rack-utf8_sanitizer 1.7.0 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.editorconfig +17 -0
- data/.github/dependabot.yml +6 -0
- data/.github/workflows/ci.yml +23 -0
- data/.travis.yml +4 -7
- data/lib/rack/utf8_sanitizer.rb +7 -1
- data/rack-utf8_sanitizer.gemspec +2 -3
- data/test/test_utf8_sanitizer.rb +16 -2
- metadata +8 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 045740a7d869543a26c071de26ee6585d00e6193eaa2a5a02bfe09142cfe11c1
|
|
4
|
+
data.tar.gz: '050977cbbb72a835dea65e4df6bd75d6837c216b2a2f68eecd83701f1153e7ff'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 611f078bdbe5f0247eac8ba3258a174eb70a1d3263b49ca0d4d261a8fd3de1b260da9defc36bc644eb2e6805211038adddf4396a9f7b0bb48fbd932e41991f97
|
|
7
|
+
data.tar.gz: 1bc7f43fbd004ac010a7829cb8077b2bdb245500670d2fc4d22372ccc44c959db47a3853aa68f1eb4c1533b5202ee6fdb44d368d722be7fa9439dc6049ddbef2
|
data/.editorconfig
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
root = true
|
|
2
|
+
|
|
3
|
+
[*]
|
|
4
|
+
indent_style = space
|
|
5
|
+
indent_size = 2
|
|
6
|
+
end_of_line = lf
|
|
7
|
+
charset = utf-8
|
|
8
|
+
trim_trailing_whitespace = true
|
|
9
|
+
insert_final_newline = true
|
|
10
|
+
|
|
11
|
+
[*.md]
|
|
12
|
+
indent_style = space
|
|
13
|
+
indent_size = 2
|
|
14
|
+
|
|
15
|
+
[*.y{a,}ml]
|
|
16
|
+
indent_style = space
|
|
17
|
+
indent_size = 2
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on: [push, pull_request]
|
|
4
|
+
|
|
5
|
+
jobs:
|
|
6
|
+
test:
|
|
7
|
+
|
|
8
|
+
runs-on: ubuntu-latest
|
|
9
|
+
|
|
10
|
+
strategy:
|
|
11
|
+
fail-fast: false
|
|
12
|
+
matrix:
|
|
13
|
+
ruby: ["2.5", "2.6", "2.7", "3.0", "3.1", ruby-head, jruby-9.2, jruby-9.3, jruby-head]
|
|
14
|
+
|
|
15
|
+
steps:
|
|
16
|
+
- uses: actions/checkout@v3
|
|
17
|
+
- name: Set up Ruby
|
|
18
|
+
uses: ruby/setup-ruby@v1
|
|
19
|
+
with:
|
|
20
|
+
bundler-cache: true # 'bundle install' and cache gems
|
|
21
|
+
ruby-version: ${{ matrix.ruby }}
|
|
22
|
+
- name: Run tests
|
|
23
|
+
run: bundle exec rake
|
data/.travis.yml
CHANGED
data/lib/rack/utf8_sanitizer.rb
CHANGED
|
@@ -6,6 +6,7 @@ require 'stringio'
|
|
|
6
6
|
module Rack
|
|
7
7
|
class UTF8Sanitizer
|
|
8
8
|
StringIO = ::StringIO
|
|
9
|
+
BAD_REQUEST = [400, { "Content-Type" => "text/plain" }, ["Bad Request"]]
|
|
9
10
|
|
|
10
11
|
# options[:sanitizable_content_types] Array
|
|
11
12
|
# options[:additional_content_types] Array
|
|
@@ -19,7 +20,12 @@ module Rack
|
|
|
19
20
|
end
|
|
20
21
|
|
|
21
22
|
def call(env)
|
|
22
|
-
|
|
23
|
+
begin
|
|
24
|
+
env = sanitize(env)
|
|
25
|
+
rescue EOFError
|
|
26
|
+
return BAD_REQUEST
|
|
27
|
+
end
|
|
28
|
+
@app.call(env)
|
|
23
29
|
end
|
|
24
30
|
|
|
25
31
|
DEFAULT_STRATEGIES = {
|
data/rack-utf8_sanitizer.gemspec
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |gem|
|
|
4
4
|
gem.name = "rack-utf8_sanitizer"
|
|
5
|
-
gem.version = '1.
