RubyGems - rack - Versions diffs - 2.0.9.4 → 2.1.0 - Mend

rack 2.0.9.4 → 2.1.0

Potentially problematic release.

This version of rack might be problematic. Click here for more details.

Files changed (188) hide show

checksums.yaml +4 -4
data/{HISTORY.md → CHANGELOG.md} +214 -164
data/{COPYING → MIT-LICENSE} +4 -2
data/README.rdoc +79 -133
data/Rakefile +25 -18
data/SPEC +9 -9
data/bin/rackup +1 -0
data/example/lobster.ru +2 -0
data/example/protectedlobster.rb +3 -1
data/example/protectedlobster.ru +2 -0
data/lib/rack/auth/abstract/handler.rb +3 -1
data/lib/rack/auth/abstract/request.rb +2 -0
data/lib/rack/auth/basic.rb +4 -1
data/lib/rack/auth/digest/md5.rb +9 -7
data/lib/rack/auth/digest/nonce.rb +6 -3
data/lib/rack/auth/digest/params.rb +4 -2
data/lib/rack/auth/digest/request.rb +2 -0
data/lib/rack/body_proxy.rb +3 -6
data/lib/rack/builder.rb +38 -15
data/lib/rack/cascade.rb +6 -5
data/lib/rack/chunked.rb +29 -6
data/lib/rack/common_logger.rb +9 -11
data/lib/rack/conditional_get.rb +3 -1
data/lib/rack/config.rb +2 -0
data/lib/rack/content_length.rb +3 -1
data/lib/rack/content_type.rb +3 -1
data/lib/rack/core_ext/regexp.rb +14 -0
data/lib/rack/deflater.rb +28 -17
data/lib/rack/directory.rb +17 -14
data/lib/rack/etag.rb +3 -1
data/lib/rack/events.rb +5 -3
data/lib/rack/file.rb +5 -173
data/lib/rack/files.rb +178 -0
data/lib/rack/handler/cgi.rb +3 -1
data/lib/rack/handler/fastcgi.rb +4 -2
data/lib/rack/handler/lsws.rb +3 -1
data/lib/rack/handler/scgi.rb +9 -6
data/lib/rack/handler/thin.rb +3 -1
data/lib/rack/handler/webrick.rb +4 -2
data/lib/rack/handler.rb +7 -2
data/lib/rack/head.rb +2 -0
data/lib/rack/lint.rb +15 -12
data/lib/rack/lobster.rb +7 -5
data/lib/rack/lock.rb +2 -0
data/lib/rack/logger.rb +2 -0
data/lib/rack/media_type.rb +10 -5
data/lib/rack/method_override.rb +4 -2
data/lib/rack/mime.rb +9 -1
data/lib/rack/mock.rb +74 -15
data/lib/rack/multipart/generator.rb +6 -7
data/lib/rack/multipart/parser.rb +55 -62
data/lib/rack/multipart/uploaded_file.rb +2 -0
data/lib/rack/multipart.rb +6 -3
data/lib/rack/null_logger.rb +2 -0
data/lib/rack/query_parser.rb +51 -25
data/lib/rack/recursive.rb +7 -5
data/lib/rack/reloader.rb +10 -4
data/lib/rack/request.rb +79 -26
data/lib/rack/response.rb +71 -31
data/lib/rack/rewindable_input.rb +4 -2
data/lib/rack/runtime.rb +4 -2
data/lib/rack/sendfile.rb +15 -8
data/lib/rack/server.rb +88 -16
data/lib/rack/session/abstract/id.rb +40 -22
data/lib/rack/session/cookie.rb +10 -9
data/lib/rack/session/memcache.rb +4 -93
data/lib/rack/session/pool.rb +4 -2
data/lib/rack/show_exceptions.rb +15 -9
data/lib/rack/show_status.rb +4 -2
data/lib/rack/static.rb +15 -10
data/lib/rack/tempfile_reaper.rb +2 -0
data/lib/rack/urlmap.rb +11 -2
data/lib/rack/utils.rb +64 -93
data/lib/rack.rb +63 -60
data/rack.gemspec +17 -7
metadata +33 -175
data/test/builder/an_underscore_app.rb +0 -5
data/test/builder/anything.rb +0 -5
data/test/builder/comment.ru +0 -4
data/test/builder/end.ru +0 -5
data/test/builder/line.ru +0 -1
data/test/builder/options.ru +0 -2
data/test/cgi/assets/folder/test.js +0 -1
data/test/cgi/assets/fonts/font.eot +0 -1
data/test/cgi/assets/images/image.png +0 -1
data/test/cgi/assets/index.html +0 -1
data/test/cgi/assets/javascripts/app.js +0 -1
data/test/cgi/assets/stylesheets/app.css +0 -1
data/test/cgi/lighttpd.conf +0 -26
data/test/cgi/rackup_stub.rb +0 -6
data/test/cgi/sample_rackup.ru +0 -5
data/test/cgi/test +0 -9
data/test/cgi/test+directory/test+file +0 -1
data/test/cgi/test.fcgi +0 -9
data/test/cgi/test.gz +0 -0
data/test/cgi/test.ru +0 -5
data/test/gemloader.rb +0 -10
data/test/helper.rb +0 -34
data/test/multipart/bad_robots +0 -259
