rack 2.2.8.1 → 3.1.5

data/lib/rack/deflater.rb

@@ -3,6 +3,11 @@
 require "zlib"
 require "time"  # for Time.httpdate
 
+require_relative 'constants'
+require_relative 'utils'
+require_relative 'request'
+require_relative 'body_proxy'
+
 module Rack
   # This middleware enables content encoding of http responses,
   # usually for purposes of compression.
@@ -21,8 +26,6 @@ module Rack
   # Note that despite the name, Deflater does not support the +deflate+
   # encoding.
   class Deflater
-    (require_relative 'core_ext/regexp'; using ::Rack::RegexpExtensions) if RUBY_VERSION < '2.4'
-
     # Creates Rack::Deflater middleware. Options:
     #
     # :if :: a lambda enabling / disabling deflation based on returned boolean value
@@ -41,11 +44,10 @@ module Rack
     end
 
     def call(env)
-      status, headers, body = @app.call(env)
-      headers = Utils::HeaderHash[headers]
+      status, headers, body = response = @app.call(env)
 
       unless should_deflate?(env, status, headers, body)
-        return [status, headers, body]
+        return response
       end
 
       request = Request.new(env)
@@ -54,21 +56,23 @@ module Rack
                                             request.accept_encoding)
 
       # Set the Vary HTTP header.
-      vary = headers["Vary"].to_s.split(",").map(&:strip)
-      unless vary.include?("*") || vary.include?("Accept-Encoding")
-        headers["Vary"] = vary.push("Accept-Encoding").join(",")
+      vary = headers["vary"].to_s.split(",").map(&:strip)
+      unless vary.include?("*") || vary.any?{|v| v.downcase == 'accept-encoding'}
+        headers["vary"] = vary.push("Accept-Encoding").join(",")
       end
 
       case encoding
       when "gzip"
-        headers['Content-Encoding'] = "gzip"
+        headers['content-encoding'] = "gzip"
         headers.delete(CONTENT_LENGTH)
-        mtime = headers["Last-Modified"]
+        mtime = headers["last-modified"]
         mtime = Time.httpdate(mtime).to_i if mtime
-        [status, headers, GzipStream.new(body, mtime, @sync)]
+        response[2] = GzipStream.new(body, mtime, @sync)
+        response
       when "identity"
-        [status, headers, body]
-      when nil
+        response
+      else # when nil
+        # Only possible encoding values here are 'gzip', 'identity', and nil
         message = "An acceptable encoding for the requested resource #{request.fullpath} could not be found."
         bp = Rack::BodyProxy.new([message]) { body.close if body.respond_to?(:close) }
         [406, { CONTENT_TYPE => "text/plain", CONTENT_LENGTH => message.length.to_s }, bp]
@@ -77,6 +81,9 @@ module Rack
 
     # Body class used for gzip encoded responses.
     class GzipStream
+
+      BUFFER_LENGTH = 128 * 1_024
+
       # Initialize the gzip stream.  Arguments:
       # body :: Response body to compress with gzip
       # mtime :: The modification time of the body, used to set the
@@ -93,19 +100,26 @@ module Rack
         @writer = block
         gzip = ::Zlib::GzipWriter.new(self)
         gzip.mtime = @mtime if @mtime
-        @body.each { |part|
-          # Skip empty strings, as they would result in no output,
-          # and flushing empty parts would raise Zlib::BufError.
-          next if part.empty?
-
-          gzip.write(part)
-          gzip.flush if @sync
-        }
+        # @body.each is equivalent to @body.gets (slow)
+        if @body.is_a? ::File # XXX: Should probably be ::IO
+          while part = @body.read(BUFFER_LENGTH)
+            gzip.write(part)
+            gzip.flush if @sync
+          end
+        else
+          @body.each { |part|
+            # Skip empty strings, as they would result in no output,
+            # and flushing empty parts would raise Zlib::BufError.
+            next if part.empty?
+            gzip.write(part)
+            gzip.flush if @sync
+          }
+        end
       ensure
-        gzip.close
+        gzip.finish
       end
 
