rack-steady_etag 0.2.2 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8caa8d352b72433a6659f50b6c9216cf03b265b19016134fa259719d24c46b4e
-  data.tar.gz: 74f01fc86755933b87361615bd6cb62568e44bfa404565261c0c180dcd5b399c
+  metadata.gz: 7d2e8f19f09cac1377380b52aaac1c09e39bb565af7976863cab2c0f6ec303fe
+  data.tar.gz: 84aeee379982cce1a96fc25600b60a4b4bd01ab4a3699792ce821a57bf70ca31
 SHA512:
-  metadata.gz: 3cbd8de00297924f758d0c32151d17991fe8e235d943969544cdad632f50cca43eba12ef133c1a7690d91def4d8f997ab48535417457f62c8cb9d36a07a7e9d9
-  data.tar.gz: c2df595d03a3e3f46b2be21f4da14f76460556a0b8e6628959d7156d1a5285c79eb9c1a45415ad343904ed388c4645320ddc94a2422184727798d4b432eecd2e
+  metadata.gz: 0d16e5141ab9794dcf6cf751ac150aaec48e058fd9acce6ae4ea11011ac3d79a9a65ff0d07abfbe8d9df797f6677cf2688613094975a67a78fe726b86c9a66b1
+  data.tar.gz: 508c64a1acc11988a64d498d05c26d707e6eee0626d0d656bc05823e8c63c30775056325874f1bff4c87b1335a44c054e05f40db8e7aa3abd7e258663abc3d30

data/CHANGELOG.md

@@ -5,6 +5,19 @@ This project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html
 
 ## Unreleased
 
+## 0.3.1 - 2022-07-19
+
+- Fix a bug where we would not strip HTML responses with an embedded charset (e.g. `text/html; charset=utf-8`).
+
+## 0.3.0 - 2022-05-13
+
+- Support for old Rack 1.4.7 (last version supported by Rails 3.2)
+- No longer depends on activesupport.
+
+## 0.2.3 - 2022-05-12
+
+- Don't depend on `byebug` being in the user bundle.
+
 ## 0.2.2 - 2022-05-12
 
 - Don't raise an error when processing binary content.

data/Gemfile

@@ -5,8 +5,7 @@ source "https://rubygems.org"
 # Specify your gem's dependencies in rack-steady-etag.gemspec
 gemspec
 
+gem "rack", "~> 2.0"
 gem "rake", "~> 13.0"
-
 gem "rspec", "~> 3.0"
-
 gem 'byebug'

data/Gemfile.lock

@@ -1,24 +1,14 @@
 PATH
   remote: .
   specs:
-    rack-steady_etag (0.2.2)
-      activesupport (>= 3.2)
-      rack (~> 2.0)
+    rack-steady_etag (0.3.1)
+      rack (>= 1.4.7, < 3)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (7.0.1)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 1.6, < 2)
-      minitest (>= 5.1)
-      tzinfo (~> 2.0)
     byebug (11.1.3)
-    concurrent-ruby (1.1.10)
     diff-lcs (1.4.4)
-    i18n (1.10.0)
-      concurrent-ruby (~> 1.0)
-    minitest (5.15.0)
     rack (2.2.3)
     rake (13.0.6)
     rspec (3.10.0)
@@ -34,14 +24,13 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
     rspec-support (3.10.3)
-    tzinfo (2.0.4)
-      concurrent-ruby (~> 1.0)
 
 PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
   byebug
+  rack (~> 2.0)
   rack-steady_etag!
   rake (~> 13.0)
   rspec (~> 3.0)

data/Gemfile.rack1

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in rack-steady-etag.gemspec
+gemspec
+
+gem "rack", "= 1.4.7"
+gem "rake", "~> 13.0"
+gem "rspec", "~> 3.0"
+gem 'byebug'

data/Gemfile.rack1.lock

@@ -0,0 +1,39 @@
+PATH
+  remote: .
+  specs:
+    rack-steady_etag (0.3.0)
+      rack (>= 1.4.7, < 3)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    byebug (11.1.3)
+    diff-lcs (1.4.4)
+    rack (1.4.7)
+    rake (13.0.6)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-support (3.10.3)
+
+PLATFORMS
+  x86_64-linux
+
+DEPENDENCIES
+  byebug
+  rack (= 1.4.7)
+  rack-steady_etag!
+  rake (~> 13.0)
+  rspec (~> 3.0)
+
+BUNDLED WITH
+   2.2.32

data/README.md

@@ -1,6 +1,6 @@
 # Rack::SteadyETag
 
-`Rack::SteadyTag` is a Rack middleware that generates the same default [`ETag`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag) for responses that only differ in CSRF tokens or CSP nonces.
+`Rack::SteadyETag` is a Rack middleware that generates the same default [`ETag`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag) for responses that only differ in CSRF tokens or CSP nonces.
 
 By default Rails uses [`Rack::ETag`](https://rdoc.info/github/rack/rack/Rack/ETag) to generate `ETag` headers by hashing the response body. In theory this would [enable caching](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match) for multiple requests to the same resource. However, since most Rails application layouts insert randomly rotating CSRF tokens and CSP nonces into the HTML, two requests for the same content and user will never produce the same response bytes. This means `Rack::ETag` will never send the same ETag twice, causing responses to [never hit a cache](https://github.com/rails/rails/issues/29889).
 
