rack 3.1.2 → 3.1.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of rack might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c5d6ff669a9e2d87cf8c2fb3fe727be68d2ac5df2a80a802163ed2cff8905627
4
- data.tar.gz: 9e9917744a2d792217fb2f94c3d784fe6fcb0b4c44f7f34b864eafc50f329eb6
3
+ metadata.gz: 1cb578b6c5608012f69e9e89637fe2b53f31d5aa15f9d546e1c756384119c762
4
+ data.tar.gz: 4201b8eb5e202b3832cf1e576bfa13106866da483d9e0395a58bb482a04da30a
5
5
  SHA512:
6
- metadata.gz: 293185b6af220249e49546d5a200e2cc2b55ff6e2424f472c5f01bdc37f3ed4e3aa4dc54df52108c3a42b7738c2e87dde74891f761f6120959b486f6e8b5eb29
7
- data.tar.gz: d36b0721982e00065ee52a54719e86cb1914ec3086629c3958b6d510c9dd513ac75749be55008a5755e96ab918b302cb867719a256e50aced434361225c60da3
6
+ metadata.gz: 71f559cc4ffb927a6297ad5d1e9794d740270c670148f100feb40b0a465303e20aeea7d82c953cf3e2af9b9651facb9dbd814bb152f83c6e4042e4a89ac67b7b
7
+ data.tar.gz: 7ae4c87c4b74f111f0bae47d6ba80aacbbd3d5d6424f0231922676e3e0898ad895a3816098622b83cb73e2668cf4bd991ae5d8d4669b177557dab155b0fb80df
data/CHANGELOG.md CHANGED
@@ -2,6 +2,13 @@
2
2
 
3
3
  All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).
4
4
 
5
+ ## [3.1.3] - 2024-06-12
6
+
7
+ ### Fixed
8
+
9
+ - Fix passing non-strings to `Rack::Utils.escape_html`. ([#2202](https://github.com/rack/rack/pull/2202), [@earlopain])
10
+ - `Rack::MockResponse` gracefully handles empty cookies ([#2203](https://github.com/rack/rack/pull/2203) [@wynksaiddestroy](https://github.com/wynksaiddestroy))
11
+
5
12
  ## [3.1.2] - 2024-06-11
6
13
 
7
14
  ## Changed
@@ -78,8 +78,8 @@ module Rack
78
78
 
79
79
  def parse_cookies_from_header
80
80
  cookies = Hash.new
81
- if headers.has_key? 'set-cookie'
82
- set_cookie_header = headers.fetch('set-cookie')
81
+ set_cookie_header = headers['set-cookie']
82
+ if set_cookie_header && !set_cookie_header.empty?
83
83
  Array(set_cookie_header).each do |cookie|
84
84
  cookie_name, cookie_filling = cookie.split('=', 2)
85
85
  cookie_attributes = identify_cookie_attributes cookie_filling
data/lib/rack/utils.rb CHANGED
@@ -6,7 +6,7 @@ require 'fileutils'
6
6
  require 'set'
7
7
  require 'tempfile'
8
8
  require 'time'
9
- require 'cgi/escape'
9
+ require 'erb'
10
10
 
11
11
  require_relative 'query_parser'
12
12
  require_relative 'mime'
@@ -176,8 +176,17 @@ module Rack
176
176
  matches&.first
177
177
  end
178
178
 
179
- # Escape ampersands, brackets and quotes to their HTML/XML entities.
180
- define_method(:escape_html, CGI.method(:escapeHTML))
179
+ # Introduced in ERB 4.0. ERB::Escape is an alias for ERB::Utils which
180
+ # doesn't get monkey-patched by rails
181
+ if defined?(ERB::Escape) && ERB::Escape.instance_method(:html_escape)
182
+ define_method(:escape_html, ERB::Escape.instance_method(:html_escape))
183
+ else
184
+ require 'cgi/escape'
185
+ # Escape ampersands, brackets and quotes to their HTML/XML entities.
186
+ def escape_html(string)
187
+ CGI.escapeHTML(string.to_s)
188
+ end
189
+ end
181
190
 
182
191
  def select_best_encoding(available_encodings, accept_encoding)
183
192
  # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
@@ -582,9 +591,11 @@ module Rack
582
591
  fallback_code = OBSOLETE_SYMBOLS_TO_STATUS_CODES.fetch(status) { raise ArgumentError, "Unrecognized status code #{status.inspect}" }
583
592
  message = "Status code #{status.inspect} is deprecated and will be removed in a future version of Rack."
584
593
  if canonical_symbol = OBSOLETE_SYMBOL_MAPPINGS[status]
585
- message = "#{message} Please use #{canonical_symbol.inspect} instead."
594
+ # message = "#{message} Please use #{canonical_symbol.inspect} instead."
595
+ # For now, let's not emit any warning when there is a mapping.
596
+ else
597
+ warn message, uplevel: 3
586
598
  end
587
- warn message, uplevel: 1
588
599
  fallback_code
589
600
  end
590
601
  else
data/lib/rack/version.rb CHANGED
@@ -12,7 +12,7 @@
12
12
  # so it should be enough just to <tt>require 'rack'</tt> in your code.
13
13
 
14
14
  module Rack
15
- RELEASE = "3.1.2"
15
+ RELEASE = "3.1.3"
16
16
 
17
17
  # Return the Rack release as a dotted string.
18
18
  def self.release
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.1.2
4
+ version: 3.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Leah Neukirchen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-11 00:00:00.000000000 Z
11
+ date: 2024-06-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: minitest
@@ -158,7 +158,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
158
158
  - !ruby/object:Gem::Version
159
159
  version: '0'
160
160
  requirements: []
161
- rubygems_version: 3.5.3
161
+ rubygems_version: 3.5.9
162
162
  signing_key:
163
163
  specification_version: 4
164
164
  summary: A modular Ruby webserver interface.