rack 2.1.0 → 2.2.2

data/Rakefile

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "bundler/gem_tasks"
 require "rake/testtask"
 
 desc "Run all the tests"
@@ -20,7 +21,7 @@ end
 desc "Make an archive as .tar.gz"
 task dist: %w[chmod changelog spec rdoc] do
   sh "git archive --format=tar --prefix=#{release}/ HEAD^{tree} >#{release}.tar"
-  sh "pax -waf #{release}.tar -s ':^:#{release}/:' SPEC ChangeLog doc rack.gemspec"
+  sh "pax -waf #{release}.tar -s ':^:#{release}/:' SPEC.rdoc ChangeLog doc rack.gemspec"
   sh "gzip -f -9 #{release}.tar"
 end
 
@@ -38,7 +39,7 @@ task officialrelease_really: %w[spec dist gem] do
 end
 
 def release
-  "rack-" + File.read('lib/rack.rb')[/RELEASE += +([\"\'])([\d][\w\.]+)\1/, 2]
+  "rack-" + File.read('lib/rack/version.rb')[/RELEASE += +([\"\'])([\d][\w\.]+)\1/, 2]
 end
 
 desc "Make binaries executable"
@@ -71,13 +72,13 @@ file "ChangeLog" => '.git/index' do
 end
 
 desc "Generate Rack Specification"
-task spec: "SPEC"
+task spec: "SPEC.rdoc"
 
 file 'lib/rack/lint.rb'
-file "SPEC" => 'lib/rack/lint.rb' do
-  File.open("SPEC", "wb") { |file|
+file "SPEC.rdoc" => 'lib/rack/lint.rb' do
+  File.open("SPEC.rdoc", "wb") { |file|
     IO.foreach("lib/rack/lint.rb") { |line|
-      if line =~ /## (.*)/
+      if line =~ /^\s*## ?(.*)/
         file.puts $1
       end
     }
@@ -91,6 +92,12 @@ Rake::TestTask.new("test:regular") do |t|
   t.verbose = true
 end
 
+desc "Run tests with coverage"
+task "test_cov" do
+  ENV['COVERAGE'] = '1'
+  Rake::Task['test:regular'].invoke
+end
+
 desc "Run all the fast + platform agnostic tests"
 task test: %w[spec test:regular]
 
@@ -107,7 +114,7 @@ desc "Generate RDoc documentation"
 task rdoc: %w[changelog spec] do
   sh(*%w{rdoc --line-numbers --main README.rdoc
               --title 'Rack\ Documentation' --charset utf-8 -U -o doc} +
-              %w{README.rdoc KNOWN-ISSUES SPEC ChangeLog} +
+              %w{README.rdoc KNOWN-ISSUES SPEC.rdoc ChangeLog} +
               `git ls-files lib/\*\*/\*.rb`.strip.split)
   cp "contrib/rdoc.css", "doc/rdoc.css"
 end

