rack 3.0.1 → 3.0.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of rack might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -1
- data/lib/rack/auth/basic.rb +0 -2
- data/lib/rack/builder.rb +32 -30
- data/lib/rack/constants.rb +1 -1
- data/lib/rack/headers.rb +12 -12
- data/lib/rack/lint.rb +2 -2
- data/lib/rack/request.rb +2 -2
- data/lib/rack/response.rb +8 -3
- data/lib/rack/utils.rb +4 -4
- data/lib/rack/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1ef3f40b22f1176082dbf385b1370a4453d6f2547bb821b86464b2e282d599f0
|
4
|
+
data.tar.gz: cbdc48698cce4a62c73e202f75f9226663c484395576188800e3a063aac9c341
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 15759c4ffbf202d6697e4eb440e470e49e2d81a211e29b5a3eb8580765ff93c77cdbda66927f42f098246a3b7ba2e62c2971703b9a2be51ff3f4cc7fcadb5f8e
|
7
|
+
data.tar.gz: f0bb7abd2f11b80c3ac6286ac6db9395e635cdd90cc621a35a248fdf987b2e03174502c769093790c4a128429feefc6ee8beca2ec3f138a5615c0c79443af876
|
data/CHANGELOG.md
CHANGED
@@ -2,6 +2,13 @@
|
|
2
2
|
|
3
3
|
All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).
|
4
4
|
|
5
|
+
## [3.0.2] -2022-12-05
|
6
|
+
|
7
|
+
### Fixed
|
8
|
+
|
9
|
+
- `Utils.build_nested_query` URL-encodes nested field names including the square brackets.
|
10
|
+
- Allow `Rack::Response` to pass through streaming bodies. ([#1993](https://github.com/rack/rack/pull/1993), [@ioquatix])
|
11
|
+
|
5
12
|
## [3.0.1] - 2022-11-18
|
6
13
|
|
7
14
|
### Fixed
|
@@ -41,7 +48,7 @@ All notable changes to this project will be documented in this file. For info on
|
|
41
48
|
- `SERVER_PROTOCOL` is now a required environment key, matching the HTTP protocol used in the request.
|
42
49
|
- `rack.hijack?` (partial hijack) and `rack.hijack` (full hijack) are now independently optional.
|
43
50
|
- `rack.hijack_io` has been removed completely.
|
44
|
-
- `rack.response_finished` is an optional environment key which contains an array of callable objects that must accept `#call(env, status, headers, error)` and are invoked after the response is finished (either successfully or
|
51
|
+
- `rack.response_finished` is an optional environment key which contains an array of callable objects that must accept `#call(env, status, headers, error)` and are invoked after the response is finished (either successfully or unsuccessfully).
|
45
52
|
- It is okay to call `#close` on `rack.input` to indicate that you no longer need or care about the input.
|
46
53
|
- The stream argument supplied to the streaming body and hijack must support `#<<` for writing output.