data/test/multipart/binary +0 -0
data/test/multipart/content_type_and_no_filename +0 -6
data/test/multipart/empty +0 -10
data/test/multipart/fail_16384_nofile +0 -814
data/test/multipart/file1.txt +0 -1
data/test/multipart/filename_and_modification_param +0 -7
data/test/multipart/filename_and_no_name +0 -6
data/test/multipart/filename_with_encoded_words +0 -7
data/test/multipart/filename_with_escaped_quotes +0 -6
data/test/multipart/filename_with_escaped_quotes_and_modification_param +0 -7
data/test/multipart/filename_with_null_byte +0 -7
data/test/multipart/filename_with_percent_escaped_quotes +0 -6
data/test/multipart/filename_with_single_quote +0 -7
data/test/multipart/filename_with_unescaped_percentages +0 -6
data/test/multipart/filename_with_unescaped_percentages2 +0 -6
data/test/multipart/filename_with_unescaped_percentages3 +0 -6
data/test/multipart/filename_with_unescaped_quotes +0 -6
data/test/multipart/ie +0 -6
data/test/multipart/invalid_character +0 -6
data/test/multipart/mixed_files +0 -21
data/test/multipart/nested +0 -10
data/test/multipart/none +0 -9
data/test/multipart/quoted +0 -15
data/test/multipart/rack-logo.png +0 -0
data/test/multipart/semicolon +0 -6
data/test/multipart/text +0 -15
data/test/multipart/three_files_three_fields +0 -31
data/test/multipart/unity3d_wwwform +0 -11
data/test/multipart/webkit +0 -32
data/test/rackup/config.ru +0 -31
data/test/registering_handler/rack/handler/registering_myself.rb +0 -8
data/test/spec_auth_basic.rb +0 -89
data/test/spec_auth_digest.rb +0 -260
data/test/spec_body_proxy.rb +0 -85
data/test/spec_builder.rb +0 -233
data/test/spec_cascade.rb +0 -63
data/test/spec_cgi.rb +0 -84
data/test/spec_chunked.rb +0 -103
data/test/spec_common_logger.rb +0 -107
data/test/spec_conditional_get.rb +0 -103
data/test/spec_config.rb +0 -23
data/test/spec_content_length.rb +0 -86
data/test/spec_content_type.rb +0 -46
data/test/spec_deflater.rb +0 -375
data/test/spec_directory.rb +0 -148
data/test/spec_etag.rb +0 -108
data/test/spec_events.rb +0 -133
data/test/spec_fastcgi.rb +0 -85
data/test/spec_file.rb +0 -264
data/test/spec_handler.rb +0 -57
data/test/spec_head.rb +0 -46
data/test/spec_lint.rb +0 -520
data/test/spec_lobster.rb +0 -59
data/test/spec_lock.rb +0 -204
data/test/spec_logger.rb +0 -24
data/test/spec_media_type.rb +0 -42
data/test/spec_method_override.rb +0 -110
data/test/spec_mime.rb +0 -51
data/test/spec_mock.rb +0 -359
data/test/spec_multipart.rb +0 -721
data/test/spec_null_logger.rb +0 -21
data/test/spec_recursive.rb +0 -75
data/test/spec_request.rb +0 -1423
data/test/spec_response.rb +0 -528
data/test/spec_rewindable_input.rb +0 -128
data/test/spec_runtime.rb +0 -50
data/test/spec_sendfile.rb +0 -125
data/test/spec_server.rb +0 -193
data/test/spec_session_abstract_id.rb +0 -31
data/test/spec_session_abstract_session_hash.rb +0 -45
data/test/spec_session_cookie.rb +0 -442
data/test/spec_session_memcache.rb +0 -357
data/test/spec_session_persisted_secure_secure_session_hash.rb +0 -73
data/test/spec_session_pool.rb +0 -247
data/test/spec_show_exceptions.rb +0 -93
data/test/spec_show_status.rb +0 -104
data/test/spec_static.rb +0 -184
data/test/spec_tempfile_reaper.rb +0 -64
data/test/spec_thin.rb +0 -96
data/test/spec_urlmap.rb +0 -237
data/test/spec_utils.rb +0 -742
data/test/spec_version.rb +0 -11
data/test/spec_webrick.rb +0 -206
data/test/static/another/index.html +0 -1
data/test/static/foo.html +0 -1
data/test/static/index.html +0 -1
data/test/testrequest.rb +0 -78
data/test/unregistered_handler/rack/handler/unregistered.rb +0 -7
data/test/unregistered_handler/rack/handler/unregistered_long_one.rb +0 -7

