rack 2.0.0.rc1 → 2.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 54be55d492853c85486a9d94bfa3122be91a375c
-  data.tar.gz: b1f919ccb928bf607b66efb2dc494d350c4e67f8
+  metadata.gz: 8fee84474048108cce439e6089d87176a6870bc2
+  data.tar.gz: 0ed86a0e0e70541873ffa31dfef66e5268a107b2
 SHA512:
-  metadata.gz: 969ed8dd45442d71e9448dcc7951d997429cbe3a8857694c76cd0c8137ea22ba831f54dc1c24d65f2f2b35ce44c4a1d43bba182b98d93d86fc5917a671cc1486
-  data.tar.gz: cf0ede4ad49a3e2bb23f0136532c32d6fb799b5cb050bffa909727478bf1cca6c6d7704f574cb9a9c9e657e7b5f6430e5e1e8485ac1c747d5d6a14a8d4b81a2d
+  metadata.gz: 460ecadb871f77085e040982f9cb56fd2fd165f95d172c4ff73b3d16c899dc26f0e8a352667044dd32b34a57d3a179efe65f3b933c58adf7b0427566a6356188
+  data.tar.gz: 1ab651dc52e8ff7ace49f22359aff5c7d2baff1787082398c7cf21aa593552183872466b3cf03e6675ca1621e44076e85cddae9486713311412e916baee5bac1

data/SPEC

@@ -237,10 +237,10 @@ consisting of lines (for multiple header values, e.g. multiple
 The lines must not contain characters below 037.
 === The Content-Type
 There must not be a <tt>Content-Type</tt>, when the +Status+ is 1xx,
-204, 205 or 304.
+204 or 304.
 === The Content-Length
 There must not be a <tt>Content-Length</tt> header when the
-+Status+ is 1xx, 204, 205 or 304.
++Status+ is 1xx, 204 or 304.
 === The Body
 The Body must respond to +each+
 and must only yield String values.

data/lib/rack.rb

@@ -18,7 +18,7 @@ module Rack
     VERSION.join(".")
   end
 
-  RELEASE = "2.0.0.rc1"
+  RELEASE = "2.0.2"
 
   # Return the Rack release as a dotted string.
   def self.release

data/lib/rack/auth/abstract/request.rb

@@ -13,7 +13,11 @@ module Rack
       end
 
       def provided?
-        !authorization_key.nil?
+        !authorization_key.nil? && valid?
+      end
+
+      def valid?
+        !@env[authorization_key].nil?
       end
 
       def parts

data/lib/rack/deflater.rb

@@ -8,7 +8,6 @@ module Rack
   # Currently supported compression algorithms:
   #
   #   * gzip
-  #   * deflate
   #   * identity (no transformation)
   #
   # The middleware automatically detects when compression is supported
@@ -22,7 +21,7 @@ module Rack
     # [app] rack app instance
     # [options] hash of deflater options, i.e.
     #           'if' - a lambda enabling / disabling deflation based on returned boolean value
-    #                  e.g use Rack::Deflater, :if => lambda { |env, status, headers, body| body.length > 512 }
+    #                  e.g use Rack::Deflater, :if => lambda { |env, status, headers, body| body.map(&:bytesize).reduce(0, :+) > 512 }
     #           'include' - a list of content types that should be compressed
     def initialize(app, options = {})
       @app = app
@@ -41,7 +40,7 @@ module Rack
 
       request = Request.new(env)
 
-      encoding = Utils.select_best_encoding(%w(gzip deflate identity),
+      encoding = Utils.select_best_encoding(%w(gzip identity),
                                             request.accept_encoding)
 
       # Set the Vary HTTP header.
@@ -57,10 +56,6 @@ module Rack
         mtime = headers.key?("Last-Modified") ?
           Time.httpdate(headers["Last-Modified"]) : Time.now
         [status, headers, GzipStream.new(body, mtime)]
-      when "deflate"
-        headers['Content-Encoding'] = "deflate"
-        headers.delete(CONTENT_LENGTH)
-        [status, headers, DeflateStream.new(body)]
       when "identity"
         [status, headers, body]
       when nil
@@ -101,36 +96,6 @@ module Rack
       end
     end
 
-    class DeflateStream
-      DEFLATE_ARGS = [
-        Zlib::DEFAULT_COMPRESSION,
-        # drop the zlib header which causes both Safari and IE to choke
-        -Zlib::MAX_WBITS,
-        Zlib::DEF_MEM_LEVEL,
-        Zlib::DEFAULT_STRATEGY
-      ]
-
-      def initialize(body)
-        @body = body
-        @closed = false
-      end
-
-      def each
-        deflator = ::Zlib::Deflate.new(*DEFLATE_ARGS)
-        @body.each { |part| yield deflator.deflate(part, Zlib::SYNC_FLUSH) }
-        yield fin = deflator.finish
-      ensure
-        deflator.finish unless fin
-        deflator.close
-      end
-
-      def close
-        return if @closed
-        @closed = true
-        @body.close if @body.respond_to?(:close)
-      end
-    end
-
     private
 
     def should_deflate?(env, status, headers, body)

data/lib/rack/file.rb

@@ -158,7 +158,7 @@ module Rack
 
     def filesize path
       # If response_body is present, use its size.
-      return Rack::Utils.bytesize(response_body) if response_body
+      return response_body.bytesize if response_body
 
