rack 2.1.4.4 → 2.2.0

data/lib/rack/files.rb

@@ -1,10 +1,6 @@
 # frozen_string_literal: true
 
 require 'time'
-require 'rack/utils'
-require 'rack/mime'
-require 'rack/request'
-require 'rack/head'
 
 module Rack
   # Rack::Files serves files below the +root+ directory given, according to the
@@ -18,6 +14,15 @@ module Rack
   class Files
     ALLOWED_VERBS = %w[GET HEAD OPTIONS]
     ALLOW_HEADER = ALLOWED_VERBS.join(', ')
+    MULTIPART_BOUNDARY = 'AaB03x'
+
+    # @todo remove in 3.0
+    def self.method_added(name)
+      if name == :response_body
+        raise "#{self.class}\#response_body is no longer supported."
+      end
+      super
+    end
 
     attr_reader :root
 
@@ -48,7 +53,11 @@ module Rack
       available = begin
         ::File.file?(path) && ::File.readable?(path)
       rescue SystemCallError
+        # Not sure in what conditions this exception can occur, but this
+        # is a safe way to handle such an error.
+        # :nocov:
         false
+        # :nocov:
       end
 
       if available
@@ -70,75 +79,116 @@ module Rack
       headers[CONTENT_TYPE] = mime_type if mime_type
 
       # Set custom headers
-      @headers.each { |field, content| headers[field] = content } if @headers
-
-      response = [ 200, headers ]
+      headers.merge!(@headers) if @headers
 
+      status = 200
       size = filesize path
 
-      range = nil
       ranges = Rack::Utils.get_byte_ranges(request.get_header('HTTP_RANGE'), size)
-      if ranges.nil? || ranges.length > 1
-        # No ranges, or multiple ranges (which we don't support):
-        # TODO: Support multiple byte-ranges
-        response[0] = 200
-        range = 0..size - 1
+      if ranges.nil?
+        # No ranges:
+        ranges = [0..size - 1]
       elsif ranges.empty?
         # Unsatisfiable. Return error, and file size:
         response = fail(416, "Byte range unsatisfiable")
         response[1]["Content-Range"] = "bytes */#{size}"
         return response
-      else
-        # Partial content:
-        range = ranges[0]
-        response[0] = 206
-        response[1]["Content-Range"] = "bytes #{range.begin}-#{range.end}/#{size}"
-        size = range.end - range.begin + 1
+      elsif ranges.size >= 1
+        # Partial content
+        partial_content = true
+
+        if ranges.size == 1
+          range = ranges[0]
+          headers["Content-Range"] = "bytes #{range.begin}-#{range.end}/#{size}"
+        else
+          headers[CONTENT_TYPE] = "multipart/byteranges; boundary=#{MULTIPART_BOUNDARY}"
+        end
+
+        status = 206
+        body = BaseIterator.new(path, ranges, mime_type: mime_type, size: size)
+        size = body.bytesize
       end
 
-      response[2] = [response_body] unless response_body.nil?
+      headers[CONTENT_LENGTH] = size.to_s
 
-      response[1][CONTENT_LENGTH] = size.to_s
-      response[2] = make_body request, path, range
-      response
+      if request.head?
+        body = []
+      elsif !partial_content
+        body = Iterator.new(path, ranges, mime_type: mime_type, size: size)
+      end
+
+      [status, headers, body]
     end
 
-    class Iterator
-      attr_reader :path, :range
-      alias :to_path :path
+    class BaseIterator
+      attr_reader :path, :ranges, :options
 
-      def initialize path, range
-        @path  = path
-        @range = range
+      def initialize(path, ranges, options)
+        @path = path
+        @ranges = ranges
+        @options = options
       end
 
       def each
         ::File.open(path, "rb") do |file|
-          file.seek(range.begin)
-          remaining_len = range.end - range.begin + 1
-          while remaining_len > 0
-            part = file.read([8192, remaining_len].min)
-            break unless part
-            remaining_len -= part.length
-
-            yield part
+          ranges.each do |range|
+            yield multipart_heading(range) if multipart?
+
+            each_range_part(file, range) do |part|
+              yield part
+            end
           end
+
+          yield "\r\n--#{MULTIPART_BOUNDARY}--\r\n" if multipart?
         end
       end
 
