rack 2.2.10 → 3.1.10

data/lib/rack/response.rb

@@ -2,6 +2,11 @@
 
 require 'time'
 
+require_relative 'constants'
+require_relative 'utils'
+require_relative 'media_type'
+require_relative 'headers'
+
 module Rack
   # Rack::Response provides a convenient interface to create a Rack
   # response.
@@ -26,22 +31,38 @@ module Rack
     attr_accessor :length, :status, :body
     attr_reader :headers
 
-    # @deprecated Use {#headers} instead.
-    alias header headers
-
-    # Initialize the response object with the specified body, status
-    # and headers.
+    # Initialize the response object with the specified +body+, +status+
+    # and +headers+.
+    #
+    # If the +body+ is +nil+, construct an empty response object with internal
+    # buffering.
+    #
+    # If the +body+ responds to +to_str+, assume it's a string-like object and
+    # construct a buffered response object containing using that string as the
+    # initial contents of the buffer.
+    #
+    # Otherwise it is expected +body+ conforms to the normal requirements of a
+    # Rack response body, typically implementing one of +each+ (enumerable
+    # body) or +call+ (streaming body).
     #
-    # @param body [nil, #each, #to_str] the response body.
-    # @param status [Integer] the integer status as defined by the
-    # HTTP protocol RFCs.
-    # @param headers [#each] a list of key-value header pairs which
-    # conform to the HTTP protocol RFCs.
+    # The +status+ defaults to +200+ which is the "OK" HTTP status code. You
+    # can provide any other valid status code.
     #
-    # Providing a body which responds to #to_str is legacy behaviour.
+    # The +headers+ must be a +Hash+ of key-value header pairs which conform to
+    # the Rack specification for response headers. The key must be a +String+
+    # instance and the value can be either a +String+ or +Array+ instance.
     def initialize(body = nil, status = 200, headers = {})
       @status = status.to_i
-      @headers = Utils::HeaderHash[headers]
+
+      unless headers.is_a?(Hash)
+        raise ArgumentError, "Headers must be a Hash!"
+      end
+
+      @headers = Headers.new
+      # Convert headers input to a plain hash with lowercase keys.
+      headers.each do |k, v|
+        @headers[k] = v
+      end
 
       @writer = self.method(:append)
 
@@ -51,15 +72,16 @@ module Rack
       if body.nil?
         @body = []
         @buffered = true
-        @length = 0
+        # Body is unspecified - it may be a buffered response, or it may be a HEAD response.
+        @length = nil
       elsif body.respond_to?(:to_str)
         @body = [body]
         @buffered = true
         @length = body.to_str.bytesize
       else
         @body = body
-        @buffered = false
-        @length = 0
+        @buffered = nil # undetermined as of yet.
+        @length = nil
       end
 
       yield self if block_given?
@@ -74,20 +96,30 @@ module Rack
       CHUNKED == get_header(TRANSFER_ENCODING)
     end
 
+    def no_entity_body?
+      # The response body is an enumerable body and it is not allowed to have an entity body.
+      @body.respond_to?(:each) && STATUS_WITH_NO_ENTITY_BODY[@status]
+    end
+
     # Generate a response array consistent with the requirements of the SPEC.
     # @return [Array] a 3-tuple suitable of `[status, headers, body]`
     # which is suitable to be returned from the middleware `#call(env)` method.
     def finish(&block)
-      if STATUS_WITH_NO_ENTITY_BODY[status.to_i]
+      if no_entity_body?
         delete_header CONTENT_TYPE
         delete_header CONTENT_LENGTH
         close
         return [@status, @headers, []]
       else
         if block_given?
+          # We don't add the content-length here as the user has provided a block that can #write additional chunks to the body.
           @block = block
           return [@status, @headers, self]
         else
+          # If we know the length of the body, set the content-length header... except if we are chunked? which is a legacy special case where the body might already be encoded and thus the actual encoded body length and the content-length are likely to be different.
+          if @length && !chunked?
+            @headers[CONTENT_LENGTH] = @length.to_s
+          end
           return [@status, @headers, @body]
         end
       end
@@ -105,7 +137,9 @@ module Rack
       end
     end
 