       #   We check via File::size? whether this file provides size info
       #   via stat (e.g. /proc files often don't), otherwise we have to

data/lib/rack/handler/webrick.rb

@@ -86,10 +86,11 @@ module Rack
         status, headers, body = @app.call(env)
         begin
           res.status = status.to_i
+          io_lambda = nil
           headers.each { |k, vs|
-            next if k.downcase == RACK_HIJACK
-
-            if k.downcase == "set-cookie"
+            if k == RACK_HIJACK
+              io_lambda = vs
+            elsif k.downcase == "set-cookie"
               res.cookies.concat vs.split("\n")
             else
               # Since WEBrick won't accept repeated headers,
@@ -98,7 +99,6 @@ module Rack
             end
           }
 
-          io_lambda = headers[RACK_HIJACK]
           if io_lambda
             rd, wr = IO.pipe
             res.body = rd

data/lib/rack/lint.rb

@@ -659,7 +659,7 @@ module Rack
     def check_content_type(status, headers)
       headers.each { |key, value|
         ## There must not be a <tt>Content-Type</tt>, when the +Status+ is 1xx,
-        ## 204, 205 or 304.
+        ## 204 or 304.
         if key.downcase == "content-type"
           assert("Content-Type header found in #{status} response, not allowed") {
             not Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include? status.to_i
@@ -674,7 +674,7 @@ module Rack
       headers.each { |key, value|
         if key.downcase == 'content-length'
           ## There must not be a <tt>Content-Length</tt> header when the
-          ## +Status+ is 1xx, 204, 205 or 304.
+          ## +Status+ is 1xx, 204 or 304.
           assert("Content-Length header found in #{status} response, not allowed") {
             not Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include? status.to_i
           }

data/lib/rack/method_override.rb

@@ -38,6 +38,9 @@ module Rack
     def method_override_param(req)
       req.POST[METHOD_OVERRIDE_PARAM_KEY]
     rescue Utils::InvalidParameterError, Utils::ParameterTypeError
+      req.get_header(RACK_ERRORS).puts "Invalid or incomplete POST params"
+    rescue EOFError
+      req.get_header(RACK_ERRORS).puts "Bad request content body"
     end
   end
 end

data/lib/rack/mock.rb

@@ -163,7 +163,6 @@ module Rack
     def initialize(status, headers, body, errors=StringIO.new(""))
       @original_headers = headers
       @errors           = errors.string if errors.respond_to?(:string)
-      @body_string      = nil
 
       super(body, status, headers)
     end
@@ -191,7 +190,7 @@ module Rack
     end
 
     def empty?
-      [201, 204, 205, 304].include? status
+      [201, 204, 304].include? status
     end
   end
 end

data/lib/rack/multipart/parser.rb

@@ -8,7 +8,7 @@ module Rack
       BUFSIZE = 16384
       TEXT_PLAIN = "text/plain"
       TEMPFILE_FACTORY = lambda { |filename, content_type|
-        Tempfile.new(["RackMultipart", ::File.extname(filename)])
+        Tempfile.new(["RackMultipart", ::File.extname(filename.gsub("\0".freeze, '%00'.freeze))])
       }
 
       class BoundedIO # :nodoc:

data/lib/rack/query_parser.rb

@@ -102,8 +102,7 @@ module Rack
         child_key = $1
         params[k] ||= []
         raise ParameterTypeError, "expected Array (got #{params[k].class.name}) for param `#{k}'" unless params[k].is_a?(Array)
-        first_key = child_key.gsub(/[\[\]]/, ' ').split.first
-        if params_hash_type?(params[k].last) && !params[k].last.key?(first_key)
+        if params_hash_type?(params[k].last) && !params_hash_has_key?(params[k].last, child_key)
           normalize_params(params[k].last, child_key, v, depth - 1)
         else
           params[k] << normalize_params(make_params, child_key, v, depth - 1)
@@ -135,6 +134,18 @@ module Rack
       obj.kind_of?(@params_class)
     end
 
+    def params_hash_has_key?(hash, key)
+      return false if key =~ /\[\]/
+
+      key.split(/[\[\]]+/).inject(hash) do |h, part|
+        next h if part == ''
+        return false unless params_hash_type?(h) && h.key?(part)
+        h[part]
+      end
+
+      true
+    end
+
     def unescape(s)
       Utils.unescape(s)
     end

data/lib/rack/request.rb

@@ -422,7 +422,7 @@ module Rack
 
       # shortcut for <tt>request.params[key]</tt>
       def [](key)
-        if $verbose
+        if $VERBOSE
           warn("Request#[] is deprecated and will be removed in a future version of Rack. Please use request.params[] instead")
         end
 
@@ -433,7 +433,7 @@ module Rack
       #
       # Note that modifications will not be persisted in the env. Use update_param or delete_param if you want to destructively modify params.
       def []=(key, value)
-        if $verbose
+        if $VERBOSE
           warn("Request#[]= is deprecated and will be removed in a future version of Rack. Please use request.params[]= instead")
         end
 

data/lib/rack/response.rb

@@ -60,7 +60,7 @@ module Rack
     def finish(&block)
       @block = block
 
-      if [204, 205, 304].include?(status.to_i)
+      if [204, 304].include?(status.to_i)
         delete_header CONTENT_TYPE
         delete_header CONTENT_LENGTH
         close

data/lib/rack/server.rb

@@ -1,4 +1,5 @@
 require 'optparse'
+require 'fileutils'
 
 
 module Rack
@@ -359,7 +360,7 @@ module Rack
 
       def write_pid
         ::File.open(options[:pid], ::File::CREAT | ::File::EXCL | ::File::WRONLY ){ |f| f.write("#{Process.pid}") }
-        at_exit { ::File.delete(options[:pid]) if ::File.exist?(options[:pid]) }
+        at_exit { ::FileUtils.rm_f(options[:pid]) }
       rescue Errno::EEXIST
         check_pid!
         retry

data/lib/rack/session/abstract/id.rb

@@ -18,6 +18,8 @@ module Rack
         include Enumerable
         attr_writer :id
 
