rack 1.6.13 → 2.0.9.3

data/lib/rack.rb

@@ -7,7 +7,7 @@
 # modules and classes.
 #
 # All modules meant for use in your application are <tt>autoload</tt>ed here,
-# so it should be enough just to <tt>require rack.rb</tt> in your code.
+# so it should be enough just to <tt>require 'rack'</tt> in your code.
 
 module Rack
   # The Rack protocol version number implemented.
@@ -18,27 +18,80 @@ module Rack
     VERSION.join(".")
   end
 
+  RELEASE = "2.0.9.3"
+
   # Return the Rack release as a dotted string.
   def self.release
-    "1.6.13"
+    RELEASE
   end
-  PATH_INFO      = 'PATH_INFO'.freeze
-  REQUEST_METHOD = 'REQUEST_METHOD'.freeze
-  SCRIPT_NAME    = 'SCRIPT_NAME'.freeze
-  QUERY_STRING   = 'QUERY_STRING'.freeze
-  CACHE_CONTROL  = 'Cache-Control'.freeze
-  CONTENT_LENGTH = 'Content-Length'.freeze
-  CONTENT_TYPE   = 'Content-Type'.freeze
 
-  GET  = 'GET'.freeze
-  HEAD = 'HEAD'.freeze
+  HTTP_HOST         = 'HTTP_HOST'.freeze
+  HTTP_VERSION      = 'HTTP_VERSION'.freeze
+  HTTPS             = 'HTTPS'.freeze
+  PATH_INFO         = 'PATH_INFO'.freeze
+  REQUEST_METHOD    = 'REQUEST_METHOD'.freeze
+  REQUEST_PATH      = 'REQUEST_PATH'.freeze
+  SCRIPT_NAME       = 'SCRIPT_NAME'.freeze
+  QUERY_STRING      = 'QUERY_STRING'.freeze
+  SERVER_PROTOCOL   = 'SERVER_PROTOCOL'.freeze
+  SERVER_NAME       = 'SERVER_NAME'.freeze
+  SERVER_ADDR       = 'SERVER_ADDR'.freeze
+  SERVER_PORT       = 'SERVER_PORT'.freeze
+  CACHE_CONTROL     = 'Cache-Control'.freeze
+  CONTENT_LENGTH    = 'Content-Length'.freeze
+  CONTENT_TYPE      = 'Content-Type'.freeze
+  SET_COOKIE        = 'Set-Cookie'.freeze
+  TRANSFER_ENCODING = 'Transfer-Encoding'.freeze
+  HTTP_COOKIE       = 'HTTP_COOKIE'.freeze
+  ETAG              = 'ETag'.freeze
+
+  # HTTP method verbs
+  GET     = 'GET'.freeze
+  POST    = 'POST'.freeze
+  PUT     = 'PUT'.freeze
+  PATCH   = 'PATCH'.freeze
+  DELETE  = 'DELETE'.freeze
+  HEAD    = 'HEAD'.freeze
+  OPTIONS = 'OPTIONS'.freeze
+  LINK    = 'LINK'.freeze
+  UNLINK  = 'UNLINK'.freeze
+  TRACE   = 'TRACE'.freeze
+
+  # Rack environment variables
+  RACK_VERSION                        = 'rack.version'.freeze
+  RACK_TEMPFILES                      = 'rack.tempfiles'.freeze
+  RACK_ERRORS                         = 'rack.errors'.freeze
+  RACK_LOGGER                         = 'rack.logger'.freeze
+  RACK_INPUT                          = 'rack.input'.freeze
+  RACK_SESSION                        = 'rack.session'.freeze
+  RACK_SESSION_OPTIONS                = 'rack.session.options'.freeze
+  RACK_SHOWSTATUS_DETAIL              = 'rack.showstatus.detail'.freeze
+  RACK_MULTITHREAD                    = 'rack.multithread'.freeze
+  RACK_MULTIPROCESS                   = 'rack.multiprocess'.freeze
+  RACK_RUNONCE                        = 'rack.run_once'.freeze
+  RACK_URL_SCHEME                     = 'rack.url_scheme'.freeze
+  RACK_HIJACK                         = 'rack.hijack'.freeze
+  RACK_IS_HIJACK                      = 'rack.hijack?'.freeze
+  RACK_HIJACK_IO                      = 'rack.hijack_io'.freeze
+  RACK_RECURSIVE_INCLUDE              = 'rack.recursive.include'.freeze
+  RACK_MULTIPART_BUFFER_SIZE          = 'rack.multipart.buffer_size'.freeze
+  RACK_MULTIPART_TEMPFILE_FACTORY     = 'rack.multipart.tempfile_factory'.freeze
+  RACK_REQUEST_FORM_INPUT             = 'rack.request.form_input'.freeze
+  RACK_REQUEST_FORM_HASH              = 'rack.request.form_hash'.freeze
+  RACK_REQUEST_FORM_VARS              = 'rack.request.form_vars'.freeze
+  RACK_REQUEST_COOKIE_HASH            = 'rack.request.cookie_hash'.freeze
+  RACK_REQUEST_COOKIE_STRING          = 'rack.request.cookie_string'.freeze
+  RACK_REQUEST_QUERY_HASH             = 'rack.request.query_hash'.freeze
+  RACK_REQUEST_QUERY_STRING           = 'rack.request.query_string'.freeze
+  RACK_METHODOVERRIDE_ORIGINAL_METHOD = 'rack.methodoverride.original_method'.freeze
+  RACK_SESSION_UNPACKED_COOKIE_DATA   = 'rack.session.unpacked_cookie_data'.freeze
 
