rack-cors 1.0.6 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/lib/rack/cors.rb +12 -2
- data/lib/rack/cors/version.rb +1 -1
- data/rack-cors.gemspec +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fd2274b31c1fff80172aeae55b715d3adcc39c32665cf3fa85707fcedc2e7d02
|
4
|
+
data.tar.gz: 87790b6bbd36a084ea24af33694650c3a38ded6d85d43321edeee3f53b23c8c5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 74899fd0bca2abc5498ea3172f9b7909f1d45f1c1f029c23e48f868533d7a71827574c307bc48a74c66e17a3046d387d48cf07a7de868e4dcf2ce057f894b2ec
|
7
|
+
data.tar.gz: 918f644a445522eb52dd065252e1fee13917225f40f44e1cfbe40a73864d60ca993db08228edb78bda5b920b84c371e417dc3965752fbda43bb7eb5e67553fa3
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,13 @@
|
|
1
1
|
# Change Log
|
2
2
|
All notable changes to this project will be documented in this file.
|
3
3
|
|
4
|
+
## 1.1.0 - 2019-11-19
|
5
|
+
### Changed
|
6
|
+
- Use Rack::Utils.escape_path instead of Rack::Utils.escape
|
7
|
+
- Require Rack 2.0 for escape_path method
|
8
|
+
- Don't try to clean path if invalid.
|
9
|
+
- Return 400 (Bad Request) on preflights with invalid path
|
10
|
+
|
4
11
|
## 1.0.6 - 2019-11-14
|
5
12
|
### Changed
|
6
13
|
- Use Rack::Utils.escape to make compat with Rack 1.6.0
|
data/lib/rack/cors.rb
CHANGED
@@ -76,7 +76,9 @@ module Rack
|
|
76
76
|
" Access-Control-Request-Headers: #{env[HTTP_ACCESS_CONTROL_REQUEST_HEADERS]}"
|
77
77
|
].join("\n")
|
78
78
|
end
|
79
|
-
|
79
|
+
|
80
|
+
if env[REQUEST_METHOD] == OPTIONS && env[HTTP_ACCESS_CONTROL_REQUEST_METHOD]
|
81
|
+
return [400, {}, []] unless Rack::Utils.valid_path?(path)
|
80
82
|
headers = process_preflight(env, path)
|
81
83
|
debug(env) do
|
82
84
|
"Preflight Headers:\n" +
|
@@ -152,7 +154,15 @@ module Rack
|
|
152
154
|
|
153
155
|
def evaluate_path(env)
|
154
156
|
path = env[PATH_INFO]
|
155
|
-
|
157
|
+
|
158
|
+
if path
|
159
|
+
path = Rack::Utils.unescape_path(path)
|
160
|
+
|
161
|
+
if Rack::Utils.valid_path?(path)
|
162
|
+
path = Rack::Utils.clean_path_info(path)
|
163
|
+
end
|
164
|
+
end
|
165
|
+
|
156
166
|
path
|
157
167
|
end
|
158
168
|
|
data/lib/rack/cors/version.rb
CHANGED
data/rack-cors.gemspec
CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
19
|
spec.require_paths = ["lib"]
|
20
20
|
|
21
|
-
spec.add_dependency "rack", ">=
|
21
|
+
spec.add_dependency "rack", ">= 2.0.0"
|
22
22
|
spec.add_development_dependency "bundler", ">= 1.16.0", '< 3'
|
23
23
|
spec.add_development_dependency "rake", "~> 12.3.0"
|
24
24
|
spec.add_development_dependency "minitest", "~> 5.11.0"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-cors
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Calvin Yu
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-11-
|
11
|
+
date: 2019-11-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
19
|
+
version: 2.0.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
26
|
+
version: 2.0.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: bundler
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|