageCollector

data/lib/rack/contrib/host_meta.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
 
   # Rack middleware implementing the IETF draft: "Host Metadata for the Web"
@@ -28,7 +30,7 @@ module Rack
 
     def call(env)
       if env['PATH_INFO'] == '/host-meta'
-        [200, {'Content-Type' => 'application/host-meta'}, [@response]]
+        [200, {'content-type' => 'application/host-meta'}, [@response]]
       else
         @app.call(env)
       end

data/lib/rack/contrib/json_body_parser.rb

@@ -14,10 +14,10 @@ module Rack
   # === Parse POST and GET requests only
   #   use Rack::JSONBodyParser, verbs: ['POST', 'GET']
   #
-  # === Parse POST|PATCH|PUT requests whose Content-Type matches 'json'
+  # === Parse POST|PATCH|PUT requests whose content-type matches 'json'
   #   use Rack::JSONBodyParser, media: /json/
   #
-  # === Parse POST requests whose Content-Type is 'application/json' or 'application/vnd+json'
+  # === Parse POST requests whose content-type is 'application/json' or 'application/vnd+json'
   #   use Rack::JSONBodyParser, verbs: ['POST'], media: ['application/json', 'application/vnd.api+json']
   #
   class JSONBodyParser
@@ -55,27 +55,38 @@ module Rack
     end
 
     def call(env)
-      if @verbs.include?(env[Rack::REQUEST_METHOD]) &&
-         @matcher.call(@media, env['CONTENT_TYPE'])
+      begin
+        if @verbs.include?(env[Rack::REQUEST_METHOD]) &&
+           @matcher.call(@media, env['CONTENT_TYPE'])
 
-        update_form_hash_with_json_body(env)
+          update_form_hash_with_json_body(env)
+        end
+      rescue ParserError
+        body = { error: 'Failed to parse body as JSON' }.to_json
+        header = { 'content-type' => 'application/json' }
+        return Rack::Response.new(body, 400, header).finish
       end
       @app.call(env)
-    rescue JSON::ParserError
-      body = { error: 'Failed to parse body as JSON' }.to_json
-      header = { 'Content-Type' => 'application/json' }
-      Rack::Response.new(body, 400, header).finish
     end
 
     private
 
+    class ParserError < StandardError; end
+
     def update_form_hash_with_json_body(env)
       body = env[Rack::RACK_INPUT]
       return unless (body_content = body.read) && !body_content.empty?
 
-      body.rewind # somebody might try to read this stream
+      body.rewind if body.respond_to?(:rewind) # somebody might try to read this stream
+
+      begin
+        parsed_body = @parser.call(body_content)
+      rescue StandardError
+        raise ParserError
+      end
+
       env.update(
-        Rack::RACK_REQUEST_FORM_HASH => @parser.call(body_content),
+        Rack::RACK_REQUEST_FORM_HASH => parsed_body,
         Rack::RACK_REQUEST_FORM_INPUT => body
       )
     end

data/lib/rack/contrib/jsonp.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
 
   # A Rack middleware for providing JSON-P support.
@@ -21,6 +23,9 @@ module Rack
     # "\342\200\251" # => "\u2029"
     U2028, U2029 = ("\u2028" == 'u2028') ? ["\342\200\250", "\342\200\251"] : ["\u2028", "\u2029"]
 
+    HEADERS_KLASS = Rack.release < "3" ? Utils::HeaderHash : Headers
+    private_constant :HEADERS_KLASS
+
     def initialize(app)
       @app = app
     end
@@ -40,7 +45,7 @@ module Rack
         return status, headers, response
       end
 
-      headers = HeaderHash.new(headers)
+      headers = HEADERS_KLASS.new.merge(headers)
 
       if is_json?(headers) && has_callback?(request)
         callback = request.params['callback']
@@ -53,7 +58,7 @@ module Rack
 
         # Set new Content-Length, if it was set before we mutated the response body
         if headers['Content-Length']
-          length = response.to_ary.inject(0) { |len, part| len + part.bytesize }
+          length = response.map(&:bytesize).reduce(0, :+)
           headers['Content-Length'] = length.to_s
         end
       end
@@ -87,8 +92,8 @@ module Rack
     # method of combining all of the data into a single string makes sense
     # since JSON is returned as a full string.
     #
-    def pad(callback, response, body = "")
-      response.each do |s|
+    def pad(callback, response)
+      body = response.to_enum.map do |s|
         # U+2028 and U+2029 are allowed inside strings in JSON (as all literal
         # Unicode characters) but JavaScript defines them as newline
         # seperators. Because no literal newlines are allowed in a string, this
@@ -96,8 +101,8 @@ module Rack
         # replacing them with the escaped version. This should be safe because
         # according to the JSON spec, these characters are *only* valid inside
         # a string and should therefore not be present any other places.
-        body << s.to_s.gsub(U2028, '\u2028').gsub(U2029, '\u2029')
-      end
+        s.gsub(U2028, '\u2028').gsub(U2029, '\u2029')
+      end.join
 