   autoload :Builder, "rack/builder"
   autoload :BodyProxy, "rack/body_proxy"
   autoload :Cascade, "rack/cascade"
   autoload :Chunked, "rack/chunked"
-  autoload :CommonLogger, "rack/commonlogger"
-  autoload :ConditionalGet, "rack/conditionalget"
+  autoload :CommonLogger, "rack/common_logger"
+  autoload :ConditionalGet, "rack/conditional_get"
   autoload :Config, "rack/config"
   autoload :ContentLength, "rack/content_length"
   autoload :ContentType, "rack/content_type"
@@ -52,16 +105,16 @@ module Rack
   autoload :Lint, "rack/lint"
   autoload :Lock, "rack/lock"
   autoload :Logger, "rack/logger"
-  autoload :MethodOverride, "rack/methodoverride"
+  autoload :MethodOverride, "rack/method_override"
   autoload :Mime, "rack/mime"
-  autoload :NullLogger, "rack/nulllogger"
+  autoload :NullLogger, "rack/null_logger"
   autoload :Recursive, "rack/recursive"
   autoload :Reloader, "rack/reloader"
   autoload :Runtime, "rack/runtime"
   autoload :Sendfile, "rack/sendfile"
   autoload :Server, "rack/server"
-  autoload :ShowExceptions, "rack/showexceptions"
-  autoload :ShowStatus, "rack/showstatus"
+  autoload :ShowExceptions, "rack/show_exceptions"
+  autoload :ShowStatus, "rack/show_status"
   autoload :Static, "rack/static"
   autoload :TempfileReaper, "rack/tempfile_reaper"
   autoload :URLMap, "rack/urlmap"
@@ -91,8 +144,4 @@ module Rack
     autoload :Pool, "rack/session/pool"
     autoload :Memcache, "rack/session/memcache"
   end
-
-  module Utils
-    autoload :OkJson, "rack/utils/okjson"
-  end
 end

data/rack.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name            = "rack"
-  s.version         = "1.6.13"
+  s.version = File.read('lib/rack.rb')[/RELEASE += +([\"\'])([\d][\w\.]+)\1/, 2]
   s.platform        = Gem::Platform::RUBY
   s.summary         = "a modular Ruby webserver interface"
   s.license         = "MIT"
@@ -12,22 +12,23 @@ the simplest way possible, it unifies and distills the API for web
 servers, web frameworks, and software in between (the so-called
 middleware) into a single method call.
 
