rack 1.4.1 → 1.4.2

data/lib/rack/auth/basic.rb

@@ -41,7 +41,7 @@ module Rack
 
       class Request < Auth::AbstractRequest
         def basic?
-          :basic == scheme
+          !parts.first.nil? && :basic == scheme
         end
 
         def credentials

data/lib/rack/auth/digest/nonce.rb

@@ -38,7 +38,7 @@ module Rack
         end
 
         def stale?
-          !self.class.time_limit.nil? && (@timestamp - Time.now.to_i) < self.class.time_limit
+          !self.class.time_limit.nil? && (Time.now.to_i - @timestamp) > self.class.time_limit
         end
 
         def fresh?

data/lib/rack/backports/uri/common_18.rb

@@ -8,7 +8,21 @@
 
 module URI
   TBLENCWWWCOMP_ = {} # :nodoc:
+  256.times do |i|
+    TBLENCWWWCOMP_[i.chr] = '%%%02X' % i
+  end
+  TBLENCWWWCOMP_[' '] = '+'
+  TBLENCWWWCOMP_.freeze
   TBLDECWWWCOMP_ = {} # :nodoc:
+  256.times do |i|
+    h, l = i>>4, i&15
+    TBLDECWWWCOMP_['%%%X%X' % [h, l]] = i.chr
+    TBLDECWWWCOMP_['%%%x%X' % [h, l]] = i.chr
+    TBLDECWWWCOMP_['%%%X%x' % [h, l]] = i.chr
+    TBLDECWWWCOMP_['%%%x%x' % [h, l]] = i.chr
+  end
+  TBLDECWWWCOMP_['+'] = ' '
+  TBLDECWWWCOMP_.freeze
 
   # Encode given +s+ to URL-encoded form data.
   #
@@ -26,18 +40,6 @@ module URI
         '%' + $1.unpack('H2' * Rack::Utils.bytesize($1)).join('%').upcase
       end.tr(' ', '+')
     else
-      if TBLENCWWWCOMP_.empty?
-        tbl = {}
-        256.times do |i|
-          tbl[i.chr] = '%%%02X' % i
-        end
-        tbl[' '] = '+'
-        begin
-          TBLENCWWWCOMP_.replace(tbl)
-          TBLENCWWWCOMP_.freeze
-        rescue
-        end
-      end
       str.gsub(/[^*\-.0-9A-Z_a-z]/) {|m| TBLENCWWWCOMP_[m]}
     end
   end
@@ -48,22 +50,6 @@ module URI
   #
   # See URI.encode_www_form_component, URI.decode_www_form
   def self.decode_www_form_component(str, enc=nil)
-    if TBLDECWWWCOMP_.empty?
-      tbl = {}
-      256.times do |i|
-        h, l = i>>4, i&15
-        tbl['%%%X%X' % [h, l]] = i.chr
-        tbl['%%%x%X' % [h, l]] = i.chr
-        tbl['%%%X%x' % [h, l]] = i.chr
-        tbl['%%%x%x' % [h, l]] = i.chr
-      end
-      tbl['+'] = ' '
-      begin
-        TBLDECWWWCOMP_.replace(tbl)
-        TBLDECWWWCOMP_.freeze
-      rescue
-      end
-    end
     raise ArgumentError, "invalid %-encoding (#{str})" unless /\A(?:%[0-9a-fA-F]{2}|[^%])*\z/ =~ str
     str.gsub(/\+|%[0-9a-fA-F]{2}/) {|m| TBLDECWWWCOMP_[m]}
   end

data/lib/rack/backports/uri/common_192.rb

@@ -17,6 +17,19 @@
 require 'uri/common'
 