+        Unspecified = Object.new
+
         def self.find(req)
           req.get_header RACK_SESSION
         end
@@ -54,7 +56,15 @@ module Rack
           load_for_read!
           @data[key.to_s]
         end
-        alias :fetch :[]
+
+        def fetch(key, default=Unspecified, &block)
+          load_for_read!
+          if default == Unspecified
+            @data.fetch(key.to_s, &block)
+          else
+            @data.fetch(key.to_s, default, &block)
+          end
+        end
 
         def has_key?(key)
           load_for_read!
@@ -167,7 +177,7 @@ module Rack
       # * :key determines the name of the cookie, by default it is
       #   'rack.session'
       # * :path, :domain, :expire_after, :secure, and :httponly set the related
-      #   cookie options as by Rack::Response#add_cookie
+      #   cookie options as by Rack::Response#set_cookie
       # * :skip will not a set a cookie in the response nor update the session state
       # * :defer will not set a cookie in the response but still update the session
       #   state if it is used with a backend
@@ -200,7 +210,7 @@ module Rack
           :sidbits =>       128,
           :cookie_only =>   true,
           :secure_random => ::SecureRandom
-        }
+        }.freeze
 
         attr_reader :key, :default_options, :sid_secure
 

data/lib/rack/utils.rb

@@ -576,7 +576,7 @@ module Rack
     }
 
     # Responses with HTTP status codes that should not have an entity body
-    STATUS_WITH_NO_ENTITY_BODY = Set.new((100..199).to_a << 204 << 205 << 304)
+    STATUS_WITH_NO_ENTITY_BODY = Set.new((100..199).to_a << 204 << 304)
 
     SYMBOL_TO_STATUS_CODE = Hash[*HTTP_STATUS_CODES.map { |code, message|
       [message.downcase.gsub(/\s|-|'/, '_').to_sym, code]

data/rack.gemspec

@@ -28,8 +28,6 @@ EOF
   s.homepage        = 'http://rack.github.io/'
   s.required_ruby_version = '>= 2.2.2'
 
-  s.add_dependency 'json'
-
   s.add_development_dependency 'minitest', "~> 5.0"
   s.add_development_dependency 'minitest-sprint'
   s.add_development_dependency 'concurrent-ruby'

data/test/multipart/filename_with_null_byte

@@ -0,0 +1,7 @@
+--AaB03x
+Content-Type: image/jpeg
+Content-Disposition: attachment; name="files"; filename="flowers.exe%00.jpg"
+Content-Description: a complete map of the human genome
+
+contents
+--AaB03x--

data/test/spec_auth_basic.rb

@@ -75,6 +75,13 @@ describe Rack::Auth::Basic do
     end
   end
 
+  it 'return 401 Bad Request for a nil authorization header' do
+    request 'HTTP_AUTHORIZATION' => nil do |response|
+      response.must_be :client_error?
+      response.status.must_equal 401
+    end
+  end
+
   it 'takes realm as optional constructor arg' do
     app = Rack::Auth::Basic.new(unprotected_app, realm) { true }
     realm.must_equal app.realm

data/test/spec_chunked.rb

@@ -92,7 +92,7 @@ describe Rack::Chunked do
     body.join.must_equal 'Hello World!'
   end
 
-  [100, 204, 205, 304].each do |status_code|
+  [100, 204, 304].each do |status_code|
     it "not modify response when status code is #{status_code}" do
       app = lambda { |env| [status_code, {}, []] }
       status, headers, _ = chunked(app).call(@env)

data/test/spec_content_length.rb

@@ -36,13 +36,13 @@ describe Rack::ContentLength do
   it "not set Content-Length on 304 responses" do
     app = lambda { |env| [304, {}, []] }
     response = content_length(app).call(request)
-    response[1]['Content-Length'].must_equal nil
+    response[1]['Content-Length'].must_be_nil
   end
 
   it "not set Content-Length when Transfer-Encoding is chunked" do
     app = lambda { |env| [200, {'Content-Type' => 'text/plain', 'Transfer-Encoding' => 'chunked'}, []] }
     response = content_length(app).call(request)
-    response[1]['Content-Length'].must_equal nil
+    response[1]['Content-Length'].must_be_nil
   end
 
   # Using "Connection: close" for this is fairly contended. It might be useful
@@ -51,7 +51,7 @@ describe Rack::ContentLength do
   # should "not force a Content-Length when Connection:close" do
   #   app = lambda { |env| [200, {'Connection' => 'close'}, []] }
   #   response = content_length(app).call({})
-  #   response[1]['Content-Length'].must_equal nil
+  #   response[1]['Content-Length'].must_be_nil
   # end
 
   it "close bodies that need to be closed" do
@@ -64,7 +64,7 @@ describe Rack::ContentLength do
 
     app = lambda { |env| [200, {'Content-Type' => 'text/plain'}, body] }
     response = content_length(app).call(request)
-    body.closed.must_equal nil
+    body.closed.must_be_nil
     response[2].close
     body.closed.must_equal true
   end

data/test/spec_content_type.rb

@@ -41,6 +41,6 @@ describe Rack::ContentType do
   it "not set Content-Type on 304 responses" do
     app = lambda { |env| [304, {}, []] }
     response = content_type(app, "text/html").call(request)
-    response[1]['Content-Type'].must_equal nil
+    response[1]['Content-Type'].must_be_nil
   end
 end

data/test/spec_deflater.rb

@@ -81,13 +81,22 @@ describe Rack::Deflater do
     yield(status, headers, body) if block_given?
   end
 
