rack 1.4.0 → 1.4.5

data/COPYING

@@ -1,4 +1,4 @@
-Copyright (c) 2007, 2008, 2009, 2010 Christian Neukirchen <purl.org/net/chneukirchen>
+Copyright (c) 2007, 2008, 2009, 2010, 2011, 2012 Christian Neukirchen <purl.org/net/chneukirchen>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to

data/KNOWN-ISSUES

@@ -1,3 +1,12 @@
+= Known issues with Rack and ECMA-262
+
+* Many users expect the escape() function defined in ECMA-262 to be compatible
+  with URI. Confusion is especially strong because the documentation for the
+  escape function includes a reference to the URI specifications. ECMA-262
+  escape is not however a URI escape function, it is a javascript escape
+  function, and is not fully compatible. Most notably, for characters outside of
+  the BMP. Users should use the more correct encodeURI functions.
+
 = Known issues with Rack and Web servers
 
 * Lighttpd sets wrong SCRIPT_NAME and PATH_INFO if you mount your

data/README.rdoc

@@ -1,4 +1,4 @@
-= Rack, a modular Ruby webserver interface
+= Rack, a modular Ruby webserver interface {<img src="https://secure.travis-ci.org/rack/rack.png" alt="Build Status" />}[http://travis-ci.org/rack/rack] {<img src="https://gemnasium.com/rack/rack.png" alt="Dependency Status" />}[https://gemnasium.com/rack/rack]
 
 Rack provides a minimal, modular and adaptable interface for developing
 web applications in Ruby.  By wrapping HTTP requests and responses in
@@ -27,8 +27,11 @@ These web servers include Rack handlers in their distributions:
 * Fuzed
 * Glassfish v3
 * Phusion Passenger (which is mod_rack for Apache and for nginx)
+* Puma
 * Rainbows!
 * Unicorn
+* unixrack
+* uWSGI
 * Zbatery
 
 Any valid Rack app will run the same on all these handlers, without
@@ -132,7 +135,11 @@ at my site:
 
 Testing Rack requires the bacon testing framework:
 
-    gem install bacon
+    bundle install --without extra # to be able to run the fast tests
+
+Or:
+
+    bundle install # this assumes that you have installed native extensions!
 
 There are two rake-based test tasks:
 
@@ -355,7 +362,7 @@ run on port 11211) and memcache-client installed.
 * July 16, 2011: Sixteenth public release 1.3.2
   * Fix for Rails and rack-test, Rack::Utils#escape calls to_s
 
-* Not Yet Released: Seventeenth public release 1.3.3
+* September 16, 2011: Seventeenth public release 1.3.3
   * Fix bug with broken query parameters in Rack::ShowExceptions
   * Rack::Request#cookies no longer swallows exceptions on broken input
   * Prevents XSS attacks enabled by bug in Ruby 1.8's regexp engine
@@ -373,6 +380,10 @@ run on port 11211) and memcache-client installed.
 * October 17, 2011: Twentieth public release 1.3.5
   * Fix annoying warnings caused by the backport in 1.3.4
 
+* December 28th, 2011: Twenty first public release: 1.1.3.
+  * Security fix. http://www.ocert.org/advisories/ocert-2011-003.html
+    Further information here: http://jruby.org/2011/12/27/jruby-1-6-5-1
+
 * December 28th, 2011: Twenty fourth public release 1.4.0
   * Ruby 1.8.6 support has officially been dropped. Not all tests pass.
   * Raise sane error messages for broken config.ru
@@ -392,11 +403,114 @@ run on port 11211) and memcache-client installed.
   * Support added for HTTP_X_FORWARDED_SCHEME
   * Numerous bug fixes, including many fixes for new and alternate rubies
 