-      # Call the block passed to #each with the the gzipped data.
+      # Call the block passed to #each with the gzipped data.
       def write(data)
         @writer.call(data)
       end
@@ -123,13 +137,13 @@ module Rack
       # Skip compressing empty entity body responses and responses with
       # no-transform set.
       if Utils::STATUS_WITH_NO_ENTITY_BODY.key?(status.to_i) ||
-          /\bno-transform\b/.match?(headers['Cache-Control'].to_s) ||
-          headers['Content-Encoding']&.!~(/\bidentity\b/)
+          /\bno-transform\b/.match?(headers[CACHE_CONTROL].to_s) ||
+          headers['content-encoding']&.!~(/\bidentity\b/)
         return false
       end
 
       # Skip if @compressible_types are given and does not include request's content type
-      return false if @compressible_types && !(headers.has_key?('Content-Type') && @compressible_types.include?(headers['Content-Type'][/[^;]*/]))
+      return false if @compressible_types && !(headers.has_key?(CONTENT_TYPE) && @compressible_types.include?(headers[CONTENT_TYPE][/[^;]*/]))
 
       # Skip if @condition lambda is given and evaluates to false
       return false if @condition && !@condition.call(env, status, headers, body)

data/lib/rack/directory.rb

@@ -2,6 +2,12 @@
 
 require 'time'
 
+require_relative 'constants'
+require_relative 'utils'
+require_relative 'head'
+require_relative 'mime'
+require_relative 'files'
+
 module Rack
   # Rack::Directory serves entries below the +root+ given, according to the
   # path info of the Rack request. If a directory is found, the file's contents
@@ -106,7 +112,7 @@ table { width:100%%; }
       body = "Bad Request\n"
       [400, { CONTENT_TYPE => "text/plain",
         CONTENT_LENGTH => body.bytesize.to_s,
-        "X-Cascade" => "pass" }, [body]]
+        "x-cascade" => "pass" }, [body]]
     end
 
     # Rack response to use for requests with paths outside the root, or nil if path is inside the root.
@@ -117,7 +123,7 @@ table { width:100%%; }
       body = "Forbidden\n"
       [403, { CONTENT_TYPE => "text/plain",
         CONTENT_LENGTH => body.bytesize.to_s,
-        "X-Cascade" => "pass" }, [body]]
+        "x-cascade" => "pass" }, [body]]
     end
 
     # Rack response to use for directories under the root.
@@ -176,7 +182,7 @@ table { width:100%%; }
       body = "Entity not found: #{path_info}\n"
       [404, { CONTENT_TYPE => "text/plain",
         CONTENT_LENGTH => body.bytesize.to_s,
-        "X-Cascade" => "pass" }, [body]]
+        "x-cascade" => "pass" }, [body]]
     end
 
     # Stolen from Ramaze

data/lib/rack/etag.rb

@@ -1,17 +1,19 @@
 # frozen_string_literal: true
 
-require_relative '../rack'
 require 'digest/sha2'
 
+require_relative 'constants'
+require_relative 'utils'
+
 module Rack
-  # Automatically sets the ETag header on all String bodies.
+  # Automatically sets the etag header on all String bodies.
   #
-  # The ETag header is skipped if ETag or Last-Modified headers are sent or if
+  # The etag header is skipped if etag or last-modified headers are sent or if
   # a sendfile body (body.responds_to :to_path) is given (since such cases
   # should be handled by apache/nginx).
   #
-  # On initialization, you can pass two parameters: a Cache-Control directive
-  # used when Etag is absent and a directive when it is present. The first
+  # On initialization, you can pass two parameters: a cache-control directive
+  # used when etag is absent and a directive when it is present. The first
   # defaults to nil, while the second defaults to "max-age=0, private, must-revalidate"
   class ETag
     ETAG_STRING = Rack::ETAG
@@ -24,16 +26,11 @@ module Rack
     end
 
     def call(env)
-      status, headers, body = @app.call(env)
-
-      headers = Utils::HeaderHash[headers]
+      status, headers, body = response = @app.call(env)
 