+  # automatic gzip detection (streamable)
+  def auto_inflater
+    Zlib::Inflate.new(32 + Zlib::MAX_WBITS)
+  end
+
+  def deflate_or_gzip
+    {'deflate, gzip' => 'gzip'}
+  end
+
   it 'be able to deflate bodies that respond to each' do
     app_body = Object.new
     class << app_body; def each; yield('foo'); yield('bar'); end; end
 
-    verify(200, 'foobar', 'deflate', { 'app_body' => app_body }) do |status, headers, body|
+    verify(200, 'foobar', deflate_or_gzip, { 'app_body' => app_body }) do |status, headers, body|
       headers.must_equal({
-        'Content-Encoding' => 'deflate',
+        'Content-Encoding' => 'gzip',
         'Vary' => 'Accept-Encoding',
         'Content-Type' => 'text/plain'
       })
@@ -98,15 +107,15 @@ describe Rack::Deflater do
     app_body = Object.new
     class << app_body; def each; yield('foo'); yield('bar'); end; end
 
-    verify(200, app_body, 'deflate', { 'skip_body_verify' => true }) do |status, headers, body|
+    verify(200, app_body, deflate_or_gzip, { 'skip_body_verify' => true }) do |status, headers, body|
       headers.must_equal({
-        'Content-Encoding' => 'deflate',
+        'Content-Encoding' => 'gzip',
         'Vary' => 'Accept-Encoding',
         'Content-Type' => 'text/plain'
       })
 
       buf = []
-      inflater = Zlib::Inflate.new(-Zlib::MAX_WBITS)
+      inflater = auto_inflater
       body.each { |part| buf << inflater.inflate(part) }
       buf << inflater.finish
 
@@ -118,32 +127,33 @@ describe Rack::Deflater do
     app_body = Object.new
     class << app_body; def each; yield('foo'); yield('bar'); end; end
     opts = { 'skip_body_verify' => true }
-    verify(200, app_body, 'deflate', opts) do |status, headers, body|
+    verify(200, app_body, 'gzip', opts) do |status, headers, body|
       headers.must_equal({
-        'Content-Encoding' => 'deflate',
+        'Content-Encoding' => 'gzip',
         'Vary' => 'Accept-Encoding',
         'Content-Type' => 'text/plain'
       })
 
       buf = []
-      inflater = Zlib::Inflate.new(-Zlib::MAX_WBITS)
+      inflater = auto_inflater
       FakeDisconnect = Class.new(RuntimeError)
       assert_raises(FakeDisconnect, "not Zlib::DataError not raised") do
         body.each do |part|
-          buf << inflater.inflate(part)
+          tmp = inflater.inflate(part)
+          buf << tmp if tmp.bytesize > 0
           raise FakeDisconnect
         end
       end
-      assert_raises(Zlib::BufError) { inflater.finish }
+      inflater.finish
       buf.must_equal(%w(foo))
     end
   end
 
   # TODO: This is really just a special case of the above...
   it 'be able to deflate String bodies' do
-    verify(200, 'Hello world!', 'deflate') do |status, headers, body|
+    verify(200, 'Hello world!', deflate_or_gzip) do |status, headers, body|
       headers.must_equal({
-        'Content-Encoding' => 'deflate',
+        'Content-Encoding' => 'gzip',
         'Vary' => 'Accept-Encoding',
         'Content-Type' => 'text/plain'
       })
@@ -280,7 +290,7 @@ describe Rack::Deflater do
         'Content-Encoding' => 'identity'
       }
     }
-    verify(200, 'Hello World!', 'deflate', options)
+    verify(200, 'Hello World!', deflate_or_gzip, options)
   end
 
   it "deflate if content-type matches :include" do
@@ -334,7 +344,7 @@ describe Rack::Deflater do
         :if => lambda { |env, status, headers, body| true }
       }
     }
-    verify(200, 'Hello World!', 'deflate', options)
+    verify(200, 'Hello World!', deflate_or_gzip, options)
   end
 
   it "not deflate if :if lambda evaluates to false" do

data/test/spec_etag.rb

@@ -58,7 +58,7 @@ describe Rack::ETag do
   it "not set Cache-Control if directive isn't present" do
     app = lambda { |env| [200, {'Content-Type' => 'text/plain'}, ["Hello, World!"]] }
     response = etag(app, nil, nil).call(request)
-    response[1]['Cache-Control'].must_equal nil
+    response[1]['Cache-Control'].must_be_nil
   end
 
   it "not change ETag if it is already set" do

data/test/spec_file.rb

@@ -184,8 +184,8 @@ describe Rack::File do
     status, heads, _ = file(DOCROOT).call(env)
 
     status.must_equal 200
-    heads['Cache-Control'].must_equal nil
-    heads['Access-Control-Allow-Origin'].must_equal nil
+    heads['Cache-Control'].must_be_nil
+    heads['Access-Control-Allow-Origin'].must_be_nil
   end
 
   it "only support GET, HEAD, and OPTIONS requests" do
@@ -239,7 +239,7 @@ describe Rack::File do
     req = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT, nil, nil)))
     res = req.get "/cgi/test"
     res.must_be :successful?
-    res['Content-Type'].must_equal nil
+    res['Content-Type'].must_be_nil
   end
 
   it "return error when file not found for head request" do
@@ -248,4 +248,17 @@ describe Rack::File do
     res.body.must_be :empty?
   end
 
