rack 1.6.13 → 2.2.3

data/test/multipart/file1.txt

@@ -1 +0,0 @@
-contents

data/test/multipart/filename_and_modification_param

@@ -1,7 +0,0 @@
---AaB03x
-Content-Type: image/jpeg
-Content-Disposition: attachment; name="files"; filename=genome.jpeg; modification-date="Wed, 12 Feb 1997 16:29:51 -0500";
-Content-Description: a complete map of the human genome
-
-contents
---AaB03x--

data/test/multipart/filename_and_no_name

@@ -1,6 +0,0 @@
---AaB03x
-Content-Disposition: form-data; filename="file1.txt"
-Content-Type: text/plain
-
-contents
---AaB03x--

data/test/multipart/filename_with_escaped_quotes

@@ -1,6 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="files"; filename="escape \"quotes"
-Content-Type: application/octet-stream
-
-contents
---AaB03x--

data/test/multipart/filename_with_escaped_quotes_and_modification_param

@@ -1,7 +0,0 @@
---AaB03x
-Content-Type: image/jpeg
-Content-Disposition: attachment; name="files"; filename=""human" genome.jpeg"; modification-date="Wed, 12 Feb 1997 16:29:51 -0500";
-Content-Description: a complete map of the human genome
-
-contents
---AaB03x--

data/test/multipart/filename_with_null_byte

@@ -1,7 +0,0 @@
---AaB03x
-Content-Type: image/jpeg
-Content-Disposition: attachment; name="files"; filename="flowers.exe%00.jpg"
-Content-Description: a complete map of the human genome
-
-contents
---AaB03x--

data/test/multipart/filename_with_percent_escaped_quotes

@@ -1,6 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="files"; filename="escape %22quotes"
-Content-Type: application/octet-stream
-
-contents
---AaB03x--

data/test/multipart/filename_with_unescaped_percentages

@@ -1,6 +0,0 @@
-------WebKitFormBoundary2NHc7OhsgU68l3Al
-Content-Disposition: form-data; name="document[attachment]"; filename="100% of a photo.jpeg"
-Content-Type: image/jpeg
-
-contents
-------WebKitFormBoundary2NHc7OhsgU68l3Al--

data/test/multipart/filename_with_unescaped_percentages2

@@ -1,6 +0,0 @@
-------WebKitFormBoundary2NHc7OhsgU68l3Al
-Content-Disposition: form-data; name="document[attachment]"; filename="100%a"
-Content-Type: image/jpeg
-
-contents
-------WebKitFormBoundary2NHc7OhsgU68l3Al--

data/test/multipart/filename_with_unescaped_percentages3

@@ -1,6 +0,0 @@
-------WebKitFormBoundary2NHc7OhsgU68l3Al
-Content-Disposition: form-data; name="document[attachment]"; filename="100%"
-Content-Type: image/jpeg
-
-contents
-------WebKitFormBoundary2NHc7OhsgU68l3Al--

data/test/multipart/filename_with_unescaped_quotes

@@ -1,6 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="files"; filename="escape "quotes"
-Content-Type: application/octet-stream
-
-contents
---AaB03x--

data/test/multipart/ie

@@ -1,6 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="files"; filename="C:\Documents and Settings\Administrator\Desktop\file1.txt"
-Content-Type: text/plain
-
-contents
---AaB03x--

data/test/multipart/invalid_character

@@ -1,6 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="files"; filename="invalid�.txt"
-Content-Type: text/plain
-
-contents
---AaB03x--

data/test/multipart/mixed_files

@@ -1,21 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="foo"
-
-bar
---AaB03x
-Content-Disposition: form-data; name="files"
-Content-Type: multipart/mixed, boundary=BbC04y
-
---BbC04y
-Content-Disposition: attachment; filename="file.txt"
-Content-Type: text/plain
-
-contents
---BbC04y
-Content-Disposition: attachment; filename="flowers.jpg"
-Content-Type: image/jpeg
-Content-Transfer-Encoding: binary
-
-contents
---BbC04y--
---AaB03x--

