rack 1.1.6 → 1.6.9

data/lib/rack/reloader.rb

@@ -26,6 +26,7 @@ module Rack
       @last = (Time.now - cooldown)
       @cache = {}
       @mtimes = {}
+      @reload_mutex = Mutex.new
 
       extend backend
     end
@@ -33,7 +34,7 @@ module Rack
     def call(env)
       if @cooldown and Time.now > @last + @cooldown
         if Thread.list.size > 1
-          Thread.exclusive{ reload! }
+          @reload_mutex.synchronize{ reload! }
         else
           reload!
         end
@@ -101,7 +102,7 @@ module Rack
         return unless file
         stat = ::File.stat(file)
         return file, stat if stat.file?
-      rescue Errno::ENOENT, Errno::ENOTDIR
+      rescue Errno::ENOENT, Errno::ENOTDIR, Errno::ESRCH
         @cache.delete(file) and false
       end
     end

data/lib/rack/request.rb

@@ -8,10 +8,6 @@ module Rack
   #   req = Rack::Request.new(env)
   #   req.post?
   #   req.params["data"]
-  #
-  # The environment hash passed will store a reference to the Request object
-  # instantiated so that it will only instantiate if an instance of the Request
-  # object doesn't already exist.
 
   class Request
     # The environment of the request.
@@ -22,14 +18,17 @@ module Rack
     end
 
     def body;            @env["rack.input"]                       end
-    def scheme;          @env["rack.url_scheme"]                  end
-    def script_name;     @env["SCRIPT_NAME"].to_s                 end
-    def path_info;       @env["PATH_INFO"].to_s                   end
-    def port;            @env["SERVER_PORT"].to_i                 end
+    def script_name;     @env[SCRIPT_NAME].to_s                   end
+    def path_info;       @env[PATH_INFO].to_s                     end
     def request_method;  @env["REQUEST_METHOD"]                   end
-    def query_string;    @env["QUERY_STRING"].to_s                end
+    def query_string;    @env[QUERY_STRING].to_s                  end
     def content_length;  @env['CONTENT_LENGTH']                   end
-    def content_type;    @env['CONTENT_TYPE']                     end
+
+    def content_type
+      content_type = @env['CONTENT_TYPE']
+      content_type.nil? || content_type.empty? ? nil : content_type
+    end
+
     def session;         @env['rack.session'] ||= {}              end
     def session_options; @env['rack.session.options'] ||= {}      end
     def logger;          @env['rack.logger']                      end
@@ -51,9 +50,9 @@ module Rack
     #   { 'charset' => 'utf-8' }
     def media_type_params
       return {} if content_type.nil?
-      content_type.split(/\s*[;,]\s*/)[1..-1].
+      Hash[*content_type.split(/\s*[;,]\s*/)[1..-1].
         collect { |s| s.split('=', 2) }.
-        inject({}) { |hash,(k,v)| hash[k.downcase] = v ; hash }
+        map { |k,v| [k.downcase, strip_doublequotes(v)] }.flatten]
     end
 
     # The character set of the request body if a "charset" media type
@@ -64,6 +63,24 @@ module Rack
       media_type_params['charset']
     end
 
+    def scheme
+      if @env['HTTPS'] == 'on'
+        'https'
+      elsif @env['HTTP_X_FORWARDED_SSL'] == 'on'
+        'https'
+      elsif @env['HTTP_X_FORWARDED_SCHEME']
+        @env['HTTP_X_FORWARDED_SCHEME']
+      elsif @env['HTTP_X_FORWARDED_PROTO']
+        @env['HTTP_X_FORWARDED_PROTO'].split(',')[0]
+      else
+        @env["rack.url_scheme"]
+      end
+    end
+
+    def ssl?
+      scheme == 'https'
+    end
+
     def host_with_port
       if forwarded = @env["HTTP_X_FORWARDED_HOST"]
         forwarded.split(/,\s?/).last
@@ -72,19 +89,59 @@ module Rack
       end
     end
 