+* January 22nd, 2012: Twenty fifth public release 1.4.1
+  * Alter the keyspace limit calculations to reduce issues with nested params
+  * Add a workaround for multipart parsing where files contain unescaped "%"
+  * Added Rack::Response::Helpers#method_not_allowed? (code 405)
+  * Rack::File now returns 404 for illegal directory traversals
+  * Rack::File now returns 405 for illegal methods (non HEAD/GET)
+  * Rack::Cascade now catches 405 by default, as well as 404
+  * Cookies missing '--' no longer cause an exception to be raised
+  * Various style changes and documentation spelling errors
+  * Rack::BodyProxy always ensures to execute its block
+  * Additional test coverage around cookies and secrets
+  * Rack::Session::Cookie can now be supplied either secret or old_secret
+  * Tests are no longer dependent on set order
+  * Rack::Static no longer defaults to serving index files
+  * Rack.release was fixed
+
+* January 6th, 2013: Twenty sixth public release 1.1.4
+  * Add warnings when users do not provide a session secret
+
+* January 6th, 2013: Twenty seventh public release 1.2.6
+  * Add warnings when users do not provide a session secret
+  * Fix parsing performance for unquoted filenames
+
+* January 6th, 2013: Twenty eighth public release 1.3.7
+  * Add warnings when users do not provide a session secret
+  * Fix parsing performance for unquoted filenames
+  * Updated URI backports
+  * Fix URI backport version matching, and silence constant warnings
+  * Correct parameter parsing with empty values
+  * Correct rackup '-I' flag, to allow multiple uses
+  * Correct rackup pidfile handling
+  * Report rackup line numbers correctly
+  * Fix request loops caused by non-stale nonces with time limits
+  * Fix reloader on Windows
+  * Prevent infinite recursions from Response#to_ary
+  * Various middleware better conforms to the body close specification
+  * Updated language for the body close specification
+  * Additional notes regarding ECMA escape compatibility issues
+  * Fix the parsing of multiple ranges in range headers
+
+* January 6th, 2013: Twenty ninth public release 1.4.2
+  * Add warnings when users do not provide a session secret
+  * Fix parsing performance for unquoted filenames
+  * Updated URI backports
+  * Fix URI backport version matching, and silence constant warnings
+  * Correct parameter parsing with empty values
+  * Correct rackup '-I' flag, to allow multiple uses
+  * Correct rackup pidfile handling
+  * Report rackup line numbers correctly
+  * Fix request loops caused by non-stale nonces with time limits
+  * Fix reloader on Windows
+  * Prevent infinite recursions from Response#to_ary
+  * Various middleware better conforms to the body close specification
+  * Updated language for the body close specification
+  * Additional notes regarding ECMA escape compatibility issues
+  * Fix the parsing of multiple ranges in range headers
+  * Prevent errors from empty parameter keys
+  * Added PATCH verb to Rack::Request
+  * Various documentation updates
+  * Fix session merge semantics (fixes rack-test)
+  * Rack::Static :index can now handle multiple directories
+  * All tests now utilize Rack::Lint (special thanks to Lars Gierth)
+  * Rack::File cache_control parameter is now deprecated, and removed by 1.5
+  * Correct Rack::Directory script name escaping
+  * Rack::Static supports header rules for sophisticated configurations
+  * Multipart parsing now works without a Content-Length header
+  * New logos courtesy of Zachary Scott!
+  * Rack::BodyProxy now explicitly defines #each, useful for C extensions
+  * Cookies that are not URI escaped no longer cause exceptions
+
+* January 7th, 2013: Thirtieth public release 1.3.8
+  * Security: Prevent unbounded reads in large multipart boundaries
+
+* January 7th, 2013: Thirty first public release 1.4.3
+  * Security: Prevent unbounded reads in large multipart boundaries
+
+* January 13th, 2013: Thirty second public release 1.4.4, 1.3.9, 1.2.7, 1.1.5
+  * [SEC] Rack::Auth::AbstractRequest no longer symbolizes arbitrary strings
+  * Fixed erroneous test case in the 1.3.x series
+
+* February 7th, Thirty fifth public release 1.1.6, 1.2.8, 1.3.10
+  * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie
+
+* February 7th, Thirty fifth public release 1.4.5
+  * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie
+  * Fix CVE-2013-0262, symlink path traversal in Rack::File
+
+* February 7th, Thirty fifth public release 1.5.2
+  * Fix CVE-2013-0263, timing attack against Rack::Session::Cookie
+  * Fix CVE-2013-0262, symlink path traversal in Rack::File
+  * Add various methods to Session for enhanced Rails compatibility
+  * Request#trusted_proxy? now only matches whole stirngs
+  * Add JSON cookie coder, to be default in Rack 1.6+ due to security concerns
+  * URLMap host matching in environments that don't set the Host header fixed
+  * Fix a race condition that could result in overwritten pidfiles
+  * Various documentation additions
+
 == Contact
 
 Please post bugs, suggestions and patches to
 the bug tracker at <http://github.com/rack/rack/issues>.
 
+Please post security related bugs and suggestions to the core team at
+<https://groups.google.com/group/rack-core> or rack-core@googlegroups.com. Due
+to wide usage of the library, it is strongly preferred that we manage timing in
+order to provide viable patches at the time of disclosure. Your assistance in
+this matter is greatly appreciated.
+
 Mailing list archives are available at
 <http://groups.google.com/group/rack-devel>.
 