data/lib/rack/static.rb CHANGED Viewed

@@ -1,11 +1,15 @@
-require "rack/file"
+# frozen_string_literal: true
+require "rack/files"
 require "rack/utils"
+require_relative 'core_ext/regexp'
 module Rack
   # The Rack::Static middleware intercepts requests for static files
   # (javascript files, images, stylesheets, etc) based on the url prefixes or
-  # route mappings passed in the options, and serves them using a Rack::File
+  # route mappings passed in the options, and serves them using a Rack::Files
   # object. This allows a Rack stack to serve both static and dynamic content.
   #
   # Examples:
@@ -82,8 +86,9 @@ module Rack
   #         ]
   #
   class Static
+    using ::Rack::RegexpExtensions
-    def initialize(app, options={})
+    def initialize(app, options = {})
       @app = app
       @urls = options[:urls] || ["/favicon.ico"]
       @index = options[:index]
@@ -93,13 +98,13 @@ module Rack
       # HTTP Headers
       @header_rules = options[:header_rules] || []
       # Allow for legacy :cache_control option while prioritizing global header_rules setting
-      @header_rules.unshift([:all, {CACHE_CONTROL => options[:cache_control]}]) if options[:cache_control]
+      @header_rules.unshift([:all, { CACHE_CONTROL => options[:cache_control] }]) if options[:cache_control]
-      @file_server = Rack::File.new(root)
+      @file_server = Rack::Files.new(root)
     end
     def add_index_root?(path)
-      @index && path =~ /\/$/
+      @index && route_file(path) && path.end_with?('/')
     end
     def overwrite_file_path(path)
@@ -120,7 +125,7 @@ module Rack
       if can_serve(path)
         if overwrite_file_path(path)
           env[PATH_INFO] = (add_index_root?(path) ? path + @index : @urls[path])
-        elsif @gzip && env['HTTP_ACCEPT_ENCODING'] =~ /\bgzip\b/
+        elsif @gzip && env['HTTP_ACCEPT_ENCODING'] && /\bgzip\b/.match?(env['HTTP_ACCEPT_ENCODING'])
           path = env[PATH_INFO]
           env[PATH_INFO] += '.gz'
           response = @file_server.call(env)
@@ -157,14 +162,14 @@ module Rack
         when :all
           true
         when :fonts
-          path =~ /\.(?:ttf|otf|eot|woff2|woff|svg)\z/
+          /\.(?:ttf|otf|eot|woff2|woff|svg)\z/.match?(path)
         when String
           path = ::Rack::Utils.unescape(path)
           path.start_with?(rule) || path.start_with?('/' + rule)
         when Array
-          path =~ /\.(#{rule.join('|')})\z/
+          /\.(#{rule.join('|')})\z/.match?(path)
         when Regexp
-          path =~ rule
+          rule.match?(path)
         else
           false
         end

data/lib/rack/tempfile_reaper.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'rack/body_proxy'
 module Rack

data/lib/rack/urlmap.rb CHANGED Viewed

@@ -1,3 +1,7 @@
+# frozen_string_literal: true
+require 'set'
 module Rack
   # Rack::URLMap takes a hash mapping urls or paths to apps, and
   # dispatches accordingly.  Support for HTTP/1.1 host names exists if
@@ -20,9 +24,11 @@ module Rack
     end
     def remap(map)
+      @known_hosts = Set[]
       @mapping = map.map { |location, app|
         if location =~ %r{\Ahttps?://(.*?)(/.*)}
           host, location = $1, $2
+          @known_hosts << host
         else
           host = nil
         end
@@ -50,10 +56,13 @@ module Rack
       is_same_server = casecmp?(http_host, server_name) ||
                        casecmp?(http_host, "#{server_name}:#{server_port}")
+      is_host_known = @known_hosts.include? http_host
       @mapping.each do |host, location, match, app|
         unless casecmp?(http_host, host) \
             || casecmp?(server_name, host) \
-            || (!host && is_same_server)
+            || (!host && is_same_server) \
+            || (!host && !is_host_known) # If we don't have a matching host, default to the first without a specified host
           next
         end
@@ -68,7 +77,7 @@ module Rack
         return app.call(env)
       end
-      [404, {CONTENT_TYPE => "text/plain", "X-Cascade" => "pass"}, ["Not Found: #{path}"]]
+      [404, { CONTENT_TYPE => "text/plain", "X-Cascade" => "pass" }, ["Not Found: #{path}"]]
     ensure
       env[PATH_INFO]   = path