+    def port
+      if port = host_with_port.split(/:/)[1]
+        port.to_i
+      elsif port = @env['HTTP_X_FORWARDED_PORT']
+        port.to_i
+      elsif @env.has_key?("HTTP_X_FORWARDED_HOST")
+        DEFAULT_PORTS[scheme]
+      elsif @env.has_key?("HTTP_X_FORWARDED_PROTO")
+        DEFAULT_PORTS[@env['HTTP_X_FORWARDED_PROTO'].split(',')[0]]
+      else
+        @env["SERVER_PORT"].to_i
+      end
+    end
+
     def host
       # Remove port number.
-      host_with_port.to_s.gsub(/:\d+\z/, '')
+      host_with_port.to_s.sub(/:\d+\z/, '')
     end
 
     def script_name=(s); @env["SCRIPT_NAME"] = s.to_s             end
     def path_info=(s);   @env["PATH_INFO"] = s.to_s               end
 
-    def get?;            request_method == "GET"                  end
-    def post?;           request_method == "POST"                 end
-    def put?;            request_method == "PUT"                  end
-    def delete?;         request_method == "DELETE"               end
-    def head?;           request_method == "HEAD"                 end
+
+    # Checks the HTTP request method (or verb) to see if it was of type DELETE
+    def delete?;  request_method == "DELETE"  end
+
+    # Checks the HTTP request method (or verb) to see if it was of type GET
+    def get?;     request_method == GET       end
+
+    # Checks the HTTP request method (or verb) to see if it was of type HEAD
+    def head?;    request_method == HEAD      end
+
+    # Checks the HTTP request method (or verb) to see if it was of type OPTIONS
+    def options?; request_method == "OPTIONS" end
+
+    # Checks the HTTP request method (or verb) to see if it was of type LINK
+    def link?;    request_method == "LINK"    end
+
+    # Checks the HTTP request method (or verb) to see if it was of type PATCH
+    def patch?;   request_method == "PATCH"   end
+
+    # Checks the HTTP request method (or verb) to see if it was of type POST
+    def post?;    request_method == "POST"    end
+
+    # Checks the HTTP request method (or verb) to see if it was of type PUT
+    def put?;     request_method == "PUT"     end
+
+    # Checks the HTTP request method (or verb) to see if it was of type TRACE
+    def trace?;   request_method == "TRACE"   end
+
+    # Checks the HTTP request method (or verb) to see if it was of type UNLINK
+    def unlink?;  request_method == "UNLINK"  end
+
 
     # The set of form-data media-types. Requests that do not indicate
     # one of the media types presents in this list will not be eligible
@@ -102,6 +159,10 @@ module Rack
       'multipart/mixed'
     ]
 
+    # Default ports depending on scheme. Used to decide whether or not
+    # to include the port in a generated URI.
+    DEFAULT_PORTS = { 'http' => 80, 'https' => 443, 'coffee' => 80 }
+
     # Determine whether the request body contains form-data by checking
     # the request Content-Type for one of the media-types:
     # "application/x-www-form-urlencoded" or "multipart/form-data". The
@@ -112,7 +173,7 @@ module Rack
     # Content-Type header is provided and the request_method is POST.
     def form_data?
       type = media_type
-      meth = env["rack.methodoverride.original_method"] || env['REQUEST_METHOD']
+      meth = env["rack.methodoverride.original_method"] || env[REQUEST_METHOD]
       (meth == 'POST' && type.nil?) || FORM_DATA_MEDIA_TYPES.include?(type)
     end
 
@@ -122,38 +183,40 @@ module Rack
       PARSEABLE_DATA_MEDIA_TYPES.include?(media_type)
     end
 
-    # Returns the data recieved in the query string.
+    # Returns the data received in the query string.
     def GET
       if @env["rack.request.query_string"] == query_string
         @env["rack.request.query_hash"]
       else
+        p = parse_query({ :query => query_string, :separator => '&;' })
         @env["rack.request.query_string"] = query_string
-        @env["rack.request.query_hash"]   = parse_query(query_string)
+        @env["rack.request.query_hash"]   = p
       end
     end
 