-      if etag_status?(status) && etag_body?(body) && !skip_caching?(headers)
-        original_body = body
-        digest, new_body = digest_body(body)
-        body = Rack::BodyProxy.new(new_body) do
-          original_body.close if original_body.respond_to?(:close)
-        end
+      if etag_status?(status) && body.respond_to?(:to_ary) && !skip_caching?(headers)
+        body = body.to_ary
+        digest = digest_body(body)
         headers[ETAG_STRING] = %(W/"#{digest}") if digest
       end
 
@@ -45,7 +42,7 @@ module Rack
         end
       end
 
-      [status, headers, body]
+      response
     end
 
     private
@@ -54,24 +51,18 @@ module Rack
         status == 200 || status == 201
       end
 
-      def etag_body?(body)
-        !body.respond_to?(:to_path)
-      end
-
       def skip_caching?(headers)
-        headers.key?(ETAG_STRING) || headers.key?('Last-Modified')
+        headers.key?(ETAG_STRING) || headers.key?('last-modified')
       end
 
       def digest_body(body)
-        parts = []
         digest = nil
 
         body.each do |part|
-          parts << part
           (digest ||= Digest::SHA256.new) << part unless part.empty?
         end
 
-        [digest && digest.hexdigest.byteslice(0, 32), parts]
+        digest && digest.hexdigest.byteslice(0,32)
       end
   end
 end

data/lib/rack/events.rb

@@ -1,5 +1,9 @@
 # frozen_string_literal: true
 
+require_relative 'body_proxy'
+require_relative 'request'
+require_relative 'response'
+
 module Rack
   ### This middleware provides hooks to certain places in the request /
   # response lifecycle.  This is so that middleware that don't need to filter

data/lib/rack/files.rb

@@ -2,6 +2,12 @@
 
 require 'time'
 
+require_relative 'constants'
+require_relative 'head'
+require_relative 'utils'
+require_relative 'request'
+require_relative 'mime'
+
 module Rack
   # Rack::Files serves files below the +root+ directory given, according to the
   # path info of the Rack request.
@@ -16,14 +22,6 @@ module Rack
     ALLOW_HEADER = ALLOWED_VERBS.join(', ')
     MULTIPART_BOUNDARY = 'AaB03x'
 
-    # @todo remove in 3.0
-    def self.method_added(name)
-      if name == :response_body
-        raise "#{self.class}\#response_body is no longer supported."
-      end
-      super
-    end
-
     attr_reader :root
 
     def initialize(root, headers = {}, default_mime = 'text/plain')
@@ -41,7 +39,7 @@ module Rack
     def get(env)
       request = Rack::Request.new env
       unless ALLOWED_VERBS.include? request.request_method
-        return fail(405, "Method Not Allowed", { 'Allow' => ALLOW_HEADER })
+        return fail(405, "Method Not Allowed", { 'allow' => ALLOW_HEADER })
       end
 
       path_info = Utils.unescape_path request.path_info
@@ -69,12 +67,12 @@ module Rack
 
     def serving(request, path)
       if request.options?
-        return [200, { 'Allow' => ALLOW_HEADER, CONTENT_LENGTH => '0' }, []]
+        return [200, { 'allow' => ALLOW_HEADER, CONTENT_LENGTH => '0' }, []]
       end
       last_modified = ::File.mtime(path).httpdate
       return [304, {}, []] if request.get_header('HTTP_IF_MODIFIED_SINCE') == last_modified
 
-      headers = { "Last-Modified" => last_modified }
+      headers = { "last-modified" => last_modified }
       mime_type = mime_type path, @default_mime
       headers[CONTENT_TYPE] = mime_type if mime_type
 