data/lib/rack/utils.rb CHANGED Viewed

@@ -1,4 +1,6 @@
 # -*- encoding: binary -*-
+# frozen_string_literal: true
 require 'uri'
 require 'fileutils'
 require 'set'
@@ -6,11 +8,15 @@ require 'tempfile'
 require 'rack/query_parser'
 require 'time'
+require_relative 'core_ext/regexp'
 module Rack
   # Rack::Utils contains a grab-bag of useful methods for writing web
   # applications adopted from all kinds of Ruby libraries.
   module Utils
+    using ::Rack::RegexpExtensions
     ParameterTypeError = QueryParser::ParameterTypeError
     InvalidParameterError = QueryParser::InvalidParameterError
     DEFAULT_SEP = QueryParser::DEFAULT_SEP
@@ -53,24 +59,13 @@ module Rack
     module_function :unescape
     class << self
-      attr_accessor :multipart_total_part_limit
-      attr_accessor :multipart_file_limit
-      # multipart_part_limit is the original name of multipart_file_limit, but
-      # the limit only counts parts with filenames.
-      alias multipart_part_limit multipart_file_limit
-      alias multipart_part_limit= multipart_file_limit=
+      attr_accessor :multipart_part_limit
     end
-    # The maximum number of file parts a request can contain. Accepting too
-    # many parts can lead to the server running out of file handles.
+    # The maximum number of parts a request can contain. Accepting too many part
+    # can lead to the server running out of file handles.
     # Set to `0` for no limit.
-    self.multipart_file_limit = (ENV['RACK_MULTIPART_PART_LIMIT'] || ENV['RACK_MULTIPART_FILE_LIMIT'] || 128).to_i
-    # The maximum total number of parts a request can contain. Accepting too
-    # many can lead to excessive memory use and parsing time.
-    self.multipart_total_part_limit = (ENV['RACK_MULTIPART_TOTAL_PART_LIMIT'] || 4096).to_i
+    self.multipart_part_limit = (ENV['RACK_MULTIPART_PART_LIMIT'] || 128).to_i
     def self.param_depth_limit
       default_query_parser.param_depth_limit
@@ -129,7 +124,7 @@ module Rack
       when Hash
         value.map { |k, v|
           build_nested_query(v, prefix ? "#{prefix}[#{escape(k)}]" : escape(k))
-        }.reject(&:empty?).join('&')
+        }.delete_if(&:empty?).join('&')
       when nil
         prefix
       else
@@ -140,10 +135,10 @@ module Rack
     module_function :build_nested_query
     def q_values(q_value_header)
-      q_value_header.to_s.split(',').map do |part|
-        value, parameters = part.split(';', 2).map(&:strip)
+      q_value_header.to_s.split(/\s*,\s*/).map do |part|
+        value, parameters = part.split(/\s*;\s*/, 2)
         quality = 1.0
-        if md = /\Aq=([\d.]+)/.match(parameters)
+        if parameters && (md = /\Aq=([\d.]+)/.match(parameters))
           quality = md[1].to_f
         end
         [value, quality]
@@ -186,27 +181,26 @@ module Rack
       # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
       expanded_accept_encoding =
-        accept_encoding.map { |m, q|
+        accept_encoding.each_with_object([]) do |(m, q), list|
           if m == "*"
-            (available_encodings - accept_encoding.map { |m2, _| m2 }).map { |m2| [m2, q] }
+            (available_encodings - accept_encoding.map(&:first))
+              .each { |m2| list << [m2, q] }
           else
-            [[m, q]]
+            list << [m, q]
           end
-        }.inject([]) { |mem, list|
-          mem + list
-        }
+        end
-      encoding_candidates = expanded_accept_encoding.sort_by { |_, q| -q }.map { |m, _| m }
+      encoding_candidates = expanded_accept_encoding.sort_by { |_, q| -q }.map!(&:first)
       unless encoding_candidates.include?("identity")
         encoding_candidates.push("identity")
       end
-      expanded_accept_encoding.each { |m, q|
+      expanded_accept_encoding.each do |m, q|
         encoding_candidates.delete(m) if q == 0.0
-      }
+      end
-      return (encoding_candidates & available_encodings)[0]
+      (encoding_candidates & available_encodings)[0]
     end
     module_function :select_best_encoding
@@ -222,7 +216,7 @@ module Rack
       #   precede those with less specific.  Ordering with respect to other
       #   attributes (e.g., Domain) is unspecified.
       cookies = parse_query(header, ';,') { |s| unescape(s) rescue s }
-      cookies.each_with_object({}) { |(k,v), hash| hash[k] = Array === v ? v.first : v }
+      cookies.each_with_object({}) { |(k, v), hash| hash[k] = Array === v ? v.first : v }
     end
     module_function :parse_cookies_header
@@ -232,31 +226,7 @@ module Rack
         domain  = "; domain=#{value[:domain]}"   if value[:domain]
         path    = "; path=#{value[:path]}"       if value[:path]
         max_age = "; max-age=#{value[:max_age]}" if value[:max_age]
-        # There is an RFC mess in the area of date formatting for Cookies. Not
-        # only are there contradicting RFCs and examples within RFC text, but
-        # there are also numerous conflicting names of fields and partially
-        # cross-applicable specifications.
-        #
-        # These are best described in RFC 2616 3.3.1. This RFC text also
-        # specifies that RFC 822 as updated by RFC 1123 is preferred. That is a
-        # fixed length format with space-date delimited fields.
-        #
-        # See also RFC 1123 section 5.2.14.
-        #
-        # RFC 6265 also specifies "sane-cookie-date" as RFC 1123 date, defined
-        # in RFC 2616 3.3.1. RFC 6265 also gives examples that clearly denote
-        # the space delimited format. These formats are compliant with RFC 2822.
-        #
-        # For reference, all involved RFCs are:
-        # RFC 822
-        # RFC 1123
-        # RFC 2109
-        # RFC 2616
-        # RFC 2822
-        # RFC 2965
-        # RFC 6265
-        expires = "; expires=" +
-          rfc2822(value[:expires].clone.gmtime) if value[:expires]
+        expires = "; expires=#{value[:expires].httpdate}" if value[:expires]
         secure = "; secure"  if value[:secure]
         httponly = "; HttpOnly" if (value.key?(:httponly) ? value[:httponly] : value[:http_only])
         same_site =
@@ -264,11 +234,11 @@ module Rack
           when false, nil
             nil
           when :none, 'None', :None
-            '; SameSite=None'.freeze
+            '; SameSite=None'
