RubyGems - rack - Versions diffs - 2.0.9.3 → 3.0.0 - Mend

rack 2.0.9.3 → 3.0.0

Potentially problematic release.

This version of rack might be problematic. Click here for more details.

Files changed (201) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +808 -0
data/CONTRIBUTING.md +142 -0
data/{COPYING → MIT-LICENSE} +4 -2
data/README.md +293 -0
data/SPEC.rdoc +340 -0
data/lib/rack/auth/abstract/handler.rb +6 -2
data/lib/rack/auth/abstract/request.rb +4 -2
data/lib/rack/auth/basic.rb +7 -4
data/lib/rack/auth/digest/md5.rb +1 -129
data/lib/rack/auth/digest/nonce.rb +1 -51
data/lib/rack/auth/digest/params.rb +1 -52
data/lib/rack/auth/digest/request.rb +1 -41
data/lib/rack/auth/digest.rb +256 -0
data/lib/rack/body_proxy.rb +18 -15
data/lib/rack/builder.rb +151 -40
data/lib/rack/cascade.rb +30 -12
data/lib/rack/chunked.rb +74 -23
data/lib/rack/common_logger.rb +49 -36
data/lib/rack/conditional_get.rb +33 -26
data/lib/rack/config.rb +2 -0
data/lib/rack/constants.rb +63 -0
data/lib/rack/content_length.rb +13 -16
data/lib/rack/content_type.rb +12 -8
data/lib/rack/deflater.rb +84 -45
data/lib/rack/directory.rb +90 -64
data/lib/rack/etag.rb +17 -23
data/lib/rack/events.rb +23 -20
data/lib/rack/file.rb +5 -172
data/lib/rack/files.rb +216 -0
data/lib/rack/head.rb +10 -9
data/lib/rack/headers.rb +154 -0
data/lib/rack/lint.rb +786 -645
data/lib/rack/lock.rb +4 -6
data/lib/rack/logger.rb +4 -0
data/lib/rack/media_type.rb +10 -5
data/lib/rack/method_override.rb +8 -2
data/lib/rack/mime.rb +17 -1
data/lib/rack/mock.rb +2 -195
data/lib/rack/mock_request.rb +166 -0
data/lib/rack/mock_response.rb +126 -0
data/lib/rack/multipart/generator.rb +21 -15
data/lib/rack/multipart/parser.rb +161 -118
data/lib/rack/multipart/uploaded_file.rb +19 -7
data/lib/rack/multipart.rb +23 -41
data/lib/rack/null_logger.rb +11 -0
data/lib/rack/query_parser.rb +126 -65
data/lib/rack/recursive.rb +9 -5
data/lib/rack/reloader.rb +6 -4
data/lib/rack/request.rb +331 -74
data/lib/rack/response.rb +223 -70
data/lib/rack/rewindable_input.rb +28 -8
data/lib/rack/runtime.rb +11 -8
data/lib/rack/sendfile.rb +42 -33
data/lib/rack/show_exceptions.rb +35 -18
data/lib/rack/show_status.rb +25 -15
data/lib/rack/static.rb +30 -18
data/lib/rack/tempfile_reaper.rb +16 -5
data/lib/rack/urlmap.rb +14 -6
data/lib/rack/utils.rb +268 -260
data/lib/rack/version.rb +34 -0
data/lib/rack.rb +15 -92
metadata +44 -207
data/HISTORY.md +0 -520
data/README.rdoc +0 -316
data/Rakefile +0 -116
data/SPEC +0 -263
data/bin/rackup +0 -4
data/contrib/rack.png +0 -0
data/contrib/rack.svg +0 -150
data/contrib/rack_logo.svg +0 -164
data/contrib/rdoc.css +0 -412
data/example/lobster.ru +0 -4
data/example/protectedlobster.rb +0 -14
data/example/protectedlobster.ru +0 -8
data/lib/rack/handler/cgi.rb +0 -60
data/lib/rack/handler/fastcgi.rb +0 -100
data/lib/rack/handler/lsws.rb +0 -61
data/lib/rack/handler/scgi.rb +0 -70
data/lib/rack/handler/thin.rb +0 -36
data/lib/rack/handler/webrick.rb +0 -120
data/lib/rack/handler.rb +0 -99
data/lib/rack/lobster.rb +0 -70
data/lib/rack/server.rb +0 -395
data/lib/rack/session/abstract/id.rb +0 -510
data/lib/rack/session/cookie.rb +0 -204