-Also see http://rack.github.io/.
+Also see https://rack.github.io/.
 EOF
 
   s.files           = Dir['{bin/*,contrib/*,example/*,lib/**/*,test/**/*}'] +
-                        %w(COPYING KNOWN-ISSUES rack.gemspec Rakefile README.rdoc SPEC)
+                        %w(COPYING rack.gemspec Rakefile README.rdoc SPEC)
   s.bindir          = 'bin'
   s.executables     << 'rackup'
   s.require_path    = 'lib'
-  s.extra_rdoc_files = ['README.rdoc', 'KNOWN-ISSUES', 'HISTORY.md']
+  s.extra_rdoc_files = ['README.rdoc', 'HISTORY.md']
   s.test_files      = Dir['test/spec_*.rb']
 
-  s.author          = 'Christian Neukirchen'
-  s.email           = 'chneukirchen@gmail.com'
-  s.homepage        = 'http://rack.github.io/'
-  s.rubyforge_project = 'rack'
+  s.author          = 'Leah Neukirchen'
+  s.email           = 'leah@vuxu.org'
+  s.homepage        = 'https://rack.github.io/'
+  s.required_ruby_version = '>= 2.2.2'
 
-  s.add_development_dependency 'bacon'
+  s.add_development_dependency 'minitest', "~> 5.0"
+  s.add_development_dependency 'minitest-sprint'
   s.add_development_dependency 'rake'
 end

data/test/builder/an_underscore_app.rb

@@ -0,0 +1,5 @@
+class AnUnderscoreApp
+  def self.call(env)
+    [200, {'Content-Type' => 'text/plain'}, ['OK']]
+  end
+end

data/test/builder/options.ru

@@ -1,2 +1,2 @@
-#\ -d
+#\ -d -p 2929 --env test
 run lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['OK']] }

data/test/cgi/test.fcgi

@@ -1,6 +1,7 @@
 #!/usr/bin/env ruby
 # -*- ruby -*-
 
+require 'uri'
 $:.unshift '../../lib'
 require 'rack'
 require '../testrequest'

data/test/helper.rb

@@ -0,0 +1,34 @@
+require 'minitest/autorun'
+
+module Rack
+  class TestCase < Minitest::Test
+    # Check for Lighttpd and launch it for tests if available.
+    `which lighttpd`
+
+    if $?.success?
+      begin
+        # Keep this first.
+        LIGHTTPD_PID = fork {
+          ENV['RACK_ENV'] = 'deployment'
+          ENV['RUBYLIB'] = [
+            ::File.expand_path('../../lib', __FILE__),
+            ENV['RUBYLIB'],
+          ].compact.join(':')
+
+          Dir.chdir(::File.expand_path("../cgi", __FILE__)) do
+            exec "lighttpd -D -f lighttpd.conf"
+          end
+        }
+      rescue NotImplementedError
+        warn "Your Ruby doesn't support Kernel#fork. Skipping Rack::Handler::CGI and ::FastCGI tests."
+      else
+        Minitest.after_run do
+          Process.kill 15, LIGHTTPD_PID
+          Process.wait LIGHTTPD_PID
+        end
+      end
+    else
+      warn "Lighttpd isn't installed. Skipping Rack::Handler::CGI and FastCGI tests. Install lighttpd to run them."
+    end
+  end
+end

data/test/multipart/filename_with_encoded_words

@@ -0,0 +1,7 @@
+--AaB03x
+Content-Type: image/jpeg
+Content-Disposition: attachment; name="files"; filename*=utf-8''%D1%84%D0%B0%D0%B9%D0%BB
+Content-Description: a complete map of the human genome
+
+contents
+--AaB03x--

data/test/multipart/filename_with_escaped_quotes_and_modification_param

@@ -1,6 +1,6 @@
 --AaB03x
 Content-Type: image/jpeg
-Content-Disposition: attachment; name="files"; filename=""human" genome.jpeg"; modification-date="Wed, 12 Feb 1997 16:29:51 -0500";
+Content-Disposition: attachment; name="files"; filename="\"human\" genome.jpeg"; modification-date="Wed, 12 Feb 1997 16:29:51 -0500";
 Content-Description: a complete map of the human genome
 
