rack 3.0.2 → 3.0.4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of rack might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1ef3f40b22f1176082dbf385b1370a4453d6f2547bb821b86464b2e282d599f0
4
- data.tar.gz: cbdc48698cce4a62c73e202f75f9226663c484395576188800e3a063aac9c341
3
+ metadata.gz: ad8328dbde3d3a4f12b99302c6503774dc4fd1df98fe89b0bc37bebaad59d38f
4
+ data.tar.gz: a48325905bb478c76b43bfa27f5d08c6ba964d0b08f63e286058bb5c565c8517
5
5
  SHA512:
6
- metadata.gz: 15759c4ffbf202d6697e4eb440e470e49e2d81a211e29b5a3eb8580765ff93c77cdbda66927f42f098246a3b7ba2e62c2971703b9a2be51ff3f4cc7fcadb5f8e
7
- data.tar.gz: f0bb7abd2f11b80c3ac6286ac6db9395e635cdd90cc621a35a248fdf987b2e03174502c769093790c4a128429feefc6ee8beca2ec3f138a5615c0c79443af876
6
+ metadata.gz: 2a7d662d3ccac62525bd0c2c1be74512a35044f46f085f98bb2a561f459fcff009f10966d97f3842e71d60b3d75c82a7757830ff1eebff8da96ca14ee52e8d91
7
+ data.tar.gz: 2e6228809047c2876fc8d306b55bc42ca8e8fdfb6419b30e3e5a869cab393279c30bf73be93337323ccf9338e421596c943c04f0ea9b08fbb3a19a94fd50fa56
data/CHANGELOG.md CHANGED
@@ -2,7 +2,19 @@
2
2
 
3
3
  All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).
4
4
 
5
- ## [3.0.2] -2022-12-05
5
+ ## [3.0.4] - 2022-01-17
6
+
7
+ - `Rack::Request#POST` should consistently raise errors. Cache errors that occur when invoking `Rack::Request#POST` so they can be raised again later. ([#2010](https://github.com/rack/rack/pull/2010), [@ioquatix])
8
+ - Fix `Rack::Lint` error message for `HTTP_CONTENT_TYPE` and `HTTP_CONTENT_LENGTH`. ([#2007](https://github.com/rack/rack/pull/2007), [@byroot](https://github.com/byroot))
9
+ - Extend `Rack::MethodOverride` to handle `QueryParser::ParamsTooDeepError` error. ([#2006](https://github.com/rack/rack/pull/2006), [@byroot](https://github.com/byroot))
10
+
11
+ ## [3.0.3] - 2022-12-27
12
+
13
+ ### Fixed
14
+
15
+ - `Rack::URLMap` uses non-deprecated form of `Regexp.new`. ([#1998](https://github.com/rack/rack/pull/1998), [@weizheheng](https://github.com/weizheheng))
16
+
17
+ ## [3.0.2] - 2022-12-05
6
18
 
7
19
  ### Fixed
8
20
 
@@ -55,6 +55,7 @@ module Rack
55
55
  RACK_REQUEST_FORM_INPUT = 'rack.request.form_input'
56
56
  RACK_REQUEST_FORM_HASH = 'rack.request.form_hash'
57
57
  RACK_REQUEST_FORM_VARS = 'rack.request.form_vars'
58
+ RACK_REQUEST_FORM_ERROR = 'rack.request.form_error'
58
59
  RACK_REQUEST_COOKIE_HASH = 'rack.request.cookie_hash'
59
60
  RACK_REQUEST_COOKIE_STRING = 'rack.request.cookie_string'
60
61
  RACK_REQUEST_QUERY_HASH = 'rack.request.query_hash'
data/lib/rack/lint.rb CHANGED
@@ -303,7 +303,7 @@ module Rack
303
303
  ## (use the versions without <tt>HTTP_</tt>).
304
304
  %w[HTTP_CONTENT_TYPE HTTP_CONTENT_LENGTH].each { |header|
305
305
  if env.include? header
306
- raise LintError, "env contains #{header}, must use #{header[5, -1]}"
306
+ raise LintError, "env contains #{header}, must use #{header[5..-1]}"
307
307
  end
308
308
  }
309
309
 