data/test/multipart/nested

@@ -1,10 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="foo[submit-name]"
-
-Larry
---AaB03x
-Content-Disposition: form-data; name="foo[files]"; filename="file1.txt"
-Content-Type: text/plain
-
-contents
---AaB03x--

data/test/multipart/none

@@ -1,9 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="submit-name"
-
-Larry
---AaB03x
-Content-Disposition: form-data; name="files"; filename=""
-
-
---AaB03x--

data/test/multipart/semicolon

@@ -1,6 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="files"; filename="fi;le1.txt"
-Content-Type: text/plain
-
-contents
---AaB03x--

data/test/multipart/text

@@ -1,15 +0,0 @@
---AaB03x
-Content-Disposition: form-data; name="submit-name"
-
-Larry
---AaB03x
-Content-Disposition: form-data; name="submit-name-with-content"
-Content-Type: text/plain
-
-Berry
---AaB03x
-Content-Disposition: form-data; name="files"; filename="file1.txt"
-Content-Type: text/plain
-
-contents
---AaB03x--

data/test/multipart/three_files_three_fields

@@ -1,31 +0,0 @@
---AaB03x
-content-disposition: form-data; name="reply"
-
-yes
---AaB03x
-content-disposition: form-data; name="to"
-
-people
---AaB03x
-content-disposition: form-data; name="from"
-
-others
---AaB03x
-content-disposition: form-data; name="fileupload1"; filename="file1.jpg"
-Content-Type: image/jpeg
-Content-Transfer-Encoding: base64
-
-/9j/4AAQSkZJRgABAQAAAQABAAD//gA+Q1JFQVRPUjogZ2QtanBlZyB2MS4wICh1c2luZyBJSkcg
---AaB03x
-content-disposition: form-data; name="fileupload2"; filename="file2.jpg"
-Content-Type: image/jpeg
-Content-Transfer-Encoding: base64
-
-/9j/4AAQSkZJRgABAQAAAQABAAD//gA+Q1JFQVRPUjogZ2QtanBlZyB2MS4wICh1c2luZyBJSkcg
---AaB03x
-content-disposition: form-data; name="fileupload3"; filename="file3.jpg"
-Content-Type: image/jpeg
-Content-Transfer-Encoding: base64
-
-/9j/4AAQSkZJRgABAQAAAQABAAD//gA+Q1JFQVRPUjogZ2QtanBlZyB2MS4wICh1c2luZyBJSkcg
---AaB03x--

data/test/multipart/webkit

@@ -1,32 +0,0 @@
-------WebKitFormBoundaryWLHCs9qmcJJoyjKR
-Content-Disposition: form-data; name="_method"
-
-put
-------WebKitFormBoundaryWLHCs9qmcJJoyjKR
-Content-Disposition: form-data; name="profile[blog]"
-
-
-------WebKitFormBoundaryWLHCs9qmcJJoyjKR
-Content-Disposition: form-data; name="profile[public_email]"
-
-
-------WebKitFormBoundaryWLHCs9qmcJJoyjKR
-Content-Disposition: form-data; name="profile[interests]"
-
-
-------WebKitFormBoundaryWLHCs9qmcJJoyjKR
-Content-Disposition: form-data; name="profile[bio]"
-
-hello
-
-"quote"
-------WebKitFormBoundaryWLHCs9qmcJJoyjKR
-Content-Disposition: form-data; name="media"; filename=""
-Content-Type: application/octet-stream
-
-
-------WebKitFormBoundaryWLHCs9qmcJJoyjKR
-Content-Disposition: form-data; name="commit"
-
-Save
-------WebKitFormBoundaryWLHCs9qmcJJoyjKR--