       # https://github.com/rack/rack-contrib/issues/46
       response.close if response.respond_to?(:close)
@@ -106,7 +111,7 @@ module Rack
     end
 
     def bad_request(body = "Bad Request")
-      [ 400, { 'Content-Type' => 'text/plain', 'Content-Length' => body.bytesize.to_s }, [body] ]
+      [ 400, { 'content-type' => 'text/plain', 'content-length' => body.bytesize.to_s }, [body] ]
     end
 
   end

data/lib/rack/contrib/lazy_conditional_get.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
 
   ##
@@ -43,6 +45,10 @@ module Rack
   # know for sure that it does not modify the cached content, you can set the
   # `Rack-Lazy-Conditional-Get` on response to `skip`. This will not update the
   # global modification date.
+  #
+  # NOTE: This will not work properly in a multi-threaded environment with
+  # default cache object. A provided cache object should ensure thread-safety
+  # of the `get`/`set`/`[]`/`[]=` methods.
 
   class LazyConditionalGet
 
@@ -68,11 +74,14 @@ module Rack
 
     def call env
       if reading? env and fresh? env
-        return [304, {'Last-Modified' => env['HTTP_IF_MODIFIED_SINCE']}, []]
+        return [304, {'last-modified' => env['HTTP_IF_MODIFIED_SINCE']}, []]
       end
+
       status, headers, body = @app.call env
+      headers = Rack.release < "3" ? Utils::HeaderHash.new(headers) : headers
+
       update_cache unless (reading?(env) or skipping?(headers))
-      headers['Last-Modified'] = cached_value if stampable? headers
+      headers['last-modified'] = cached_value if stampable? headers
       [status, headers, body]
     end
 
@@ -87,11 +96,11 @@ module Rack
     end
 
     def skipping? headers
-      headers['Rack-Lazy-Conditional-Get'] == 'skip'
+      headers['rack-lazy-conditional-get'] == 'skip'
     end
 
     def stampable? headers
-      !headers.has_key?('Last-Modified') and headers['Rack-Lazy-Conditional-Get'] == 'yes'
+      !headers.has_key?('last-modified') and headers['rack-lazy-conditional-get'] == 'yes'
     end
 
     def update_cache

data/lib/rack/contrib/lighttpd_script_name_fix.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   # Lighttpd sets the wrong SCRIPT_NAME and PATH_INFO if you mount your
   # FastCGI app at "/". This middleware fixes this issue.

data/lib/rack/contrib/locale.rb

@@ -1,7 +1,12 @@
+# frozen_string_literal: true
+
 require 'i18n'
 
 module Rack
   class Locale
+    HEADERS_KLASS = Rack.release < "3" ? Utils::HeaderHash : Headers
+    private_constant :HEADERS_KLASS
+
     def initialize(app)
       @app = app
     end
@@ -14,6 +19,7 @@ module Rack
 
       env['rack.locale'] = I18n.locale = locale.to_s
       status, headers, body = @app.call(env)
+      headers = HEADERS_KLASS.new.merge(headers)
 
       unless headers['Content-Language']
         headers['Content-Language'] = locale.to_s

data/lib/rack/contrib/mailexceptions.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'net/smtp'
 require 'mail'
 require 'erb'

data/lib/rack/contrib/nested_params.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rack/utils'
 
 module Rack
@@ -24,7 +26,7 @@ module Rack
         post_body = env[POST_BODY]
         env[FORM_INPUT] = post_body
         env[FORM_HASH] = Rack::Utils.parse_nested_query(post_body.read)
-        post_body.rewind if post_body.respond_to?(:rewind)
+        post_body.rewind
       end
       @app.call(env)
     end

data/lib/rack/contrib/not_found.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
   # Rack::NotFound is a default endpoint. Optionally initialize with the
   # path to a custom 404 page, to override the standard response body.
@@ -25,7 +27,7 @@ module Rack
     end
 
     def call(env)
-      [404, {'Content-Type' => @content_type, 'Content-Length' => @length}, [@content]]
+      [404, {'content-type' => @content_type, 'content-length' => @length}, [@content]]
     end
   end
 end