|
|
5
|
+
gem.version = '1.8.0'
|
|
6
6
|
gem.authors = ["whitequark"]
|
|
7
7
|
gem.license = "MIT"
|
|
8
8
|
gem.email = ["whitequark@whitequark.org"]
|
|
@@ -12,13 +12,12 @@ Gem::Specification.new do |gem|
|
|
|
12
12
|
gem.homepage = "http://github.com/whitequark/rack-utf8_sanitizer"
|
|
13
13
|
|
|
14
14
|
gem.files = `git ls-files`.split($/)
|
|
15
|
-
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
|
16
15
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
|
17
16
|
gem.require_paths = ["lib"]
|
|
18
17
|
|
|
19
18
|
gem.required_ruby_version = '>= 1.9.3'
|
|
20
19
|
|
|
21
|
-
gem.add_dependency "rack", '>= 1.0', '<
|
|
20
|
+
gem.add_dependency "rack", '>= 1.0', '< 4.0'
|
|
22
21
|
|
|
23
22
|
gem.add_development_dependency "bacon"
|
|
24
23
|
gem.add_development_dependency "bacon-colored_output"
|
data/test/test_utf8_sanitizer.rb
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# encoding:ascii-8bit
|
|
2
2
|
|
|
3
3
|
require 'bacon/colored_output'
|
|
4
|
+
require 'cgi'
|
|
4
5
|
require 'rack/utf8_sanitizer'
|
|
5
6
|
|
|
6
7
|
describe Rack::UTF8Sanitizer do
|
|
@@ -118,6 +119,7 @@ describe Rack::UTF8Sanitizer do
|
|
|
118
119
|
describe "with valid, not percent-encoded UTF-8 URI input" do
|
|
119
120
|
before do
|
|
120
121
|
@uri_input = "http://bar/foo+bar+лол".force_encoding('UTF-8')
|
|
122
|
+
@encoded = "http://bar/foo+bar+#{CGI.escape("лол")}"
|
|
121
123
|
end
|
|
122
124
|
|
|
123
125
|
it "does not change URI-like entity (REQUEST_PATH)" do
|
|
@@ -126,7 +128,7 @@ describe Rack::UTF8Sanitizer do
|
|
|
126
128
|
|
|
127
129
|
result.encoding.should == Encoding::US_ASCII
|
|
128
130
|
result.should.be.valid_encoding
|
|
129
|
-
result.should ==
|
|
131
|
+
result.should == @encoded
|
|
130
132
|
end
|
|
131
133
|
end
|
|
132
134
|
|
|
@@ -205,6 +207,18 @@ describe Rack::UTF8Sanitizer do
|
|
|
205
207
|
@response_env['rack.input'].close
|
|
206
208
|
end
|
|
207
209
|
|
|
210
|
+
class BrokenIO < StringIO
|
|
211
|
+
def read
|
|
212
|
+
raise EOFError
|
|
213
|
+
end
|
|
214
|
+
end
|
|
215
|
+
|
|
216
|
+
it "returns HTTP 400 on EOF" do
|
|
217
|
+
@rack_input = BrokenIO.new
|
|
218
|
+
@response_env = @app.(request_env)
|
|
219
|
+
@response_env.should == [400, {"Content-Type"=>"text/plain"}, ["Bad Request"]]
|
|
220
|
+
end
|
|
221
|
+
|
|
208
222
|
it "sanitizes StringIO rack.input" do
|
|
209
223
|
input = "foo=bla&quux=bar"
|
|
210
224
|
@rack_input = StringIO.new input
|
|
@@ -549,7 +563,7 @@ describe Rack::UTF8Sanitizer do
|
|
|
549
563
|
sanitize_data(env) do |sanitized_input|
|
|
550
564
|
sanitized_input.encoding.should == Encoding::UTF_8
|
|
551
565
|
sanitized_input.should.be.valid_encoding
|
|
552
|
-
sanitized_input.should == 'replace'
|
|
566
|
+
sanitized_input.should == 'replace'
|
|
553
567
|
end
|
|
554
568
|
end
|
|
555
569
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-utf8_sanitizer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.8.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- whitequark
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-10-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: '1.0'
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: '
|
|
22
|
+
version: '4.0'
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,7 +29,7 @@ dependencies:
|
|
|
29
29
|
version: '1.0'
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: '
|
|
32
|
+
version: '4.0'
|
|
33
33
|
- !ruby/object:Gem::Dependency
|
|
34
34
|
name: bacon
|
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -80,6 +80,9 @@ executables: []
|
|
|
80
80
|
extensions: []
|
|
81
81
|
extra_rdoc_files: []
|
|
82
82
|
files:
|
|
83
|
+
- ".editorconfig"
|
|
84
|
+
- ".github/dependabot.yml"
|
|
85
|
+
- ".github/workflows/ci.yml"
|
|
83
86
|
- ".gitignore"
|
|
84
87
|
- ".travis.yml"
|
|
85
88
|
- CHANGELOG.md
|
|
@@ -109,8 +112,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
109
112
|
- !ruby/object:Gem::Version
|
|
110
113
|
version: '0'
|
|
111
114
|
requirements: []
|
|
112
|
-
|
|
113
|
-
rubygems_version: 2.7.6.2
|
|
115
|
+
rubygems_version: 3.2.5
|
|
114
116
|
signing_key:
|
|
115
117
|
specification_version: 4
|
|
116
118
|
summary: Rack::UTF8Sanitizer is a Rack middleware which cleans up invalid UTF8 characters
|