 module URI
+  TBLDECWWWCOMP_ = {} unless const_defined?(:TBLDECWWWCOMP_)  #:nodoc:
+  if TBLDECWWWCOMP_.empty?
+    256.times do |i|
+      h, l = i>>4, i&15
+      TBLDECWWWCOMP_['%%%X%X' % [h, l]] = i.chr
+      TBLDECWWWCOMP_['%%%x%X' % [h, l]] = i.chr
+      TBLDECWWWCOMP_['%%%X%x' % [h, l]] = i.chr
+      TBLDECWWWCOMP_['%%%x%x' % [h, l]] = i.chr
+    end
+    TBLDECWWWCOMP_['+'] = ' '
+    TBLDECWWWCOMP_.freeze
+  end
+
   def self.decode_www_form(str, enc=Encoding::UTF_8)
     return [] if str.empty?
     unless /\A#{WFKV_}=#{WFKV_}(?:[;&]#{WFKV_}=#{WFKV_})*\z/o =~ str
@@ -30,26 +43,10 @@ module URI
   end
 
   def self.decode_www_form_component(str, enc=Encoding::UTF_8)
-    if TBLDECWWWCOMP_.empty?
-      tbl = {}
-      256.times do |i|
-        h, l = i>>4, i&15
-        tbl['%%%X%X' % [h, l]] = i.chr
-        tbl['%%%x%X' % [h, l]] = i.chr
-        tbl['%%%X%x' % [h, l]] = i.chr
-        tbl['%%%x%x' % [h, l]] = i.chr
-      end
-      tbl['+'] = ' '
-      begin
-        TBLDECWWWCOMP_.replace(tbl)
-        TBLDECWWWCOMP_.freeze
-      rescue
-      end
-    end
     raise ArgumentError, "invalid %-encoding (#{str})" unless /\A[^%]*(?:%\h\h[^%]*)*\z/ =~ str
     str.gsub(/\+|%\h\h/, TBLDECWWWCOMP_).force_encoding(enc)
   end
 
-  remove_const :WFKV_
+  remove_const :WFKV_ if const_defined?(:WFKV_)
   WFKV_ = '(?:[^%#=;&]*(?:%\h\h[^%#=;&]*)*)' # :nodoc:
 end

data/lib/rack/backports/uri/common_193.rb

@@ -0,0 +1,29 @@
+# :stopdoc:
+
+require 'uri/common'
+
+# Issue:
+# http://bugs.ruby-lang.org/issues/5925
+#
+# Relevant commit:
+# https://github.com/ruby/ruby/commit/edb7cdf1eabaff78dfa5ffedfbc2e91b29fa9ca1
+
+module URI
+  256.times do |i|
+    TBLENCWWWCOMP_[i.chr] = '%%%02X' % i
+  end
+  TBLENCWWWCOMP_[' '] = '+'
+  TBLENCWWWCOMP_.freeze
+
+  256.times do |i|
+    h, l = i>>4, i&15
+    TBLDECWWWCOMP_['%%%X%X' % [h, l]] = i.chr
+    TBLDECWWWCOMP_['%%%x%X' % [h, l]] = i.chr
+    TBLDECWWWCOMP_['%%%X%x' % [h, l]] = i.chr
+    TBLDECWWWCOMP_['%%%x%x' % [h, l]] = i.chr
+  end
+  TBLDECWWWCOMP_['+'] = ' '
+  TBLDECWWWCOMP_.freeze
+end
+
+# :startdoc:

data/lib/rack/body_proxy.rb

@@ -5,6 +5,7 @@ module Rack
     end
 
     def respond_to?(*args)
+      return false if args.first.to_s =~ /^to_ary$/
       super or @body.respond_to?(*args)
     end
 