|
47
54
|
|
data/lib/rack/auth/basic.rb
CHANGED
data/lib/rack/builder.rb
CHANGED
@@ -10,26 +10,23 @@ module Rack
|
|
10
10
|
#
|
11
11
|
# Example:
|
12
12
|
#
|
13
|
-
#
|
14
|
-
#
|
15
|
-
#
|
16
|
-
#
|
17
|
-
#
|
18
|
-
#
|
19
|
-
# run Rack::Lobster.new
|
20
|
-
# end
|
21
|
-
# end
|
13
|
+
# app = Rack::Builder.new do
|
14
|
+
# use Rack::CommonLogger
|
15
|
+
# map "/ok" do
|
16
|
+
# run lambda { |env| [200, {'content-type' => 'text/plain'}, ['OK']] }
|
17
|
+
# end
|
18
|
+
# end
|
22
19
|
#
|
23
|
-
#
|
20
|
+
# run app
|
24
21
|
#
|
25
22
|
# Or
|
26
23
|
#
|
27
|
-
#
|
28
|
-
#
|
29
|
-
#
|
30
|
-
#
|
24
|
+
# app = Rack::Builder.app do
|
25
|
+
# use Rack::CommonLogger
|
26
|
+
# run lambda { |env| [200, {'content-type' => 'text/plain'}, ['OK']] }
|
27
|
+
# end
|
31
28
|
#
|
32
|
-
#
|
29
|
+
# run app
|
33
30
|
#
|
34
31
|
# +use+ adds middleware to the stack, +run+ dispatches to an application.
|
35
32
|
# You can use +map+ to construct a Rack::URLMap in a convenient way.
|
@@ -180,15 +177,6 @@ module Rack
|
|
180
177
|
#
|
181
178
|
# run Heartbeat.new
|
182
179
|
#
|
183
|
-
# It could also be a module:
|
184
|
-
#
|
185
|
-
# module HelloWorld
|
186
|
-
# def call(env)
|
187
|
-
# [200, { "content-type" => "text/plain" }, ["Hello World"]]
|
188
|
-
# end
|
189
|
-
# end
|
190
|
-
#
|
191
|
-
# run HelloWorld
|
192
180
|
def run(app = nil, &block)
|
193
181
|
raise ArgumentError, "Both app and block given!" if app && block_given?
|
194
182
|
|
@@ -213,21 +201,35 @@ module Rack
|
|
213
201
|
# the Rack application specified by run inside the block. Other requests will be sent to the
|
214
202
|
# default application specified by run outside the block.
|
215
203
|
#
|
216
|
-
#
|
204
|
+
# class App
|
205
|
+
# def call(env)
|
206
|
+
# [200, {'content-type' => 'text/plain'}, ["Hello World"]]
|
207
|
+
# end
|
208
|
+
# end
|
209
|
+
#
|
210
|
+
# class Heartbeat
|
211
|
+
# def call(env)
|
212
|
+
# [200, { "content-type" => "text/plain" }, ["OK"]]
|
213
|
+
# end
|
214
|
+
# end
|
215
|
+
#
|
216
|
+
# app = Rack::Builder.app do
|
217
217
|
# map '/heartbeat' do
|
218
|
-
# run Heartbeat
|
218
|
+
# run Heartbeat.new
|
219
219
|
# end
|
220
|
-
# run App
|
220
|
+
# run App.new
|
221
221
|
# end
|
222
222
|
#
|
223
|
+
# run app
|
224
|
+
#
|
223
225
|
# The +use+ method can also be used inside the block to specify middleware to run under a specific path:
|
224
226
|
#
|
225
|
-
# Rack::Builder.app do
|
227
|
+
# app = Rack::Builder.app do
|
226
228
|
# map '/heartbeat' do
|
227
229
|
# use Middleware
|
228
|
-
# run Heartbeat
|
230
|
+
# run Heartbeat.new
|
229
231
|
# end
|
230
|
-
# run App
|
232
|
+
# run App.new
|
231
233
|
# end
|
232
234
|
#
|
233
235
|
# This example includes a piece of middleware which will run before +/heartbeat+ requests hit +Heartbeat+.
|
data/lib/rack/constants.rb
CHANGED
data/lib/rack/headers.rb
CHANGED
@@ -31,7 +31,7 @@ module Rack
|
|
31
31
|
super(key.downcase.freeze, value)
|
32
32
|
end
|
33
33
|
alias store []=
|
34
|
-
|
34
|
+
|
35
35
|
def assoc(key)
|
36
36
|
super(downcase_key(key))
|
37
37
|
end
|
@@ -43,7 +43,7 @@ module Rack
|
|
43
43
|
def delete(key)
|
44
44
|
super(downcase_key(key))
|
45
45
|
end
|
46
|
-
|
46
|
+
|
47
47
|
def dig(key, *a)
|
48
48
|
super(downcase_key(key), *a)
|
49
49
|
end
|
@@ -52,7 +52,7 @@ module Rack
|
|
52
52
|
key = downcase_key(key)
|
53
53
|
super
|
54
54
|
end
|
55
|
-
|
55
|
+
|
56
56
|
def fetch_values(*a)
|
57
57
|
super(*a.map!{|key| downcase_key(key)})
|
58
58
|
end
|
@@ -63,34 +63,34 @@ module Rack
|
|
63
63
|
alias include? has_key?
