RubyGems - rack - Versions diffs - 2.0.8 → 2.0.9 - Mend

rack 2.0.8 → 2.0.9

Potentially problematic release.

This version of rack might be problematic. Click here for more details.

Files changed (7) hide show

checksums.yaml +4 -4
data/lib/rack.rb +1 -1
data/lib/rack/session/abstract/id.rb +2 -2
data/lib/rack/utils.rb +2 -0
data/test/spec_response.rb +18 -0
data/test/spec_session_persisted_secure_secure_session_hash.rb +73 -0
metadata +5 -3

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e9142cfb8ba777286d8118d2b094a23c1fe4698b302c99966cb80670041c67f5
-  data.tar.gz: 341991ef42232bfecf702d98a17e671ffbbf6a95a8ff70bcca40f7c9aa9f5e85
+  metadata.gz: 9b0768103afcff14e04b93b0f4d359289b26b21d2ac7c80a42a31d74c0467e23
+  data.tar.gz: 84164353b9192f85a1ee40813ce9402dfca3f4850704718c6b103a3f062bc813
 SHA512:
-  metadata.gz: 012e3ac8b25a2fa3c75e7cfbed5f5f4875010ecf96ee887aa9d4ed844badc614fa7decf04bfb889983004d0c310780763e8f9328c4dfb5243388a086f05ef059
-  data.tar.gz: 312252b7e153667c49c11fea9bdceaf679813d6e3176c6e8599fbe4741c326abc43510c3c0a48136a36d2027393e8286f11771a5c353c68269088a6f606b8372
+  metadata.gz: fe9cdddbc606c1898db93ab17308de607d0ac9f93d6cf0554e444eea18901d144740718aedfe37b6a9353dae5169152315c00a2b971394fa2d6785ae0ad82203
+  data.tar.gz: e06d452659054f852edd963fb9ec776e450526f7918dedb937298b4f0ca938eeb047901d3c48c463a5ce1291070221dda1602cf96b042603c4e531cc6873dcbd

data/lib/rack.rb CHANGED

@@ -18,7 +18,7 @@ module Rack
     VERSION.join(".")
   end
-  RELEASE = "2.0.8"
+  RELEASE = "2.0.9"
   # Return the Rack release as a dotted string.
   def self.release

data/lib/rack/session/abstract/id.rb CHANGED

@@ -26,9 +26,9 @@ module Rack
       end
       alias :cookie_value :public_id
+      alias :to_s :public_id
       def empty?; false; end
-      def to_s; raise; end
       def inspect; public_id.inspect; end
       private
@@ -442,7 +442,7 @@ module Rack
           def [](key)
             if key == "session_id"
               load_for_read!
-              id.public_id
+              id.public_id if id
             else
               super
             end

data/lib/rack/utils.rb CHANGED

@@ -252,6 +252,8 @@ module Rack
           case value[:same_site]
           when false, nil
             nil
+          when :none, 'None', :None
+            '; SameSite=None'.freeze
           when :lax, 'Lax', :Lax
             '; SameSite=Lax'.freeze
           when true, :strict, 'Strict', :Strict

data/test/spec_response.rb CHANGED

@@ -115,6 +115,24 @@ describe Rack::Response do
     response["Set-Cookie"].must_equal "foo=bar"
   end
+  it "can set SameSite cookies with symbol value :none" do
+    response = Rack::Response.new
+    response.set_cookie "foo", { value: "bar", same_site: :none }
+    response["Set-Cookie"].must_equal "foo=bar; SameSite=None"
+  end
+  it "can set SameSite cookies with symbol value :None" do
+    response = Rack::Response.new
+    response.set_cookie "foo", { value: "bar", same_site: :None }
+    response["Set-Cookie"].must_equal "foo=bar; SameSite=None"
+  end
+  it "can set SameSite cookies with string value 'None'" do
+    response = Rack::Response.new
+    response.set_cookie "foo", { value: "bar", same_site: "None" }
+    response["Set-Cookie"].must_equal "foo=bar; SameSite=None"
+  end
   it "can set SameSite cookies with symbol value :lax" do
     response = Rack::Response.new
     response.set_cookie "foo", {:value => "bar", :same_site => :lax}

data/test/spec_session_persisted_secure_secure_session_hash.rb ADDED

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+require 'minitest/global_expectations/autorun'
+require 'rack/session/abstract/id'
+describe Rack::Session::Abstract::PersistedSecure::SecureSessionHash do
+  attr_reader :hash
+  def setup
+    super
+    @store = Class.new do
+      def load_session(req)
+        [Rack::Session::SessionId.new("id"), { foo: :bar, baz: :qux }]
+      end
+      def session_exists?(req)
+        true
+      end
+    end
+    @hash = Rack::Session::Abstract::PersistedSecure::SecureSessionHash.new(@store.new, nil)
+  end
+  it "returns keys" do
+    assert_equal ["foo", "baz"], hash.keys
+  end
+  it "returns values" do
+    assert_equal [:bar, :qux], hash.values
+  end
+  describe "#[]" do
+    it "returns value for a matching key" do
+      assert_equal :bar, hash[:foo]
+    end
+    it "returns value for a 'session_id' key" do
+      assert_equal "id", hash['session_id']
+    end
+    it "returns nil value for missing 'session_id' key" do
+      store = @store.new
+      def store.load_session(req)
+        [nil, {}]
+      end
+      @hash = Rack::Session::Abstract::PersistedSecure::SecureSessionHash.new(store, nil)
+      assert_nil hash['session_id']
+    end
+  end
+  describe "#fetch" do
+    it "returns value for a matching key" do
+      assert_equal :bar, hash.fetch(:foo)
+    end
+    it "works with a default value" do
+      assert_equal :default, hash.fetch(:unknown, :default)
+    end
+    it "works with a block" do
+      assert_equal :default, hash.fetch(:unkown) { :default }
+    end
+    it "it raises when fetching unknown keys without defaults" do
+      lambda { hash.fetch(:unknown) }.must_raise KeyError
+    end
+  end
+  describe "#stringify_keys" do
+    it "returns hash or session hash with keys stringified" do
+      assert_equal({ "foo" => :bar, "baz" => :qux }, hash.send(:stringify_keys, hash).to_h)
+    end
+  end
+end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack
 version: !ruby/object:Gem::Version
-  version: 2.0.8
+  version: 2.0.9
 platform: ruby
 authors:
 - Leah Neukirchen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-12-18 00:00:00.000000000 Z
+date: 2020-02-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest
@@ -239,6 +239,7 @@ files:
 - test/spec_session_abstract_session_hash.rb
 - test/spec_session_cookie.rb
 - test/spec_session_memcache.rb
+- test/spec_session_persisted_secure_secure_session_hash.rb
 - test/spec_session_pool.rb
 - test/spec_show_exceptions.rb
 - test/spec_show_status.rb
@@ -274,7 +275,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
 summary: a modular Ruby webserver interface
@@ -301,6 +302,7 @@ test_files:
 - test/spec_chunked.rb
 - test/spec_show_exceptions.rb
 - test/spec_runtime.rb
+- test/spec_session_persisted_secure_secure_session_hash.rb
 - test/spec_fastcgi.rb
 - test/spec_common_logger.rb
 - test/spec_builder.rb