data/{SPEC → SPEC.rdoc}

@@ -1,5 +1,6 @@
 This specification aims to formalize the Rack protocol.  You
 can (and should) use Rack::Lint to enforce it.
+
 When you develop middleware, be sure to add a Lint before and
 after to catch all mistakes.
 = Rack applications
@@ -11,9 +12,10 @@ The *status*,
 the *headers*,
 and the *body*.
 == The Environment
-The environment must be an instance of Hash that includes
+The environment must be an unfrozen instance of Hash that includes
 CGI-like headers.  The application is free to modify the
 environment.
+
 The environment is required to include these variables
 (adopted from PEP333), except when they'd be empty, but see
 below.
@@ -104,6 +106,7 @@ be implemented by the server.
                         fetch(key, default = nil) (aliased as []);
                         delete(key);
                         clear;
+                        to_hash (returning unfrozen Hash instance);
 <tt>rack.logger</tt>:: A common object interface for logging messages.
                        The object must implement:
                         info(message, &block)
@@ -118,10 +121,13 @@ environment, too.  The keys must contain at least one dot,
 and should be prefixed uniquely.  The prefix <tt>rack.</tt>
 is reserved for use with the Rack core distribution and other
 accepted specifications and must not be used otherwise.
+
 The environment must not contain the keys
 <tt>HTTP_CONTENT_TYPE</tt> or <tt>HTTP_CONTENT_LENGTH</tt>
 (use the versions without <tt>HTTP_</tt>).
 The CGI keys (named without a period) must have String values.
+If the string values for CGI keys contain non-ASCII characters,
+they should use ASCII-8BIT encoding.
 There are the following restrictions:
 * <tt>rack.version</tt> must be an array of Integers.
 * <tt>rack.url_scheme</tt> must either be +http+ or +https+.
@@ -137,6 +143,7 @@ There are the following restrictions:
   <tt>SCRIPT_NAME</tt> is empty.
   <tt>SCRIPT_NAME</tt> never should be <tt>/</tt>, but instead be empty.
 === The Input Stream
+
 The input stream is an IO-like object which contains the raw HTTP
 POST data.
 When applicable, its external encoding must be "ASCII-8BIT" and it
@@ -146,14 +153,19 @@ The input stream must respond to +gets+, +each+, +read+ and +rewind+.
   or +nil+ on EOF.
 * +read+ behaves like IO#read.
   Its signature is <tt>read([length, [buffer]])</tt>.
+
   If given, +length+ must be a non-negative Integer (>= 0) or +nil+,
   and +buffer+ must be a String and may not be nil.
+
   If +length+ is given and not nil, then this method reads at most
   +length+ bytes from the input stream.
+
   If +length+ is not given or nil, then this method reads
   all data until EOF.
+
   When EOF is reached, this method returns nil if +length+ is given
   and not nil, or "" if +length+ is not given or is nil.
+
   If +buffer+ is given, then the read data will be placed
   into +buffer+ instead of a newly created String object.
 * +each+ must be called without arguments and only yield Strings.
@@ -175,16 +187,20 @@ The error stream must respond to +puts+, +write+ and +flush+.
 If rack.hijack? is true then rack.hijack must respond to #call.
 rack.hijack must return the io that will also be assigned (or is
 already present, in rack.hijack_io.
+
 rack.hijack_io must respond to:
 <tt>read, write, read_nonblock, write_nonblock, flush, close,
 close_read, close_write, closed?</tt>
+
 The semantics of these IO methods must be a best effort match to
 those of a normal ruby IO or Socket object, using standard
 arguments and raising standard exceptions. Servers are encouraged
 to simply pass on real IO objects, although it is recognized that
 this approach is not directly compatible with SPDY and HTTP 2.0.
+
 IO provided in rack.hijack_io should preference the
 IO::WaitReadable and IO::WaitWritable APIs wherever supported.
+
 There is a deliberate lack of full specification around
 rack.hijack_io, as semantics will change from server to server.
 Users are encouraged to utilize this API with a knowledge of their
@@ -192,7 +208,9 @@ server choice, and servers may extend the functionality of
 hijack_io to provide additional features to users. The purpose of
 rack.hijack is for Rack to "get out of the way", as such, Rack only
 provides the minimum of specification and support.
+
 If rack.hijack? is false, then rack.hijack should not be set.
+
 If rack.hijack? is false, then rack.hijack_io should not be set.
 ==== Response (after headers)
 It is also possible to hijack a response after the status and headers
@@ -201,6 +219,7 @@ In order to do this, an application may set the special header
 <tt>rack.hijack</tt> to an object that responds to <tt>call</tt>
 accepting an argument that conforms to the <tt>rack.hijack_io</tt>
 protocol.
+
 After the headers have been sent, and this hijack callback has been
 called, the application is now responsible for the remaining lifecycle
 of the IO. The application is also responsible for maintaining HTTP
@@ -209,8 +228,10 @@ applications will have wanted to specify the header Connection:close in
 HTTP/1.1, and not Connection:keep-alive, as there is no protocol for
 returning hijacked sockets to the web server. For that purpose, use the
 body streaming API instead (progressively yielding strings via each).
+
 Servers must ignore the <tt>body</tt> part of the response tuple when
 the <tt>rack.hijack</tt> response API is in use.
+
 The special response header <tt>rack.hijack</tt> must only be set
 if the request env has <tt>rack.hijack?</tt> <tt>true</tt>.
 ==== Conventions
@@ -244,16 +265,20 @@ There must not be a Content-Length header when the
 === The Body
 The Body must respond to +each+
 and must only yield String values.
+
 The Body itself should not be an instance of String, as this will
 break in Ruby 1.9.
+
 If the Body responds to +close+, it will be called after iteration. If
 the body is replaced by a middleware after action, the original body
 must be closed first, if it responds to close.
+
 If the Body responds to +to_path+, it must return a String
 identifying the location of a file whose contents are identical
 to that produced by calling +each+; this may be used by the
 server as an alternative, possibly more efficient way to
 transport the response.
+
 The Body commonly is an Array of Strings, the application
 instance itself, or a File-like object.
 == Thanks