|
64
64
|
alias key? has_key?
|
65
65
|
alias member? has_key?
|
66
|
-
|
66
|
+
|
67
67
|
def invert
|
68
68
|
hash = self.class.new
|
69
69
|
each{|key, value| hash[value] = key}
|
70
70
|
hash
|
71
71
|
end
|
72
|
-
|
72
|
+
|
73
73
|
def merge(hash, &block)
|
74
74
|
dup.merge!(hash, &block)
|
75
75
|
end
|
76
|
-
|
76
|
+
|
77
77
|
def reject(&block)
|
78
78
|
hash = dup
|
79
79
|
hash.reject!(&block)
|
80
80
|
hash
|
81
81
|
end
|
82
|
-
|
82
|
+
|
83
83
|
def replace(hash)
|
84
84
|
clear
|
85
85
|
update(hash)
|
86
86
|
end
|
87
|
-
|
87
|
+
|
88
88
|
def select(&block)
|
89
89
|
hash = dup
|
90
90
|
hash.select!(&block)
|
91
91
|
hash
|
92
92
|
end
|
93
|
-
|
93
|
+
|
94
94
|
def to_proc
|
95
95
|
lambda{|x| self[x]}
|
96
96
|
end
|
@@ -100,10 +100,10 @@ module Rack
|
|
100
100
|
end
|
101
101
|
|
102
102
|
def update(hash, &block)
|
103
|
-
hash.each do |key, value|
|
103
|
+
hash.each do |key, value|
|
104
104
|
self[key] = if block_given? && include?(key)
|
105
105
|
block.call(key, self[key], value)
|
106
|
-
else
|
106
|
+
else
|
107
107
|
value
|
108
108
|
end
|
109
109
|
end
|
@@ -114,7 +114,7 @@ module Rack
|
|
114
114
|
def values_at(*keys)
|
115
115
|
keys.map{|key| self[key]}
|
116
116
|
end
|
117
|
-
|
117
|
+
|
118
118
|
# :nocov:
|
119
119
|
if RUBY_VERSION >= '2.5'
|
120
120
|
# :nocov:
|
data/lib/rack/lint.rb
CHANGED
@@ -629,7 +629,7 @@ module Rack
|
|
629
629
|
unless headers.kind_of?(Hash)
|
630
630
|
raise LintError, "headers object should be a hash, but isn't (got #{headers.class} as headers)"
|
631
631
|
end
|
632
|
-
|
632
|
+
|
633
633
|
if headers.frozen?
|
634
634
|
raise LintError, "headers object should not be frozen, but is"
|
635
635
|
end
|
@@ -889,7 +889,7 @@ module Rack
|
|
889
889
|
|
890
890
|
def initialize(stream)
|
891
891
|
@stream = stream
|
892
|
-
|
892
|
+
|
893
893
|
REQUIRED_METHODS.each do |method_name|
|
894
894
|
raise LintError, "Stream must respond to #{method_name}" unless stream.respond_to?(method_name)
|
895
895
|
end
|
data/lib/rack/request.rb
CHANGED
@@ -44,7 +44,7 @@ module Rack
|
|
44
44
|
@x_forwarded_proto_priority = [:proto, :scheme]
|
45
45
|
|
46
46
|
valid_ipv4_octet = /\.(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])/
|
47
|
-
|
47
|
+
|
48
48
|
trusted_proxies = Regexp.union(
|
49
49
|
/\A127#{valid_ipv4_octet}{3}\z/, # localhost IPv4 range 127.x.x.x, per RFC-3330
|
50
50
|
/\A::1\z/, # localhost IPv6 ::1
|
@@ -54,7 +54,7 @@ module Rack
|
|
54
54
|
/\A192\.168#{valid_ipv4_octet}{2}\z/, # private IPv4 range 192.168.x.x
|
55
55
|
/\Alocalhost\z|\Aunix(\z|:)/i, # localhost hostname, and unix domain sockets
|
56
56
|
)
