RubyGems - rack - Versions diffs - 3.0.1 → 3.0.2 - Mend

rack 3.0.1 → 3.0.2

Potentially problematic release.

This version of rack might be problematic. Click here for more details.

Files changed (12) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 188a0efbbd783c3fb499725bf81b141a40fbf5a6e47b41b401bdbfd270beba96
-  data.tar.gz: fbbb869dab4d6946155e977bb2814768dc245a1c1a37472f072df9d5d9d638bd
+  metadata.gz: 1ef3f40b22f1176082dbf385b1370a4453d6f2547bb821b86464b2e282d599f0
+  data.tar.gz: cbdc48698cce4a62c73e202f75f9226663c484395576188800e3a063aac9c341
 SHA512:
-  metadata.gz: 22d9827dfb149e42232b10fccceb117d25513776e017e0221d81e980e30ab06285a55f05297808958c830dd023b43c38f098a1245a24ba8b11362d6ede4fe03b
-  data.tar.gz: 30cf292f7c1a19dba1988d4637afedb68acd97c9adb60040f157c7eedc3ac20a0a79ef1330759d5c09da77c17aed818885c19665840b26a0b68089f9722a529d
+  metadata.gz: 15759c4ffbf202d6697e4eb440e470e49e2d81a211e29b5a3eb8580765ff93c77cdbda66927f42f098246a3b7ba2e62c2971703b9a2be51ff3f4cc7fcadb5f8e
+  data.tar.gz: f0bb7abd2f11b80c3ac6286ac6db9395e635cdd90cc621a35a248fdf987b2e03174502c769093790c4a128429feefc6ee8beca2ec3f138a5615c0c79443af876

data/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,13 @@
 All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).
+## [3.0.2] -2022-12-05
+### Fixed
+- `Utils.build_nested_query` URL-encodes nested field names including the square brackets.
+- Allow `Rack::Response` to pass through streaming bodies. ([#1993](https://github.com/rack/rack/pull/1993), [@ioquatix])
 ## [3.0.1] - 2022-11-18
 ### Fixed
@@ -41,7 +48,7 @@ All notable changes to this project will be documented in this file. For info on
 - `SERVER_PROTOCOL` is now a required environment key, matching the HTTP protocol used in the request.
 - `rack.hijack?` (partial hijack) and `rack.hijack` (full hijack) are now independently optional.
 - `rack.hijack_io` has been removed completely.
-- `rack.response_finished` is an optional environment key which contains an array of callable objects that must accept `#call(env, status, headers, error)` and are invoked after the response is finished (either successfully or unsucessfully).
+- `rack.response_finished` is an optional environment key which contains an array of callable objects that must accept `#call(env, status, headers, error)` and are invoked after the response is finished (either successfully or unsuccessfully).
 - It is okay to call `#close` on `rack.input` to indicate that you no longer need or care about the input.
 - The stream argument supplied to the streaming body and hijack must support `#<<` for writing output.

data/lib/rack/auth/basic.rb CHANGED Viewed

@@ -10,8 +10,6 @@ module Rack
     #
     # Initialize with the Rack application that you want protecting,
     # and a block that checks if a username and password pair are valid.
-    #
-    # See also: <tt>example/protectedlobster.rb</tt>
     class Basic < AbstractHandler