@@ -22,7 +23,16 @@ module Rack
       @closed
     end
 
+    # N.B. This method is a special case to address the bug described by #434.
+    # We are applying this special case for #each only. Future bugs of this
+    # class will be handled by requesting users to patch their ruby
+    # implementation, to save adding too many methods in this class.
+    def each(*args, &block)
+      @body.each(*args, &block)
+    end
+
     def method_missing(*args, &block)
+      super if args.first.to_s =~ /^to_ary$/
       @body.__send__(*args, &block)
     end
   end

data/lib/rack/builder.rb

@@ -38,7 +38,7 @@ module Rack
         end
         cfgfile.sub!(/^__END__\n.*\Z/m, '')
         app = eval "Rack::Builder.new {\n" + cfgfile + "\n}.to_app",
-          TOPLEVEL_BINDING, config
+          TOPLEVEL_BINDING, config, 0
       else
         require config
         app = Object.const_get(::File.basename(config, '.rb').capitalize)

data/lib/rack/cascade.rb

@@ -19,8 +19,19 @@ module Rack
     def call(env)
       result = NotFound
 
+      last_body = nil
+
       @apps.each do |app|
+        # The SPEC says that the body must be closed after it has been iterated
+        # by the server, or if it is replaced by a middleware action. Cascade
+        # replaces the body each time a cascade happens. It is assumed that nil
+        # does not respond to close, otherwise the previous application body
+        # will be closed. The final application body will not be closed, as it
+        # will be passed to the server as a result.
+        last_body.close if last_body.respond_to? :close
+
         result = app.call(env)
+        last_body = result[2]
         break unless @catch.include?(result[0].to_i)
       end
 

data/lib/rack/commonlogger.rb

@@ -1,13 +1,26 @@
 require 'rack/body_proxy'
 
 module Rack
-  # Rack::CommonLogger forwards every request to an +app+ given, and
-  # logs a line in the Apache common log format to the +logger+, or
-  # rack.errors by default.
+  # Rack::CommonLogger forwards every request to the given +app+, and
+  # logs a line in the
+  # {Apache common log format}[http://httpd.apache.org/docs/1.3/logs.html#common]
+  # to the +logger+.
+  #
+  # If +logger+ is nil, CommonLogger will fall back +rack.errors+, which is
+  # an instance of Rack::NullLogger.
+  #
+  # +logger+ can be any class, including the standard library Logger, and is
+  # expected to have a +write+ method, which accepts the CommonLogger::FORMAT.
+  # According to the SPEC, the error stream must also respond to +puts+
+  # (which takes a single argument that responds to +to_s+), and +flush+
+  # (which is called without arguments in order to make the error appear for
+  # sure)
   class CommonLogger
     # Common Log Format: http://httpd.apache.org/docs/1.3/logs.html#common
-    # lilith.local - - [07/Aug/2006 23:58:02] "GET / HTTP/1.1" 500 -
-    #             %{%s - %s [%s] "%s %s%s %s" %d %s\n} %
+    #
+    #   lilith.local - - [07/Aug/2006 23:58:02] "GET / HTTP/1.1" 500 -
+    #
+    #   %{%s - %s [%s] "%s %s%s %s" %d %s\n} %
     FORMAT = %{%s - %s [%s] "%s %s%s %s" %d %s %0.4f\n}
 
     def initialize(app, logger=nil)

data/lib/rack/deflater.rb

@@ -45,6 +45,7 @@ module Rack
       when "identity"
         [status, headers, body]
       when nil
+        body.close if body.respond_to?(:close)
         message = "An acceptable encoding for the requested resource #{request.fullpath} could not be found."
         [406, {"Content-Type" => "text/plain", "Content-Length" => message.length.to_s}, [message]]
       end
@@ -64,6 +65,7 @@ module Rack
           gzip.write(part)
           gzip.flush
         }
+      ensure
         @body.close if @body.respond_to?(:close)
         gzip.close
         @writer = nil
@@ -90,9 +92,11 @@ module Rack
       def each
         deflater = ::Zlib::Deflate.new(*DEFLATE_ARGS)
         @body.each { |part| yield deflater.deflate(part, Zlib::SYNC_FLUSH) }
-        @body.close if @body.respond_to?(:close)
         yield deflater.finish
         nil
+      ensure
+        @body.close if @body.respond_to?(:close)
+        deflater.close
       end
     end
   end

data/lib/rack/directory.rb

@@ -80,7 +80,7 @@ table { width:100%%; }
       @files = [['../','Parent Directory','','','']]
       glob = F.join(@path, '*')
 