           when :lax, 'Lax', :Lax
-            '; SameSite=Lax'.freeze
+            '; SameSite=Lax'
           when true, :strict, 'Strict', :Strict
-            '; SameSite=Strict'.freeze
+            '; SameSite=Strict'
           else
             raise ArgumentError, "Invalid SameSite value: #{value[:same_site].inspect}"
           end
@@ -308,15 +278,15 @@ module Rack
         cookies = header
       end
-      cookies.reject! { |cookie|
-        if value[:domain]
-          cookie =~ /\A#{escape(key)}=.*domain=#{value[:domain]}/
-        elsif value[:path]
-          cookie =~ /\A#{escape(key)}=.*path=#{value[:path]}/
-        else
-          cookie =~ /\A#{escape(key)}=/
-        end
-      }
+      regexp = if value[:domain]
+                 /\A#{escape(key)}=.*domain=#{value[:domain]}/
+               elsif value[:path]
+                 /\A#{escape(key)}=.*path=#{value[:path]}/
+               else
+                 /\A#{escape(key)}=/
+               end
+      cookies.reject! { |cookie| regexp.match? cookie }
       cookies.join("\n")
     end
@@ -334,9 +304,9 @@ module Rack
       new_header = make_delete_cookie_header(header, key, value)
       add_cookie_to_header(new_header, key,
-                 {:value => '', :path => nil, :domain => nil,
-                   :max_age => '0',
-                   :expires => Time.at(0) }.merge(value))
+                 { value: '', path: nil, domain: nil,
+                   max_age: '0',
+                   expires: Time.at(0) }.merge(value))
     end
     module_function :add_remove_cookie_to_header
@@ -376,23 +346,22 @@ module Rack
       return nil unless http_range && http_range =~ /bytes=([^;]+)/
       ranges = []
       $1.split(/,\s*/).each do |range_spec|
-        return nil unless range_spec.include?('-')
-        range = range_spec.split('-')
-        r0, r1 = range[0], range[1]
-        if r0.nil? || r0.empty?
-          return nil if r1.nil?
+        return nil  unless range_spec =~ /(\d*)-(\d*)/
+        r0, r1 = $1, $2
+        if r0.empty?
+          return nil  if r1.empty?
           # suffix-byte-range-spec, represents trailing suffix of file
           r0 = size - r1.to_i
           r0 = 0  if r0 < 0
           r1 = size - 1
         else
           r0 = r0.to_i
-          if r1.nil?
+          if r1.empty?
             r1 = size - 1
           else
             r1 = r1.to_i
             return nil  if r1 < r0  # backwards range is syntactically invalid
-            r1 = size-1  if r1 >= size
+            r1 = size - 1  if r1 >= size
           end
         end
         ranges << (r0..r1)  if r0 <= r1
@@ -413,7 +382,7 @@ module Rack
       l = a.unpack("C*")
       r, i = 0, -1
-      b.each_byte { |v| r |= v ^ l[i+=1] }
+      b.each_byte { |v| r |= v ^ l[i += 1] }
       r == 0
     end
     module_function :secure_compare
@@ -439,19 +408,17 @@ module Rack
         self.class.new(@for, app)
       end
-      def context(env, app=@app)
+      def context(env, app = @app)
         recontext(app).call(env)
       end
     end
     # A case-insensitive Hash that preserves the original case of a
     # header when set.
-    class HeaderHash < Hash
-      def self.new(hash={})
-        HeaderHash === hash ? hash : super(hash)
-      end
-      def initialize(hash={})
+    #
+    # @api private
+    class HeaderHash < Hash # :nodoc:
+      def initialize(hash = {})
         super()
         @names = {}
         hash.each { |k, v| self[k] = v }
@@ -471,7 +438,7 @@ module Rack
       def to_hash
         hash = {}
-        each { |k,v| hash[k] = v }
+        each { |k, v| hash[k] = v }
         hash
       end
@@ -524,13 +491,14 @@ module Rack
     # Every standard HTTP code mapped to the appropriate message.
     # Generated with:
-    # curl -s https://www.iana.org/assignments/http-status-codes/http-status-codes-1.csv | \
-    #   ruby -ne 'm = /^(\d{3}),(?!Unassigned|\(Unused\))([^,]+)/.match($_) and \
-    #             puts "#{m[1]} => \x27#{m[2].strip}\x27,"'
+    #   curl -s https://www.iana.org/assignments/http-status-codes/http-status-codes-1.csv | \
+    #     ruby -ne 'm = /^(\d{3}),(?!Unassigned|\(Unused\))([^,]+)/.match($_) and \
+    #               puts "#{m[1]} => \x27#{m[2].strip}\x27,"'
     HTTP_STATUS_CODES = {
       100 => 'Continue',
       101 => 'Switching Protocols',
       102 => 'Processing',
+      103 => 'Early Hints',
       200 => 'OK',
       201 => 'Created',
       202 => 'Accepted',
@@ -547,6 +515,7 @@ module Rack
       303 => 'See Other',
       304 => 'Not Modified',
       305 => 'Use Proxy',
+      306 => '(Unused)',
       307 => 'Temporary Redirect',
       308 => 'Permanent Redirect',
       400 => 'Bad Request',
@@ -571,6 +540,7 @@ module Rack
       422 => 'Unprocessable Entity',
       423 => 'Locked',
       424 => 'Failed Dependency',
+      425 => 'Too Early',
       426 => 'Upgrade Required',
       428 => 'Precondition Required',
       429 => 'Too Many Requests',
@@ -585,12 +555,13 @@ module Rack
       506 => 'Variant Also Negotiates',
       507 => 'Insufficient Storage',
       508 => 'Loop Detected',
+      509 => 'Bandwidth Limit Exceeded',
       510 => 'Not Extended',
       511 => 'Network Authentication Required'
     }
     # Responses with HTTP status codes that should not have an entity body
-    STATUS_WITH_NO_ENTITY_BODY = Set.new((100..199).to_a << 204 << 304)
+    STATUS_WITH_NO_ENTITY_BODY = Hash[((100..199).to_a << 204 << 304).product([true])]
     SYMBOL_TO_STATUS_CODE = Hash[*HTTP_STATUS_CODES.map { |code, message|
       [message.downcase.gsub(/\s|-|'/, '_').to_sym, code]
@@ -598,7 +569,7 @@ module Rack
     def status_code(status)
       if status.is_a?(Symbol)
-        SYMBOL_TO_STATUS_CODE[status] || 500
+        SYMBOL_TO_STATUS_CODE.fetch(status) { raise ArgumentError, "Unrecognized status code #{status.inspect}" }
       else
         status.to_i
       end
@@ -619,11 +590,11 @@ module Rack
       clean.unshift '/' if parts.empty? || parts.first.empty?
-      ::File.join(*clean)
+      ::File.join clean
     end
     module_function :clean_path_info
-    NULL_BYTE = "\0".freeze
+    NULL_BYTE = "\0"
     def valid_path?(path)
       path.valid_encoding? && !path.include?(NULL_BYTE)