-    # Returns the data recieved in the request body.
+    # Returns the data received in the request body.
     #
     # This method support both application/x-www-form-urlencoded and
     # multipart/form-data.
     def POST
       if @env["rack.input"].nil?
         raise "Missing rack.input"
-      elsif @env["rack.request.form_input"].eql? @env["rack.input"]
+      elsif @env["rack.request.form_input"].equal? @env["rack.input"]
         @env["rack.request.form_hash"]
       elsif form_data? || parseable_data?
-        @env["rack.request.form_input"] = @env["rack.input"]
         unless @env["rack.request.form_hash"] = parse_multipart(env)
           form_vars = @env["rack.input"].read
 
           # Fix for Safari Ajax postings that always append \0
-          form_vars.sub!(/\0\z/, '')
+          # form_vars.sub!(/\0\z/, '') # performance replacement:
+          form_vars.slice!(-1) if form_vars[-1] == ?\0
 
           @env["rack.request.form_vars"] = form_vars
-          @env["rack.request.form_hash"] = parse_query(form_vars)
+          @env["rack.request.form_hash"] = parse_query({ :query => form_vars, :separator => '&' })
 
           @env["rack.input"].rewind
         end
+        @env["rack.request.form_input"] = @env["rack.input"]
         @env["rack.request.form_hash"]
       else
         {}
@@ -161,10 +224,45 @@ module Rack
     end
 
     # The union of GET and POST data.
+    #
+    # Note that modifications will not be persisted in the env. Use update_param or delete_param if you want to destructively modify params.
     def params
-      self.GET.update(self.POST)
-    rescue EOFError => e
-      self.GET
+      @params ||= self.GET.merge(self.POST)
+    rescue EOFError
+      self.GET.dup
+    end
+
+    # Destructively update a parameter, whether it's in GET and/or POST. Returns nil.
+    #
+    # The parameter is updated wherever it was previous defined, so GET, POST, or both. If it wasn't previously defined, it's inserted into GET.
+    #
+    # env['rack.input'] is not touched.
+    def update_param(k, v)
+      found = false
+      if self.GET.has_key?(k)
+        found = true
+        self.GET[k] = v
+      end
+      if self.POST.has_key?(k)
+        found = true
+        self.POST[k] = v
+      end
+      unless found
+        self.GET[k] = v
+      end
+      @params = nil
+      nil
+    end
+
+    # Destructively delete a parameter, whether it's in GET or POST. Returns the value of the deleted parameter.
+    #
+    # If the parameter is in both GET and POST, the POST value takes precedence since that's how #params works.
+    #
+    # env['rack.input'] is not touched.
+    def delete_param(k)
+      v = [ self.POST.delete(k), self.GET.delete(k) ].compact.first
+      @params = nil
+      v
     end
 
     # shortcut for request.params[key]
@@ -173,6 +271,8 @@ module Rack
     end
 
     # shortcut for request.params[key] = value
+    #
+    # Note that modifications will not be persisted in the env. Use update_param or delete_param if you want to destructively modify params.
     def []=(key, value)
       params[key.to_s] = value
     end
@@ -182,9 +282,9 @@ module Rack
       keys.map{|key| params[key] }
     end
 
-    # the referer of the client or '/'
+    # the referer of the client
     def referer
-      @env['HTTP_REFERER'] || '/'
+      @env['HTTP_REFERER']
     end
     alias referrer referer
 