-    # Append to body and update Content-Length.
+    # Append a chunk to the response body.
+    #
+    # Converts the response into a buffered response if it wasn't already.
     #
     # NOTE: Do not mix #write and direct #body access!
     #
@@ -123,10 +157,22 @@ module Rack
       @block == nil && @body.empty?
     end
 
-    def has_header?(key);   headers.key? key;   end
-    def get_header(key);    headers[key];       end
-    def set_header(key, v); headers[key] = v;   end
-    def delete_header(key); headers.delete key; end
+    def has_header?(key)
+      raise ArgumentError unless key.is_a?(String)
+      @headers.key?(key)
+    end
+    def get_header(key)
+      raise ArgumentError unless key.is_a?(String)
+      @headers[key]
+    end
+    def set_header(key, value)
+      raise ArgumentError unless key.is_a?(String)
+      @headers[key] = value
+    end
+    def delete_header(key)
+      raise ArgumentError unless key.is_a?(String)
+      @headers.delete key
+    end
 
     alias :[] :get_header
     alias :[]= :set_header
@@ -150,31 +196,43 @@ module Rack
       def forbidden?;           status == 403;                        end
       def not_found?;           status == 404;                        end
       def method_not_allowed?;  status == 405;                        end
+      def not_acceptable?;      status == 406;                        end
+      def request_timeout?;     status == 408;                        end
       def precondition_failed?; status == 412;                        end
       def unprocessable?;       status == 422;                        end
 
       def redirect?;            [301, 302, 303, 307, 308].include? status; end
 
       def include?(header)
-        has_header? header
+        has_header?(header)
       end
 
       # Add a header that may have multiple values.
       #
       # Example:
-      #   response.add_header 'Vary', 'Accept-Encoding'
-      #   response.add_header 'Vary', 'Cookie'
+      #   response.add_header 'vary', 'accept-encoding'
+      #   response.add_header 'vary', 'cookie'
       #
-      #   assert_equal 'Accept-Encoding,Cookie', response.get_header('Vary')
+      #   assert_equal 'accept-encoding,cookie', response.get_header('vary')
       #
       # http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2
-      def add_header(key, v)
-        if v.nil?
-          get_header key
-        elsif has_header? key
-          set_header key, "#{get_header key},#{v}"
+      def add_header(key, value)
+        raise ArgumentError unless key.is_a?(String)
+
+        if value.nil?
+          return get_header(key)
+        end
+
+        value = value.to_s
+
+        if header = get_header(key)
+          if header.is_a?(Array)
+            header << value
+          else
+            set_header(key, [header, value])
+          end
         else
-          set_header key, v
+          set_header(key, value)
         end
       end
 
@@ -202,36 +260,39 @@ module Rack
       end
 
       def location
-        get_header "Location"
+        get_header "location"
       end
 
       def location=(location)
-        set_header "Location", location
+        set_header "location", location
       end
 
       def set_cookie(key, value)
-        cookie_header = get_header SET_COOKIE
-        set_header SET_COOKIE, ::Rack::Utils.add_cookie_to_header(cookie_header, key, value)
+        add_header SET_COOKIE, Utils.set_cookie_header(key, value)
       end
 
       def delete_cookie(key, value = {})
-        set_header SET_COOKIE, ::Rack::Utils.add_remove_cookie_to_header(get_header(SET_COOKIE), key, value)
+        set_header(SET_COOKIE,
+          Utils.delete_set_cookie_header!(
+            get_header(SET_COOKIE), key, value
+          )
+        )
       end
 
       def set_cookie_header
         get_header SET_COOKIE
       end
 
-      def set_cookie_header=(v)
-        set_header SET_COOKIE, v
+      def set_cookie_header=(value)
+        set_header SET_COOKIE, value
       end
 
       def cache_control
         get_header CACHE_CONTROL
       end
 
-      def cache_control=(v)
-        set_header CACHE_CONTROL, v
+      def cache_control=(value)
+        set_header CACHE_CONTROL, value
       end
 