data/test/rackup/config.ru

@@ -1,31 +0,0 @@
-require "#{File.dirname(__FILE__)}/../testrequest"
-
-$stderr = File.open("#{File.dirname(__FILE__)}/log_output", "w")
-
-class EnvMiddleware
-  def initialize(app)
-    @app = app
-  end
-
-  def call(env)
-    # provides a way to test that lint is present
-    if env["PATH_INFO"] == "/broken_lint"
-      return [200, {}, ["Broken Lint"]]
-    # provides a way to kill the process without knowing the pid
-    elsif env["PATH_INFO"] == "/die"
-      exit!
-    end
-
-    env["test.$DEBUG"]      = $DEBUG
-    env["test.$EVAL"]       = BUKKIT if defined?(BUKKIT)
-    env["test.$VERBOSE"]    = $VERBOSE
-    env["test.$LOAD_PATH"]  = $LOAD_PATH
-    env["test.stderr"]      = File.expand_path($stderr.path)
-    env["test.Ping"]        = defined?(Ping)
-    env["test.pid"]         = Process.pid
-    @app.call(env)
-  end
-end
-
-use EnvMiddleware
-run TestRequest.new

data/test/registering_handler/rack/handler/registering_myself.rb

@@ -1,8 +0,0 @@
-module Rack
-  module Handler
-    class RegisteringMyself
-    end
-
-    register :registering_myself, RegisteringMyself
-  end
-end

data/test/spec_auth_basic.rb

@@ -1,81 +0,0 @@
-require 'rack/auth/basic'
-require 'rack/lint'
-require 'rack/mock'
-
-describe Rack::Auth::Basic do
-  def realm
-    'WallysWorld'
-  end
-
-  def unprotected_app
-    Rack::Lint.new lambda { |env|
-      [ 200, {'Content-Type' => 'text/plain'}, ["Hi #{env['REMOTE_USER']}"] ]
-    }
-  end
-
-  def protected_app
-    app = Rack::Auth::Basic.new(unprotected_app) { |username, password| 'Boss' == username }
-    app.realm = realm
-    app
-  end
-
-  before do
-    @request = Rack::MockRequest.new(protected_app)
-  end
-
-  def request_with_basic_auth(username, password, &block)
-    request 'HTTP_AUTHORIZATION' => 'Basic ' + ["#{username}:#{password}"].pack("m*"), &block
-  end
-
-  def request(headers = {})
-    yield @request.get('/', headers)
-  end
-
-  def assert_basic_auth_challenge(response)
-    response.should.be.a.client_error
-    response.status.should.equal 401
-    response.should.include 'WWW-Authenticate'
-    response.headers['WWW-Authenticate'].should =~ /Basic realm="#{Regexp.escape(realm)}"/
-    response.body.should.be.empty
-  end
-
-  should 'challenge correctly when no credentials are specified' do
-    request do |response|
-      assert_basic_auth_challenge response
-    end
-  end
-
-  should 'rechallenge if incorrect credentials are specified' do
-    request_with_basic_auth 'joe', 'password' do |response|
-      assert_basic_auth_challenge response
-    end
-  end
-
-  should 'return application output if correct credentials are specified' do
-    request_with_basic_auth 'Boss', 'password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Boss'
-    end
-  end
-
-  should 'return 400 Bad Request if different auth scheme used' do
-    request 'HTTP_AUTHORIZATION' => 'Digest params' do |response|
-      response.should.be.a.client_error
-      response.status.should.equal 400
-      response.should.not.include 'WWW-Authenticate'
-    end
-  end
-
-  should 'return 400 Bad Request for a malformed authorization header' do
-    request 'HTTP_AUTHORIZATION' => '' do |response|
-      response.should.be.a.client_error
-      response.status.should.equal 400
-      response.should.not.include 'WWW-Authenticate'
-    end
-  end
-
-  it 'takes realm as optional constructor arg' do
-    app = Rack::Auth::Basic.new(unprotected_app, realm) { true }
-    realm.should == app.realm
-  end
-end