data/lib/rack.rb CHANGED Viewed

@@ -1,7 +1,9 @@
-# Copyright (C) 2007, 2008, 2009, 2010 Christian Neukirchen <purl.org/net/chneukirchen>
+# frozen_string_literal: true
+# Copyright (C) 2007-2019 Leah Neukirchen <http://leahneukirchen.org/infopage.html>
 #
 # Rack is freely distributable under the terms of an MIT-style license.
-# See COPYING or http://www.opensource.org/licenses/mit-license.php.
+# See MIT-LICENSE or https://opensource.org/licenses/MIT.
 # The Rack main module, serving as a namespace for all core Rack
 # modules and classes.
@@ -11,80 +13,80 @@
 module Rack
   # The Rack protocol version number implemented.
-  VERSION = [1,3]
+  VERSION = [1, 3]
   # Return the Rack protocol version as a dotted string.
   def self.version
     VERSION.join(".")
   end
-  RELEASE = "2.0.9.4"
+  RELEASE = "2.1.0"
   # Return the Rack release as a dotted string.
   def self.release
     RELEASE
   end
-  HTTP_HOST         = 'HTTP_HOST'.freeze
-  HTTP_VERSION      = 'HTTP_VERSION'.freeze
-  HTTPS             = 'HTTPS'.freeze
-  PATH_INFO         = 'PATH_INFO'.freeze
-  REQUEST_METHOD    = 'REQUEST_METHOD'.freeze
-  REQUEST_PATH      = 'REQUEST_PATH'.freeze
-  SCRIPT_NAME       = 'SCRIPT_NAME'.freeze
-  QUERY_STRING      = 'QUERY_STRING'.freeze
-  SERVER_PROTOCOL   = 'SERVER_PROTOCOL'.freeze
-  SERVER_NAME       = 'SERVER_NAME'.freeze
-  SERVER_ADDR       = 'SERVER_ADDR'.freeze
-  SERVER_PORT       = 'SERVER_PORT'.freeze
-  CACHE_CONTROL     = 'Cache-Control'.freeze
-  CONTENT_LENGTH    = 'Content-Length'.freeze
-  CONTENT_TYPE      = 'Content-Type'.freeze
-  SET_COOKIE        = 'Set-Cookie'.freeze
-  TRANSFER_ENCODING = 'Transfer-Encoding'.freeze
-  HTTP_COOKIE       = 'HTTP_COOKIE'.freeze
-  ETAG              = 'ETag'.freeze
+  HTTP_HOST         = 'HTTP_HOST'
+  HTTP_VERSION      = 'HTTP_VERSION'
+  HTTPS             = 'HTTPS'
+  PATH_INFO         = 'PATH_INFO'
+  REQUEST_METHOD    = 'REQUEST_METHOD'
+  REQUEST_PATH      = 'REQUEST_PATH'
+  SCRIPT_NAME       = 'SCRIPT_NAME'
+  QUERY_STRING      = 'QUERY_STRING'
+  SERVER_PROTOCOL   = 'SERVER_PROTOCOL'
+  SERVER_NAME       = 'SERVER_NAME'
+  SERVER_ADDR       = 'SERVER_ADDR'
+  SERVER_PORT       = 'SERVER_PORT'
+  CACHE_CONTROL     = 'Cache-Control'
+  CONTENT_LENGTH    = 'Content-Length'
+  CONTENT_TYPE      = 'Content-Type'
+  SET_COOKIE        = 'Set-Cookie'
+  TRANSFER_ENCODING = 'Transfer-Encoding'
+  HTTP_COOKIE       = 'HTTP_COOKIE'
+  ETAG              = 'ETag'
   # HTTP method verbs
-  GET     = 'GET'.freeze
-  POST    = 'POST'.freeze
-  PUT     = 'PUT'.freeze
-  PATCH   = 'PATCH'.freeze
-  DELETE  = 'DELETE'.freeze
-  HEAD    = 'HEAD'.freeze
-  OPTIONS = 'OPTIONS'.freeze
-  LINK    = 'LINK'.freeze
-  UNLINK  = 'UNLINK'.freeze
-  TRACE   = 'TRACE'.freeze
+  GET     = 'GET'
+  POST    = 'POST'
+  PUT     = 'PUT'
+  PATCH   = 'PATCH'
+  DELETE  = 'DELETE'
+  HEAD    = 'HEAD'
+  OPTIONS = 'OPTIONS'
+  LINK    = 'LINK'
+  UNLINK  = 'UNLINK'
+  TRACE   = 'TRACE'
   # Rack environment variables
-  RACK_VERSION                        = 'rack.version'.freeze
-  RACK_TEMPFILES                      = 'rack.tempfiles'.freeze
-  RACK_ERRORS                         = 'rack.errors'.freeze
-  RACK_LOGGER                         = 'rack.logger'.freeze
-  RACK_INPUT                          = 'rack.input'.freeze
-  RACK_SESSION                        = 'rack.session'.freeze
-  RACK_SESSION_OPTIONS                = 'rack.session.options'.freeze
-  RACK_SHOWSTATUS_DETAIL              = 'rack.showstatus.detail'.freeze