-      url_head = ([@script_name] + @path_info.split('/')).map do |part|
+      url_head = (@script_name.split('/') + @path_info.split('/')).map do |part|
         Rack::Utils.escape part
       end
 

data/lib/rack/etag.rb

@@ -28,8 +28,11 @@ module Rack
       end
 
       unless headers['Cache-Control']
-        headers['Cache-Control'] =
-          (digest ? @cache_control : @no_cache_control) || []
+        if digest
+          headers['Cache-Control'] = @cache_control if @cache_control
+        else
+          headers['Cache-Control'] = @no_cache_control if @no_cache_control
+        end
       end
 
       [status, headers, body]
@@ -46,7 +49,7 @@ module Rack
       end
 
       def skip_caching?(headers)
-        headers['Cache-Control'] == 'no-cache' ||
+        (headers['Cache-Control'] && headers['Cache-Control'].include?('no-cache')) ||
           headers.key?('ETag') || headers.key?('Last-Modified')
       end
 

data/lib/rack/file.rb

@@ -21,9 +21,16 @@ module Rack
 
     alias :to_path :path
 
-    def initialize(root, cache_control = nil)
+    def initialize(root, headers={})
       @root = root
-      @cache_control = cache_control
+      # Allow a cache_control string for backwards compatibility
+      if headers.instance_of? String
+        warn \
+          "Rack::File headers parameter replaces cache_control after Rack 1.5."
+        @headers = { 'Cache-Control' => headers }
+      else
+        @headers = headers
+      end
     end
 
     def call(env)
@@ -78,7 +85,9 @@ module Rack
         },
         env["REQUEST_METHOD"] == "HEAD" ? [] : self
       ]
-      response[1].merge! 'Cache-Control' => @cache_control if @cache_control
+
+      # Set custom headers
+      @headers.each { |field, content| response[1][field] = content } if @headers
 
       # NOTE:
       #   We check via File::size? whether this file provides size info
@@ -101,7 +110,7 @@ module Rack
         # Partial content:
         @range = ranges[0]
         response[0] = 206
-        response[1]["Content-Range"]  = "bytes #{@range.begin}-#{@range.end}/#{size}"
+        response[1]["Content-Range"] = "bytes #{@range.begin}-#{@range.end}/#{size}"
         size = @range.end - @range.begin + 1
       end
 

data/lib/rack/head.rb

@@ -9,6 +9,7 @@ class Head
     status, headers, body = @app.call(env)
 
     if env["REQUEST_METHOD"] == "HEAD"
+      body.close if body.respond_to? :close
       [status, headers, []]
     else
       [status, headers, body]

data/lib/rack/lint.rb

@@ -528,7 +528,9 @@ module Rack
       ## The Body itself should not be an instance of String, as this will
       ## break in Ruby 1.9.
       ##
-      ## If the Body responds to +close+, it will be called after iteration.
+      ## If the Body responds to +close+, it will be called after iteration. If
+      ## the body is replaced by a middleware after action, the original body
+      ## must be closed first, if it repsonds to close.
       # XXX howto: assert("Body has not been closed") { @closed }
 
 

data/lib/rack/lock.rb

@@ -13,12 +13,11 @@ module Rack
       old, env[FLAG] = env[FLAG], false
       @mutex.lock
       response = @app.call(env)
-      response[2] = BodyProxy.new(response[2]) { @mutex.unlock }
+      body = BodyProxy.new(response[2]) { @mutex.unlock }
+      response[2] = body
       response
-    rescue Exception
-      @mutex.unlock
-      raise
     ensure
+      @mutex.unlock unless body
       env[FLAG] = old
     end
   end

