rack-test 1.1.0 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 14e25e843eada244c949970f14897865edcf1687b17889560923e32306632423
-  data.tar.gz: ac325910df89080a58b47b7ec9f7e84c552a597d09a0ed3e1c5600a7cc4a6d5a
+  metadata.gz: 98bb9656717c512790c5f65b20a8f0cfc7c2f14e4d9d98d5069e6e5910b256e5
+  data.tar.gz: 6305cac1636eef820a082a1431cef2bc24b445b1f902b65c550f976ba84f08e6
 SHA512:
-  metadata.gz: a86f02b6cc8a0c7bbebbe64612e174f250abce84458ab732457e3b132f70f93b31f0ca791b75c167796690d3293fb4de02d895be85baeada4b619977b1b1ac39
-  data.tar.gz: 002d971754b2ac28d329c8b7231d97068939e6b0e17d24d7d7d87088ac15cff4597d560843168a0289098e58639bc39f9c3b22129550a39e0d5f07a03413d70b
+  metadata.gz: 420e60a08ec2fa5fd92a358d28c0b17e0a943eb30962756360185091753bdd4eb55b7b58005aa84bb1907cfb7e8129166d1aed6282596f45b8b0f42dd1003306
+  data.tar.gz: b7446d71bf41a0f69b9812e867f7b472488ee0534d6206435b77e8266617486687044a814dd6c085003b823e0e349c83b1ca47ea296f1f23346957d66cbed0bc

