rack-zippy 3.0.0 → 3.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. data/CHANGELOG.md +5 -1
  2. data/README.md +6 -4
  3. data/lib/rack-zippy.rb +1 -1
  4. data/lib/rack-zippy/version.rb +1 -1
  5. data/test/asset_server_test.rb +8 -1
  6. metadata +2 -8
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
+ ## 3.0.1 / 2015-05-19
2
+ - Allow paths with periods in the middle, but not if they immediately follow slash ([#46](https://github.com/eliotsykes/rack-zippy/pull/46)) @ssemakov
3
+
1
4
  ## 3.0.0 / 2015-04-18
2
- - Make static extensions list configurable ([#45](https://github.com/eliotsykes/rack-zippy/pull/45/files)) Anton Petrunich
5
+ - POTENTIAL BREAKING CHANGE! `STATIC_EXTENSION_REGEX` has been removed and replaced with a `static_extensions` array. If your app monkey patched `STATIC_EXTENSTION_REGEX` to change the file extension whitelist, then you will need to update your app to use rack-zippy 3.x. Depending on how you patched, and your test coverage, your app could silently fail. Search your codebase for `STATIC_EXTENSION_REGEX` to ensure it is not used. If it is used, then migrate your patch to use the new `Rack::Zippy.config` method for configuring `static_extensions`: https://github.com/eliotsykes/rack-zippy#static_extensions
6
+ - Make static extensions list configurable ([#45](https://github.com/eliotsykes/rack-zippy/pull/45)) Anton Petrunich
3
7
 
4
8
  ## 2.0.2 / 2014-12-15
5
9
  - Remove binstub bin/rake permanently, may be causing Heroku issues
data/README.md CHANGED
@@ -87,16 +87,17 @@ Cache-Control: public, max-age=600
87
87
 
88
88
  ### Configuration
89
89
 
90
- #### static_extensions
90
+ #### Supported Extensions Whitelist
91
91
 
92
- rack-zippy handles only files with whitelisted extensions. Default extensions list:
92
+ rack-zippy handles only files with whitelisted extensions. Default extensions are stored in the `static_extensions` array with an entry for each of these:
93
93
  `css js html htm txt ico png jpg jpeg gif pdf svg zip gz eps psd ai woff woff2 ttf eot otf swf`
94
94
 
95
- You can modify this list:
95
+ You can modify this list to support other extensions by appending the lowercased file extension to the `static_extensions` array:
96
96
 
97
97
  ```ruby
98
98
  Rack::Zippy.configure do |config|
99
- config.static_extensions << 'csv'
99
+ # Add support for the given extensions:
100
+ config.static_extensions.push('csv', 'xls', 'rtf', ...EXTENSIONS TO ADD...)
100
101
  end
101
102
  ```
102
103
 
@@ -155,6 +156,7 @@ Cleanup time! When you’re finished testing, delete the local override and set
155
156
  - Kieran Topping https://github.com/ktopping
156
157
  - Luke Wendling https://github.com/lukewendling
157
158
  - Anton Petrunich https://github.com/solenko
159
+ - ssemakov https://github.com/ssemakov
158
160
 
159
161
  ## Releasing a new gem
160
162
 
data/lib/rack-zippy.rb CHANGED
@@ -63,7 +63,7 @@ module Rack
63
63
 
64
64
  ACCEPTS_GZIP_REGEX = /\bgzip\b/
65
65
 
66
- ILLEGAL_PATH_REGEX = /(\.\.|\/\.)/
66
+ ILLEGAL_PATH_REGEX = /(\/\.\.?)/
67
67
 
68
68
  def client_accepts_gzip?(rack_env)
69
69
  rack_env['HTTP_ACCEPT_ENCODING'] =~ ACCEPTS_GZIP_REGEX
data/lib/rack-zippy/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module Zippy
3
- VERSION = '3.0.0'
3
+ VERSION = '3.0.1'
4
4
  end
5
5
  end
data/test/asset_server_test.rb CHANGED
@@ -192,12 +192,19 @@ module Rack
192
192
  end
193
193
 
194
194
  def test_responds_not_found_if_path_contains_consecutive_periods
195
- ["/hello/../sensitive/file", "/..", "/..."].each do |dotty_path|
195
+ ["/hello/../sensitive/file", "/..", "/...", "../sensitive"].each do |dotty_path|
196
196
  get dotty_path
197
197
  assert_not_found
198
198
  end
199
199
  end
200
200
 
201
+ def test_responds_ok_if_path_contains_periods_that_not_follow_slash
202
+ ["/hello/path..with....periods/file", "/hello/path/with.a.period"].each do |dotty_path|
203
+ get dotty_path
204
+ assert_underlying_app_responded
205
+ end
206
+ end
207
+
201
208
  def test_serves_html
202
209
  assert_responds_with_html_file '/thanks.html', 'public/thanks.html'
203
210
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-zippy
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
4
+ version: 3.0.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-04-18 00:00:00.000000000 Z
12
+ date: 2015-05-19 00:00:00.000000000 Z
13
13
  dependencies: []
14
14
  description: Rack middleware for serving static gzipped assets generated by the Rails
15
15
  asset pipeline
@@ -65,18 +65,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
65
65
  - - ! '>='
66
66
  - !ruby/object:Gem::Version
67
67
  version: '0'
68
- segments:
69
- - 0
70
- hash: -1760946869363206133
71
68
  required_rubygems_version: !ruby/object:Gem::Requirement
72
69
  none: false
73
70
  requirements:
74
71
  - - ! '>='
75
72
  - !ruby/object:Gem::Version
76
73
  version: '0'
77
- segments:
78
- - 0
79
- hash: -1760946869363206133
80
74
  requirements: []
81
75
  rubyforge_project:
82
76
  rubygems_version: 1.8.23.2