+      def bytesize
+        size = ranges.inject(0) do |sum, range|
+          sum += multipart_heading(range).bytesize if multipart?
+          sum += range.size
+        end
+        size += "\r\n--#{MULTIPART_BOUNDARY}--\r\n".bytesize if multipart?
+        size
+      end
+
       def close; end
-    end
 
-    private
+      private
 
-    def make_body request, path, range
-      if request.head?
-        []
-      else
-        Iterator.new path, range
+      def multipart?
+        ranges.size > 1
+      end
+
+      def multipart_heading(range)
+<<-EOF
+\r
+--#{MULTIPART_BOUNDARY}\r
+Content-Type: #{options[:mime_type]}\r
+Content-Range: bytes #{range.begin}-#{range.end}/#{options[:size]}\r
+\r
+EOF
+      end
+
+      def each_range_part(file, range)
+        file.seek(range.begin)
+        remaining_len = range.end - range.begin + 1
+        while remaining_len > 0
+          part = file.read([8192, remaining_len].min)
+          break unless part
+          remaining_len -= part.length
+
+          yield part
+        end
       end
     end
 
+    class Iterator < BaseIterator
+      alias :to_path :path
+    end
+
+    private
+
     def fail(status, body, headers = {})
       body += "\n"
 
@@ -154,25 +204,15 @@ module Rack
     end
 
     # The MIME type for the contents of the file located at @path
-    def mime_type path, default_mime
+    def mime_type(path, default_mime)
       Mime.mime_type(::File.extname(path), default_mime)
     end
 
-    def filesize path
-      # If response_body is present, use its size.
-      return response_body.bytesize if response_body
-
+    def filesize(path)
       #   We check via File::size? whether this file provides size info
       #   via stat (e.g. /proc files often don't), otherwise we have to
       #   figure it out by reading the whole file into memory.
       ::File.size?(path) || ::File.read(path).bytesize
     end
-
-    # By default, the response body for file requests is nil.
-    # In this case, the response body will be generated later
-    # from the file at @path
-    def response_body
-      nil
-    end
   end
 end

data/lib/rack/handler/cgi.rb

@@ -1,12 +1,9 @@
 # frozen_string_literal: true
 
-require 'rack/content_length'
-require 'rack/rewindable_input'
-
 module Rack
   module Handler
     class CGI
-      def self.run(app, options = nil)
+      def self.run(app, **options)
         $stdin.binmode
         serve app
       end

data/lib/rack/handler/fastcgi.rb

@@ -2,8 +2,6 @@
 
 require 'fcgi'
 require 'socket'
-require 'rack/content_length'
-require 'rack/rewindable_input'
 
 if defined? FCGI::Stream
   class FCGI::Stream
@@ -20,7 +18,7 @@ end
 module Rack
   module Handler
     class FastCGI
-      def self.run(app, options = {})
+      def self.run(app, **options)
         if options[:File]
           STDIN.reopen(UNIXServer.new(options[:File]))
         elsif options[:Port]

data/lib/rack/handler/lsws.rb

@@ -1,13 +1,11 @@
 # frozen_string_literal: true
 
 require 'lsapi'
-require 'rack/content_length'
-require 'rack/rewindable_input'
 
 module Rack
   module Handler
     class LSWS
-      def self.run(app, options = nil)
+      def self.run(app, **options)
         while LSAPI.accept != nil
           serve app
         end

data/lib/rack/handler/scgi.rb

@@ -2,15 +2,13 @@
 
 require 'scgi'
 require 'stringio'
-require 'rack/content_length'
-require 'rack/chunked'
 
 module Rack
   module Handler
     class SCGI < ::SCGI::Processor
       attr_accessor :app
 
-      def self.run(app, options = nil)
+      def self.run(app, **options)
         options[:Socket] = UNIXServer.new(options[:File]) if options[:File]
         new(options.merge(app: app,
                           host: options[:Host],

data/lib/rack/handler/thin.rb

@@ -4,24 +4,28 @@ require "thin"
 require "thin/server"
 require "thin/logging"
 require "thin/backends/tcp_server"
-require "rack/content_length"
-require "rack/chunked"
 
 module Rack
   module Handler
     class Thin
-      def self.run(app, options = {})
+      def self.run(app, **options)
         environment  = ENV['RACK_ENV'] || 'development'
         default_host = environment == 'development' ? 'localhost' : '0.0.0.0'
 