data/History.md

@@ -1,3 +1,122 @@
+## 2.1.0 / 2023-03-14
+
+* Breaking changes:
+  * Digest authentication support, deprecated in 2.0.0, has been
+    removed (Jeremy Evans #307)
+  * requiring rack/mock_session, deprecated in 2.0.0, has been removed
+    (Jeremy Evans #307)
+
+* Minor enhancements:
+  * The `original_filename` for `Rack::Test::UploadedFile` can now be
+    set even if the content of the file comes from a file path
+    (Stuart Chinery #314)
+  * Add `Rack::Test::Session#restore_state`, for executing a block
+    and restoring current state (last request, last response, and
+    cookies) after the block (Jeremy Evans #316)
+  * Make `Rack::Test::Methods` support `default_host` method similar to
+    `app`, which will set the default host used for requests to the app
+    (Jeremy Evans #317 #318)
+  * Allow responses to set cookie paths not matching the current
+    request URI. Such cookies will only be sent for paths matching
+    the cookie path (Chris Waters #322)
+  * Ignore leading dot for cookie domains, per RFC 6265 (Stephen Crosby
+    #329)
+  * Avoid creating empty multipart body if params is empty in
+    `Rack::Test::Session#env_for` (Ryunosuke Sato #331)
+
+## 2.0.2 / 2022-06-28
+
+* Bug fixes:
+  * Fix additional incompatible character encodings error when building
+    uploaded bodies (Jeremy Evans #311)
+
+## 2.0.1 / 2022-06-27
+
+* Bug fixes:
+  * Fix incompatible character encodings error when building uploaded
+    file bodies (Jeremy Evans #308 #309)
+
+## 2.0.0 / 2022-06-24
+
+* Breaking changes:
+  * Digest authentication support is now deprecated, as it relies on
+    digest authentication support in rack, which has been deprecated
+    (Jeremy Evans #294)
+  * `Rack::Test::Utils.build_primitive_part` no longer handles array
+    values (Jeremy Evans #292)
+  * `Rack::Test::Utils` module methods other than `build_nested_query`
+    and `build_multipart` are now private methods (Jeremy Evans #297)
+  * `Rack::MockSession` has been combined into `Rack::Test::Session`,
+    and remains as an alias to `Rack::Test::Session`, but to keep some
+    backwards compatibility, `Rack::Test::Session.new` will accept a
+    `Rack::Test::Session` instance and return it (Jeremy Evans #297)
+  * Previously protected methods in `Rack::Test::Cookie{,Jar}` are now
+    private methods (Jeremy Evans #297)
+  * `Rack::Test::Methods` no longer defines `build_rack_mock_session`,
+    but for backwards compatibility, `build_rack_test_session` will call
+    `build_rack_mock_session` if it is defined (Jeremy Evans #297)
+  * `Rack::Test::Methods::METHODS` is no longer defined
+    (Jeremy Evans #297)
+  * `Rack::Test::Methods#_current_session_names` has been removed
+    (Jeremy Evans #297)
+  * Headers used/accessed by rack-test are now lower case, for rack 3
+    compliance (Jeremy Evans #295)
+  * Frozen literal strings are now used internally, which may break
+    code that mutates static strings returned by rack-test, if any
+    (Jeremy Evans #304)
+
+* Minor enhancements:
+  * rack-test now works with the rack main branch (what will be rack 3)
+    (Jeremy Evans #280 #292)
+  * rack-test only loads the parts of rack it uses when running on the
+    rack main branch (what will be rack 3) (Jeremy Evans #292)
+  * Development dependencies have been significantly reduced, and are
+    now a subset of the development dependencies of rack itself
+    (Jeremy Evans #292)
+  * Avoid creating multiple large copies of uploaded file data in
+    memory (Jeremy Evans #286)
+  * Specify HTTP/1.0 when submitting requests, to avoid responses with
+    Transfer-Encoding: chunked (Jeremy Evans #288)
+  * Support `:query_params` in rack environment for parameters that
+    are appended to the query string instead of used in the request
+    body (Jeremy Evans #150 #287)
+  * Reduce required ruby version to 2.0, since tests run fine on
+    Ruby 2.0 (Jeremy Evans #292)
+  * Support :multipart env key for request methods to force multipart
+    input (Jeremy Evans #303)
+  * Force multipart input for request methods if content type starts
+    with multipart (Jeremy Evans #303)
+  * Improve performance of Utils.build_multipart by using an
+    append-only design (Jeremy Evans #304)
+  * Improve performance of Utils.build_nested_query for array values
+    (Jeremy Evans #304)
+
+* Bug fixes:
+  * The `CONTENT_TYPE` of multipart requests is now respected, if it
+    starts with `multipart/` (Tom Knig #238)
+  * Work correctly with responses that respond to `to_a` but not
+    `to_ary` (Sergio Faria #276)
+  * Raise an ArgumentError instead of a TypeError when providing a
+    StringIO without an original filename when creating an
+    UploadedFile (Nuno Correia #279)
+  * Allow combining both an UploadedFile and a plain string when
+    building a multipart upload (Mitsuhiro Shibuya #278)
+  * Fix the generation of filenames with spaces to use path
+    escaping instead of regular escaping, since path unescaping is
+    used to decode it (Muir Manders, Jeremy Evans #275 #284)
+  * Rewind tempfile used for multipart uploads before it is
+    submitted to the application
+    (Jeremy Evans, Alexander Dervish #261 #268 #286)
+  * Fix Rack::Test.encoding_aware_strings to be true only on rack
+    1.6+ (Jeremy Evans #292)
+  * Make Rack::Test::CookieJar#valid? return true/false
+    (Jeremy Evans #292)
+  * Cookies without a domain attribute no longer are submitted to
+    requests for subdomains of that domain, for RFC 6265
+    compliance (Jeremy Evans #292)
+  * Increase required rack version to 1.3, since tests fail on
+    rack 1.2 and below (Jeremy Evans #293)
+
 ## 1.1.0 / 2018-07-21
 
 * Breaking changes:
@@ -8,7 +127,7 @@
   * follow_direct: Include rack.session.options (Mark Edmondson #233)
   * [CI] Add simplecov (fatkodima #227)
 
-Bug fixes:
+* Bug fixes:
   * Follow relative locations correctly. (Samuel Williams #230)
 