+  class MyFile < Rack::File
+    def response_body
+      "hello world"
+    end
+  end
+
+  it "behaves gracefully if response_body is present" do
+    file = Rack::Lint.new MyFile.new(DOCROOT)
+    res  = Rack::MockRequest.new(file).get("/cgi/test")
+
+    res.must_be :ok?
+  end
+
 end

data/test/spec_lint.rb

@@ -269,7 +269,7 @@ describe Rack::Lint do
     # }.must_raise(Rack::Lint::LintError).
     #   message.must_match(/No Content-Type/)
 
-    [100, 101, 204, 205, 304].each do |status|
+    [100, 101, 204, 304].each do |status|
       lambda {
         Rack::Lint.new(lambda { |env|
                          [status, {"Content-type" => "text/plain", "Content-length" => "0"}, []]
@@ -280,7 +280,7 @@ describe Rack::Lint do
   end
 
   it "notice content-length errors" do
-    [100, 101, 204, 205, 304].each do |status|
+    [100, 101, 204, 304].each do |status|
       lambda {
         Rack::Lint.new(lambda { |env|
                          [status, {"Content-length" => "0"}, []]

data/test/spec_media_type.rb

@@ -8,7 +8,7 @@ describe Rack::MediaType do
     before { @content_type = nil }
 
     it '#type is nil' do
-      Rack::MediaType.type(@content_type).must_equal nil
+      Rack::MediaType.type(@content_type).must_be_nil
     end
 
     it '#params is empty' do

data/test/spec_method_override.rb

@@ -66,14 +66,27 @@ EOF
                       "CONTENT_TYPE" => "multipart/form-data, boundary=AaB03x",
                       "CONTENT_LENGTH" => input.size.to_s,
                       :method => "POST", :input => input)
-    begin
-      app.call env
-    rescue EOFError
-    end
+    app.call env
 
     env["REQUEST_METHOD"].must_equal "POST"
   end
 
+  it "writes error to RACK_ERRORS when given invalid multipart form data" do
+    input = <<EOF
+--AaB03x\r
+content-disposition: form-data; name="huge"; filename="huge"\r
+EOF
+    env = Rack::MockRequest.env_for("/",
+                      "CONTENT_TYPE" => "multipart/form-data, boundary=AaB03x",
+                      "CONTENT_LENGTH" => input.size.to_s,
+                      Rack::RACK_ERRORS => StringIO.new,
+                      :method => "POST", :input => input)
+    Rack::MethodOverride.new(proc { [200, {"Content-Type" => "text/plain"}, []] }).call env
+
+    env[Rack::RACK_ERRORS].rewind
+    env[Rack::RACK_ERRORS].read.must_match /Bad request content body/
+  end
+
   it "not modify REQUEST_METHOD for POST requests when the params are unparseable" do
     env = Rack::MockRequest.env_for("/", :method => "POST", :input => "(%bad-params%)")
     app.call env

data/test/spec_mime.rb

@@ -19,7 +19,7 @@ describe Rack::Mime do
   end
 
   it "should support null fallbacks" do
-    Rack::Mime.mime_type('.nothing', nil).must_equal nil
+    Rack::Mime.mime_type('.nothing', nil).must_be_nil
   end
 
   it "should match exact mimes" do

data/test/spec_multipart.rb

@@ -27,7 +27,7 @@ describe Rack::Multipart do
   it "return nil if content type is not multipart" do
     env = Rack::MockRequest.env_for("/",
             "CONTENT_TYPE" => 'application/x-www-form-urlencoded')
-    Rack::Multipart.parse_multipart(env).must_equal nil
+    Rack::Multipart.parse_multipart(env).must_be_nil
   end
 
   it "parse multipart content when content type present but filename is not" do
@@ -305,11 +305,17 @@ describe Rack::Multipart do
     params["files"][:filename].must_equal "bob's flowers.jpg"
   end
 
+  it "parse multipart form with a null byte in the filename" do
+    env = Rack::MockRequest.env_for '/', multipart_fixture(:filename_with_null_byte)
+    params = Rack::Multipart.parse_multipart(env)
+    params["files"][:filename].must_equal "flowers.exe\u0000.jpg"
+  end
+
   it "not include file params if no file was selected" do
     env = Rack::MockRequest.env_for("/", multipart_fixture(:none))
     params = Rack::Multipart.parse_multipart(env)
     params["submit-name"].must_equal "Larry"
-    params["files"].must_equal nil
+    params["files"].must_be_nil
     params.keys.wont_include "files"
   end
 