@@ -472,7 +586,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 == Links
 
-Rack:: <http://rack.rubyforge.org/>
+Rack:: <http://rack.github.com/>
 Official Rack repositories:: <http://github.com/rack>
 Rack Bug Tracking:: <http://github.com/rack/rack/issues>
 rack-devel mailing list:: <http://groups.google.com/group/rack-devel>

data/Rakefile

@@ -11,12 +11,12 @@ task :deps do
     reqs = dep.requirements_list
     reqs = (["-v"] * reqs.size).zip(reqs).flatten
     # Use system over sh, because we want to ignore errors!
-    system "gem", "install", '--conservative', dep.name, *reqs
+    system Gem.ruby, "-S", "gem", "install", '--conservative', dep.name, *reqs
   end
 end
 
 desc "Make an archive as .tar.gz"
-task :dist => [:chmod, :changelog, :rdoc, "SPEC"] do
+task :dist => %w[chmod ChangeLog SPEC rdoc] do
   sh "git archive --format=tar --prefix=#{release}/ HEAD^{tree} >#{release}.tar"
   sh "pax -waf #{release}.tar -s ':^:#{release}/:' SPEC ChangeLog doc rack.gemspec"
   sh "gzip -f -9 #{release}.tar"
@@ -31,7 +31,7 @@ task :officialrelease do
   sh "mv stage/#{release}.tar.gz stage/#{release}.gem ."
 end
 
-task :officialrelease_really => ["SPEC", :dist, :gem] do
+task :officialrelease_really => %w[SPEC dist gem] do
   sh "sha1sum #{release}.tar.gz #{release}.gem"
 end
 
@@ -46,7 +46,10 @@ task :chmod do
 end
 
 desc "Generate a ChangeLog"
-task :changelog do
+task :changelog => %w[ChangeLog]
+
+file '.git/index'
+file "ChangeLog" => '.git/index' do
   File.open("ChangeLog", "w") { |out|
     `git log -z`.split("\0").map { |chunk|
       author = chunk[/Author: (.*)/, 1].strip
@@ -63,7 +66,6 @@ task :changelog do
   }
 end
 
-
 file 'lib/rack/lint.rb'
 desc "Generate Rack Specification"
 file "SPEC" => 'lib/rack/lint.rb' do
@@ -99,17 +101,22 @@ task :gem => ["SPEC"] do
   sh "gem build rack.gemspec"
 end
 
+task :doc => :rdoc
 desc "Generate RDoc documentation"
-task :rdoc => ["SPEC"] do
+task :rdoc => %w[ChangeLog SPEC] do
   sh(*%w{rdoc --line-numbers --main README.rdoc
               --title 'Rack\ Documentation' --charset utf-8 -U -o doc} +
-              %w{README.rdoc KNOWN-ISSUES SPEC} +
-              Dir["lib/**/*.rb"])
+              %w{README.rdoc KNOWN-ISSUES SPEC ChangeLog} +
+              `git ls-files lib/\*\*/\*.rb`.strip.split)
+  cp "contrib/rdoc.css", "doc/rdoc.css"
+end
+
+task :pushdoc => %w[rdoc] do
+  sh "rsync -avz doc/ rack.rubyforge.org:/var/www/gforge-projects/rack/doc/"
 end
 
-task :pushsite => [:rdoc] do
+task :pushsite => %w[pushdoc] do
   sh "cd site && git gc"
-  sh "rsync -avz doc/ chneukirchen@rack.rubyforge.org:/var/www/gforge-projects/rack/doc/"
-  sh "rsync -avz site/ chneukirchen@rack.rubyforge.org:/var/www/gforge-projects/rack/"
+  sh "rsync -avz site/ rack.rubyforge.org:/var/www/gforge-projects/rack/"
   sh "cd site && git push"
 end

data/SPEC

@@ -156,7 +156,9 @@ The Body must respond to +each+
 and must only yield String values.
 The Body itself should not be an instance of String, as this will
 break in Ruby 1.9.
-If the Body responds to +close+, it will be called after iteration.
+If the Body responds to +close+, it will be called after iteration. If
+the body is replaced by a middleware after action, the original body
+must be closed first, if it repsonds to close.
 If the Body responds to +to_path+, it must return a String
 identifying the location of a file whose contents are identical
 to that produced by calling +each+; this may be used by the