 ## 1.0.0 / 2018-03-27

data/MIT-LICENSE.txt

@@ -1,4 +1,5 @@
 Copyright (c) 2008-2009 Bryan Helmkamp, Engine Yard Inc.
+Copyright (c) 2022 Jeremy Evans
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -1,10 +1,7 @@
 # Rack::Test
 [![Gem Version](https://badge.fury.io/rb/rack-test.svg)](https://badge.fury.io/rb/rack-test)
-[<img src="https://travis-ci.org/rack-test/rack-test.svg?branch=master" />](https://travis-ci.org/rack-test/rack-test)
-[![Code Climate](https://codeclimate.com/github/rack-test/rack-test/badges/gpa.svg)](https://codeclimate.com/github/rack-test/rack-test)
-[![Test Coverage](https://codeclimate.com/github/rack-test/rack-test/badges/coverage.svg)](https://codeclimate.com/github/rack-test/rack-test/coverage)
 
-Code: https://github.com/rack-test/rack-test
+Code: https://github.com/rack/rack-test
 
 ## Description
 
@@ -14,76 +11,66 @@ to build on.
 
 ## Features
 
+* Allows for submitting requests and testing responses
 * Maintains a cookie jar across requests
-* Easily follow redirects when desired
-* Set request headers to be used by all subsequent requests
-* Small footprint. Approximately 200 LOC
-
-## Supported platforms
-
-* 2.2.2+
-* 2.3
-* 2.4
-* JRuby 9.1.+
-
-If you are using Ruby 1.8, 1.9 or JRuby 1.7, use rack-test 0.6.3.
-
-## Known incompatibilites
-
-* `rack-test >= 0.71` _does not_ work with older Capybara versions (`< 2.17`). See [#214](https://github.com/rack-test/rack-test/issues/214) for more details.
+* Supports request headers used for subsequent requests
+* Follow redirects when requested
 
 ## Examples
-(The examples use `Test::Unit` but it's equally possible to use `rack-test` with other testing frameworks like `rspec`.)
+
+These examples use `test/unit` but it's equally possible to use `rack-test` with
+other testing frameworks such as `minitest` or `rspec`.
 
 ```ruby
 require "test/unit"
 require "rack/test"
+require "json"
 
 class HomepageTest < Test::Unit::TestCase
   include Rack::Test::Methods
 
   def app
-    app = lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['All responses are OK']] }
-    builder = Rack::Builder.new
-    builder.run app
+    lambda { |env| [200, {'content-type' => 'text/plain'}, ['All responses are OK']] }
   end
 
   def test_response_is_ok
-    get '/'
-
-    assert last_response.ok?
-    assert_equal last_response.body, 'All responses are OK'
-  end
+    # Optionally set headers used for all requests in this spec:
+    #header 'accept-charset', 'utf-8'
 
-  def set_request_headers
-    header 'Accept-Charset', 'utf-8'
+    # First argument is treated as the path
     get '/'
 
     assert last_response.ok?
-    assert_equal last_response.body, 'All responses are OK'
+    assert_equal 'All responses are OK', last_response.body
   end
 
-  def test_response_is_ok_for_other_paths
-    get '/other_paths'
-
-    assert last_response.ok?
-    assert_equal last_response.body, 'All responses are OK'
+  def delete_with_url_params_and_body
+    # First argument can have a query string
+    #
+    # Second argument is used as the parameters for the request, which will be
+    # included in the request body for non-GET requests.
+    delete '/?foo=bar', JSON.generate('baz' => 'zot')
   end
 
   def post_with_json
-    # No assertion in this, we just demonstrate how you can post a JSON-encoded string.
-    # By default, Rack::Test will use HTTP form encoding if you pass in a Hash as the
-    # parameters, so make sure that `json` below is already a JSON-serialized string.
-    post(uri, json, { 'CONTENT_TYPE' => 'application/json' })
-  end
-
-  def delete_with_url_params_and_body
-    delete '/?foo=bar', JSON.generate('baz' => 'zot')
+    # Third argument is the rack environment to use for the request.  The following
+    # entries in the submitted rack environment are treated specially (in addition
+    # to options supported by `Rack::MockRequest#env_for`:
+    #
+    # :cookie : Set a cookie for the current session before submitting the request.
+    #
+    # :query_params : Set parameters for the query string (as opposed to the body).
+    #                 Value should be a hash of parameters.
+    #
+    # :xhr : Set HTTP_X_REQUESTED_WITH env key to XMLHttpRequest.
+    post(uri, JSON.generate('baz' => 'zot'), 'CONTENT_TYPE' => 'application/json')
   end
 end
 ```
 