data/lib/rack/mime.rb

@@ -598,7 +598,7 @@ module Rack
       ".wmv"       => "video/x-ms-wmv",
       ".wmx"       => "video/x-ms-wmx",
       ".wmz"       => "application/x-ms-wmz",
-      ".woff"      => "application/octet-stream",
+      ".woff"      => "application/font-woff",
       ".wpd"       => "application/vnd.wordperfect",
       ".wpl"       => "application/vnd.ms-wpl",
       ".wps"       => "application/vnd.ms-works",

data/lib/rack/mock.rb

@@ -9,12 +9,12 @@ module Rack
   # Rack::MockRequest helps testing your Rack application without
   # actually using HTTP.
   #
-  # After performing a request on a URL with get/post/put/delete, it
+  # After performing a request on a URL with get/post/put/patch/delete, it
   # returns a MockResponse with useful helper methods for effective
   # testing.
   #
   # You can pass a hash with additional configuration to the
-  # get/post/put/delete.
+  # get/post/put/patch/delete.
   # <tt>:input</tt>:: A String or IO-like to be used as rack.input.
   # <tt>:fatal</tt>:: Raise a FatalWarning if the app writes to rack.errors.
   # <tt>:lint</tt>:: If true, wrap the application in a Rack::Lint.
@@ -56,6 +56,7 @@ module Rack
     def get(uri, opts={})    request("GET", uri, opts)    end
     def post(uri, opts={})   request("POST", uri, opts)   end
     def put(uri, opts={})    request("PUT", uri, opts)    end
+    def patch(uri, opts={})  request("PATCH", uri, opts)    end
     def delete(uri, opts={}) request("DELETE", uri, opts) end
     def head(uri, opts={})   request("HEAD", uri, opts)   end
 

data/lib/rack/multipart.rb

@@ -12,7 +12,7 @@ module Rack
     MULTIPART = %r|\Amultipart/.*boundary=\"?([^\";,]+)\"?|n
     TOKEN = /[^\s()<>,;:\\"\/\[\]?=]+/
     CONDISP = /Content-Disposition:\s*#{TOKEN}\s*/i
-    DISPPARM = /;\s*(#{TOKEN})=("(?:\\"|[^"])*"|#{TOKEN})*/
+    DISPPARM = /;\s*(#{TOKEN})=("(?:\\"|[^"])*"|#{TOKEN})/
     RFC2183 = /^#{CONDISP}(#{DISPPARM})+$/i
     BROKEN_QUOTED = /^#{CONDISP}.*;\sfilename="(.*?)"(?:\s*$|\s*;\s*#{TOKEN}=)/i
     BROKEN_UNQUOTED = /^#{CONDISP}.*;\sfilename=(#{TOKEN})/i
@@ -31,4 +31,4 @@ module Rack
     end
 
   end
-end
+end

data/lib/rack/multipart/parser.rb

@@ -48,13 +48,15 @@ module Rack
         @buf = ""
         @params = Utils::KeySpaceConstrainedParams.new
 
-        @content_length = @env['CONTENT_LENGTH'].to_i
         @io = @env['rack.input']
         @io.rewind
 
         @boundary_size = Utils.bytesize(@boundary) + EOL.size
 
-        @content_length -= @boundary_size
+        if @content_length = @env['CONTENT_LENGTH']
+          @content_length = @content_length.to_i
+          @content_length -= @boundary_size
+        end
         true
       end
 
@@ -104,11 +106,11 @@ module Rack
             body << @buf.slice!(0, @buf.size - (@boundary_size+4))
           end
 
-          content = @io.read(BUFSIZE < @content_length ? BUFSIZE : @content_length)
+          content = @io.read(@content_length && BUFSIZE >= @content_length ? @content_length : BUFSIZE)
           raise EOFError, "bad content body"  if content.nil? || content.empty?
 
           @buf << content
-          @content_length -= content.size
+          @content_length -= content.size if @content_length
         end
 
         [head, filename, content_type, name, body]