       # Specifies that the content shouldn't be cached. Overrides `cache!` if already called.
@@ -254,42 +315,55 @@ module Rack
         get_header ETAG
       end
 
-      def etag=(v)
-        set_header ETAG, v
+      def etag=(value)
+        set_header ETAG, value
       end
 
     protected
 
+      # Convert the body of this response into an internally buffered Array if possible.
+      #
+      # `@buffered` is a ternary value which indicates whether the body is buffered. It can be:
+      # * `nil` - The body has not been buffered yet.
+      # * `true` - The body is buffered as an Array instance.
+      # * `false` - The body is not buffered and cannot be buffered.
+      #
+      # @return [Boolean] whether the body is buffered as an Array instance.
       def buffered_body!
-        return if @buffered
-
-        if @body.is_a?(Array)
-          # The user supplied body was an array:
-          @body = @body.compact
-          @body.each do |part|
-            @length += part.to_s.bytesize
-          end
-        else
-          # Turn the user supplied body into a buffered array:
-          body = @body
-          @body = Array.new
-
-          body.each do |part|
-            @writer.call(part.to_s)
+        if @buffered.nil?
+          if @body.is_a?(Array)
+            # The user supplied body was an array:
+            @body = @body.compact
+            @length = @body.sum{|part| part.bytesize}
+            @buffered = true
+          elsif @body.respond_to?(:each)
+            # Turn the user supplied body into a buffered array:
+            body = @body
+            @body = Array.new
+            @buffered = true
+
+            body.each do |part|
+              @writer.call(part.to_s)
+            end
+
+            body.close if body.respond_to?(:close)
+          else
+            # We don't know how to buffer the user-supplied body:
+            @buffered = false
           end
-
-          body.close if body.respond_to?(:close)
         end
 
-        @buffered = true
+        return @buffered
       end
 
       def append(chunk)
+        chunk = chunk.dup unless chunk.frozen?
         @body << chunk
 
-        unless chunked?
+        if @length
           @length += chunk.bytesize
-          set_header(CONTENT_LENGTH, @length.to_s)
+        elsif @buffered
+          @length = chunk.bytesize
         end
 
         return chunk
@@ -309,10 +383,21 @@ module Rack
         @headers = headers
       end
 
-      def has_header?(key);   headers.key? key;   end
-      def get_header(key);    headers[key];       end
-      def set_header(key, v); headers[key] = v;   end
-      def delete_header(key); headers.delete key; end
+      def has_header?(key)
+        headers.key?(key)
+      end
+
+      def get_header(key)
+        headers[key]
+      end
+
+      def set_header(key, value)
+        headers[key] = value
+      end
+
+      def delete_header(key)
+        headers.delete(key)
+      end
     end
   end
 end

data/lib/rack/rewindable_input.rb

@@ -3,17 +3,29 @@
 
 require 'tempfile'
 
+require_relative 'constants'
+
 module Rack
   # Class which can make any IO object rewindable, including non-rewindable ones. It does
   # this by buffering the data into a tempfile, which is rewindable.
   #
-  # rack.input is required to be rewindable, so if your input stream IO is non-rewindable
-  # by nature (e.g. a pipe or a socket) then you can wrap it in an object of this class
-  # to easily make it rewindable.
-  #
   # Don't forget to call #close when you're done. This frees up temporary resources that
   # RewindableInput uses, though it does *not* close the original IO object.
   class RewindableInput
+    # Makes rack.input rewindable, for compatibility with applications and middleware
+    # designed for earlier versions of Rack (where rack.input was required to be
+    # rewindable).
+    class Middleware
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        env[RACK_INPUT] = RewindableInput.new(env[RACK_INPUT])
+        @app.call(env)
+      end
+    end
+
     def initialize(io)
       @io = io
       @rewindable_io = nil
@@ -40,6 +52,11 @@ module Rack
       @rewindable_io.rewind
     end
 