@@ -91,15 +89,15 @@ module Rack
       elsif ranges.empty?
         # Unsatisfiable. Return error, and file size:
         response = fail(416, "Byte range unsatisfiable")
-        response[1]["Content-Range"] = "bytes */#{size}"
+        response[1]["content-range"] = "bytes */#{size}"
         return response
-      elsif ranges.size >= 1
+      else
         # Partial content
         partial_content = true
 
         if ranges.size == 1
           range = ranges[0]
-          headers["Content-Range"] = "bytes #{range.begin}-#{range.end}/#{size}"
+          headers["content-range"] = "bytes #{range.begin}-#{range.end}/#{size}"
         else
           headers[CONTENT_TYPE] = "multipart/byteranges; boundary=#{MULTIPART_BOUNDARY}"
         end
@@ -164,8 +162,8 @@ module Rack
 <<-EOF
 \r
 --#{MULTIPART_BOUNDARY}\r
-Content-Type: #{options[:mime_type]}\r
-Content-Range: bytes #{range.begin}-#{range.end}/#{options[:size]}\r
+content-type: #{options[:mime_type]}\r
+content-range: bytes #{range.begin}-#{range.end}/#{options[:size]}\r
 \r
 EOF
       end
@@ -197,7 +195,7 @@ EOF
         {
           CONTENT_TYPE   => "text/plain",
           CONTENT_LENGTH => body.size.to_s,
-          "X-Cascade" => "pass"
+          "x-cascade" => "pass"
         }.merge!(headers),
         [body]
       ]

data/lib/rack/head.rb

@@ -1,5 +1,8 @@
 # frozen_string_literal: true
 
+require_relative 'constants'
+require_relative 'body_proxy'
+
 module Rack
   # Rack::Head returns an empty body for all HEAD requests. It leaves
   # all other requests unchanged.
@@ -9,17 +12,15 @@ module Rack
     end
 
     def call(env)
-      status, headers, body = @app.call(env)
+      _, _, body = response = @app.call(env)
 
       if env[REQUEST_METHOD] == HEAD
-        [
-          status, headers, Rack::BodyProxy.new([]) do
-            body.close if body.respond_to? :close
-          end
-        ]
-      else
-        [status, headers, body]
+        response[2] = Rack::BodyProxy.new([]) do
+          body.close if body.respond_to? :close
+        end
       end
+
+      response
     end
   end
 end