data/test/spec_auth_digest.rb

@@ -1,259 +0,0 @@
-require 'rack/auth/digest/md5'
-require 'rack/lint'
-require 'rack/mock'
-
-describe Rack::Auth::Digest::MD5 do
-  def realm
-    'WallysWorld'
-  end
-
-  def unprotected_app
-    Rack::Lint.new lambda { |env|
-      friend = Rack::Utils.parse_query(env["QUERY_STRING"])["friend"]
-      [ 200, {'Content-Type' => 'text/plain'}, ["Hi #{env['REMOTE_USER']}#{friend ? " and #{friend}" : ''}"] ]
-    }
-  end
-
-  def protected_app
-    Rack::Auth::Digest::MD5.new(unprotected_app, :realm => realm, :opaque => 'this-should-be-secret') do |username|
-      { 'Alice' => 'correct-password' }[username]
-    end
-  end
-
-  def protected_app_with_hashed_passwords
-    app = Rack::Auth::Digest::MD5.new(unprotected_app) do |username|
-      username == 'Alice' ? Digest::MD5.hexdigest("Alice:#{realm}:correct-password") : nil
-    end
-    app.realm = realm
-    app.opaque = 'this-should-be-secret'
-    app.passwords_hashed = true
-    app
-  end
-
-  def partially_protected_app
-    Rack::URLMap.new({
-      '/' => unprotected_app,
-      '/protected' => protected_app
-    })
-  end
-
-  def protected_app_with_method_override
-    Rack::MethodOverride.new(protected_app)
-  end
-
-  before do
-    @request = Rack::MockRequest.new(protected_app)
-  end
-
-  def request(method, path, headers = {}, &block)
-    response = @request.request(method, path, headers)
-    block.call(response) if block
-    return response
-  end
-
-  class MockDigestRequest
-    def initialize(params)
-      @params = params
-    end
-    def method_missing(sym)
-      if @params.has_key? k = sym.to_s
-        return @params[k]
-      end
-      super
-    end
-    def method
-      @params['method']
-    end
-    def response(password)
-      Rack::Auth::Digest::MD5.new(nil).send :digest, self, password
-    end
-  end
-
-  def request_with_digest_auth(method, path, username, password, options = {}, &block)
-    request_options = {}
-    request_options[:input] = options.delete(:input) if options.include? :input
-
-    response = request(method, path, request_options)
-
-    return response unless response.status == 401
-
-    if wait = options.delete(:wait)
-      sleep wait
-    end
-
-    challenge = response['WWW-Authenticate'].split(' ', 2).last
-
-    params = Rack::Auth::Digest::Params.parse(challenge)
-
-    params['username'] = username
-    params['nc'] = '00000001'
-    params['cnonce'] = 'nonsensenonce'
-    params['uri'] = path
-
-    params['method'] = method
-
-    params.update options
-
-    params['response'] = MockDigestRequest.new(params).response(password)
-
-    request(method, path, request_options.merge('HTTP_AUTHORIZATION' => "Digest #{params}"), &block)
-  end
-
-  def assert_digest_auth_challenge(response)
-    response.should.be.a.client_error
-    response.status.should.equal 401
-    response.should.include 'WWW-Authenticate'
-    response.headers['WWW-Authenticate'].should =~ /^Digest /
-    response.body.should.be.empty
-  end
-
-  def assert_bad_request(response)
-    response.should.be.a.client_error
-    response.status.should.equal 400
-    response.should.not.include 'WWW-Authenticate'
-  end
-
-  should 'challenge when no credentials are specified' do
-    request 'GET', '/' do |response|
-      assert_digest_auth_challenge response
-    end
-  end
-
-  should 'return application output if correct credentials given' do
-    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
-    end
-  end
-
-  should 'return application output if correct credentials given (hashed passwords)' do
-    @request = Rack::MockRequest.new(protected_app_with_hashed_passwords)
-
-    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
-    end
-  end
-
-  should 'rechallenge if incorrect username given' do
-    request_with_digest_auth 'GET', '/', 'Bob', 'correct-password' do |response|
-      assert_digest_auth_challenge response
-    end
-  end
-
-  should 'rechallenge if incorrect password given' do
-    request_with_digest_auth 'GET', '/', 'Alice', 'wrong-password' do |response|