data/lib/rack/session/memcache.rb +0 -99
data/lib/rack/session/pool.rb +0 -83
data/rack.gemspec +0 -34
data/test/builder/an_underscore_app.rb +0 -5
data/test/builder/anything.rb +0 -5
data/test/builder/comment.ru +0 -4
data/test/builder/end.ru +0 -5
data/test/builder/line.ru +0 -1
data/test/builder/options.ru +0 -2
data/test/cgi/assets/folder/test.js +0 -1
data/test/cgi/assets/fonts/font.eot +0 -1
data/test/cgi/assets/images/image.png +0 -1
data/test/cgi/assets/index.html +0 -1
data/test/cgi/assets/javascripts/app.js +0 -1
data/test/cgi/assets/stylesheets/app.css +0 -1
data/test/cgi/lighttpd.conf +0 -26
data/test/cgi/rackup_stub.rb +0 -6
data/test/cgi/sample_rackup.ru +0 -5
data/test/cgi/test +0 -9
data/test/cgi/test+directory/test+file +0 -1
data/test/cgi/test.fcgi +0 -9
data/test/cgi/test.gz +0 -0
data/test/cgi/test.ru +0 -5
data/test/gemloader.rb +0 -10
data/test/helper.rb +0 -34
data/test/multipart/bad_robots +0 -259
data/test/multipart/binary +0 -0
data/test/multipart/content_type_and_no_filename +0 -6
data/test/multipart/empty +0 -10
data/test/multipart/fail_16384_nofile +0 -814
data/test/multipart/file1.txt +0 -1
data/test/multipart/filename_and_modification_param +0 -7
data/test/multipart/filename_and_no_name +0 -6
data/test/multipart/filename_with_encoded_words +0 -7
data/test/multipart/filename_with_escaped_quotes +0 -6
data/test/multipart/filename_with_escaped_quotes_and_modification_param +0 -7
data/test/multipart/filename_with_null_byte +0 -7
data/test/multipart/filename_with_percent_escaped_quotes +0 -6
data/test/multipart/filename_with_single_quote +0 -7
data/test/multipart/filename_with_unescaped_percentages +0 -6
data/test/multipart/filename_with_unescaped_percentages2 +0 -6
data/test/multipart/filename_with_unescaped_percentages3 +0 -6
data/test/multipart/filename_with_unescaped_quotes +0 -6
data/test/multipart/ie +0 -6
data/test/multipart/invalid_character +0 -6
data/test/multipart/mixed_files +0 -21
data/test/multipart/nested +0 -10
data/test/multipart/none +0 -9
data/test/multipart/quoted +0 -15
data/test/multipart/rack-logo.png +0 -0
data/test/multipart/semicolon +0 -6
data/test/multipart/text +0 -15
data/test/multipart/three_files_three_fields +0 -31
data/test/multipart/unity3d_wwwform +0 -11
data/test/multipart/webkit +0 -32
data/test/rackup/config.ru +0 -31
data/test/registering_handler/rack/handler/registering_myself.rb +0 -8
data/test/spec_auth_basic.rb +0 -89
data/test/spec_auth_digest.rb +0 -260
data/test/spec_body_proxy.rb +0 -85
data/test/spec_builder.rb +0 -233
data/test/spec_cascade.rb +0 -63
data/test/spec_cgi.rb +0 -84
data/test/spec_chunked.rb +0 -103
data/test/spec_common_logger.rb +0 -107
data/test/spec_conditional_get.rb +0 -103
data/test/spec_config.rb +0 -23
data/test/spec_content_length.rb +0 -86
data/test/spec_content_type.rb +0 -46
data/test/spec_deflater.rb +0 -375
data/test/spec_directory.rb +0 -148
data/test/spec_etag.rb +0 -108
data/test/spec_events.rb +0 -133
data/test/spec_fastcgi.rb +0 -85
data/test/spec_file.rb +0 -264
data/test/spec_handler.rb +0 -57
data/test/spec_head.rb +0 -46
data/test/spec_lint.rb +0 -520