data/lib/rack/headers.rb

@@ -0,0 +1,238 @@
+# frozen_string_literal: true
+
+module Rack
+  # Rack::Headers is a Hash subclass that downcases all keys.  It's designed
+  # to be used by rack applications that don't implement the Rack 3 SPEC
+  # (by using non-lowercase response header keys), automatically handling
+  # the downcasing of keys.
+  class Headers < Hash
+    KNOWN_HEADERS = {}
+    %w(
+      Accept-CH
+      Accept-Patch
+      Accept-Ranges
+      Access-Control-Allow-Credentials
+      Access-Control-Allow-Headers
+      Access-Control-Allow-Methods
+      Access-Control-Allow-Origin
+      Access-Control-Expose-Headers
+      Access-Control-Max-Age
+      Age
+      Allow
+      Alt-Svc
+      Cache-Control
+      Connection
+      Content-Disposition
+      Content-Encoding
+      Content-Language
+      Content-Length
+      Content-Location
+      Content-MD5
+      Content-Range
+      Content-Security-Policy
+      Content-Security-Policy-Report-Only
+      Content-Type
+      Date
+      Delta-Base
+      ETag
+      Expect-CT
+      Expires
+      Feature-Policy
+      IM
+      Last-Modified
+      Link
+      Location
+      NEL
+      P3P
+      Permissions-Policy
+      Pragma
+      Preference-Applied
+      Proxy-Authenticate
+      Public-Key-Pins
+      Referrer-Policy
+      Refresh
+      Report-To
+      Retry-After
+      Server
+      Set-Cookie
+      Status
+      Strict-Transport-Security
+      Timing-Allow-Origin
+      Tk
+      Trailer
+      Transfer-Encoding
+      Upgrade
+      Vary
+      Via
+      WWW-Authenticate
+      Warning
+      X-Cascade
+      X-Content-Duration
+      X-Content-Security-Policy
+      X-Content-Type-Options
+      X-Correlation-ID
+      X-Correlation-Id
+      X-Download-Options
+      X-Frame-Options
+      X-Permitted-Cross-Domain-Policies
+      X-Powered-By
+      X-Redirect-By
+      X-Request-ID
+      X-Request-Id
+      X-Runtime
+      X-UA-Compatible
+      X-WebKit-CS
+      X-XSS-Protection
+    ).each do |str|
+      downcased = str.downcase.freeze
+      KNOWN_HEADERS[str] = KNOWN_HEADERS[downcased] = downcased
+    end
+
+    def self.[](*items)
+      if items.length % 2 != 0
+        if items.length == 1 && items.first.is_a?(Hash)
+          new.merge!(items.first)
+        else
+          raise ArgumentError, "odd number of arguments for Rack::Headers"
+        end
+      else
+        hash = new
+        loop do
+          break if items.length == 0
+          key = items.shift
+          value = items.shift
+          hash[key] = value
+        end
+        hash
+      end
+    end
+
+    def [](key)
+      super(downcase_key(key))
+    end
+
+    def []=(key, value)
+      super(KNOWN_HEADERS[key] || key.downcase.freeze, value)
+    end
+    alias store []=
+
+    def assoc(key)
+      super(downcase_key(key))
+    end
+
+    def compare_by_identity
+      raise TypeError, "Rack::Headers cannot compare by identity, use regular Hash"
+    end
+
+    def delete(key)
+      super(downcase_key(key))
+    end
+
+    def dig(key, *a)
+      super(downcase_key(key), *a)
+    end
+
+    def fetch(key, *default, &block)
+      key = downcase_key(key)
+      super
+    end
+
+    def fetch_values(*a)
+      super(*a.map!{|key| downcase_key(key)})
+    end
+
+    def has_key?(key)
+      super(downcase_key(key))
+    end
+    alias include? has_key?
+    alias key? has_key?
+    alias member? has_key?
+
+    def invert
+      hash = self.class.new
+      each{|key, value| hash[value] = key}
+      hash
+    end
+
+    def merge(hash, &block)
+      dup.merge!(hash, &block)
+    end
+
+    def reject(&block)
+      hash = dup
+      hash.reject!(&block)
+      hash
+    end
+
+    def replace(hash)
+      clear
+      update(hash)
+    end
+
+    def select(&block)
+      hash = dup
+      hash.select!(&block)
+      hash
+    end
+
+    def to_proc
+      lambda{|x| self[x]}
+    end
+
+    def transform_values(&block)
+      dup.transform_values!(&block)
+    end
+
+    def update(hash, &block)
+      hash.each do |key, value|
+        self[key] = if block_given? && include?(key)
+          block.call(key, self[key], value)
+        else
+          value
+        end
+      end
+      self
+    end
+    alias merge! update
+
+    def values_at(*keys)
+      keys.map{|key| self[key]}
+    end
+
+    # :nocov:
+    if RUBY_VERSION >= '2.5'
+    # :nocov:
+      def slice(*a)
+        h = self.class.new
+        a.each{|k| h[k] = self[k] if has_key?(k)}
+        h
+      end
+
+      def transform_keys(&block)
+        dup.transform_keys!(&block)
+      end
+
+      def transform_keys!
+        hash = self.class.new
+        each do |k, v|
+          hash[yield k] = v
+        end
+        replace(hash)
+      end
+    end
+
+    # :nocov:
+    if RUBY_VERSION >= '3.0'
+    # :nocov:
+      def except(*a)
+        super(*a.map!{|key| downcase_key(key)})
+      end
+    end
+
+    private
+
+    def downcase_key(key)
+      key.is_a?(String) ? KNOWN_HEADERS[key] || key.downcase : key
+    end
+  end
+end