-If you want to test one app in isolation, you just return that app as shown above. But if you want to test the entire app stack, including middlewares, cascades etc. you need to parse the app defined in config.ru.
+`rack-test` will test the app returned by the `app` method.  If you are loading middleware
+in a `config.ru` file, and want to test that, you should load the Rack app created from
+the `config.ru` file:
 
 ```ruby
 OUTER_APP = Rack::Builder.parse_file("config.ru").first
@@ -102,7 +89,6 @@ class TestApp < Test::Unit::TestCase
 end
 ```
 
-
 ## Install
 
 To install the latest release as a gem:
@@ -111,40 +97,43 @@ To install the latest release as a gem:
 gem install rack-test
 ```
 
-Or via Bundler:
+Or add to your `Gemfile`:
 
 ```
 gem 'rack-test'
 ```
 
-Or to install unreleased version via Bundler:
+## Contribution
 
-```
-gem 'rack-test', github: 'rack-test', branch: 'master'
-```
+Contributions are welcome. Please make sure to:
+
+* Use a regular forking workflow
+* Write tests for the new or changed behaviour
+* Provide an explanation/motivation in your commit message / PR message
+* Ensure `History.md` is updated
 
 ## Authors
 
-- Contributions from Bryan Helmkamp, Simon Rozet, Pat Nakajima and others
+- Contributions from Bryan Helmkamp, Jeremy Evans, Simon Rozet, and others
 - Much of the original code was extracted from Merb 1.0's request helper
 
 ## License
-`rack-test` is released under the [MIT License](MIT-LICENSE.txt).
 
-## Contribution
+`rack-test` is released under the [MIT License](MIT-LICENSE.txt).
 
-Contributions are welcome. Please make sure to:
+## Supported platforms
 
-* Use a regular forking workflow
-* Write tests for the new or changed behaviour
-* Provide an explanation/motivation in your commit message / PR message
-* Ensure History.txt is updated
+* Ruby 2.0+
+* JRuby 9.1+
 
 ## Releasing
 
-* Ensure `History.md` is up-to-date
 * Bump VERSION in lib/rack/test/version.rb
-* `git commit . -m 'Release 1.1.0'`
+* Ensure `History.md` is up-to-date, including correct version and date
+* `git commit . -m 'Release $VERSION'`
 * `git push`
-* bundle exec thor :release
-* Updated the [GitHub releases page](https://github.com/rack-test/rack-test/releases)
+* `git tag -a -m 'Tag the $VERSION release' $VERSION`
+* `git push --tags`
+* `gem build rack-test.gemspec`
+* `gem push rack-test-$VERSION.gem`
+* Add a discussion post for the release

data/lib/rack/test/cookie_jar.rb

@@ -1,94 +1,114 @@
+# frozen_string_literal: true
+
 require 'uri'
 require 'time'
 
 module Rack
   module Test
+    # Represents individual cookies in the cookie jar.  This is considered private
+    # API and behavior of this class can change at any time.
     class Cookie # :nodoc:
       include Rack::Utils
 
-      # :api: private
-      attr_reader :name, :value
+      # The name of the cookie, will be a string
+      attr_reader :name
+      
+      # The value of the cookie, will be a string or nil if there is no value.
+      attr_reader :value
+
+      # The raw string for the cookie, without options. Will generally be in
+      # name=value format is name and value are provided.
+      attr_reader :raw
 
-      # :api: private
       def initialize(raw, uri = nil, default_host = DEFAULT_HOST)
         @default_host = default_host
         uri ||= default_uri
 
         # separate the name / value pair from the cookie options
-        @name_value_raw, options = raw.split(/[;,] */n, 2)
+        @raw, options = raw.split(/[;,] */n, 2)
 
-        @name, @value = parse_query(@name_value_raw, ';').to_a.first
+        @name, @value = parse_query(@raw, ';').to_a.first
         @options = parse_query(options, ';')
 
-        @options['domain']  ||= (uri.host || default_host)
-        @options['path']    ||= uri.path.sub(/\/[^\/]*\Z/, '')
+        if domain = @options['domain']
+          @exact_domain_match = false