 contents

data/test/multipart/filename_with_single_quote

@@ -0,0 +1,7 @@
+--AaB03x
+Content-Type: image/jpeg
+Content-Disposition: attachment; name="files"; filename="bob's flowers.jpg"
+Content-Description: a complete map of the human genome
+
+contents
+--AaB03x--

data/test/multipart/quoted

@@ -0,0 +1,15 @@
+--AaB:03x
+Content-Disposition: form-data; name="submit-name"
+
+Larry
+--AaB:03x
+Content-Disposition: form-data; name="submit-name-with-content"
+Content-Type: text/plain
+
+Berry
+--AaB:03x
+Content-Disposition: form-data; name="files"; filename="file1.txt"
+Content-Type: text/plain
+
+contents
+--AaB:03x--

data/test/multipart/unity3d_wwwform

@@ -0,0 +1,11 @@
+--AaB03x
+Content-Type: text/plain; charset="utf-8"
+Content-disposition: form-data; name="user_sid"
+
+bbf14f82-d2aa-4c07-9fb8-ca6714a7ea97
+--AaB03x
+Content-Type: image/png; charset=UTF-8
+Content-disposition: form-data; name="file";
+filename="b67879ed-bfed-4491-a8cc-f99cca769f94.png"
+
+--AaB03x

data/test/registering_handler/rack/handler/registering_myself.rb

@@ -5,4 +5,4 @@ module Rack
 
     register :registering_myself, RegisteringMyself
   end
-end
+end

data/test/spec_auth_basic.rb

@@ -1,3 +1,4 @@
+require 'minitest/autorun'
 require 'rack/auth/basic'
 require 'rack/lint'
 require 'rack/mock'
@@ -32,50 +33,57 @@ describe Rack::Auth::Basic do
   end
 
   def assert_basic_auth_challenge(response)
-    response.should.be.a.client_error
-    response.status.should.equal 401
-    response.should.include 'WWW-Authenticate'
-    response.headers['WWW-Authenticate'].should =~ /Basic realm="#{Regexp.escape(realm)}"/
-    response.body.should.be.empty
+    response.must_be :client_error?
+    response.status.must_equal 401
+    response.must_include 'WWW-Authenticate'
+    response.headers['WWW-Authenticate'].must_match(/Basic realm="#{Regexp.escape(realm)}"/)
+    response.body.must_be :empty?
   end
 
-  should 'challenge correctly when no credentials are specified' do
+  it 'challenge correctly when no credentials are specified' do
     request do |response|
       assert_basic_auth_challenge response
     end
   end
 
-  should 'rechallenge if incorrect credentials are specified' do
+  it 'rechallenge if incorrect credentials are specified' do
     request_with_basic_auth 'joe', 'password' do |response|
       assert_basic_auth_challenge response
     end
   end
 
-  should 'return application output if correct credentials are specified' do
+  it 'return application output if correct credentials are specified' do
     request_with_basic_auth 'Boss', 'password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Boss'
+      response.status.must_equal 200
+      response.body.to_s.must_equal 'Hi Boss'
     end
   end
 
-  should 'return 400 Bad Request if different auth scheme used' do
+  it 'return 400 Bad Request if different auth scheme used' do
     request 'HTTP_AUTHORIZATION' => 'Digest params' do |response|
-      response.should.be.a.client_error
-      response.status.should.equal 400
-      response.should.not.include 'WWW-Authenticate'
+      response.must_be :client_error?
+      response.status.must_equal 400
+      response.wont_include 'WWW-Authenticate'
     end
   end
 