data/lib/rack.rb

@@ -11,23 +11,11 @@
 # All modules meant for use in your application are <tt>autoload</tt>ed here,
 # so it should be enough just to <tt>require 'rack'</tt> in your code.
 
-module Rack
-  # The Rack protocol version number implemented.
-  VERSION = [1, 3]
-
-  # Return the Rack protocol version as a dotted string.
-  def self.version
-    VERSION.join(".")
-  end
-
-  RELEASE = "2.1.0"
-
-  # Return the Rack release as a dotted string.
-  def self.release
-    RELEASE
-  end
+require_relative 'rack/version'
 
+module Rack
   HTTP_HOST         = 'HTTP_HOST'
+  HTTP_PORT         = 'HTTP_PORT'
   HTTP_VERSION      = 'HTTP_VERSION'
   HTTPS             = 'HTTPS'
   PATH_INFO         = 'PATH_INFO'
@@ -37,9 +25,9 @@ module Rack
   QUERY_STRING      = 'QUERY_STRING'
   SERVER_PROTOCOL   = 'SERVER_PROTOCOL'
   SERVER_NAME       = 'SERVER_NAME'
-  SERVER_ADDR       = 'SERVER_ADDR'
   SERVER_PORT       = 'SERVER_PORT'
   CACHE_CONTROL     = 'Cache-Control'
+  EXPIRES           = 'Expires'
   CONTENT_LENGTH    = 'Content-Length'
   CONTENT_TYPE      = 'Content-Type'
   SET_COOKIE        = 'Set-Cookie'
@@ -98,6 +86,7 @@ module Rack
   autoload :ContentLength, "rack/content_length"
   autoload :ContentType, "rack/content_type"
   autoload :ETag, "rack/etag"
+  autoload :Events, "rack/events"
   autoload :File, "rack/file"
   autoload :Files, "rack/files"
   autoload :Deflater, "rack/deflater"
@@ -108,11 +97,13 @@ module Rack
   autoload :Lint, "rack/lint"
   autoload :Lock, "rack/lock"
   autoload :Logger, "rack/logger"
+  autoload :MediaType, "rack/media_type"
   autoload :MethodOverride, "rack/method_override"
   autoload :Mime, "rack/mime"
   autoload :NullLogger, "rack/null_logger"
   autoload :Recursive, "rack/recursive"
   autoload :Reloader, "rack/reloader"
+  autoload :RewindableInput, "rack/rewindable_input"
   autoload :Runtime, "rack/runtime"
   autoload :Sendfile, "rack/sendfile"
   autoload :Server, "rack/server"

data/lib/rack/auth/abstract/request.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require 'rack/request'
-
 module Rack
   module Auth
     class AbstractRequest

data/lib/rack/auth/basic.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require 'rack/auth/abstract/handler'
-require 'rack/auth/abstract/request'
+require_relative 'abstract/handler'
+require_relative 'abstract/request'
 require 'base64'
 
 module Rack
@@ -44,7 +44,7 @@ module Rack
 
       class Request < Auth::AbstractRequest
         def basic?
-          "basic" == scheme
+          "basic" == scheme && credentials.length == 2
         end
 
         def credentials

data/lib/rack/auth/digest/md5.rb

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
-require 'rack/auth/abstract/handler'
-require 'rack/auth/digest/request'
-require 'rack/auth/digest/params'
-require 'rack/auth/digest/nonce'
+require_relative '../abstract/handler'
+require_relative 'request'
+require_relative 'params'
+require_relative 'nonce'
 require 'digest/md5'
 