-  RACK_MULTITHREAD                    = 'rack.multithread'.freeze
-  RACK_MULTIPROCESS                   = 'rack.multiprocess'.freeze
-  RACK_RUNONCE                        = 'rack.run_once'.freeze
-  RACK_URL_SCHEME                     = 'rack.url_scheme'.freeze
-  RACK_HIJACK                         = 'rack.hijack'.freeze
-  RACK_IS_HIJACK                      = 'rack.hijack?'.freeze
-  RACK_HIJACK_IO                      = 'rack.hijack_io'.freeze
-  RACK_RECURSIVE_INCLUDE              = 'rack.recursive.include'.freeze
-  RACK_MULTIPART_BUFFER_SIZE          = 'rack.multipart.buffer_size'.freeze
-  RACK_MULTIPART_TEMPFILE_FACTORY     = 'rack.multipart.tempfile_factory'.freeze
-  RACK_REQUEST_FORM_INPUT             = 'rack.request.form_input'.freeze
-  RACK_REQUEST_FORM_HASH              = 'rack.request.form_hash'.freeze
-  RACK_REQUEST_FORM_VARS              = 'rack.request.form_vars'.freeze
-  RACK_REQUEST_COOKIE_HASH            = 'rack.request.cookie_hash'.freeze
-  RACK_REQUEST_COOKIE_STRING          = 'rack.request.cookie_string'.freeze
-  RACK_REQUEST_QUERY_HASH             = 'rack.request.query_hash'.freeze
-  RACK_REQUEST_QUERY_STRING           = 'rack.request.query_string'.freeze
-  RACK_METHODOVERRIDE_ORIGINAL_METHOD = 'rack.methodoverride.original_method'.freeze
-  RACK_SESSION_UNPACKED_COOKIE_DATA   = 'rack.session.unpacked_cookie_data'.freeze
+  RACK_VERSION                        = 'rack.version'
+  RACK_TEMPFILES                      = 'rack.tempfiles'
+  RACK_ERRORS                         = 'rack.errors'
+  RACK_LOGGER                         = 'rack.logger'
+  RACK_INPUT                          = 'rack.input'
+  RACK_SESSION                        = 'rack.session'
+  RACK_SESSION_OPTIONS                = 'rack.session.options'
+  RACK_SHOWSTATUS_DETAIL              = 'rack.showstatus.detail'
+  RACK_MULTITHREAD                    = 'rack.multithread'
+  RACK_MULTIPROCESS                   = 'rack.multiprocess'
+  RACK_RUNONCE                        = 'rack.run_once'
+  RACK_URL_SCHEME                     = 'rack.url_scheme'
+  RACK_HIJACK                         = 'rack.hijack'
+  RACK_IS_HIJACK                      = 'rack.hijack?'
+  RACK_HIJACK_IO                      = 'rack.hijack_io'
+  RACK_RECURSIVE_INCLUDE              = 'rack.recursive.include'
+  RACK_MULTIPART_BUFFER_SIZE          = 'rack.multipart.buffer_size'
+  RACK_MULTIPART_TEMPFILE_FACTORY     = 'rack.multipart.tempfile_factory'
+  RACK_REQUEST_FORM_INPUT             = 'rack.request.form_input'
+  RACK_REQUEST_FORM_HASH              = 'rack.request.form_hash'
+  RACK_REQUEST_FORM_VARS              = 'rack.request.form_vars'
+  RACK_REQUEST_COOKIE_HASH            = 'rack.request.cookie_hash'
+  RACK_REQUEST_COOKIE_STRING          = 'rack.request.cookie_string'
+  RACK_REQUEST_QUERY_HASH             = 'rack.request.query_hash'
+  RACK_REQUEST_QUERY_STRING           = 'rack.request.query_string'
+  RACK_METHODOVERRIDE_ORIGINAL_METHOD = 'rack.methodoverride.original_method'
+  RACK_SESSION_UNPACKED_COOKIE_DATA   = 'rack.session.unpacked_cookie_data'
   autoload :Builder, "rack/builder"
   autoload :BodyProxy, "rack/body_proxy"
@@ -97,6 +99,7 @@ module Rack
   autoload :ContentType, "rack/content_type"
   autoload :ETag, "rack/etag"
   autoload :File, "rack/file"
+  autoload :Files, "rack/files"
   autoload :Deflater, "rack/deflater"
   autoload :Directory, "rack/directory"
   autoload :ForwardRequest, "rack/recursive"