@@ -65,10 +65,10 @@ And then execute:
 bundle install
 ```
 
-In your `config/application.rb`:
+Make an initializer `config/initializer/etags.rb`:
 
 ```ruby
-config.middleware.swap Rack::ETag, Rack::SteadyETag, 'no-cache'
+Rails.application.config.middleware.swap Rack::ETag, Rack::SteadyETag, 'no-cache'
 ```
 
 The `'no-cache'` argument is the default `Cache-Control` for responses that cannot be digested. While it may feel surprising that the middleware changes the `Cache-Control` header in such a case, the [Rails default middleware stack](https://github.com/rails/rails/blob/d96609505511a76c618dc3adfa3ca4679317d008/railties/lib/rails/application/default_middleware_stack.rb#L81) configures the same behavior.
@@ -78,6 +78,7 @@ The `'no-cache'` argument is the default `Cache-Control` for responses that cann
 
 - After checking out the repo, run `bin/setup` to install dependencies.
 - Run `bundle exec rspec` to run the tests.
+- Run `BUNDLE_GEMFILE=Gemfile.rack1 bundle exec rspec` to run tests for old Rack 1.
 - You can also run `bin/console` for an interactive prompt that will allow you to experiment.
 - To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 

data/lib/rack/steady_etag/version.rb

@@ -2,6 +2,6 @@
 
 module Rack
   class SteadyEtag
-    VERSION = "0.2.2"
+    VERSION = "0.3.1"
   end
 end

data/lib/rack/steady_etag.rb

@@ -1,7 +1,5 @@
-require 'byebug'
+require "rack"
 require 'digest/sha2'
-require "active_support/all"
-require_relative "steady_etag"
 require_relative "steady_etag/version"
 
 module Rack
@@ -43,8 +41,8 @@ module Rack
 
     def call(env)
       status, headers, body = @app.call(env)
-      headers = Utils::HeaderHash[headers]
-      session = env[RACK_SESSION]
+      headers = case_insensitive_headers(headers)
+      session = env['rack.session']
 
       if etag_status?(status) && etag_body?(body) && !skip_caching?(headers)
         original_body = body
@@ -52,7 +50,7 @@ module Rack
         body = Rack::BodyProxy.new(new_body) do
           original_body.close if original_body.respond_to?(:close)
         end
-        headers[ETAG] = %(W/"#{digest}") if digest
+        headers['ETag'] = %(W/"#{digest}") if digest
       end
 
       # It would make more sense to only set a Cache-Control for responses that we process.
@@ -72,12 +70,25 @@ module Rack
 
     private
 
+    # HTTP headers are case-insensitive.
+    # Wrap hedders into a hash with case-insensitive keys
+    def case_insensitive_headers(headers)
+      case Rack.release[0]
+      when '1'
+        Utils::HeaderHash.new(headers)
+      when '2'
+        Utils::HeaderHash[headers]
+      when '3'
+        raise "HeaderHash will be removed in Rack 3. Probably switch to new Headers."
+      end
+    end
+
     def set_cache_control_with_digest(headers)
-      headers[CACHE_CONTROL] ||= @digest_cache_control if @digest_cache_control
+      headers['Cache-Control'] ||= @digest_cache_control if @digest_cache_control
     end
 
     def set_cache_control_without_digest(headers)
-      headers[CACHE_CONTROL] ||= @no_digest_cache_control if @no_digest_cache_control
+      headers['Cache-Control'] ||= @no_digest_cache_control if @no_digest_cache_control
     end
 
     def etag_status?(status)
@@ -92,14 +103,14 @@ module Rack
     end
 
     def skip_caching?(headers)
-      headers.key?(ETAG) || headers.key?('Last-Modified')
+      headers.key?('ETag') || headers.key?('Last-Modified')
     end
 
     def digest_body(body, headers, session)
       parts = []
       digest = nil
 
-      strippable_response = STRIP_CONTENT_TYPES.include?(headers['Content-Type'])
+      strippable_response = strippable_response?(headers)
 
       body.each do |part|
         parts << part
@@ -142,5 +153,16 @@ module Rack
       html
     end
 
+    private
+
+    def strippable_response?(headers)
+      content_type = headers['Content-Type']
+      return false unless content_type
+
+      # Convert "text/tml; charset=utf-8" to just "text/html"
+      content_type = content_type.split(/\s*;\s*/)[0]
+      STRIP_CONTENT_TYPES.include?(content_type)
+    end
+
   end
 end

data/rack-steady_etag.gemspec

@@ -31,10 +31,10 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  # Rack 1.4.7 is the last version compatible with Rails 3.2.
+  #
   # I expect Rack 3 to have a new ETag middleware to no longer buffer
   # streaming responses: https://github.com/rack/rack/issues/1619
   # Once Rack 3 is out we should release a new version of this gem.
-  spec.add_dependency "rack", '~>2.0'
-
-  spec.add_dependency 'activesupport', '>= 3.2'
+  spec.add_dependency "rack", '>=1.4.7', '<3'
 end

metadata

@@ -1,43 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: rack-steady_etag
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.3.1
 platform: ruby
 authors:
 - Henning Koch
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-05-12 00:00:00.000000000 Z
+date: 2022-07-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-- !ruby/object:Gem::Dependency
-  name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: 1.4.7
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: 1.4.7
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
 description: Rack Middleware that produces the same ETag for responses that only differ
   in CSRF tokens or CSP nonce
 email:
@@ -51,6 +43,8 @@ files:
 - CHANGELOG.md
 - Gemfile
 - Gemfile.lock
+- Gemfile.rack1
+- Gemfile.rack1.lock
 - LICENSE.txt
 - README.md
 - Rakefile