-        host = options.delete(:Host) || default_host
-        port = options.delete(:Port) || 8080
-        args = [host, port, app, options]
-        # Thin versions below 0.8.0 do not support additional options
-        args.pop if ::Thin::VERSION::MAJOR < 1 && ::Thin::VERSION::MINOR < 8
-        server = ::Thin::Server.new(*args)
-        yield server if block_given?
-        server.start
+        if block_given?
+          host = options.delete(:Host) || default_host
+          port = options.delete(:Port) || 8080
+          args = [host, port, app, options]
+          # Thin versions below 0.8.0 do not support additional options
+          args.pop if ::Thin::VERSION::MAJOR < 1 && ::Thin::VERSION::MINOR < 8
+          server = ::Thin::Server.new(*args)
+          yield server
+          server.start
+        else
+          options[:address] = options[:Host] || default_host
+          options[:port] = options[:Port] || 8080
+          ::Thin::Controllers::Controller.new(options).start
+        end
       end
 
       def self.valid_options

data/lib/rack/handler/webrick.rb

@@ -2,7 +2,6 @@
 
 require 'webrick'
 require 'stringio'
-require 'rack/content_length'
 
 # This monkey patch allows for applications to perform their own chunking
 # through WEBrick::HTTPResponse if rack is set to true.
@@ -24,12 +23,18 @@ end
 module Rack
   module Handler
     class WEBrick < ::WEBrick::HTTPServlet::AbstractServlet
-      def self.run(app, options = {})
+      def self.run(app, **options)
         environment  = ENV['RACK_ENV'] || 'development'
         default_host = environment == 'development' ? 'localhost' : nil
 
-        options[:BindAddress] = options.delete(:Host) || default_host
+        if !options[:BindAddress] || options[:Host]
+          options[:BindAddress] = options.delete(:Host) || default_host
+        end
         options[:Port] ||= 8080
+        if options[:SSLEnable]
+          require 'webrick/https'
+        end
+
         @server = ::WEBrick::HTTPServer.new(options)
         @server.mount "/", Rack::Handler::WEBrick, app
         yield @server  if block_given?
@@ -47,8 +52,10 @@ module Rack
       end
 
       def self.shutdown
-        @server.shutdown
-        @server = nil
+        if @server
+          @server.shutdown
+          @server = nil
+        end
       end
 
       def initialize(server, app)

data/lib/rack/head.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require 'rack/body_proxy'
-
 module Rack
   # Rack::Head returns an empty body for all HEAD requests. It leaves
   # all other requests unchanged.

data/lib/rack/lint.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-require 'rack/utils'
 require 'forwardable'
 
 module Rack
@@ -48,13 +47,24 @@ module Rack
       env[RACK_ERRORS] = ErrorWrapper.new(env[RACK_ERRORS])
 
       ## and returns an Array of exactly three values:
-      status, headers, @body = @app.call(env)
+      ary = @app.call(env)
+      assert("response #{ary.inspect} is not an Array , but #{ary.class}") {
+        ary.kind_of? Array
+      }
+      assert("response array #{ary.inspect} has #{ary.size} elements instead of 3") {
+        ary.size == 3
+      }
+
+      status, headers, @body = ary
       ## The *status*,
       check_status status
       ## the *headers*,
       check_headers headers
 
-      check_hijack_response headers, env
+      hijack_proc = check_hijack_response headers, env
+      if hijack_proc && headers.is_a?(Hash)
+        headers[RACK_HIJACK] = hijack_proc
+      end
 
       ## and the *body*.
       check_content_type status, headers
@@ -65,12 +75,15 @@ module Rack
 
     ## == The Environment
     def check_env(env)
-      ## The environment must be an instance of Hash that includes
+      ## The environment must be an unfrozen instance of Hash that includes
       ## CGI-like headers.  The application is free to modify the
       ## environment.
       assert("env #{env.inspect} is not a Hash, but #{env.class}") {
         env.kind_of? Hash
       }
+      assert("env should not be frozen, but is") {
+        !env.frozen?
+      }
 
       ##
       ## The environment is required to include these variables
@@ -104,17 +117,19 @@ module Rack
       ##                         follows the <tt>?</tt>, if any. May be
       ##                         empty, but is always required!
 