@@ -193,42 +293,36 @@ module Rack
     end
 
     def cookies
-      return {}  unless @env["HTTP_COOKIE"]
-
-      if @env["rack.request.cookie_string"] == @env["HTTP_COOKIE"]
-        @env["rack.request.cookie_hash"]
-      else
-        @env["rack.request.cookie_string"] = @env["HTTP_COOKIE"]
-        # According to RFC 2109:
-        #   If multiple cookies satisfy the criteria above, they are ordered in
-        #   the Cookie header such that those with more specific Path attributes
-        #   precede those with less specific.  Ordering with respect to other
-        #   attributes (e.g., Domain) is unspecified.
-        @env["rack.request.cookie_hash"] =
-          Utils.parse_query(@env["rack.request.cookie_string"], ';,').inject({}) {|h,(k,v)|
-            h[k] = Array === v ? v.first : v
-            h
-          }
-      end
+      hash   = @env["rack.request.cookie_hash"] ||= {}
+      string = @env["HTTP_COOKIE"]
+
+      return hash if string == @env["rack.request.cookie_string"]
+      hash.clear
+
+      # According to RFC 2109:
+      #   If multiple cookies satisfy the criteria above, they are ordered in
+      #   the Cookie header such that those with more specific Path attributes
+      #   precede those with less specific.  Ordering with respect to other
+      #   attributes (e.g., Domain) is unspecified.
+      cookies = Utils.parse_query(string, ';,') { |s| Rack::Utils.unescape(s) rescue s }
+      cookies.each { |k,v| hash[k] = Array === v ? v.first : v }
+      @env["rack.request.cookie_string"] = string
+      hash
     end
 
     def xhr?
       @env["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest"
     end
 
+    def base_url
+      url = "#{scheme}://#{host}"
+      url << ":#{port}" if port != DEFAULT_PORTS[scheme]
+      url
+    end
+
     # Tries to return a remake of the original request URL as a string.
     def url
-      url = scheme + "://"
-      url << host
-
-      if scheme == "https" && port != 443 ||
-          scheme == "http" && port != 80
-        url << ":#{port}"
-      end
-
-      url << fullpath
-
-      url
+      base_url + fullpath
     end
 
     def path
@@ -240,32 +334,65 @@ module Rack
     end
 
     def accept_encoding
-      @env["HTTP_ACCEPT_ENCODING"].to_s.split(/,\s*/).map do |part|
-        m = /^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$/.match(part) # From WEBrick
+      parse_http_accept_header(@env["HTTP_ACCEPT_ENCODING"])
+    end
 
-        if m
-          [m[1], (m[2] || 1.0).to_f]
-        else
-          raise "Invalid value for Accept-Encoding: #{part.inspect}"
-        end
-      end
+    def accept_language
+      parse_http_accept_header(@env["HTTP_ACCEPT_LANGUAGE"])
+    end
+
+    def trusted_proxy?(ip)
+      ip =~ /\A127\.0\.0\.1\Z|\A(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\.|\A::1\Z|\Afd[0-9a-f]{2}:.+|\Alocalhost\Z|\Aunix\Z|\Aunix:/i
     end
 
     def ip
-      if addr = @env['HTTP_X_FORWARDED_FOR']
-        addr.split(',').last.strip
-      else
-        @env['REMOTE_ADDR']
-      end
+      remote_addrs = split_ip_addresses(@env['REMOTE_ADDR'])
+      remote_addrs = reject_trusted_ip_addresses(remote_addrs)
+
+      return remote_addrs.first if remote_addrs.any?
+
+      forwarded_ips = split_ip_addresses(@env['HTTP_X_FORWARDED_FOR'])
+
+      return reject_trusted_ip_addresses(forwarded_ips).last || @env["REMOTE_ADDR"]
     end
 
     protected
+      def split_ip_addresses(ip_addresses)
+        ip_addresses ? ip_addresses.strip.split(/[,\s]+/) : []
+      end
+
+      def reject_trusted_ip_addresses(ip_addresses)
+        ip_addresses.reject { |ip| trusted_proxy?(ip) }
+      end
+
       def parse_query(qs)
-        Utils.parse_nested_query(qs)
+        d = '&'
+        qs, d = qs[:query], qs[:separator] if Hash === qs
+        Utils.parse_nested_query(qs, d)
       end
 
       def parse_multipart(env)
-        Utils::Multipart.parse_multipart(env)
+        Rack::Multipart.parse_multipart(env)
+      end
+
+      def parse_http_accept_header(header)
+        header.to_s.split(/\s*,\s*/).map do |part|
+          attribute, parameters = part.split(/\s*;\s*/, 2)
+          quality = 1.0
+          if parameters and /\Aq=([\d.]+)/ =~ parameters
+            quality = $1.to_f
+          end
+          [attribute, quality]
+        end
       end
+
+  private
+    def strip_doublequotes(s)
+      if s[0] == ?" && s[-1] == ?"
+        s[1..-2]
+      else
+        s
+      end
+    end
   end
 end