-  should 'return 400 Bad Request for a malformed authorization header' do
+  it 'return 400 Bad Request for a malformed authorization header' do
     request 'HTTP_AUTHORIZATION' => '' do |response|
-      response.should.be.a.client_error
-      response.status.should.equal 400
-      response.should.not.include 'WWW-Authenticate'
+      response.must_be :client_error?
+      response.status.must_equal 400
+      response.wont_include 'WWW-Authenticate'
+    end
+  end
+
+  it 'return 401 Bad Request for a nil authorization header' do
+    request 'HTTP_AUTHORIZATION' => nil do |response|
+      response.must_be :client_error?
+      response.status.must_equal 401
     end
   end
 
   it 'takes realm as optional constructor arg' do
     app = Rack::Auth::Basic.new(unprotected_app, realm) { true }
-    realm.should == app.realm
+    realm.must_equal app.realm
   end
 end

data/test/spec_auth_digest.rb

@@ -1,3 +1,4 @@
+require 'minitest/autorun'
 require 'rack/auth/digest/md5'
 require 'rack/lint'
 require 'rack/mock'
@@ -100,160 +101,160 @@ describe Rack::Auth::Digest::MD5 do
   end
 
   def assert_digest_auth_challenge(response)
-    response.should.be.a.client_error
-    response.status.should.equal 401
-    response.should.include 'WWW-Authenticate'
-    response.headers['WWW-Authenticate'].should =~ /^Digest /
-    response.body.should.be.empty
+    response.must_be :client_error?
+    response.status.must_equal 401
+    response.must_include 'WWW-Authenticate'
+    response.headers['WWW-Authenticate'].must_match(/^Digest /)
+    response.body.must_be :empty?
   end
 
   def assert_bad_request(response)
-    response.should.be.a.client_error
-    response.status.should.equal 400
-    response.should.not.include 'WWW-Authenticate'
+    response.must_be :client_error?
+    response.status.must_equal 400
+    response.wont_include 'WWW-Authenticate'
   end
 
-  should 'challenge when no credentials are specified' do
+  it 'challenge when no credentials are specified' do
     request 'GET', '/' do |response|
       assert_digest_auth_challenge response
     end
   end
 
-  should 'return application output if correct credentials given' do
+  it 'return application output if correct credentials given' do
     request_with_digest_auth 'GET', '/', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
+      response.status.must_equal 200
+      response.body.to_s.must_equal 'Hi Alice'
     end
   end
 
-  should 'return application output if correct credentials given (hashed passwords)' do
+  it 'return application output if correct credentials given (hashed passwords)' do
     @request = Rack::MockRequest.new(protected_app_with_hashed_passwords)
 
     request_with_digest_auth 'GET', '/', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
+      response.status.must_equal 200
+      response.body.to_s.must_equal 'Hi Alice'
     end
   end
 
-  should 'rechallenge if incorrect username given' do
+  it 'rechallenge if incorrect username given' do
     request_with_digest_auth 'GET', '/', 'Bob', 'correct-password' do |response|
       assert_digest_auth_challenge response
     end
   end
 
-  should 'rechallenge if incorrect password given' do
+  it 'rechallenge if incorrect password given' do
     request_with_digest_auth 'GET', '/', 'Alice', 'wrong-password' do |response|
       assert_digest_auth_challenge response
     end
   end
 
-  should 'rechallenge if incorrect user and blank password given' do
+  it 'rechallenge if incorrect user and blank password given' do
     request_with_digest_auth 'GET', '/', 'Bob', '' do |response|
       assert_digest_auth_challenge response
     end
   end
 
-  should 'not rechallenge if nonce is not stale' do
+  it 'not rechallenge if nonce is not stale' do
     begin
       Rack::Auth::Digest::Nonce.time_limit = 10
 
       request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', :wait => 1 do |response|
-        response.status.should.equal 200
-        response.body.to_s.should.equal 'Hi Alice'
-        response.headers['WWW-Authenticate'].should.not =~ /\bstale=true\b/
+        response.status.must_equal 200
+        response.body.to_s.must_equal 'Hi Alice'
+        response.headers['WWW-Authenticate'].wont_match(/\bstale=true\b/)
       end
     ensure
       Rack::Auth::Digest::Nonce.time_limit = nil
     end
   end
 