+    def size
+      make_rewindable unless @rewindable_io
+      @rewindable_io.size
+    end
+
     # Closes this RewindableInput object without closing the originally
     # wrapped IO object. Cleans up any temporary resources that this RewindableInput
     # has created.
@@ -66,12 +83,14 @@ module Rack
       # access it because we have the file handle open.
       @rewindable_io = Tempfile.new('RackRewindableInput')
       @rewindable_io.chmod(0000)
-      @rewindable_io.set_encoding(Encoding::BINARY) if @rewindable_io.respond_to?(:set_encoding)
+      @rewindable_io.set_encoding(Encoding::BINARY)
       @rewindable_io.binmode
+      # :nocov:
       if filesystem_has_posix_semantics?
         raise 'Unlink failed. IO closed.' if @rewindable_io.closed?
         @unlinked = true
       end
+      # :nocov:
 
       buffer = "".dup
       while @io.read(1024 * 4, buffer)

data/lib/rack/runtime.rb

@@ -1,7 +1,9 @@
 # frozen_string_literal: true
 
+require_relative 'utils'
+
 module Rack
-  # Sets an "X-Runtime" response header, indicating the response
+  # Sets an "x-runtime" response header, indicating the response
   # time of the request, in seconds
   #
   # You can put it right before the application to see the processing
@@ -9,18 +11,17 @@ module Rack
   # too.
   class Runtime
     FORMAT_STRING = "%0.6f" # :nodoc:
-    HEADER_NAME = "X-Runtime" # :nodoc:
+    HEADER_NAME = "x-runtime" # :nodoc:
 
     def initialize(app, name = nil)
       @app = app
       @header_name = HEADER_NAME
-      @header_name += "-#{name}" if name
+      @header_name += "-#{name.to_s.downcase}" if name
     end
 
     def call(env)
       start_time = Utils.clock_time
-      status, headers, body = @app.call(env)
-      headers = Utils::HeaderHash[headers]
+      _, headers, _ = response = @app.call(env)
 
       request_time = Utils.clock_time - start_time
 
@@ -28,7 +29,7 @@ module Rack
         headers[@header_name] = FORMAT_STRING % request_time
       end
 
-      [status, headers, body]
+      response
     end
   end
 end

data/lib/rack/sendfile.rb

@@ -1,32 +1,36 @@
 # frozen_string_literal: true
 
+require_relative 'constants'
+require_relative 'utils'
+require_relative 'body_proxy'
+
 module Rack
 