data/lib/rack/response.rb

@@ -1,5 +1,7 @@
 require 'rack/request'
 require 'rack/utils'
+require 'rack/body_proxy'
+require 'time'
 
 module Rack
   # Rack::Response provides a convenient interface to create a Rack
@@ -11,21 +13,23 @@ module Rack
   # You can use Response#write to iteratively generate your response,
   # but note that this is buffered by Rack::Response until you call
   # +finish+.  +finish+ however can take a block inside which calls to
-  # +write+ are syncronous with the Rack response.
+  # +write+ are synchronous with the Rack response.
   #
   # Your application's +call+ should end returning Response#finish.
 
   class Response
     attr_accessor :length
 
-    def initialize(body=[], status=200, header={}, &block)
+    CHUNKED = 'chunked'.freeze
+    TRANSFER_ENCODING = 'Transfer-Encoding'.freeze
+    def initialize(body=[], status=200, header={})
       @status = status.to_i
-      @header = Utils::HeaderHash.new({"Content-Type" => "text/html"}.
-                                      merge(header))
+      @header = Utils::HeaderHash.new.merge(header)
 
-      @writer = lambda { |x| @body << x }
-      @block = nil
-      @length = 0
+      @chunked = CHUNKED == @header[TRANSFER_ENCODING]
+      @writer  = lambda { |x| @body << x }
+      @block   = nil
+      @length  = 0
 
       @body = []
 
@@ -69,14 +73,17 @@ module Rack
     def finish(&block)
       @block = block
 
-      if [204, 304].include?(status.to_i)
-        header.delete "Content-Type"
+      if [204, 205, 304].include?(status.to_i)
+        header.delete CONTENT_TYPE
+        header.delete CONTENT_LENGTH
+        close
         [status.to_i, header, []]
       else
-        [status.to_i, header, self]
+        [status.to_i, header, BodyProxy.new(self){}]
       end
     end
     alias to_a finish           # For *response
+    alias to_ary finish         # For implicit-splat on Ruby 1.9.2
 
     def each(&callback)
       @body.each(&callback)
@@ -90,10 +97,10 @@ module Rack
     #
     def write(str)
       s = str.to_s
-      @length += Rack::Utils.bytesize(s)
+      @length += Rack::Utils.bytesize(s) unless @chunked
       @writer.call s
 
-      header["Content-Length"] = @length.to_s
+      header[CONTENT_LENGTH] = @length.to_s unless @chunked
       str
     end
 
@@ -108,20 +115,26 @@ module Rack
     alias headers header
 
     module Helpers
-      def invalid?;       @status < 100 || @status >= 600;       end
-
-      def informational?; @status >= 100 && @status < 200;       end
-      def successful?;    @status >= 200 && @status < 300;       end
-      def redirection?;   @status >= 300 && @status < 400;       end
-      def client_error?;  @status >= 400 && @status < 500;       end
-      def server_error?;  @status >= 500 && @status < 600;       end
-
-      def ok?;            @status == 200;                        end
-      def forbidden?;     @status == 403;                        end
-      def not_found?;     @status == 404;                        end
-
-      def redirect?;      [301, 302, 303, 307].include? @status; end
-      def empty?;         [201, 204, 304].include?      @status; end
+      def invalid?;            status < 100 || status >= 600;        end
+
+      def informational?;      status >= 100 && status < 200;        end
+      def successful?;         status >= 200 && status < 300;        end
+      def redirection?;        status >= 300 && status < 400;        end
+      def client_error?;       status >= 400 && status < 500;        end
+      def server_error?;       status >= 500 && status < 600;        end
+
+      def ok?;                 status == 200;                        end
+      def created?;            status == 201;                        end
+      def accepted?;           status == 202;                        end
+      def bad_request?;        status == 400;                        end
+      def unauthorized?;       status == 401;                        end
+      def forbidden?;          status == 403;                        end
+      def not_found?;          status == 404;                        end
+      def method_not_allowed?; status == 405;                        end
+      def i_m_a_teapot?;       status == 418;                        end
+      def unprocessable?;      status == 422;                        end
+
+      def redirect?;           [301, 302, 303, 307].include? status; end
 