data/contrib/rack.svg

@@ -0,0 +1,150 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:osb="http://www.openswatchbook.org/uri/2009/osb"
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="744.09448819"
+   height="1052.3622047"
+   id="svg2"
+   version="1.1"
+   inkscape:version="0.48.3.1 r9886"
+   sodipodi:docname="rack.svg">
+  <defs
+     id="defs4">
+    <linearGradient
+       id="linearGradient3837"
+       osb:paint="solid">
+      <stop
+         style="stop-color:#000000;stop-opacity:1;"
+         offset="0"
+         id="stop3839" />
+    </linearGradient>
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="0.98994949"
+     inkscape:cx="230.49849"
+     inkscape:cy="656.46253"
+     inkscape:document-units="px"
+     inkscape:current-layer="layer1"
+     showgrid="false"
+     showguides="false"
+     inkscape:guide-bbox="true"
+     inkscape:window-width="1920"
+     inkscape:window-height="1056"
+     inkscape:window-x="1920"
+     inkscape:window-y="24"
+     inkscape:window-maximized="1">
+    <sodipodi:guide
+       orientation="1,0"
+       position="645.99255,757.10933"
+       id="guide2995" />
+    <sodipodi:guide
+       orientation="1,0"
+       position="488.40876,686.90373"
+       id="guide2997" />
+    <sodipodi:guide
+       orientation="1,0"
+       position="176.7767,748.52304"
+       id="guide2999" />
+    <sodipodi:guide
+       orientation="1,0"
+       position="355.71429,782.85714"
+       id="guide3005" />
+    <sodipodi:guide
+       orientation="0,1"
+       position="527.14286,642.85714"
+       id="guide3007" />
+    <sodipodi:guide
+       orientation="0,1"
+       position="431.42857,507.85714"
+       id="guide3009" />
+    <sodipodi:guide
+       orientation="0,1"
+       position="488.40876,783.57143"
+       id="guide3011" />
+    <sodipodi:guide
+       orientation="0,1"
+       position="505,372.85714"
+       id="guide3013" />
+  </sodipodi:namedview>
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Layer 1"
+     inkscape:groupmode="layer"
+     id="layer1">
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 176.28125,201.03125 0,0.625 0,395.125 0,0.375 0.34375,0.0937 312.34375,91.6875 0.625,0.1875 0,-0.65625 0.125,-419.09375 0,-0.40625 -0.40625,-0.0937 -312.4375,-67.71875 -0.59375,-0.125 z m 1,1.21875 311.4375,67.5 -0.125,418.0625 -311.3125,-91.375 0,-394.1875 z"
+       id="path2985"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 647.21875,206.59375 -0.6875,0.28125 -157.59375,62.21875 -0.3125,0.125 0,0.34375 0.1875,419.125 0,0.75 0.6875,-0.28125 156.0625,-63.1875 0.3125,-0.125 0,-0.34375 1.34375,-418.15625 0,-0.75 z m -1,1.4375 -1.34375,417.125 -155.0625,62.78125 -0.1875,-418.03125 156.59375,-61.875 z"
+       id="path2993"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 355.6875,137.40625 -0.15625,0.0625 L 176.96875,201.0625 177.3125,202 355.75,138.4375 646.78125,207.53125 647,206.5625 l -291.15625,-69.125 -0.15625,-0.0312 z"
+       id="path3003"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 355.71875,277.53125 -0.125,0.0312 -178.9375,47.96875 -1.8125,0.46875 1.8125,0.5 311.625,83.5 0.15625,0.0312 0.125,-0.0625 157.59375,-53.65625 1.5625,-0.53125 -1.59375,-0.4375 -290.28125,-77.78125 -0.125,-0.0312 z m 0,1.03125 L 644.3125,355.90625 488.375,409 178.71875,326 l 177,-47.4375 z"
+       id="path3015"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 355.21875,240.9375 0,37.125 1,0 0,-37.125 -1,0 z"
+       id="path3017"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 176.28125,202.65625 0,393.28125 1,0 0,-393.28125 -1,0 z"
+       id="path3019"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 355.71875,409 -0.125,0.0312 L 177,455.8125 l -1.78125,0.46875 1.78125,0.5 L 488.28125,545 l 0.15625,0.0312 0.125,-0.0625 156.71875,-56.25 1.46875,-0.53125 -1.53125,-0.40625 -289.375,-78.75 -0.125,-0.0312 z m 0,1.03125 287.6875,78.28125 L 488.375,544 179.03125,456.3125 355.71875,410.03125 z"
+       id="path3021"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 355.71875,544 -0.15625,0.0312 -178.5625,52.3125 0.28125,0.96875 178.4375,-52.28125 289.59375,80.25 0.28125,-0.96875 -289.75,-80.28125 -0.125,-0.0312 z"
+       id="path3023"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 355.21875,374.34375 0,35.15625 1,0 0,-35.15625 -1,0 z"
+       id="path3025"
+       inkscape:connector-curvature="0" />
+    <path
+       style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:10;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans;stroke-opacity:1;stroke-miterlimit:30;stroke-dasharray:none;stroke-linecap:round;stroke-linejoin:round"
+       d="m 355.1875,507.03125 0,37.4375 1.03125,0 0,-37.4375 -1.03125,0 z"
+       id="path3027"
+       inkscape:connector-curvature="0" />
+  </g>
+</svg>