@@ -557,7 +563,7 @@ Content-Type: image/jpeg\r
 
   it "return nil if no UploadedFiles were used" do
     data = Rack::Multipart.build_multipart("people" => [{"submit-name" => "Larry", "files" => "contents"}])
-    data.must_equal nil
+    data.must_be_nil
   end
 
   it "raise ArgumentError if params is not a Hash" do

data/test/spec_request.rb

@@ -476,7 +476,7 @@ class RackRequestTest < Minitest::Spec
 
     req = make_request \
       Rack::MockRequest.env_for("/")
-    req.referer.must_equal nil
+    req.referer.must_be_nil
   end
 
   it "extract user agent correctly" do
@@ -486,25 +486,25 @@ class RackRequestTest < Minitest::Spec
 
     req = make_request \
       Rack::MockRequest.env_for("/")
-    req.user_agent.must_equal nil
+    req.user_agent.must_be_nil
   end
 
   it "treat missing content type as nil" do
     req = make_request \
       Rack::MockRequest.env_for("/")
-    req.content_type.must_equal nil
+    req.content_type.must_be_nil
   end
 
   it "treat empty content type as nil" do
     req = make_request \
       Rack::MockRequest.env_for("/", "CONTENT_TYPE" => "")
-    req.content_type.must_equal nil
+    req.content_type.must_be_nil
   end
 
   it "return nil media type for empty content type" do
     req = make_request \
       Rack::MockRequest.env_for("/", "CONTENT_TYPE" => "")
-    req.media_type.must_equal nil
+    req.media_type.must_be_nil
   end
 
   it "cache, but invalidates the cache" do
@@ -1296,13 +1296,13 @@ EOF
     req.trusted_proxy?('unix').must_equal 0
     req.trusted_proxy?('unix:/tmp/sock').must_equal 0
 
-    req.trusted_proxy?("unix.example.org").must_equal nil
-    req.trusted_proxy?("example.org\n127.0.0.1").must_equal nil
-    req.trusted_proxy?("127.0.0.1\nexample.org").must_equal nil
-    req.trusted_proxy?("11.0.0.1").must_equal nil
-    req.trusted_proxy?("172.15.0.1").must_equal nil
-    req.trusted_proxy?("172.32.0.1").must_equal nil
-    req.trusted_proxy?("2001:470:1f0b:18f8::1").must_equal nil
+    req.trusted_proxy?("unix.example.org").must_be_nil
+    req.trusted_proxy?("example.org\n127.0.0.1").must_be_nil
+    req.trusted_proxy?("127.0.0.1\nexample.org").must_be_nil
+    req.trusted_proxy?("11.0.0.1").must_be_nil
+    req.trusted_proxy?("172.15.0.1").must_be_nil
+    req.trusted_proxy?("172.32.0.1").must_be_nil
+    req.trusted_proxy?("2001:470:1f0b:18f8::1").must_be_nil
   end
 
   it "sets the default session to an empty hash" do

data/test/spec_response.rb

@@ -55,7 +55,7 @@ describe Rack::Response do
 
   it "can set and read headers" do
     response = Rack::Response.new
-    response["Content-Type"].must_equal nil
+    response["Content-Type"].must_be_nil
     response["Content-Type"] = "text/plain"
     response["Content-Type"].must_equal "text/plain"
   end
@@ -273,8 +273,8 @@ describe Rack::Response do
     _, header, body = r.finish
     str = ""; body.each { |part| str << part }
     str.must_be :empty?
-    header["Content-Type"].must_equal nil
-    header['Content-Length'].must_equal nil
+    header["Content-Type"].must_be_nil
+    header['Content-Length'].must_be_nil
 
     lambda {
       Rack::Response.new(Object.new)
@@ -410,7 +410,7 @@ describe Rack::Response do
     res.body.must_be :closed?
   end
 
-  it "calls close on #body when 204, 205, or 304" do
+  it "calls close on #body when 204 or 304" do
     res = Rack::Response.new
     res.body = StringIO.new
     res.finish
@@ -424,7 +424,7 @@ describe Rack::Response do
     res.body = StringIO.new
     res.status = 205
     _, _, b = res.finish
-    res.body.must_be :closed?
+    res.body.wont_be :closed?
     b.wont_equal res.body
 
     res.body = StringIO.new

data/test/spec_server.rb

@@ -77,7 +77,7 @@ describe Rack::Server do
       o, ENV["REQUEST_METHOD"] = ENV["REQUEST_METHOD"], 'foo'
       server = Rack::Server.new(:app => 'foo')
       server.server.name =~ /CGI/
-      Rack::Server.logging_middleware.call(server).must_equal nil
+      Rack::Server.logging_middleware.call(server).must_be_nil
     ensure
       ENV['REQUEST_METHOD'] = o
     end
@@ -85,7 +85,7 @@ describe Rack::Server do
 
   it "be quiet if said so" do
     server = Rack::Server.new(:app => "FOO", :quiet => true)
-    Rack::Server.logging_middleware.call(server).must_equal nil
+    Rack::Server.logging_middleware.call(server).must_be_nil
   end
 
   it "use a full path to the pidfile" do

data/test/spec_session_abstract_session_hash.rb

@@ -25,4 +25,21 @@ describe Rack::Session::Abstract::SessionHash do
     assert_equal [:bar, :qux], hash.values
   end
 