       # Headers
       attr_reader :headers, :original_headers
@@ -131,11 +144,11 @@ module Rack
       end
 
       def content_type
-        headers["Content-Type"]
+        headers[CONTENT_TYPE]
       end
 
       def content_length
-        cl = headers["Content-Length"]
+        cl = headers[CONTENT_LENGTH]
         cl ? cl.to_i : cl
       end
 

data/lib/rack/rewindable_input.rb

@@ -1,4 +1,6 @@
+# -*- encoding: binary -*-
 require 'tempfile'
+require 'rack/utils'
 
 module Rack
   # Class which can make any IO object rewindable, including non-rewindable ones. It does
@@ -16,27 +18,27 @@ module Rack
       @rewindable_io = nil
       @unlinked = false
     end
-    
+
     def gets
       make_rewindable unless @rewindable_io
       @rewindable_io.gets
     end
-    
+
     def read(*args)
       make_rewindable unless @rewindable_io
       @rewindable_io.read(*args)
     end
-    
+
     def each(&block)
       make_rewindable unless @rewindable_io
       @rewindable_io.each(&block)
     end
-    
+
     def rewind
       make_rewindable unless @rewindable_io
       @rewindable_io.rewind
     end
-    
+
     # Closes this RewindableInput object without closing the originally
     # wrapped IO oject. Cleans up any temporary resources that this RewindableInput
     # has created.
@@ -52,9 +54,9 @@ module Rack
         @rewindable_io = nil
       end
     end
-    
+
     private
-    
+
     # Ruby's Tempfile class has a bug. Subclass it and fix it.
     class Tempfile < ::Tempfile
       def _close
@@ -75,16 +77,18 @@ module Rack
       @rewindable_io.set_encoding(Encoding::BINARY) if @rewindable_io.respond_to?(:set_encoding)
       @rewindable_io.binmode
       if filesystem_has_posix_semantics?
-        @rewindable_io.unlink
+        # Use ::File.unlink as 1.9.1 Tempfile has a bug where unlink closes the file!
+        ::File.unlink @rewindable_io.path
+        raise 'Unlink failed. IO closed.' if @rewindable_io.closed?
         @unlinked = true
       end
-      
+
       buffer = ""
       while @io.read(1024 * 4, buffer)
         entire_buffer_written_out = false
         while !entire_buffer_written_out
           written = @rewindable_io.write(buffer)
-          entire_buffer_written_out = written == buffer.size
+          entire_buffer_written_out = written == Rack::Utils.bytesize(buffer)
           if !entire_buffer_written_out
             buffer.slice!(0 .. written - 1)
           end
@@ -92,7 +96,7 @@ module Rack
       end
       @rewindable_io.rewind
     end
-    
+
     def filesystem_has_posix_semantics?
       RUBY_PLATFORM !~ /(mswin|mingw|cygwin|java)/
     end

data/lib/rack/runtime.rb

@@ -12,16 +12,29 @@ module Rack
       @header_name << "-#{name}" if name
     end
 
+    FORMAT_STRING = "%0.6f"
     def call(env)
-      start_time = Time.now
+      start_time = clock_time
       status, headers, body = @app.call(env)
-      request_time = Time.now - start_time
+      request_time = clock_time - start_time
 
       if !headers.has_key?(@header_name)
-        headers[@header_name] = "%0.6f" % request_time
+        headers[@header_name] = FORMAT_STRING % request_time
       end
 
       [status, headers, body]
     end
+
+    private
+
+    if defined?(Process::CLOCK_MONOTONIC)
+      def clock_time
+        Process.clock_gettime(Process::CLOCK_MONOTONIC)
+      end
+    else
+      def clock_time
+        Time.now.to_f
+      end
+    end
   end
 end