rack 3.1.1 → 3.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -41
- data/lib/rack/logger.rb +23 -0
- data/lib/rack/request.rb +7 -0
- data/lib/rack/utils.rb +18 -7
- data/lib/rack/version.rb +8 -4
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c5d6ff669a9e2d87cf8c2fb3fe727be68d2ac5df2a80a802163ed2cff8905627
|
|
4
|
+
data.tar.gz: 9e9917744a2d792217fb2f94c3d784fe6fcb0b4c44f7f34b864eafc50f329eb6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 293185b6af220249e49546d5a200e2cc2b55ff6e2424f472c5f01bdc37f3ed4e3aa4dc54df52108c3a42b7738c2e87dde74891f761f6120959b486f6e8b5eb29
|
|
7
|
+
data.tar.gz: d36b0721982e00065ee52a54719e86cb1914ec3086629c3958b6d510c9dd513ac75749be55008a5755e96ab918b302cb867719a256e50aced434361225c60da3
|
data/CHANGELOG.md
CHANGED
|
@@ -2,70 +2,45 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file. For info on how to format all future additions to this file please reference [Keep A Changelog](https://keepachangelog.com/en/1.0.0/).
|
|
4
4
|
|
|
5
|
-
##
|
|
5
|
+
## [3.1.2] - 2024-06-11
|
|
6
6
|
|
|
7
|
-
##
|
|
8
|
-
|
|
9
|
-
### Added
|
|
10
|
-
|
|
11
|
-
- Introduce `Rack::VERSION` constant. ([#2199](https://github.com/rack/rack/pull/2199), [@ioquatix])
|
|
7
|
+
## Changed
|
|
12
8
|
|
|
13
|
-
### Changed
|
|
14
|
-
|
|
15
|
-
- Invalid cookie keys will now raise an error. ([#2192](https://github.com/rack/rack/pull/2192), [@ioquatix])
|
|
16
9
|
- `Rack::Response` will take in to consideration chunked encoding responses ([#2204](https://github.com/rack/rack/pull/2204), [@tenderlove])
|
|
17
10
|
|
|
18
|
-
|
|
11
|
+
## [3.1.1] - 2024-06-11
|
|
19
12
|
|
|
20
|
-
-
|
|
21
|
-
- `Rack::Logger` is removed with no replacement. ([#2196](https://github.com/rack/rack/pull/2196), [@ioquatix])
|
|
13
|
+
- Oops, I shouldn't have shipped this
|
|
22
14
|
|
|
23
15
|
## [3.1.0] - 2024-06-11
|
|
24
16
|
|
|
25
|
-
Rack v3.1 is primarily a maintenance release that removes features deprecated in Rack v3.0. Alongside these removals, there are several improvements to the Rack SPEC, mainly focused on enhancing input and output handling. These changes aim to make Rack more efficient and align better with the requirements of server implementations and relevant HTTP specifications.
|
|
26
|
-
|
|
27
17
|
### SPEC Changes
|
|
28
18
|
|
|
29
|
-
- `rack.input` is now optional. ([#1997](https://github.com/rack/rack/pull/1997), [
|
|
30
|
-
- `PATH_INFO` is now validated according to the HTTP/1.1 specification. ([#2117](https://github.com/rack/rack/pull/2117), [
|
|
31
|
-
|
|
32
|
-
- Introduce optional `rack.protocol` request and response header for handling connection upgrades. ([#1954](https://github.com/rack/rack/pull/1954), [@ioquatix])
|
|
19
|
+
- `rack.input` is now optional. ([#1997](https://github.com/rack/rack/pull/1997), [@ioquatix])
|
|
20
|
+
- `PATH_INFO` is now validated according to the HTTP/1.1 specification. ([#2117](https://github.com/rack/rack/pull/2117), [@ioquatix])
|
|
21
|
+
- `rack.protocol` is an optional environment key and response header for handling connection upgrades.