+  describe "#fetch" do
+    it "returns value for a matching key" do
+      assert_equal :bar, hash.fetch(:foo)
+    end
+
+    it "works with a default value" do
+      assert_equal :default, hash.fetch(:unknown, :default)
+    end
+
+    it "works with a block" do
+      assert_equal :default, hash.fetch(:unkown) { :default }
+    end
+
+    it "it raises when fetching unknown keys without defaults" do
+      lambda { hash.fetch(:unknown) }.must_raise KeyError
+    end
+  end
 end

data/test/spec_session_cookie.rb

@@ -98,18 +98,18 @@ describe Rack::Session::Cookie do
 
       it 'rescues failures on decode' do
         coder = Rack::Session::Cookie::Base64::Marshal.new
-        coder.decode('lulz').must_equal nil
+        coder.decode('lulz').must_be_nil
       end
     end
 
     describe 'JSON' do
-      it 'marshals and base64 encodes' do
+      it 'JSON and base64 encodes' do
         coder = Rack::Session::Cookie::Base64::JSON.new
         obj   = %w[fuuuuu]
         coder.encode(obj).must_equal [::JSON.dump(obj)].pack('m')
       end
 
-      it 'marshals and base64 decodes' do
+      it 'JSON and base64 decodes' do
         coder = Rack::Session::Cookie::Base64::JSON.new
         str   = [::JSON.dump(%w[fuuuuu])].pack('m')
         coder.decode(str).must_equal ::JSON.parse(str.unpack('m').first)
@@ -117,7 +117,7 @@ describe Rack::Session::Cookie do
 
       it 'rescues failures on decode' do
         coder = Rack::Session::Cookie::Base64::JSON.new
-        coder.decode('lulz').must_equal nil
+        coder.decode('lulz').must_be_nil
       end
     end
 
@@ -139,7 +139,7 @@ describe Rack::Session::Cookie do
 
       it 'rescues failures on decode' do
         coder = Rack::Session::Cookie::Base64::ZipJSON.new
-        coder.decode('lulz').must_equal nil
+        coder.decode('lulz').must_be_nil
       end
     end
   end

data/test/spec_session_memcache.rb

@@ -143,7 +143,7 @@ begin
       res1.body.must_equal '{"counter"=>1}'
 
       res2 = dreq.get("/", "HTTP_COOKIE" => cookie)
-      res2["Set-Cookie"].must_equal nil
+      res2["Set-Cookie"].must_be_nil
       res2.body.must_equal '{"counter"=>2}'
 
       res3 = req.get("/", "HTTP_COOKIE" => cookie)
@@ -183,7 +183,7 @@ begin
       creq = Rack::MockRequest.new(count)
 
       res0 = dreq.get("/")
-      res0["Set-Cookie"].must_equal nil
+      res0["Set-Cookie"].must_be_nil
       res0.body.must_equal '{"counter"=>1}'
 
       res0 = creq.get("/")
@@ -201,7 +201,7 @@ begin
       creq = Rack::MockRequest.new(count)
 
       res0 = sreq.get("/")
-      res0["Set-Cookie"].must_equal nil
+      res0["Set-Cookie"].must_be_nil
       res0.body.must_equal '{"counter"=>1}'
 
       res0 = creq.get("/")

data/test/spec_session_pool.rb

@@ -138,7 +138,7 @@ describe Rack::Session::Pool do
     dreq = Rack::MockRequest.new(defer)
 
     res1 = dreq.get("/")
-    res1["Set-Cookie"].must_equal nil
+    res1["Set-Cookie"].must_be_nil
     res1.body.must_equal '{"counter"=>1}'
     pool.pool.size.must_equal 1
   end

data/test/spec_static.rb

@@ -97,7 +97,7 @@ describe Rack::Static do
   it "serves regular files if client accepts gzip encoding and gzip files are not present" do
     res = @gzip_request.get("/cgi/rackup_stub.rb", 'HTTP_ACCEPT_ENCODING'=>'deflate, gzip')
     res.must_be :ok?
-    res.headers['Content-Encoding'].must_equal nil
+    res.headers['Content-Encoding'].must_be_nil
     res.headers['Content-Type'].must_equal 'text/x-script.ruby'
     res.body.must_match(/ruby/)
   end
@@ -105,7 +105,7 @@ describe Rack::Static do
   it "serves regular files if client does not accept gzip encoding" do
     res = @gzip_request.get("/cgi/test")
     res.must_be :ok?
-    res.headers['Content-Encoding'].must_equal nil
+    res.headers['Content-Encoding'].must_be_nil
     res.headers['Content-Type'].must_equal 'text/plain'
     res.body.must_match(/ruby/)
   end

data/test/spec_utils.rb

@@ -231,6 +231,18 @@ describe Rack::Utils do
       message.must_equal "invalid byte sequence in UTF-8"
   end
 
+  it "only moves to a new array when the full key has been seen" do
+    Rack::Utils.parse_nested_query("x[][y][][z]=1&x[][y][][w]=2").
+      must_equal "x" => [{"y" => [{"z" => "1", "w" => "2"}]}]
+
+    Rack::Utils.parse_nested_query(
+      "x[][id]=1&x[][y][a]=5&x[][y][b]=7&x[][z][id]=3&x[][z][w]=0&x[][id]=2&x[][y][a]=6&x[][y][b]=8&x[][z][id]=4&x[][z][w]=0"
+    ).must_equal "x" => [
+        {"id" => "1", "y" => {"a" => "5", "b" => "7"}, "z" => {"id" => "3", "w" => "0"}},
+        {"id" => "2", "y" => {"a" => "6", "b" => "8"}, "z" => {"id" => "4", "w" => "0"}},
+      ]
+  end
+
   it "allow setting the params hash class to use for parsing query strings" do
     begin
       default_parser = Rack::Utils.default_query_parser
@@ -382,7 +394,7 @@ describe Rack::Utils do
     Rack::Utils.best_q_match("text/plain,text/html", %w[text/html text/plain]).must_equal "text/html"
 