data/test/spec_lobster.rb +0 -59
data/test/spec_lock.rb +0 -204
data/test/spec_logger.rb +0 -24
data/test/spec_media_type.rb +0 -42
data/test/spec_method_override.rb +0 -110
data/test/spec_mime.rb +0 -51
data/test/spec_mock.rb +0 -359
data/test/spec_multipart.rb +0 -721
data/test/spec_null_logger.rb +0 -21
data/test/spec_recursive.rb +0 -75
data/test/spec_request.rb +0 -1423
data/test/spec_response.rb +0 -528
data/test/spec_rewindable_input.rb +0 -128
data/test/spec_runtime.rb +0 -50
data/test/spec_sendfile.rb +0 -125
data/test/spec_server.rb +0 -193
data/test/spec_session_abstract_id.rb +0 -31
data/test/spec_session_abstract_session_hash.rb +0 -45
data/test/spec_session_cookie.rb +0 -442
data/test/spec_session_memcache.rb +0 -357
data/test/spec_session_persisted_secure_secure_session_hash.rb +0 -73
data/test/spec_session_pool.rb +0 -247
data/test/spec_show_exceptions.rb +0 -93
data/test/spec_show_status.rb +0 -104
data/test/spec_static.rb +0 -184
data/test/spec_tempfile_reaper.rb +0 -64
data/test/spec_thin.rb +0 -96
data/test/spec_urlmap.rb +0 -237
data/test/spec_utils.rb +0 -742
data/test/spec_version.rb +0 -11
data/test/spec_webrick.rb +0 -206
data/test/static/another/index.html +0 -1
data/test/static/foo.html +0 -1
data/test/static/index.html +0 -1
data/test/testrequest.rb +0 -78
data/test/unregistered_handler/rack/handler/unregistered.rb +0 -7
data/test/unregistered_handler/rack/handler/unregistered_long_one.rb +0 -7

data/test/spec_session_cookie.rb DELETED Viewed

@@ -1,442 +0,0 @@
-require 'minitest/autorun'
-require 'rack/session/cookie'
-require 'rack/lint'
-require 'rack/mock'
-describe Rack::Session::Cookie do
-  incrementor = lambda do |env|
-    env["rack.session"]["counter"] ||= 0
-    env["rack.session"]["counter"] += 1
-    hash = env["rack.session"].dup
-    hash.delete("session_id")
-    Rack::Response.new(hash.inspect).to_a
-  end
-  session_id = lambda do |env|
-    Rack::Response.new(env["rack.session"].to_hash.inspect).to_a
-  end
-  session_option = lambda do |opt|
-    lambda do |env|
-      Rack::Response.new(env["rack.session.options"][opt].inspect).to_a
-    end
-  end
-  nothing = lambda do |env|
-    Rack::Response.new("Nothing").to_a
-  end
-  renewer = lambda do |env|
-    env["rack.session.options"][:renew] = true
-    Rack::Response.new("Nothing").to_a
-  end
-  only_session_id = lambda do |env|
-    Rack::Response.new(env["rack.session"]["session_id"].to_s).to_a
-  end
-  bigcookie = lambda do |env|
-    env["rack.session"]["cookie"] = "big" * 3000
-    Rack::Response.new(env["rack.session"].inspect).to_a
-  end
-  destroy_session = lambda do |env|
-    env["rack.session"].destroy
-    Rack::Response.new("Nothing").to_a
-  end
-  def response_for(options={})
-    request_options = options.fetch(:request, {})
-    cookie = if options[:cookie].is_a?(Rack::Response)
-      options[:cookie]["Set-Cookie"]
-    else
-      options[:cookie]
-    end
-    request_options["HTTP_COOKIE"] = cookie || ""
-    app_with_cookie = Rack::Session::Cookie.new(*options[:app])
-    app_with_cookie = Rack::Lint.new(app_with_cookie)
-    Rack::MockRequest.new(app_with_cookie).get("/", request_options)