data/rack.gemspec CHANGED Viewed

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
 Gem::Specification.new do |s|
-  s.name            = "rack"
+  s.name = "rack"
   s.version = File.read('lib/rack.rb')[/RELEASE += +([\"\'])([\d][\w\.]+)\1/, 2]
   s.platform        = Gem::Platform::RUBY
   s.summary         = "a modular Ruby webserver interface"
@@ -15,20 +17,28 @@ middleware) into a single method call.
 Also see https://rack.github.io/.
 EOF
-  s.files           = Dir['{bin/*,contrib/*,example/*,lib/**/*,test/**/*}'] +
-                        %w(COPYING rack.gemspec Rakefile README.rdoc SPEC)
+  s.files           = Dir['{bin/*,contrib/*,example/*,lib/**/*}'] +
+                        %w(MIT-LICENSE rack.gemspec Rakefile README.rdoc SPEC)
   s.bindir          = 'bin'
-  s.executables     << 'rackup'
-  s.require_path    = 'lib'
-  s.extra_rdoc_files = ['README.rdoc', 'HISTORY.md']
-  s.test_files      = Dir['test/spec_*.rb']
+  s.executables << 'rackup'
+  s.require_path = 'lib'
+  s.extra_rdoc_files = ['README.rdoc', 'CHANGELOG.md']
   s.author          = 'Leah Neukirchen'
   s.email           = 'leah@vuxu.org'
   s.homepage        = 'https://rack.github.io/'
   s.required_ruby_version = '>= 2.2.2'
+  s.metadata              = {
+    "bug_tracker_uri"   => "https://github.com/rack/rack/issues",
+    "changelog_uri"     => "https://github.com/rack/rack/blob/master/CHANGELOG.md",
+    "documentation_uri" => "https://rubydoc.info/github/rack/rack",
+    "homepage_uri"      => "https://rack.github.io",
+    "mailing_list_uri"  => "https://groups.google.com/forum/#!forum/rack-devel",
+    "source_code_uri"   => "https://github.com/rack/rack"
+  }
   s.add_development_dependency 'minitest', "~> 5.0"
   s.add_development_dependency 'minitest-sprint'
+  s.add_development_dependency 'minitest-global_expectations'
   s.add_development_dependency 'rake'
 end