     # When there are no matches, return nil:
-    Rack::Utils.best_q_match("application/json", %w[text/html text/plain]).must_equal nil
+    Rack::Utils.best_q_match("application/json", %w[text/html text/plain]).must_be_nil
   end
 
   it "escape html entities [&><'\"/]" do
@@ -415,9 +427,9 @@ describe Rack::Utils do
       Rack::Utils.select_best_encoding(a, b)
     end
 
-    helper.call(%w(), [["x", 1]]).must_equal nil
-    helper.call(%w(identity), [["identity", 0.0]]).must_equal nil
-    helper.call(%w(identity), [["*", 0.0]]).must_equal nil
+    helper.call(%w(), [["x", 1]]).must_be_nil
+    helper.call(%w(identity), [["identity", 0.0]]).must_be_nil
+    helper.call(%w(identity), [["*", 0.0]]).must_be_nil
 
     helper.call(%w(identity), [["compress", 1.0], ["gzip", 1.0]]).must_equal "identity"
 
@@ -526,15 +538,15 @@ end
 
 describe Rack::Utils, "byte_range" do
   it "ignore missing or syntactically invalid byte ranges" do
-    Rack::Utils.byte_ranges({},500).must_equal nil
-    Rack::Utils.byte_ranges({"HTTP_RANGE" => "foobar"},500).must_equal nil
-    Rack::Utils.byte_ranges({"HTTP_RANGE" => "furlongs=123-456"},500).must_equal nil
-    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes="},500).must_equal nil
-    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes=-"},500).must_equal nil
-    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes=123,456"},500).must_equal nil
+    Rack::Utils.byte_ranges({},500).must_be_nil
+    Rack::Utils.byte_ranges({"HTTP_RANGE" => "foobar"},500).must_be_nil
+    Rack::Utils.byte_ranges({"HTTP_RANGE" => "furlongs=123-456"},500).must_be_nil
+    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes="},500).must_be_nil
+    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes=-"},500).must_be_nil
+    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes=123,456"},500).must_be_nil
     # A range of non-positive length is syntactically invalid and ignored:
-    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes=456-123"},500).must_equal nil
-    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes=456-455"},500).must_equal nil
+    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes=456-123"},500).must_be_nil
+    Rack::Utils.byte_ranges({"HTTP_RANGE" => "bytes=456-455"},500).must_be_nil
   end
 
   it "parse simple byte ranges" do

data/test/spec_webrick.rb

@@ -1,5 +1,6 @@
 require 'minitest/autorun'
 require 'rack/mock'
+require 'concurrent/utility/native_integer'
 require 'concurrent/atomic/count_down_latch'
 require File.expand_path('../testrequest', __FILE__)
 
@@ -171,7 +172,7 @@ describe Rack::Handler::WEBrick do
     Rack::Lint.new(lambda{ |req|
       [
         200,
-        {"rack.hijack" => io_lambda},
+        [ [ "rack.hijack", io_lambda ] ],
         [""]
       ]
     })
@@ -195,7 +196,7 @@ describe Rack::Handler::WEBrick do
     Net::HTTP.start(@host, @port){ |http|
       res = http.get("/chunked")
       res["Transfer-Encoding"].must_equal "chunked"
-      res["Content-Length"].must_equal nil
+      res["Content-Length"].must_be_nil
       res.body.must_equal "chunked"
     }
   end

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: rack
 version: !ruby/object:Gem::Version
-  version: 2.0.0.rc1
+  version: 2.0.2
 platform: ruby
 authors:
 - Christian Neukirchen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-05-06 00:00:00.000000000 Z
+date: 2017-05-08 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: json
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -185,7 +171,6 @@ files:
 - test/cgi/assets/javascripts/app.js
 - test/cgi/assets/stylesheets/app.css
 - test/cgi/lighttpd.conf
-- test/cgi/lighttpd.errors
 - test/cgi/rackup_stub.rb
 - test/cgi/sample_rackup.ru
 - test/cgi/test
@@ -206,6 +191,7 @@ files:
 - test/multipart/filename_with_encoded_words
 - test/multipart/filename_with_escaped_quotes
 - test/multipart/filename_with_escaped_quotes_and_modification_param
+- test/multipart/filename_with_null_byte
 - test/multipart/filename_with_percent_escaped_quotes
 - test/multipart/filename_with_single_quote
 - test/multipart/filename_with_unescaped_percentages
@@ -298,12 +284,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.2.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.4
+rubygems_version: 2.6.8
 signing_key: 
 specification_version: 4
 summary: a modular Ruby webserver interface
@@ -359,4 +345,3 @@ test_files:
 - test/spec_utils.rb
 - test/spec_version.rb
 - test/spec_webrick.rb
-has_rdoc: 

data/test/cgi/lighttpd.errors

@@ -1,8 +0,0 @@
-2016-05-04 12:00:25: (log.c.164) server started 
-2016-05-04 12:00:35: (server.c.1558) server stopped by UID = 502 PID = 80374 
-2016-05-04 12:13:42: (log.c.164) server started 
-2016-05-04 12:13:51: (server.c.1558) server stopped by UID = 502 PID = 82209 
-2016-05-04 12:16:30: (log.c.164) server started 
-2016-05-04 12:16:39: (server.c.1558) server stopped by UID = 502 PID = 82523 
-2016-05-04 12:18:17: (log.c.164) server started 
-2016-05-04 12:18:26: (server.c.1558) server stopped by UID = 502 PID = 82745