-      ## <tt>SERVER_NAME</tt>, <tt>SERVER_PORT</tt>::
-      ##                        When combined with <tt>SCRIPT_NAME</tt> and
+      ## <tt>SERVER_NAME</tt>:: When combined with <tt>SCRIPT_NAME</tt> and
       ##                        <tt>PATH_INFO</tt>, these variables can be
       ##                        used to complete the URL. Note, however,
       ##                        that <tt>HTTP_HOST</tt>, if present,
       ##                        should be used in preference to
       ##                        <tt>SERVER_NAME</tt> for reconstructing
       ##                        the request URL.
-      ##                        <tt>SERVER_NAME</tt> and <tt>SERVER_PORT</tt>
-      ##                        can never be empty strings, and so
-      ##                        are always required.
+      ##                        <tt>SERVER_NAME</tt> can never be an empty
+      ##                        string, and so is always required.
+
+      ## <tt>SERVER_PORT</tt>:: An optional +Integer+ which is the port the
+      ##                        server is running on. Should be specified if
+      ##                        the server is running on a non-standard port.
 
       ## <tt>HTTP_</tt> Variables:: Variables corresponding to the
       ##                            client-supplied HTTP request
@@ -198,6 +213,11 @@ module Rack
         assert("session #{session.inspect} must respond to clear") {
           session.respond_to?(:clear)
         }
+
+        ##                         to_hash (returning unfrozen Hash instance);
+        assert("session #{session.inspect} must respond to to_hash and return unfrozen Hash instance") {
+          session.respond_to?(:to_hash) && session.to_hash.kind_of?(Hash) && !session.to_hash.frozen?
+        }
       end
 
       ## <tt>rack.logger</tt>:: A common object interface for logging messages.
@@ -253,13 +273,28 @@ module Rack
       ## accepted specifications and must not be used otherwise.
       ##
 
-      %w[REQUEST_METHOD SERVER_NAME SERVER_PORT
-         QUERY_STRING
+      %w[REQUEST_METHOD SERVER_NAME QUERY_STRING
          rack.version rack.input rack.errors
          rack.multithread rack.multiprocess rack.run_once].each { |header|
         assert("env missing required key #{header}") { env.include? header }
       }
 
+      ## The <tt>SERVER_PORT</tt> must be an Integer if set.
+      assert("env[SERVER_PORT] is not an Integer") do
+        server_port = env["SERVER_PORT"]
+        server_port.nil? || (Integer(server_port) rescue false)
+      end
+
+      ## The <tt>SERVER_NAME</tt> must be a valid authority as defined by RFC7540.
+      assert("#{env[SERVER_NAME]} must be a valid authority") do
+        URI.parse("http://#{env[SERVER_NAME]}/") rescue false
+      end
+
+      ## The <tt>HTTP_HOST</tt> must be a valid authority as defined by RFC7540.
+      assert("#{env[HTTP_HOST]} must be a valid authority") do
+        URI.parse("http://#{env[HTTP_HOST]}/") rescue false
+      end
+
       ## The environment must not contain the keys
       ## <tt>HTTP_CONTENT_TYPE</tt> or <tt>HTTP_CONTENT_LENGTH</tt>
       ## (use the versions without <tt>HTTP_</tt>).
@@ -270,11 +305,17 @@ module Rack
       }
 
       ## The CGI keys (named without a period) must have String values.
+      ## If the string values for CGI keys contain non-ASCII characters,
+      ## they should use ASCII-8BIT encoding.
       env.each { |key, value|
         next  if key.include? "."   # Skip extensions
         assert("env variable #{key} has non-string value #{value.inspect}") {
           value.kind_of? String
         }
+        next if value.encoding == Encoding::ASCII_8BIT
+        assert("env variable #{key} has value containing non-ASCII characters and has non-ASCII-8BIT encoding #{value.inspect} encoding: #{value.encoding}") {
+          value.b !~ /[\x80-\xff]/n
+        }
       }
 
       ## There are the following restrictions:
@@ -296,7 +337,7 @@ module Rack
       check_hijack env
 
       ## * The <tt>REQUEST_METHOD</tt> must be a valid token.
-      assert("REQUEST_METHOD unknown: #{env[REQUEST_METHOD].dump}") {
+      assert("REQUEST_METHOD unknown: #{env[REQUEST_METHOD]}") {
         env[REQUEST_METHOD] =~ /\A[0-9A-Za-z!\#$%&'*+.^_`|~-]+\z/
       }
 
@@ -337,7 +378,7 @@ module Rack
       ## When applicable, its external encoding must be "ASCII-8BIT" and it
       ## must be opened in binary mode, for Ruby 1.9 compatibility.
       assert("rack.input #{input} does not have ASCII-8BIT as its external encoding") {
-        input.external_encoding.name == "ASCII-8BIT"
+        input.external_encoding == Encoding::ASCII_8BIT
       } if input.respond_to?(:external_encoding)
       assert("rack.input #{input} is not opened in binary mode") {
         input.binmode?
@@ -569,7 +610,7 @@ module Rack
 