   # = Sendfile
   #
   # The Sendfile middleware intercepts responses whose body is being
-  # served from a file and replaces it with a server specific X-Sendfile
+  # served from a file and replaces it with a server specific x-sendfile
   # header. The web server is then responsible for writing the file contents
   # to the client. This can dramatically reduce the amount of work required
   # by the Ruby backend and takes advantage of the web server's optimized file
   # delivery code.
   #
   # In order to take advantage of this middleware, the response body must
-  # respond to +to_path+ and the request must include an X-Sendfile-Type
+  # respond to +to_path+ and the request must include an x-sendfile-type
   # header. Rack::Files and other components implement +to_path+ so there's
-  # rarely anything you need to do in your application. The X-Sendfile-Type
+  # rarely anything you need to do in your application. The x-sendfile-type
   # header is typically set in your web servers configuration. The following
   # sections attempt to document
   #
   # === Nginx
   #
-  # Nginx supports the X-Accel-Redirect header. This is similar to X-Sendfile
+  # Nginx supports the x-accel-redirect header. This is similar to x-sendfile
   # but requires parts of the filesystem to be mapped into a private URL
   # hierarchy.
   #
   # The following example shows the Nginx configuration required to create
-  # a private "/files/" area, enable X-Accel-Redirect, and pass the special
-  # X-Sendfile-Type and X-Accel-Mapping headers to the backend:
+  # a private "/files/" area, enable x-accel-redirect, and pass the special
+  # x-sendfile-type and x-accel-mapping headers to the backend:
   #
   #   location ~ /files/(.*) {
   #     internal;
@@ -40,14 +44,14 @@ module Rack
   #     proxy_set_header   X-Real-IP           $remote_addr;
   #     proxy_set_header   X-Forwarded-For     $proxy_add_x_forwarded_for;
   #
-  #     proxy_set_header   X-Sendfile-Type     X-Accel-Redirect;
-  #     proxy_set_header   X-Accel-Mapping     /var/www/=/files/;
+  #     proxy_set_header   x-sendfile-type     x-accel-redirect;
+  #     proxy_set_header   x-accel-mapping     /var/www/=/files/;
   #
   #     proxy_pass         http://127.0.0.1:8080/;
   #   }
   #
-  # Note that the X-Sendfile-Type header must be set exactly as shown above.
-  # The X-Accel-Mapping header should specify the location on the file system,
+  # Note that the x-sendfile-type header must be set exactly as shown above.
+  # The x-accel-mapping header should specify the location on the file system,
   # followed by an equals sign (=), followed name of the private URL pattern
   # that it maps to. The middleware performs a simple substitution on the
   # resulting path.
@@ -56,8 +60,8 @@ module Rack
   #
   # === lighttpd
   #
-  # Lighttpd has supported some variation of the X-Sendfile header for some
-  # time, although only recent version support X-Sendfile in a reverse proxy
+  # Lighttpd has supported some variation of the x-sendfile header for some
+  # time, although only recent version support x-sendfile in a reverse proxy
   # configuration.
   #
   #   $HTTP["host"] == "example.com" {
@@ -71,7 +75,7 @@ module Rack
   #
   #      proxy-core.allow-x-sendfile = "enable"
   #      proxy-core.rewrite-request = (
-  #        "X-Sendfile-Type" => (".*" => "X-Sendfile")
+  #        "x-sendfile-type" => (".*" => "x-sendfile")
   #      )
   #    }
   #
@@ -79,21 +83,21 @@ module Rack
   #
   # === Apache
   #
-  # X-Sendfile is supported under Apache 2.x using a separate module:
+  # x-sendfile is supported under Apache 2.x using a separate module:
   #
   # https://tn123.org/mod_xsendfile/
   #
   # Once the module is compiled and installed, you can enable it using
   # XSendFile config directive:
   #
-  #   RequestHeader Set X-Sendfile-Type X-Sendfile
+  #   RequestHeader Set x-sendfile-type x-sendfile
   #   ProxyPassReverse / http://localhost:8001/
   #   XSendFile on
   #
   # === Mapping parameter
   #
   # The third parameter allows for an overriding extension of the
-  # X-Accel-Mapping header. Mappings should be provided in tuples of internal to
+  # x-accel-mapping header. Mappings should be provided in tuples of internal to
   # external. The internal values may contain regular expression syntax, they
   # will be matched with case indifference.
 