 module Rack

data/lib/rack/auth/digest/request.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
-require 'rack/auth/abstract/request'
-require 'rack/auth/digest/params'
-require 'rack/auth/digest/nonce'
+require_relative '../abstract/request'
+require_relative 'params'
+require_relative 'nonce'
 
 module Rack
   module Auth

data/lib/rack/body_proxy.rb

@@ -1,17 +1,25 @@
 # frozen_string_literal: true
 
 module Rack
+  # Proxy for response bodies allowing calling a block when
+  # the response body is closed (after the response has been fully
+  # sent to the client).
   class BodyProxy
+    # Set the response body to wrap, and the block to call when the
+    # response has been fully sent.
     def initialize(body, &block)
       @body = body
       @block = block
       @closed = false
     end
 
-    def respond_to?(method_name, include_all = false)
+    # Return whether the wrapped body responds to the method.
+    def respond_to_missing?(method_name, include_all = false)
       super or @body.respond_to?(method_name, include_all)
     end
 
+    # If not already closed, close the wrapped body and
+    # then call the block the proxy was initialized with.
     def close
       return if @closed
       @closed = true
@@ -22,20 +30,16 @@ module Rack
       end
     end
 
+    # Whether the proxy is closed.  The proxy starts as not closed,
+    # and becomes closed on the first call to close.
     def closed?
       @closed
     end
 
-    # N.B. This method is a special case to address the bug described by #434.
-    # We are applying this special case for #each only. Future bugs of this
-    # class will be handled by requesting users to patch their ruby
-    # implementation, to save adding too many methods in this class.
-    def each
-      @body.each { |body| yield body }
-    end
-
+    # Delegate missing methods to the wrapped body.
     def method_missing(method_name, *args, &block)
       @body.__send__(method_name, *args, &block)
     end
+    ruby2_keywords(:method_missing) if respond_to?(:ruby2_keywords, true)
   end
 end

data/lib/rack/builder.rb

@@ -35,6 +35,32 @@ module Rack
     # https://stackoverflow.com/questions/2223882/whats-the-difference-between-utf-8-and-utf-8-without-bom
     UTF_8_BOM = '\xef\xbb\xbf'
 
+    # Parse the given config file to get a Rack application.
+    #
+    # If the config file ends in +.ru+, it is treated as a
+    # rackup file and the contents will be treated as if
+    # specified inside a Rack::Builder block, using the given
+    # options.
+    #
+    # If the config file does not end in +.ru+, it is
+    # required and Rack will use the basename of the file
+    # to guess which constant will be the Rack application to run.
+    # The options given will be ignored in this case.
+    #
+    # Examples:
+    #
+    #   Rack::Builder.parse_file('config.ru')
+    #   # Rack application built using Rack::Builder.new
+    #
+    #   Rack::Builder.parse_file('app.rb')
+    #   # requires app.rb, which can be anywhere in Ruby's
+    #   # load path. After requiring, assumes App constant
+    #   # contains Rack application
+    #
+    #   Rack::Builder.parse_file('./my_app.rb')
+    #   # requires ./my_app.rb, which should be in the
+    #   # process's current directory.  After requiring,
+    #   # assumes MyApp constant contains Rack application
     def self.parse_file(config, opts = Server::Options.new)
       if config.end_with?('.ru')
         return self.load_file(config, opts)
@@ -45,6 +71,25 @@ module Rack
       end
     end
 
+    # Load the given file as a rackup file, treating the
+    # contents as if specified inside a Rack::Builder block.
+    #
+    # Treats the first comment at the beginning of a line
+    # that starts with a backslash as options similar to
+    # options passed on a rackup command line.
+    #
+    # Ignores content in the file after +__END__+, so that
+    # use of +__END__+ will not result in a syntax error.
+    #
+    # Example config.ru file:
+    #
+    #   $ cat config.ru
+    #
+    #   #\ -p 9393
+    #
+    #   use Rack::ContentLength
+    #   require './app.rb'
+    #   run App
     def self.load_file(path, opts = Server::Options.new)
       options = {}
 
@@ -52,6 +97,7 @@ module Rack
       cfgfile.slice!(/\A#{UTF_8_BOM}/) if cfgfile.encoding == Encoding::UTF_8
 
       if cfgfile[/^#\\(.*)/] && opts
+        warn "Parsing options from the first comment line is deprecated!"
         options = opts.parse! $1.split(/\s+/)
       end
 