-  end
-  before do
-    @warnings = warnings = []
-    Rack::Session::Cookie.class_eval do
-      define_method(:warn) { |m| warnings << m }
-    end
-  end
-  after do
-    Rack::Session::Cookie.class_eval { remove_method :warn }
-  end
-  describe 'Base64' do
-    it 'uses base64 to encode' do
-      coder = Rack::Session::Cookie::Base64.new
-      str   = 'fuuuuu'
-      coder.encode(str).must_equal [str].pack('m')
-    end
-    it 'uses base64 to decode' do
-      coder = Rack::Session::Cookie::Base64.new
-      str   = ['fuuuuu'].pack('m')
-      coder.decode(str).must_equal str.unpack('m').first
-    end
-    describe 'Marshal' do
-      it 'marshals and base64 encodes' do
-        coder = Rack::Session::Cookie::Base64::Marshal.new
-        str   = 'fuuuuu'
-        coder.encode(str).must_equal [::Marshal.dump(str)].pack('m')
-      end
-      it 'marshals and base64 decodes' do
-        coder = Rack::Session::Cookie::Base64::Marshal.new
-        str   = [::Marshal.dump('fuuuuu')].pack('m')
-        coder.decode(str).must_equal ::Marshal.load(str.unpack('m').first)
-      end
-      it 'rescues failures on decode' do
-        coder = Rack::Session::Cookie::Base64::Marshal.new
-        coder.decode('lulz').must_be_nil
-      end
-    end
-    describe 'JSON' do
-      it 'JSON and base64 encodes' do
-        coder = Rack::Session::Cookie::Base64::JSON.new
-        obj   = %w[fuuuuu]
-        coder.encode(obj).must_equal [::JSON.dump(obj)].pack('m')
-      end
-      it 'JSON and base64 decodes' do
-        coder = Rack::Session::Cookie::Base64::JSON.new
-        str   = [::JSON.dump(%w[fuuuuu])].pack('m')
-        coder.decode(str).must_equal ::JSON.parse(str.unpack('m').first)
-      end
-      it 'rescues failures on decode' do
-        coder = Rack::Session::Cookie::Base64::JSON.new
-        coder.decode('lulz').must_be_nil
-      end
-    end
-    describe 'ZipJSON' do
-      it 'jsons, deflates, and base64 encodes' do
-        coder = Rack::Session::Cookie::Base64::ZipJSON.new
-        obj   = %w[fuuuuu]
-        json = JSON.dump(obj)
-        coder.encode(obj).must_equal [Zlib::Deflate.deflate(json)].pack('m')
-      end
-      it 'base64 decodes, inflates, and decodes json' do
-        coder = Rack::Session::Cookie::Base64::ZipJSON.new
-        obj   = %w[fuuuuu]
-        json  = JSON.dump(obj)
-        b64   = [Zlib::Deflate.deflate(json)].pack('m')
-        coder.decode(b64).must_equal obj
-      end
-      it 'rescues failures on decode' do
-        coder = Rack::Session::Cookie::Base64::ZipJSON.new
-        coder.decode('lulz').must_be_nil
-      end
-    end
-  end
-  it "warns if no secret is given" do
-    Rack::Session::Cookie.new(incrementor)
-    @warnings.first.must_match(/no secret/i)
-    @warnings.clear
-    Rack::Session::Cookie.new(incrementor, :secret => 'abc')
-    @warnings.must_be :empty?
-  end
-  it "doesn't warn if coder is configured to handle encoding" do
-    Rack::Session::Cookie.new(
-      incrementor,
-      :coder => Object.new,
-      :let_coder_handle_secure_encoding => true)
-    @warnings.must_be :empty?