data/lib/rack/builder.rb CHANGED Viewed

@@ -10,26 +10,23 @@ module Rack
   #
   # Example:
   #
-  #  require 'rack/lobster'
-  #  app = Rack::Builder.new do
-  #    use Rack::CommonLogger
-  #    use Rack::ShowExceptions
-  #    map "/lobster" do
-  #      use Rack::Lint
-  #      run Rack::Lobster.new
-  #    end
-  #  end
+  #   app = Rack::Builder.new do
+  #     use Rack::CommonLogger
+  #     map "/ok" do
+  #       run lambda { |env| [200, {'content-type' => 'text/plain'}, ['OK']] }
+  #     end
+  #   end
   #
-  #  run app
+  #   run app
   #
   # Or
   #
-  #  app = Rack::Builder.app do
-  #    use Rack::CommonLogger
-  #    run lambda { |env| [200, {'Content-Type' => 'text/plain'}, ['OK']] }
-  #  end
+  #   app = Rack::Builder.app do
+  #     use Rack::CommonLogger
+  #     run lambda { |env| [200, {'content-type' => 'text/plain'}, ['OK']] }
+  #   end
   #
-  #  run app
+  #   run app
   #
   # +use+ adds middleware to the stack, +run+ dispatches to an application.
   # You can use +map+ to construct a Rack::URLMap in a convenient way.
@@ -180,15 +177,6 @@ module Rack
     #
     #   run Heartbeat.new
     #
-    # It could also be a module:
-    #
-    #   module HelloWorld
-    #     def call(env)
-    #      [200, { "content-type" => "text/plain" }, ["Hello World"]]
-    #     end
-    #   end
-    #
-    #   run HelloWorld
     def run(app = nil, &block)
       raise ArgumentError, "Both app and block given!" if app && block_given?
@@ -213,21 +201,35 @@ module Rack
     # the Rack application specified by run inside the block.  Other requests will be sent to the
     # default application specified by run outside the block.
     #
-    #   Rack::Builder.app do
+    #   class App
+    #     def call(env)
+    #       [200, {'content-type' => 'text/plain'}, ["Hello World"]]
+    #     end
+    #   end
+    #
+    #   class Heartbeat
+    #     def call(env)
+    #       [200, { "content-type" => "text/plain" }, ["OK"]]
+    #     end
+    #   end
+    #
+    #   app = Rack::Builder.app do
     #     map '/heartbeat' do
-    #       run Heartbeat
+    #       run Heartbeat.new
     #     end
-    #     run App
+    #     run App.new
     #   end
     #
+    #   run app
+    #
     # The +use+ method can also be used inside the block to specify middleware to run under a specific path:
     #
-    #   Rack::Builder.app do
+    #   app = Rack::Builder.app do
     #     map '/heartbeat' do
     #       use Middleware
-    #       run Heartbeat
+    #       run Heartbeat.new
     #     end
-    #     run App
+    #     run App.new
     #   end
     #
     # This example includes a piece of middleware which will run before +/heartbeat+ requests hit +Heartbeat+.

data/lib/rack/constants.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module Rack
   SERVER_NAME       = 'SERVER_NAME'
   SERVER_PORT       = 'SERVER_PORT'
   HTTP_COOKIE       = 'HTTP_COOKIE'
   # Response Header Keys
   CACHE_CONTROL     = 'cache-control'
   CONTENT_LENGTH    = 'content-length'

data/lib/rack/headers.rb CHANGED Viewed

@@ -31,7 +31,7 @@ module Rack
       super(key.downcase.freeze, value)
     end
     alias store []=
     def assoc(key)
       super(downcase_key(key))
     end
@@ -43,7 +43,7 @@ module Rack
     def delete(key)
       super(downcase_key(key))
     end
     def dig(key, *a)
       super(downcase_key(key), *a)
     end
@@ -52,7 +52,7 @@ module Rack
       key = downcase_key(key)
       super
     end
     def fetch_values(*a)
       super(*a.map!{|key| downcase_key(key)})
     end
@@ -63,34 +63,34 @@ module Rack
     alias include? has_key?
     alias key? has_key?
     alias member? has_key?
     def invert
       hash = self.class.new
       each{|key, value| hash[value] = key}
       hash
     end
     def merge(hash, &block)
       dup.merge!(hash, &block)
     end
     def reject(&block)
       hash = dup
       hash.reject!(&block)
       hash
     end
     def replace(hash)
       clear
       update(hash)
     end
     def select(&block)
       hash = dup
       hash.select!(&block)
       hash
     end
     def to_proc
       lambda{|x| self[x]}
     end
@@ -100,10 +100,10 @@ module Rack
     end
     def update(hash, &block)
-      hash.each do |key, value|
+      hash.each do |key, value|
         self[key] = if block_given? && include?(key)
           block.call(key, self[key], value)
-        else
+        else
           value
         end
       end
@@ -114,7 +114,7 @@ module Rack
     def values_at(*keys)
       keys.map{|key| self[key]}
     end
     # :nocov:
     if RUBY_VERSION >= '2.5'
     # :nocov:

data/lib/rack/lint.rb CHANGED Viewed

@@ -629,7 +629,7 @@ module Rack
         unless headers.kind_of?(Hash)
           raise LintError, "headers object should be a hash, but isn't (got #{headers.class} as headers)"
         end
         if headers.frozen?
           raise LintError, "headers object should not be frozen, but is"
         end
@@ -889,7 +889,7 @@ module Rack
         def initialize(stream)
           @stream = stream
           REQUIRED_METHODS.each do |method_name|
             raise LintError, "Stream must respond to #{method_name}" unless stream.respond_to?(method_name)
           end

data/lib/rack/request.rb CHANGED Viewed

@@ -44,7 +44,7 @@ module Rack
     @x_forwarded_proto_priority = [:proto, :scheme]
     valid_ipv4_octet = /\.(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])/
     trusted_proxies = Regexp.union(
       /\A127#{valid_ipv4_octet}{3}\z/,                          # localhost IPv4 range 127.x.x.x, per RFC-3330
       /\A::1\z/,                                                # localhost IPv6 ::1
@@ -54,7 +54,7 @@ module Rack
       /\A192\.168#{valid_ipv4_octet}{2}\z/,                     # private IPv4 range 192.168.x.x
       /\Alocalhost\z|\Aunix(\z|:)/i,                            # localhost hostname, and unix domain sockets
     )
     self.ip_filter = lambda { |ip| trusted_proxies.match?(ip) }
     ALLOWED_SCHEMES = %w(https http wss ws).freeze

data/lib/rack/response.rb CHANGED Viewed

@@ -43,7 +43,7 @@ module Rack
     #
     # If the +body+ is +nil+, construct an empty response object with internal
     # buffering.
-    #
+    #
     # If the +body+ responds to +to_str+, assume it's a string-like object and
     # construct a buffered response object containing using that string as the
     # initial contents of the buffer.
@@ -102,11 +102,16 @@ module Rack
       CHUNKED == get_header(TRANSFER_ENCODING)
     end
+    def no_entity_body?
+      # The response body is an enumerable body and it is not allowed to have an entity body.
+      @body.respond_to?(:each) && STATUS_WITH_NO_ENTITY_BODY[@status]
+    end
     # Generate a response array consistent with the requirements of the SPEC.
     # @return [Array] a 3-tuple suitable of `[status, headers, body]`
     # which is suitable to be returned from the middleware `#call(env)` method.
     def finish(&block)
-      if STATUS_WITH_NO_ENTITY_BODY[@status]
+      if no_entity_body?
         delete_header CONTENT_TYPE
         delete_header CONTENT_LENGTH
         close
@@ -333,7 +338,7 @@ module Rack
             end
             body.close if body.respond_to?(:close)
             @buffered = true
           else
             @buffered = false

data/lib/rack/utils.rb CHANGED Viewed

@@ -121,13 +121,13 @@ module Rack
         }.join("&")
       when Hash
         value.map { |k, v|
-          build_nested_query(v, prefix ? "#{prefix}[#{escape(k)}]" : escape(k))
+          build_nested_query(v, prefix ? "#{prefix}[#{k}]" : k)
         }.delete_if(&:empty?).join('&')
       when nil
-        prefix
+        escape(prefix)
       else
         raise ArgumentError, "value must be a Hash" if prefix.nil?
-        "#{prefix}=#{escape(value)}"
+        "#{escape(prefix)}=#{escape(value)}"
       end
     end
@@ -278,7 +278,7 @@ module Rack
     # If the cookie +value+ is an instance of +Hash+, it considers the following
     # cookie attribute keys: +domain+, +max_age+, +expires+ (must be instance
     # of +Time+), +secure+, +http_only+, +same_site+ and +value+. For more
-    # details about the interpretation of these fields, consult
+    # details about the interpretation of these fields, consult
     # [RFC6265 Section 5.2](https://datatracker.ietf.org/doc/html/rfc6265#section-5.2).
     #
     # An extra cookie attribute +escape_key+ can be provided to control whether

data/lib/rack/version.rb CHANGED Viewed

@@ -25,7 +25,7 @@ module Rack
     VERSION
   end
-  RELEASE = "3.0.1"
+  RELEASE = "3.0.2"
   # Return the Rack release as a dotted string.
   def self.release

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.0.2
 platform: ruby
 authors:
 - Leah Neukirchen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-18 00:00:00.000000000 Z
+date: 2022-12-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest