rack 3.1.14 → 3.1.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +26 -1
- data/lib/rack/mock_response.rb +32 -3
- data/lib/rack/multipart/parser.rb +5 -3
- data/lib/rack/version.rb +1 -1
- metadata +3 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9cfb0a3abaaa98c515919466c018ed20c30b3f4d025d0ec68cfc61614735270f
|
|
4
|
+
data.tar.gz: 4fd015b49d2c70a01d6518ea38b593d14b6d93de09132c3142390ab5fd719ff2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: db64e3a6431f22b41af6ec7a31d38465d4db45612843f402692893665d88c904d4058469137372b208dbc6d79d7dcde12460e4fb7707681d81de8d3a6dc8e45f
|
|
7
|
+
data.tar.gz: 695b14f7308dfb1a6be5304fb9bcf460ee855e296308ad114d8b9f12b9dcb420a17d4af3883f3a47f3fc66df2e28793fe4871965dec51b557840d136de14c22c
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,10 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).
|
|
4
4
|
|
|
5
|
+
## [3.1.15] - 2025-05-18
|
|
6
|
+
|
|
7
|
+
- Optional support for `CGI::Cookie` if not available. ([#2327](https://github.com/rack/rack/pull/2327), [#2333](https://github.com/rack/rack/pull/2333), [@earlopain])
|
|
8
|
+
|
|
5
9
|
## [3.1.14] - 2025-05-06
|
|
6
10
|
|
|
7
11
|
### Security
|
|
@@ -139,6 +143,14 @@ Rack v3.1 is primarily a maintenance release that removes features deprecated in
|
|
|
139
143
|
|
|
140
144
|
- In `Rack::Files`, ignore the `Range` header if served file is 0 bytes. ([#2159](https://github.com/rack/rack/pull/2159), [@zarqman])
|
|
141
145
|
|
|
146
|
+
## [3.0.18] - 2025-05-22
|
|
147
|
+
|
|
148
|
+
- Fix incorrect backport of optional `CGI::Cookie` support. ([#2335](https://github.com/rack/rack/pull/2335), [@jeremyevans])
|
|
149
|
+
|
|
150
|
+
## [3.0.17] - 2025-05-18
|
|
151
|
+
|
|
152
|
+
- Optional support for `CGI::Cookie` if not available. ([#2327](https://github.com/rack/rack/pull/2327), [#2333](https://github.com/rack/rack/pull/2333), [@earlopain])
|
|
153
|
+
|
|
142
154
|
## [3.0.16] - 2025-05-06
|
|
143
155
|
|
|
144
156
|
### Security
|
|
@@ -161,6 +173,10 @@ Rack v3.1 is primarily a maintenance release that removes features deprecated in
|
|
|
161
173
|
|
|
162
174
|
- [CVE-2025-27111](https://github.com/rack/rack/security/advisories/GHSA-8cgq-6mh2-7j6v) Possible Log Injection in `Rack::Sendfile`.
|
|
163
175
|
|
|
176
|
+
### Fixed
|
|
177
|
+
|
|
178
|
+
- Remove autoloads for constants no longer shipped with Rack. ([#2269](https://github.com/rack/rack/pull/2269), [@ccutrer](https://github.com/ccutrer))
|
|
179
|
+
|
|
164
180
|
## [3.0.12] - 2025-02-12
|
|
165
181
|
|
|
166
182
|
### Security
|
|
@@ -295,7 +311,7 @@ Rack v3.1 is primarily a maintenance release that removes features deprecated in
|
|
|
295
311
|
- Remove deprecated Rack::Request::SCHEME_WHITELIST. ([@jeremyevans])
|
|
296
312
|
- Remove internal cookie deletion using pattern matching, there are very few practical cases where it would be useful and browsers handle it correctly without us doing anything special. ([#1844](https://github.com/rack/rack/pull/1844), [@ioquatix])
|
|
297
313
|
- Remove `rack.version` as it comes too late to be useful. ([#1938](https://github.com/rack/rack/pull/1938), [@ioquatix])
|
|
298
|
-
- Extract `rackup` command, `Rack::Server`, `Rack::Handler
|
|
314
|
+
- Extract `rackup` command, `Rack::Server`, `Rack::Handler` and related code into a separate gem. ([#1937](https://github.com/rack/rack/pull/1937), [@ioquatix])
|
|
299
315
|
|
|
300
316
|
### Added
|
|
301
317
|
|
|
@@ -343,6 +359,14 @@ Rack v3.1 is primarily a maintenance release that removes features deprecated in
|
|
|
343
359
|
- Fix multipart filename generation for filenames that contain spaces. Encode spaces as "%20" instead of "+" which will be decoded properly by the multipart parser. ([#1736](https://github.com/rack/rack/pull/1645), [@muirdm](https://github.com/muirdm))
|
|
344
360
|
- `Rack::Request#scheme` returns `ws` or `wss` when one of the `X-Forwarded-Scheme` / `X-Forwarded-Proto` headers is set to `ws` or `wss`, respectively. ([#1730](https://github.com/rack/rack/issues/1730), [@erwanst](https://github.com/erwanst))
|
|
345
361
|
|
|
362
|
+
## [2.2.16] - 2025-05-22
|
|
363
|
+
|
|
364
|
+
- Fix incorrect backport of optional `CGI::Cookie` support. ([#2335](https://github.com/rack/rack/pull/2335), [@jeremyevans])
|
|
365
|
+
|
|
366
|
+
## [2.2.15] - 2025-05-18
|
|
367
|
+
|
|
368
|
+
- Optional support for `CGI::Cookie` if not available. ([#2327](https://github.com/rack/rack/pull/2327), [#2333](https://github.com/rack/rack/pull/2333), [@earlopain])
|
|
369
|
+
|
|
346
370
|
## [2.2.14] - 2025-05-06
|
|
347
371
|
|
|
348
372
|
### Security
|
|
@@ -1130,3 +1154,4 @@ Items below this line are from the previously maintained HISTORY.md and NEWS.md
|
|
|
1130
1154
|
[@wjordan]: https://github.com/wjordan "Will Jordan"
|
|
1131
1155
|
[@BlakeWilliams]: https://github.com/BlakeWilliams "Blake Williams"
|
|
1132
1156
|
[@davidstosik]: https://github.com/davidstosik "David Stosik"
|
|
1157
|
+
[@earlopain]: https://github.com/earlopain "Earlopain"
|
data/lib/rack/mock_response.rb
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require 'cgi/cookie'
|
|
4
3
|
require 'time'
|
|
5
4
|
|
|
6
5
|
require_relative 'response'
|
|
@@ -11,6 +10,36 @@ module Rack
|
|
|
11
10
|
# MockRequest.
|
|
12
11
|
|
|
13
12
|
class MockResponse < Rack::Response
|
|
13
|
+
begin
|
|
14
|
+
# Recent versions of the CGI gem may not provide `CGI::Cookie`.
|
|
15
|
+
require 'cgi/cookie'
|
|
16
|
+
Cookie = CGI::Cookie
|
|
17
|
+
rescue LoadError
|
|
18
|
+
class Cookie
|
|
19
|
+
attr_reader :name, :value, :path, :domain, :expires, :secure
|
|
20
|
+
|
|
21
|
+
def initialize(args)
|
|
22
|
+
@name = args["name"]
|
|
23
|
+
@value = args["value"]
|
|
24
|
+
@path = args["path"]
|
|
25
|
+
@domain = args["domain"]
|
|
26
|
+
@expires = args["expires"]
|
|
27
|
+
@secure = args["secure"]
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def method_missing(method_name, *args, &block)
|
|
31
|
+
@value.send(method_name, *args, &block)
|
|
32
|
+
end
|
|
33
|
+
# :nocov:
|
|
34
|
+
ruby2_keywords(:method_missing) if respond_to?(:ruby2_keywords, true)
|
|
35
|
+
# :nocov:
|
|
36
|
+
|
|
37
|
+
def respond_to_missing?(method_name, include_all = false)
|
|
38
|
+
@value.respond_to?(method_name, include_all) || super
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
14
43
|
class << self
|
|
15
44
|
alias [] new
|
|
16
45
|
end
|
|
@@ -83,7 +112,7 @@ module Rack
|
|
|
83
112
|
Array(set_cookie_header).each do |cookie|
|
|
84
113
|
cookie_name, cookie_filling = cookie.split('=', 2)
|
|
85
114
|
cookie_attributes = identify_cookie_attributes cookie_filling
|
|
86
|
-
parsed_cookie =
|
|
115
|
+
parsed_cookie = Cookie.new(
|
|
87
116
|
'name' => cookie_name.strip,
|
|
88
117
|
'value' => cookie_attributes.fetch('value'),
|
|
89
118
|
'path' => cookie_attributes.fetch('path', nil),
|
|
@@ -100,7 +129,7 @@ module Rack
|
|
|
100
129
|
def identify_cookie_attributes(cookie_filling)
|
|
101
130
|
cookie_bits = cookie_filling.split(';')
|
|
102
131
|
cookie_attributes = Hash.new
|
|
103
|
-
cookie_attributes.store('value', cookie_bits[0].strip)
|
|
132
|
+
cookie_attributes.store('value', Array(cookie_bits[0].strip))
|
|
104
133
|
cookie_bits.drop(1).each do |bit|
|
|
105
134
|
if bit.include? '='
|
|
106
135
|
cookie_attribute, attribute_value = bit.split('=', 2)
|
|
@@ -31,10 +31,12 @@ module Rack
|
|
|
31
31
|
Error = BoundaryTooLongError
|
|
32
32
|
|
|
33
33
|
EOL = "\r\n"
|
|
34
|
+
FWS = /[ \t]+(?:\r\n[ \t]+)?/ # whitespace with optional folding
|
|
35
|
+
HEADER_VALUE = "(?:[^\r\n]|\r\n[ \t])*" # anything but a non-folding CRLF
|
|
34
36
|
MULTIPART = %r|\Amultipart/.*boundary=\"?([^\";,]+)\"?|ni
|
|
35
|
-
MULTIPART_CONTENT_TYPE =
|
|
36
|
-
MULTIPART_CONTENT_DISPOSITION =
|
|
37
|
-
MULTIPART_CONTENT_ID =
|
|
37
|
+
MULTIPART_CONTENT_TYPE = /^Content-Type:#{FWS}?(#{HEADER_VALUE})/ni
|
|
38
|
+
MULTIPART_CONTENT_DISPOSITION = /^Content-Disposition:#{FWS}?(#{HEADER_VALUE})/ni
|
|
39
|
+
MULTIPART_CONTENT_ID = /^Content-ID:#{FWS}?(#{HEADER_VALUE})/ni
|
|
38
40
|
|
|
39
41
|
class Parser
|
|
40
42
|
BUFSIZE = 1_048_576
|
data/lib/rack/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.1.
|
|
4
|
+
version: 3.1.16
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Leah Neukirchen
|
|
8
|
-
autorequire:
|
|
9
8
|
bindir: bin
|
|
10
9
|
cert_chain: []
|
|
11
|
-
date: 2025-
|
|
10
|
+
date: 2025-06-04 00:00:00.000000000 Z
|
|
12
11
|
dependencies:
|
|
13
12
|
- !ruby/object:Gem::Dependency
|
|
14
13
|
name: minitest
|
|
@@ -143,7 +142,6 @@ metadata:
|
|
|
143
142
|
changelog_uri: https://github.com/rack/rack/blob/main/CHANGELOG.md
|
|
144
143
|
documentation_uri: https://rubydoc.info/github/rack/rack
|
|
145
144
|
source_code_uri: https://github.com/rack/rack
|
|
146
|
-
post_install_message:
|
|
147
145
|
rdoc_options: []
|
|
148
146
|
require_paths:
|
|
149
147
|
- lib
|
|
@@ -158,8 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
158
156
|
- !ruby/object:Gem::Version
|
|
159
157
|
version: '0'
|
|
160
158
|
requirements: []
|
|
161
|
-
rubygems_version: 3.
|
|
162
|
-
signing_key:
|
|
159
|
+
rubygems_version: 3.6.2
|
|
163
160
|
specification_version: 4
|
|
164
161
|
summary: A modular Ruby webserver interface.
|
|
165
162
|
test_files: []
|