+          domain[0] = '' if domain[0] == '.'
+        else
+          # If the domain attribute is not present in the cookie,
+          # the domain must match exactly.
+          @exact_domain_match = true
+          @options['domain'] = (uri.host || default_host)
+        end
+
+        # Set the path for the cookie to the directory containing
+        # the request if it isn't set.
+        @options['path'] ||= uri.path.sub(/\/[^\/]*\Z/, '')
       end
 
+      # Wether the given cookie can replace the current cookie in the cookie jar.
       def replaces?(other)
         [name.downcase, domain, path] == [other.name.downcase, other.domain, other.path]
       end
 
-      # :api: private
-      def raw
-        @name_value_raw
-      end
-
-      # :api: private
+      # Whether the cookie has a value.
       def empty?
         @value.nil? || @value.empty?
       end
 
-      # :api: private
+      # The explicit or implicit domain for the cookie.
       def domain
         @options['domain']
       end
 
+      # Whether the cookie has the secure flag, indicating it can only be sent over
+      # an encrypted connection.
       def secure?
         @options.key?('secure')
       end
 
+      # Whether the cookie has the httponly flag, indicating it is not available via
+      # a javascript API.
       def http_only?
-        @options.key?('HttpOnly')
+        @options.key?('HttpOnly') || @options.key?('httponly')
       end
 
-      # :api: private
+      # The explicit or implicit path for the cookie.
       def path
         ([*@options['path']].first.split(',').first || '/').strip
       end
 
-      # :api: private
+      # A Time value for when the cookie expires, if the expires option is set.
       def expires
         Time.parse(@options['expires']) if @options['expires']
       end
 
-      # :api: private
+      # Whether the cookie is currently expired.
       def expired?
         expires && expires < Time.now
       end
 
-      # :api: private
+      # Whether the cookie is valid for the given URI.
       def valid?(uri)
         uri ||= default_uri
 
         uri.host = @default_host if uri.host.nil?
 
         real_domain = domain =~ /^\./ ? domain[1..-1] : domain
-        (!secure? || (secure? && uri.scheme == 'https')) &&
-          uri.host =~ Regexp.new("#{Regexp.escape(real_domain)}$", Regexp::IGNORECASE) &&
-          uri.path =~ Regexp.new("^#{Regexp.escape(path)}")
+        !!((!secure? || (secure? && uri.scheme == 'https')) &&
+          uri.host =~ Regexp.new("#{'^' if @exact_domain_match}#{Regexp.escape(real_domain)}$", Regexp::IGNORECASE))
       end
 
-      # :api: private
+      # Cookies that do not match the URI will not be sent in requests to the URI.
       def matches?(uri)
-        !expired? && valid?(uri)
+        !expired? && valid?(uri) && uri.path.start_with?(path)
       end
 
-      # :api: private
+      # Order cookies by name, path, and domain.
       def <=>(other)
-        # Orders the cookies from least specific to most
         [name, path, domain.reverse] <=> [other.name, other.path, other.domain.reverse]
       end
 
+      # A hash of cookie options, including the cookie value, but excluding the cookie name.
       def to_h
         @options.merge(
           'value'    => @value,
@@ -98,43 +118,68 @@ module Rack
       end
       alias to_hash to_h
 
-      protected
+      private
 
+      # The default URI to use for the cookie, including just the host.
       def default_uri
         URI.parse('//' + @default_host + '/')
       end
     end
 
+    # Represents all cookies for a session, handling adding and
+    # removing cookies, and finding which cookies apply to a given
+    # request.  This is considered private API and behavior of this
+    # class can change at any time.
     class CookieJar # :nodoc:
       DELIMITER = '; '.freeze
 
-      # :api: private