@@ -107,28 +111,29 @@ module Rack
     end
 
     def call(env)
-      status, headers, body = @app.call(env)
+      _, headers, body = response = @app.call(env)
+
       if body.respond_to?(:to_path)
         case type = variation(env)
-        when 'X-Accel-Redirect'
+        when /x-accel-redirect/i
           path = ::File.expand_path(body.to_path)
           if url = map_accel_path(env, path)
             headers[CONTENT_LENGTH] = '0'
             # '?' must be percent-encoded because it is not query string but a part of path
-            headers[type] = ::Rack::Utils.escape_path(url).gsub('?', '%3F')
+            headers[type.downcase] = ::Rack::Utils.escape_path(url).gsub('?', '%3F')
             obody = body
-            body = Rack::BodyProxy.new([]) do
+            response[2] = Rack::BodyProxy.new([]) do
               obody.close if obody.respond_to?(:close)
             end
           else
-            env[RACK_ERRORS].puts "X-Accel-Mapping header missing"
+            env[RACK_ERRORS].puts "x-accel-mapping header missing"
           end
-        when 'X-Sendfile', 'X-Lighttpd-Send-File'
+        when /x-sendfile|x-lighttpd-send-file/i
           path = ::File.expand_path(body.to_path)
           headers[CONTENT_LENGTH] = '0'
-          headers[type] = path
+          headers[type.downcase] = path
           obody = body
-          body = Rack::BodyProxy.new([]) do
+          response[2] = Rack::BodyProxy.new([]) do
             obody.close if obody.respond_to?(:close)
           end
         when '', nil
@@ -136,7 +141,7 @@ module Rack
           env[RACK_ERRORS].puts "Unknown x-sendfile variation: '#{type}'.\n"
         end
       end
-      [status, headers, body]
+      response
     end
 
     private

data/lib/rack/show_exceptions.rb

@@ -1,8 +1,11 @@
 # frozen_string_literal: true
 
-require 'ostruct'
 require 'erb'
 
+require_relative 'constants'
+require_relative 'utils'
+require_relative 'request'
+
 module Rack
   # Rack::ShowExceptions catches all exceptions raised from the app it
   # wraps.  It shows a useful backtrace with the sourcefile and
@@ -15,6 +18,11 @@ module Rack
   class ShowExceptions
     CONTEXT = 7
 
+    Frame = Struct.new(:filename, :lineno, :function,
+                       :pre_context_lineno, :pre_context,
+                       :context_line, :post_context_lineno,
+                       :post_context)
+
     def initialize(app)
       @app = app
     end
@@ -55,7 +63,12 @@ module Rack
     private :accepts_html?
 
     def dump_exception(exception)
-      string = "#{exception.class}: #{exception.message}\n".dup
+      if exception.respond_to?(:detailed_message)
+        message = exception.detailed_message(highlight: false)
+      else
+        message = exception.message
+      end
+      string = "#{exception.class}: #{message}\n".dup
       string << exception.backtrace.map { |l| "\t#{l}" }.join("\n")
       string
     end
@@ -70,7 +83,7 @@ module Rack
       # This double assignment is to prevent an "unused variable" warning.
       # Yes, it is dumb, but I don't like Ruby yelling at me.
       frames = frames = exception.backtrace.map { |line|
-        frame = OpenStruct.new
+        frame = Frame.new
         if line =~ /(.*?):(\d+)(:in `(.*)')?/
           frame.filename = $1
           frame.lineno = $2.to_i
@@ -159,7 +172,7 @@ module Rack
           div.commands { margin-left: 40px; }
           div.commands a { color:black; text-decoration:none; }
           #summary { background: #ffc; }
-          #summary h2 { font-weight: normal; color: #666; }
+          #summary h2 { font-family: monospace; font-weight: normal; color: #666; white-space: pre-wrap; }
           #summary ul#quicklinks { list-style-type: none; margin-bottom: 2em; }
           #summary ul#quicklinks li { float: left; padding: 0 1em; }
           #summary ul#quicklinks>li+li { border-left: 1px #666 solid; }
@@ -227,7 +240,11 @@ module Rack
 
       <div id="summary">
         <h1><%=h exception.class %> at <%=h path %></h1>
+      <% if exception.respond_to?(:detailed_message) %>
+        <h2><%=h exception.detailed_message(highlight: false) %></h2>
+      <% else %>
         <h2><%=h exception.message %></h2>
+      <% end %>
         <table><tr>
           <th>Ruby</th>
           <td>