-  should 'rechallenge with stale parameter if nonce is stale' do
+  it 'rechallenge with stale parameter if nonce is stale' do
     begin
       Rack::Auth::Digest::Nonce.time_limit = 1
 
       request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', :wait => 2 do |response|
         assert_digest_auth_challenge response
-        response.headers['WWW-Authenticate'].should =~ /\bstale=true\b/
+        response.headers['WWW-Authenticate'].must_match(/\bstale=true\b/)
       end
     ensure
       Rack::Auth::Digest::Nonce.time_limit = nil
     end
   end
 
-  should 'return 400 Bad Request if incorrect qop given' do
+  it 'return 400 Bad Request if incorrect qop given' do
     request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', 'qop' => 'auth-int' do |response|
       assert_bad_request response
     end
   end
 
-  should 'return 400 Bad Request if incorrect uri given' do
+  it 'return 400 Bad Request if incorrect uri given' do
     request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', 'uri' => '/foo' do |response|
       assert_bad_request response
     end
   end
 
-  should 'return 400 Bad Request if different auth scheme used' do
+  it 'return 400 Bad Request if different auth scheme used' do
     request 'GET', '/', 'HTTP_AUTHORIZATION' => 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==' do |response|
       assert_bad_request response
     end
   end
 
-  should 'not require credentials for unprotected path' do
+  it 'not require credentials for unprotected path' do
     @request = Rack::MockRequest.new(partially_protected_app)
     request 'GET', '/' do |response|
-      response.should.be.ok
+      response.must_be :ok?
     end
   end
 
-  should 'challenge when no credentials are specified for protected path' do
+  it 'challenge when no credentials are specified for protected path' do
     @request = Rack::MockRequest.new(partially_protected_app)
     request 'GET', '/protected' do |response|
       assert_digest_auth_challenge response
     end
   end
 
-  should 'return application output if correct credentials given for protected path' do
+  it 'return application output if correct credentials given for protected path' do
     @request = Rack::MockRequest.new(partially_protected_app)
     request_with_digest_auth 'GET', '/protected', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
+      response.status.must_equal 200
+      response.body.to_s.must_equal 'Hi Alice'
     end
   end
 
-  should 'return application output when used with a query string and path as uri' do
+  it 'return application output when used with a query string and path as uri' do
     @request = Rack::MockRequest.new(partially_protected_app)
     request_with_digest_auth 'GET', '/protected?friend=Mike', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice and Mike'
+      response.status.must_equal 200
+      response.body.to_s.must_equal 'Hi Alice and Mike'
     end
   end
 
-  should 'return application output when used with a query string and fullpath as uri' do
+  it 'return application output when used with a query string and fullpath as uri' do
     @request = Rack::MockRequest.new(partially_protected_app)
     qs_uri = '/protected?friend=Mike'
     request_with_digest_auth 'GET', qs_uri, 'Alice', 'correct-password', 'uri' => qs_uri do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice and Mike'
+      response.status.must_equal 200
+      response.body.to_s.must_equal 'Hi Alice and Mike'
     end
   end
 
-  should 'return application output if correct credentials given for POST' do
+  it 'return application output if correct credentials given for POST' do
     request_with_digest_auth 'POST', '/', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
+      response.status.must_equal 200
+      response.body.to_s.must_equal 'Hi Alice'
     end
   end
 
-  should 'return application output if correct credentials given for PUT (using method override of POST)' do
+  it 'return application output if correct credentials given for PUT (using method override of POST)' do
     @request = Rack::MockRequest.new(protected_app_with_method_override)
     request_with_digest_auth 'POST', '/', 'Alice', 'correct-password', :input => "_method=put" do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
+      response.status.must_equal 200
+      response.body.to_s.must_equal 'Hi Alice'
     end
   end
 
   it 'takes realm as optional constructor arg' do
     app = Rack::Auth::Digest::MD5.new(unprotected_app, realm) { true }
-    realm.should == app.realm
+    realm.must_equal app.realm
   end
 end