       def initialize(cookies = [], default_host = DEFAULT_HOST)
         @default_host = default_host
-        @cookies = cookies
-        @cookies.sort!
+        @cookies = cookies.sort!
       end
 
+      # Ensure the copy uses a distinct cookies array.
+      def initialize_copy(other)
+        super
+        @cookies = @cookies.dup
+      end
+
+      # Return the value for first cookie with the given name, or nil
+      # if no such cookie exists.
       def [](name)
-        cookies = hash_for(nil)
-        # TODO: Should be case insensitive
-        cookies[name.to_s] && cookies[name.to_s].value
+        name = name.to_s
+        @cookies.each do |cookie|
+          return cookie.value if cookie.name == name
+        end
+        nil
       end
 
+      # Set a cookie with the given name and value in the
+      # cookie jar.
       def []=(name, value)
         merge("#{name}=#{Rack::Utils.escape(value)}")
       end
 
+      # Return the first cookie with the given name, or nil if
+      # no such cookie exists.
       def get_cookie(name)
-        hash_for(nil).fetch(name, nil)
+        @cookies.each do |cookie|
+          return cookie if cookie.name == name
+        end
+        nil
       end
 
+      # Delete all cookies with the given name from the cookie jar.
       def delete(name)
         @cookies.reject! do |cookie|
           cookie.name == name
         end
+        nil
       end
 
+      # Add a string of raw cookie information to the cookie jar,
+      # if the cookie is valid for the given URI.
+      # Cookies should be separated with a newline.
       def merge(raw_cookies, uri = nil)
         return unless raw_cookies
 
@@ -149,6 +194,7 @@ module Rack
         end
       end
 
+      # Add a Cookie to the cookie jar.
       def <<(new_cookie)
         @cookies.reject! do |existing_cookie|
           new_cookie.replaces?(existing_cookie)
@@ -158,36 +204,48 @@ module Rack
         @cookies.sort!
       end
 
-      # :api: private
+      # Return a raw cookie string for the cookie header to
+      # use for the given URI.
       def for(uri)
-        hash_for(uri).values.map(&:raw).join(DELIMITER)
+        buf = String.new
+        delimiter = nil
+
+        each_cookie_for(uri) do |cookie|
+          if delimiter
+            buf << delimiter
+          else
+            delimiter = DELIMITER
+          end
+          buf << cookie.raw
+        end
+
+        buf
       end
 
+      # Return a hash cookie names and cookie values for cookies in the jar.
       def to_hash
         cookies = {}
 
-        hash_for(nil).each do |name, cookie|
-          cookies[name] = cookie.value
+        @cookies.each do |cookie|
+          cookies[cookie.name] = cookie.value
         end
 
         cookies
       end
 
-      protected
-
-      def hash_for(uri = nil)
-        cookies = {}
+      private
 
-        # The cookies are sorted by most specific first. So, we loop through
-        # all the cookies in order and add it to a hash by cookie name if
-        # the cookie can be sent to the current URI. It's added to the hash
-        # so that when we are done, the cookies will be unique by name and
-        # we'll have grabbed the most specific to the URI.
+      # Yield each cookie that matches for the URI.
+      #
+      # The cookies are sorted by most specific first. So, we loop through
+      # all the cookies in order and add it to a hash by cookie name if
+      # the cookie can be sent to the current URI. It's added to the hash
+      # so that when we are done, the cookies will be unique by name and
+      # we'll have grabbed the most specific to the URI.
+      def each_cookie_for(uri)
         @cookies.each do |cookie|
-          cookies[cookie.name] = cookie if !uri || cookie.matches?(uri)
+          yield cookie if !uri || cookie.matches?(uri)
         end
-
-        cookies
       end
     end
   end