-      assert_digest_auth_challenge response
-    end
-  end
-
-  should 'rechallenge if incorrect user and blank password given' do
-    request_with_digest_auth 'GET', '/', 'Bob', '' do |response|
-      assert_digest_auth_challenge response
-    end
-  end
-
-  should 'not rechallenge if nonce is not stale' do
-    begin
-      Rack::Auth::Digest::Nonce.time_limit = 10
-
-      request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', :wait => 1 do |response|
-        response.status.should.equal 200
-        response.body.to_s.should.equal 'Hi Alice'
-        response.headers['WWW-Authenticate'].should.not =~ /\bstale=true\b/
-      end
-    ensure
-      Rack::Auth::Digest::Nonce.time_limit = nil
-    end
-  end
-
-  should 'rechallenge with stale parameter if nonce is stale' do
-    begin
-      Rack::Auth::Digest::Nonce.time_limit = 1
-
-      request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', :wait => 2 do |response|
-        assert_digest_auth_challenge response
-        response.headers['WWW-Authenticate'].should =~ /\bstale=true\b/
-      end
-    ensure
-      Rack::Auth::Digest::Nonce.time_limit = nil
-    end
-  end
-
-  should 'return 400 Bad Request if incorrect qop given' do
-    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', 'qop' => 'auth-int' do |response|
-      assert_bad_request response
-    end
-  end
-
-  should 'return 400 Bad Request if incorrect uri given' do
-    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', 'uri' => '/foo' do |response|
-      assert_bad_request response
-    end
-  end
-
-  should 'return 400 Bad Request if different auth scheme used' do
-    request 'GET', '/', 'HTTP_AUTHORIZATION' => 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==' do |response|
-      assert_bad_request response
-    end
-  end
-
-  should 'not require credentials for unprotected path' do
-    @request = Rack::MockRequest.new(partially_protected_app)
-    request 'GET', '/' do |response|
-      response.should.be.ok
-    end
-  end
-
-  should 'challenge when no credentials are specified for protected path' do
-    @request = Rack::MockRequest.new(partially_protected_app)
-    request 'GET', '/protected' do |response|
-      assert_digest_auth_challenge response
-    end
-  end
-
-  should 'return application output if correct credentials given for protected path' do
-    @request = Rack::MockRequest.new(partially_protected_app)
-    request_with_digest_auth 'GET', '/protected', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
-    end
-  end
-
-  should 'return application output when used with a query string and path as uri' do
-    @request = Rack::MockRequest.new(partially_protected_app)
-    request_with_digest_auth 'GET', '/protected?friend=Mike', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice and Mike'
-    end
-  end
-
-  should 'return application output when used with a query string and fullpath as uri' do
-    @request = Rack::MockRequest.new(partially_protected_app)
-    qs_uri = '/protected?friend=Mike'
-    request_with_digest_auth 'GET', qs_uri, 'Alice', 'correct-password', 'uri' => qs_uri do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice and Mike'
-    end
-  end
-
-  should 'return application output if correct credentials given for POST' do
-    request_with_digest_auth 'POST', '/', 'Alice', 'correct-password' do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
-    end
-  end
-
-  should 'return application output if correct credentials given for PUT (using method override of POST)' do
-    @request = Rack::MockRequest.new(protected_app_with_method_override)
-    request_with_digest_auth 'POST', '/', 'Alice', 'correct-password', :input => "_method=put" do |response|
-      response.status.should.equal 200
-      response.body.to_s.should.equal 'Hi Alice'
-    end
-  end
-
-  it 'takes realm as optional constructor arg' do
-    app = Rack::Auth::Digest::MD5.new(unprotected_app, realm) { true }
-    realm.should == app.realm
-  end
-end