-  end
-  it "still warns if coder is not set" do
-    Rack::Session::Cookie.new(
-      incrementor,
-      :let_coder_handle_secure_encoding => true)
-    @warnings.first.must_match(/no secret/i)
-  end
-  it 'uses a coder' do
-    identity = Class.new {
-      attr_reader :calls
-      def initialize
-        @calls = []
-      end
-      def encode(str); @calls << :encode; str; end
-      def decode(str); @calls << :decode; str; end
-    }.new
-    response = response_for(:app => [incrementor, { :coder => identity }])
-    response["Set-Cookie"].must_include "rack.session="
-    response.body.must_equal '{"counter"=>1}'
-    identity.calls.must_equal [:decode, :encode]
-  end
-  it "creates a new cookie" do
-    response = response_for(:app => incrementor)
-    response["Set-Cookie"].must_include "rack.session="
-    response.body.must_equal '{"counter"=>1}'
-  end
-  it "loads from a cookie" do
-    response = response_for(:app => incrementor)
-    response = response_for(:app => incrementor, :cookie => response)
-    response.body.must_equal '{"counter"=>2}'
-    response = response_for(:app => incrementor, :cookie => response)
-    response.body.must_equal '{"counter"=>3}'
-  end
-  it "renew session id" do
-    response = response_for(:app => incrementor)
-    cookie   = response['Set-Cookie']
-    response = response_for(:app => only_session_id, :cookie => cookie)
-    cookie   = response['Set-Cookie'] if response['Set-Cookie']
-    response.body.wont_equal ""
-    old_session_id = response.body
-    response = response_for(:app => renewer, :cookie => cookie)
-    cookie   = response['Set-Cookie'] if response['Set-Cookie']
-    response = response_for(:app => only_session_id, :cookie => cookie)
-    response.body.wont_equal ""
-    response.body.wont_equal old_session_id
-  end
-  it "destroys session" do
-    response = response_for(:app => incrementor)
-    response = response_for(:app => only_session_id, :cookie => response)
-    response.body.wont_equal ""
-    old_session_id = response.body
-    response = response_for(:app => destroy_session, :cookie => response)
-    response = response_for(:app => only_session_id, :cookie => response)
-    response.body.wont_equal ""
-    response.body.wont_equal old_session_id
-  end
-  it "survives broken cookies" do
-    response = response_for(
-      :app => incrementor,
-      :cookie => "rack.session=blarghfasel"
-    )
-    response.body.must_equal '{"counter"=>1}'
-    response = response_for(
-      :app => [incrementor, { :secret => "test" }],
-      :cookie => "rack.session="
-    )
-    response.body.must_equal '{"counter"=>1}'
-  end
-  it "barks on too big cookies" do
-    lambda{
-      response_for(:app => bigcookie, :request => { :fatal => true })
-    }.must_raise Rack::MockRequest::FatalWarning
-  end
-  it "loads from a cookie with integrity hash" do
-    app = [incrementor, { :secret => "test" }]
-    response = response_for(:app => app)
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>2}'
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>3}'
-    app = [incrementor, { :secret => "other" }]
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>1}'
-  end
-  it "loads from a cookie with accept-only integrity hash for graceful key rotation" do
-    response = response_for(:app => [incrementor, { :secret => "test" }])
-    app = [incrementor, { :secret => "test2", :old_secret => "test" }]
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>2}'
-    app = [incrementor, { :secret => "test3", :old_secret => "test2" }]
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>3}'
-  end
-  it "ignores tampered with session cookies" do
-    app = [incrementor, { :secret => "test" }]
-    response = response_for(:app => app)
-    response.body.must_equal '{"counter"=>1}'
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>2}'
-    _, digest = response["Set-Cookie"].split("--")
-    tampered_with_cookie = "hackerman-was-here" + "--" + digest
-    response = response_for(:app => app, :cookie => tampered_with_cookie)
-    response.body.must_equal '{"counter"=>1}'
-  end
-  it "supports either of secret or old_secret" do
-    app = [incrementor, { :secret => "test" }]
-    response = response_for(:app => app)
-    response.body.must_equal '{"counter"=>1}'
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>2}'
-    app = [incrementor, { :old_secret => "test" }]
-    response = response_for(:app => app)
-    response.body.must_equal '{"counter"=>1}'
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>2}'
-  end
-  it "supports custom digest class" do
-    app = [incrementor, { :secret => "test", hmac: OpenSSL::Digest::SHA256 }]
-    response = response_for(:app => app)
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>2}'
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>3}'
-    app = [incrementor, { :secret => "other" }]
-    response = response_for(:app => app, :cookie => response)
-    response.body.must_equal '{"counter"=>1}'
-  end
-  it "can handle Rack::Lint middleware" do
-    response = response_for(:app => incrementor)
-    lint = Rack::Lint.new(session_id)
-    response = response_for(:app => lint, :cookie => response)
-    response.body.wont_be :nil?