@@ -47,7 +47,7 @@ module Rack
47
47
 
48
48
  def method_override_param(req)
49
49
  req.POST[METHOD_OVERRIDE_PARAM_KEY] if req.form_data? || req.parseable_data?
50
- rescue Utils::InvalidParameterError, Utils::ParameterTypeError
50
+ rescue Utils::InvalidParameterError, Utils::ParameterTypeError, QueryParser::ParamsTooDeepError
51
51
  req.get_header(RACK_ERRORS).puts "Invalid or incomplete POST params"
52
52
  rescue EOFError
53
53
  req.get_header(RACK_ERRORS).puts "Bad request content body"
data/lib/rack/request.rb CHANGED
@@ -496,26 +496,35 @@ module Rack
496
496
  # This method support both application/x-www-form-urlencoded and
497
497
  # multipart/form-data.
498
498
  def POST
499
- if get_header(RACK_INPUT).nil?
500
- raise "Missing rack.input"
501
- elsif get_header(RACK_REQUEST_FORM_INPUT) == get_header(RACK_INPUT)
502
- get_header(RACK_REQUEST_FORM_HASH)
503
- elsif form_data? || parseable_data?
504
- unless set_header(RACK_REQUEST_FORM_HASH, parse_multipart)
505
- form_vars = get_header(RACK_INPUT).read
506
-
507
- # Fix for Safari Ajax postings that always append \0
508
- # form_vars.sub!(/\0\z/, '') # performance replacement:
509
- form_vars.slice!(-1) if form_vars.end_with?("\0")
510
-
511
- set_header RACK_REQUEST_FORM_VARS, form_vars
512
- set_header RACK_REQUEST_FORM_HASH, parse_query(form_vars, '&')
499
+ if error = get_header(RACK_REQUEST_FORM_ERROR)
500
+ raise error.class, error.message, cause: error.cause
501
+ end
502
+
503
+ begin
504
+ if get_header(RACK_INPUT).nil?
505
+ raise "Missing rack.input"
506
+ elsif get_header(RACK_REQUEST_FORM_INPUT) == get_header(RACK_INPUT)
507
+ get_header(RACK_REQUEST_FORM_HASH)
508
+ elsif form_data? || parseable_data?
509
+ unless set_header(RACK_REQUEST_FORM_HASH, parse_multipart)
510
+ form_vars = get_header(RACK_INPUT).read
511
+
512
+ # Fix for Safari Ajax postings that always append \0
513
+ # form_vars.sub!(/\0\z/, '') # performance replacement:
514
+ form_vars.slice!(-1) if form_vars.end_with?("\0")
515
+
516
+ set_header RACK_REQUEST_FORM_VARS, form_vars
517
+ set_header RACK_REQUEST_FORM_HASH, parse_query(form_vars, '&')
518
+ end
519
+ set_header RACK_REQUEST_FORM_INPUT, get_header(RACK_INPUT)
520
+ get_header RACK_REQUEST_FORM_HASH
521
+ else
522
+ set_header RACK_REQUEST_FORM_INPUT, get_header(RACK_INPUT)
523
+ set_header(RACK_REQUEST_FORM_HASH, {})
513
524
  end
514
- set_header RACK_REQUEST_FORM_INPUT, get_header(RACK_INPUT)
515
- get_header RACK_REQUEST_FORM_HASH
516
- else
517
- set_header RACK_REQUEST_FORM_INPUT, get_header(RACK_INPUT)
518
- set_header(RACK_REQUEST_FORM_HASH, {})
525
+ rescue => error
526
+ set_header(RACK_REQUEST_FORM_ERROR, error)
527
+ raise
519
528
  end
520
529
  end
521
530
 
data/lib/rack/urlmap.rb CHANGED
@@ -37,7 +37,7 @@ module Rack
37
37
  end
38
38
 
39
39
  location = location.chomp('/')
40
- match = Regexp.new("^#{Regexp.quote(location).gsub('/', '/+')}(.*)", nil, 'n')
40
+ match = Regexp.new("^#{Regexp.quote(location).gsub('/', '/+')}(.*)", Regexp::NOENCODING)
41
41
 
42
42
  [host, location, match, app]
43
43
  }.sort_by do |(host, location, _, _)|
data/lib/rack/version.rb CHANGED
@@ -25,7 +25,7 @@ module Rack
25
25
  VERSION
26
26
  end
27
27
 
28
- RELEASE = "3.0.2"
28
+ RELEASE = "3.0.4"
29
29
 
30
30
  # Return the Rack release as a dotted string.
31
31
  def self.release
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.2
4
+ version: 3.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Leah Neukirchen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-12-05 00:00:00.000000000 Z
11
+ date: 2023-01-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: minitest
@@ -164,7 +164,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
164
164
  - !ruby/object:Gem::Version
165
165
  version: '0'
166
166
  requirements: []
167
- rubygems_version: 3.3.7
167
+ rubygems_version: 3.4.1
168
168
  signing_key:
169
169
  specification_version: 4
170
170
  summary: A modular Ruby webserver interface.