@@ -61,16 +107,26 @@ module Rack
       return app, options
     end
 
+    # Evaluate the given +builder_script+ string in the context of
+    # a Rack::Builder block, returning a Rack application.
     def self.new_from_string(builder_script, file = "(rackup)")
-      eval "Rack::Builder.new {\n" + builder_script + "\n}.to_app",
-        TOPLEVEL_BINDING, file, 0
+      # We want to build a variant of TOPLEVEL_BINDING with self as a Rack::Builder instance.
+      # We cannot use instance_eval(String) as that would resolve constants differently.
+      binding, builder = TOPLEVEL_BINDING.eval('Rack::Builder.new.instance_eval { [binding, self] }')
+      eval builder_script, binding, file
+      builder.to_app
     end
 
+    # Initialize a new Rack::Builder instance.  +default_app+ specifies the
+    # default application if +run+ is not called later.  If a block
+    # is given, it is evaluted in the context of the instance.
     def initialize(default_app = nil, &block)
       @use, @map, @run, @warmup, @freeze_app = [], nil, default_app, nil, false
       instance_eval(&block) if block_given?
     end
 
+    # Create a new Rack::Builder instance and return the Rack application
+    # generated from it.
     def self.app(default_app = nil, &block)
       self.new(default_app, &block).to_app
     end
@@ -101,6 +157,7 @@ module Rack
       end
       @use << proc { |app| middleware.new(app, *args, &block) }
     end
+    ruby2_keywords(:use) if respond_to?(:ruby2_keywords, true)
 
     # Takes an argument that is an object that responds to #call and returns a Rack response.
     # The simplest form of this is a lambda object:
@@ -120,7 +177,8 @@ module Rack
       @run = app
     end
 
-    # Takes a lambda or block that is used to warm-up the application.
+    # Takes a lambda or block that is used to warm-up the application. This block is called
+    # before the Rack application is returned by to_app.
     #
     #   warmup do |app|
     #     client = Rack::MockRequest.new(app)
@@ -133,25 +191,31 @@ module Rack
       @warmup = prc || block
     end
 
-    # Creates a route within the application.
+    # Creates a route within the application.  Routes under the mapped path will be sent to
+    # the Rack application specified by run inside the block.  Other requests will be sent to the
+    # default application specified by run outside the block.
     #
     #   Rack::Builder.app do
-    #     map '/' do
+    #     map '/heartbeat' do
     #       run Heartbeat
     #     end
+    #     run App
     #   end
     #
-    # The +use+ method can also be used here to specify middleware to run under a specific path:
+    # The +use+ method can also be used inside the block to specify middleware to run under a specific path:
     #
     #   Rack::Builder.app do
-    #     map '/' do
+    #     map '/heartbeat' do
     #       use Middleware
     #       run Heartbeat
     #     end
+    #     run App
     #   end
     #
-    # This example includes a piece of middleware which will run before requests hit +Heartbeat+.
+    # This example includes a piece of middleware which will run before +/heartbeat+ requests hit +Heartbeat+.
     #
+    # Note that providing a +path+ of +/+ will ignore any default application given in a +run+ statement
+    # outside the block.
     def map(path, &block)
       @map ||= {}
       @map[path] = block
@@ -163,6 +227,7 @@ module Rack
       @freeze_app = true
     end
 
+    # Return the Rack application generated by this instance.
     def to_app
       app = @map ? generate_map(@run, @map) : @run
       fail "missing run or map statement" unless app
@@ -172,12 +237,17 @@ module Rack
       app
     end
 
+    # Call the Rack application generated by this builder instance. Note that
+    # this rebuilds the Rack application and runs the warmup code (if any)
+    # every time it is called, so it should not be used if performance is important.
     def call(env)
       to_app.call(env)
     end
 
     private
 
+    # Generate a URLMap instance by generating new Rack applications for each
+    # map block in this instance.
     def generate_map(default_app, mapping)
       mapped = default_app ? { '/' => default_app } : {}
       mapping.each { |r, b| mapped[r] = self.class.new(default_app, &b).to_app }