-  end
-  it "can handle middleware that inspects the env" do
-    class TestEnvInspector
-      def initialize(app)
-        @app = app
-      end
-      def call(env)
-        env.inspect
-        @app.call(env)
-      end
-    end
-    response = response_for(:app => incrementor)
-    inspector = TestEnvInspector.new(session_id)
-    response = response_for(:app => inspector, :cookie => response)
-    response.body.wont_be :nil?
-  end
-  it "returns the session id in the session hash" do
-    response = response_for(:app => incrementor)
-    response.body.must_equal '{"counter"=>1}'
-    response = response_for(:app => session_id, :cookie => response)
-    response.body.must_match(/"session_id"=>/)
-    response.body.must_match(/"counter"=>1/)
-  end
-  it "does not return a cookie if set to secure but not using ssl" do
-    app = [incrementor, { :secure => true }]
-    response = response_for(:app => app)
-    response["Set-Cookie"].must_be_nil
-    response = response_for(:app => app, :request => { "HTTPS" => "on" })
-    response["Set-Cookie"].wont_be :nil?
-    response["Set-Cookie"].must_match(/secure/)
-  end
-  it "does not return a cookie if cookie was not read/written" do
-    response = response_for(:app => nothing)
-    response["Set-Cookie"].must_be_nil
-  end
-  it "does not return a cookie if cookie was not written (only read)" do
-    response = response_for(:app => session_id)
-    response["Set-Cookie"].must_be_nil
-  end
-  it "returns even if not read/written if :expire_after is set" do
-    app = [nothing, { :expire_after => 3600 }]
-    request = { "rack.session" => { "not" => "empty" }}
-    response = response_for(:app => app, :request => request)
-    response["Set-Cookie"].wont_be :nil?
-  end
-  it "returns no cookie if no data was written and no session was created previously, even if :expire_after is set" do
-    app = [nothing, { :expire_after => 3600 }]
-    response = response_for(:app => app)
-    response["Set-Cookie"].must_be_nil
-  end
-  it "exposes :secret in env['rack.session.option']" do
-    response = response_for(:app => [session_option[:secret], { :secret => "foo" }])
-    response.body.must_equal '"foo"'
-  end
-  it "exposes :coder in env['rack.session.option']" do
-    response = response_for(:app => session_option[:coder])
-    response.body.must_match(/Base64::Marshal/)
-  end
-  it "allows passing in a hash with session data from middleware in front" do
-    request = { 'rack.session' => { :foo => 'bar' }}
-    response = response_for(:app => session_id, :request => request)
-    response.body.must_match(/foo/)
-  end
-  it "allows modifying session data with session data from middleware in front" do
-    request = { 'rack.session' => { :foo => 'bar' }}
-    response = response_for(:app => incrementor, :request => request)
-    response.body.must_match(/counter/)
-    response.body.must_match(/foo/)
-  end
-  it "allows more than one '--' in the cookie when calculating digests" do
-    @counter = 0
-    app = lambda do |env|
-      env["rack.session"]["message"] ||= ""
-      env["rack.session"]["message"] << "#{(@counter += 1).to_s}--"
-      hash = env["rack.session"].dup
-      hash.delete("session_id")
-      Rack::Response.new(hash["message"]).to_a
-    end
-    # another example of an unsafe coder is Base64.urlsafe_encode64
-    unsafe_coder = Class.new {
-      def encode(hash); hash.inspect end
-      def decode(str); eval(str) if str; end
-    }.new
-    _app = [ app, { :secret => "test", :coder => unsafe_coder } ]
-    response = response_for(:app => _app)
-    response.body.must_equal "1--"
-    response = response_for(:app => _app, :cookie => response)
-    response.body.must_equal "1--2--"
-  end
-end