       # this check uses headers like a hash, but the spec only requires
       # headers respond to #each
-      headers = Rack::Utils::HeaderHash.new(headers)
+      headers = Rack::Utils::HeaderHash[headers]
 
       ## In order to do this, an application may set the special header
       ## <tt>rack.hijack</tt> to an object that responds to <tt>call</tt>
@@ -593,7 +634,7 @@ module Rack
           headers[RACK_HIJACK].respond_to? :call
         }
         original_hijack = headers[RACK_HIJACK]
-        headers[RACK_HIJACK] = proc do |io|
+        proc do |io|
           original_hijack.call HijackWrapper.new(io)
         end
       else
@@ -603,6 +644,8 @@ module Rack
         assert('rack.hijack header must not be present if server does not support hijacking') {
           headers[RACK_HIJACK].nil?
         }
+
+        nil
       end
     end
     ## ==== Conventions

data/lib/rack/lobster.rb

@@ -2,9 +2,6 @@
 
 require 'zlib'
 
-require 'rack/request'
-require 'rack/response'
-
 module Rack
   # Paste has a Pony, Rack has a Lobster!
   class Lobster
@@ -64,9 +61,10 @@ module Rack
 end
 
 if $0 == __FILE__
-  require 'rack'
-  require 'rack/show_exceptions'
+  # :nocov:
+  require_relative '../rack'
   Rack::Server.start(
     app: Rack::ShowExceptions.new(Rack::Lint.new(Rack::Lobster.new)), Port: 9292
   )
+  # :nocov:
 end

data/lib/rack/lock.rb

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 require 'thread'
-require 'rack/body_proxy'
 
 module Rack
   # Rack::Lock locks every request inside a mutex, so that every request

data/lib/rack/mock.rb

@@ -2,10 +2,7 @@
 
 require 'uri'
 require 'stringio'
-require 'rack'
-require 'rack/lint'
-require 'rack/utils'
-require 'rack/response'
+require_relative '../rack'
 require 'cgi/cookie'
 
 module Rack
@@ -56,14 +53,24 @@ module Rack
       @app = app
     end
 
+    # Make a GET request and return a MockResponse. See #request.
     def get(uri, opts = {})     request(GET, uri, opts)     end
+    # Make a POST request and return a MockResponse. See #request.
     def post(uri, opts = {})    request(POST, uri, opts)    end
+    # Make a PUT request and return a MockResponse. See #request.
     def put(uri, opts = {})     request(PUT, uri, opts)     end
+    # Make a PATCH request and return a MockResponse. See #request.
     def patch(uri, opts = {})   request(PATCH, uri, opts)   end
+    # Make a DELETE request and return a MockResponse. See #request.
     def delete(uri, opts = {})  request(DELETE, uri, opts)  end
+    # Make a HEAD request and return a MockResponse. See #request.
     def head(uri, opts = {})    request(HEAD, uri, opts)    end
+    # Make an OPTIONS request and return a MockResponse. See #request.
     def options(uri, opts = {}) request(OPTIONS, uri, opts) end
 
+    # Make a request using the given request method for the given
+    # uri to the rack application and return a MockResponse.
+    # Options given are passed to MockRequest.env_for.
     def request(method = GET, uri = "", opts = {})
       env = self.class.env_for(uri, opts.merge(method: method))
 
@@ -88,6 +95,13 @@ module Rack
     end
 
     # Return the Rack environment used for a request to +uri+.
+    # All options that are strings are added to the returned environment.
+    # Options:
+    # :fatal :: Whether to raise an exception if request outputs to rack.errors
+    # :input :: The rack.input to set
+    # :method :: The HTTP request method to use
+    # :params :: The params to use
+    # :script_name :: The SCRIPT_NAME to set
     def self.env_for(uri = "", opts = {})
       uri = parse_uri_rfc2396(uri)
       uri.path = "/#{uri.path}" unless uri.path[0] == ?/
@@ -157,6 +171,10 @@ module Rack
   # MockRequest.
 
   class MockResponse < Rack::Response
+    class << self
+      alias [] new
+    end
+
     # Headers
     attr_reader :original_headers, :cookies