|
57
|
-
|
57
|
+
|
58
58
|
self.ip_filter = lambda { |ip| trusted_proxies.match?(ip) }
|
59
59
|
|
60
60
|
ALLOWED_SCHEMES = %w(https http wss ws).freeze
|
data/lib/rack/response.rb
CHANGED
@@ -43,7 +43,7 @@ module Rack
|
|
43
43
|
#
|
44
44
|
# If the +body+ is +nil+, construct an empty response object with internal
|
45
45
|
# buffering.
|
46
|
-
#
|
46
|
+
#
|
47
47
|
# If the +body+ responds to +to_str+, assume it's a string-like object and
|
48
48
|
# construct a buffered response object containing using that string as the
|
49
49
|
# initial contents of the buffer.
|
@@ -102,11 +102,16 @@ module Rack
|
|
102
102
|
CHUNKED == get_header(TRANSFER_ENCODING)
|
103
103
|
end
|
104
104
|
|
105
|
+
def no_entity_body?
|
106
|
+
# The response body is an enumerable body and it is not allowed to have an entity body.
|
107
|
+
@body.respond_to?(:each) && STATUS_WITH_NO_ENTITY_BODY[@status]
|
108
|
+
end
|
109
|
+
|
105
110
|
# Generate a response array consistent with the requirements of the SPEC.
|
106
111
|
# @return [Array] a 3-tuple suitable of `[status, headers, body]`
|
107
112
|
# which is suitable to be returned from the middleware `#call(env)` method.
|
108
113
|
def finish(&block)
|
109
|
-
if
|
114
|
+
if no_entity_body?
|
110
115
|
delete_header CONTENT_TYPE
|
111
116
|
delete_header CONTENT_LENGTH
|
112
117
|
close
|
@@ -333,7 +338,7 @@ module Rack
|
|
333
338
|
end
|
334
339
|
|
335
340
|
body.close if body.respond_to?(:close)
|
336
|
-
|
341
|
+
|
337
342
|
@buffered = true
|
338
343
|
else
|
339
344
|
@buffered = false
|
data/lib/rack/utils.rb
CHANGED
@@ -121,13 +121,13 @@ module Rack
|
|
121
121
|
}.join("&")
|
122
122
|
when Hash
|
123
123
|
value.map { |k, v|
|
124
|
-
build_nested_query(v, prefix ? "#{prefix}[#{
|
124
|
+
build_nested_query(v, prefix ? "#{prefix}[#{k}]" : k)
|
125
125
|
}.delete_if(&:empty?).join('&')
|
126
126
|
when nil
|
127
|
-
prefix
|
127
|
+
escape(prefix)
|
128
128
|
else
|
129
129
|
raise ArgumentError, "value must be a Hash" if prefix.nil?
|
130
|
-
"#{prefix}=#{escape(value)}"
|
130
|
+
"#{escape(prefix)}=#{escape(value)}"
|
131
131
|
end
|
132
132
|
end
|
133
133
|
|
@@ -278,7 +278,7 @@ module Rack
|
|
278
278
|
# If the cookie +value+ is an instance of +Hash+, it considers the following
|
279
279
|
# cookie attribute keys: +domain+, +max_age+, +expires+ (must be instance
|
280
280
|
# of +Time+), +secure+, +http_only+, +same_site+ and +value+. For more
|
281
|
-
# details about the interpretation of these fields, consult
|
281
|
+
# details about the interpretation of these fields, consult
|
282
282
|
# [RFC6265 Section 5.2](https://datatracker.ietf.org/doc/html/rfc6265#section-5.2).
|
283
283
|
#
|
284
284
|
# An extra cookie attribute +escape_key+ can be provided to control whether
|
data/lib/rack/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.0.
|
4
|
+
version: 3.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Leah Neukirchen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-12-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: minitest
|