|
|
33
22
|
|
|
34
23
|
### Added
|
|
35
24
|
|
|
36
|
-
- Introduce `Rack::Multipart::MissingInputError` for improved handling of missing input in `#parse_multipart`. ([#2018](https://github.com/rack/rack/pull/2018), [@ioquatix])
|
|
37
25
|
- Introduce `module Rack::BadRequest` which is included in multipart and query parser errors. ([#2019](https://github.com/rack/rack/pull/2019), [@ioquatix])
|
|
38
|
-
- Add `.mjs` MIME type ([#2057](https://github.com/rack/rack/pull/2057), [@axilleas]
|
|
39
|
-
- `set_cookie_header` utility now supports the `partitioned` cookie attribute. This is required by Chrome in some embedded contexts. ([#2131](https://github.com/rack/rack/pull/2131), [@flavio-b]
|
|
40
|
-
-
|
|
26
|
+
- Add `.mjs` MIME type ([#2057](https://github.com/rack/rack/pull/2057), [@axilleas])
|
|
27
|
+
- `set_cookie_header` utility now supports the `partitioned` cookie attribute. This is required by Chrome in some embedded contexts. ([#2131](https://github.com/rack/rack/pull/2131), [@flavio-b])
|
|
28
|
+
- `rack.early_hints` is now officially supported as an optional feature (already implemented by Unicorn, Puma, and Falcon). ([#1831](https://github.com/rack/rack/pull/1831), [@casperisfine, @jeremyevans])
|
|
41
29
|
|
|
42
30
|
### Changed
|
|
43
31
|
|
|
44
|
-
-
|
|
32
|
+
- `rack.input` is now optional, and if missing, will raise an error. Use this to fail on multipart parsing a request without an input body. ([#2018](https://github.com/rack/rack/pull/2018), [@ioquatix])
|
|
33
|
+
- MIME type for JavaScript files (`.js`) changed from `application/javascript` to `text/javascript` ([`1bd0f15`](https://github.com/rack/rack/commit/1bd0f1597d8f4a90d47115f3e156a8ce7870c9c8))
|
|
45
34
|
- Update MIME types associated to `.ttf`, `.woff`, `.woff2` and `.otf` extensions to use mondern `font/*` types. ([#2065](https://github.com/rack/rack/pull/2065), [@davidstosik])
|
|
46
35
|
- `Rack::Utils.escape_html` is now delegated to `CGI.escapeHTML`. `'` is escaped to `#39;` instead of `#x27;`. (decimal vs hexadecimal) ([#2099](https://github.com/rack/rack/pull/2099), [@JunichiIto](https://github.com/JunichiIto))
|
|
47
|
-
- Clarify use of `@buffered` and only update `content-length` when `Rack::Response#finish` is invoked. ([#2149](https://github.com/rack/rack/pull/2149), [@ioquatix])
|
|
48
|
-
|
|
49
|
-
### Deprecated
|
|
50
|
-
|
|
51
|
-
- Deprecate automatic cache invalidation in `Request#{GET,POST}` ([#2073](https://github.com/rack/rack/pull/2073), [@jeremyevans])
|
|
52
36
|
- Only cookie keys that are not valid according to the HTTP specifications are escaped. We are planning to deprecate this behaviour, so now a deprecation message will be emitted in this case. In the future, invalid cookie keys may not be accepted. ([#2191](https://github.com/rack/rack/pull/2191), [@ioquatix])
|
|
53
|
-
- `Rack::Logger` is deprecated. ([#2197](https://github.com/rack/rack/pull/2197), [@ioquatix])
|
|
54
|
-
- Add fallback lookup and deprecation warning for obsolete status symbols. ([#2137](https://github.com/rack/rack/pull/2137), [@wtn](https://github.com/wtn))
|
|
55
37
|
|
|
56
38
|
### Removed
|
|
57
39
|
|
|
58
|
-
- Remove
|
|
59
|
-
-
|
|
60
|
-
-
|
|
61
|
-
-
|
|
62
|
-
- Remove deprecated `Rack::QueryParser` `key_space_limit` parameter with no replacement. ([#1966](https://github.com/rack/rack/pull/1966), [@ioquatix])
|
|
63
|
-
- Remove deprecated `Rack::Response#header`, use `Rack::Response#headers` instead. ([#1966](https://github.com/rack/rack/pull/1966), [@ioquatix])
|
|
64
|
-
- Remove deprecated cookie methods from `Rack::Utils`: `add_cookie_to_header`, `make_delete_cookie_header`, `add_remove_cookie_to_header`. ([#1966](https://github.com/rack/rack/pull/1966), [@ioquatix])
|
|
65
|
-
- Remove deprecated `Rack::Utils::HeaderHash`. ([#1966](https://github.com/rack/rack/pull/1966), [@ioquatix])
|
|
66
|
-
- Remove deprecated `Rack::VERSION`, `Rack::VERSION_STRING`, `Rack.version`, use `Rack.release` instead. ([#1966](https://github.com/rack/rack/pull/1966), [@ioquatix])
|
|
67
|
-
- Remove non-standard status codes 306, 509, & 510 and update descriptions for 413, 422, & 451. ([#2137](https://github.com/rack/rack/pull/2137), [@wtn](https://github.com/wtn))
|
|
68
|
-
- Remove any dependency on `transfer-encoding: chunked`. ([#2195](https://github.com/rack/rack/pull/2195), [@ioquatix])
|
|
40
|
+
- Remove non-standard status codes 306, 509, & 510 and update descriptions for 413, 422, & 451. ([#2137](https://github.com/rack/rack/pull/2137), [@wtn])
|
|
41
|
+
- Add fallback lookup and deprecation warning for obsolete status symbols. ([#2137](https://github.com/rack/rack/pull/2137), [@wtn])
|
|
42
|
+
- Deprecate automatic cache invalidation in `Request#{GET,POST}` ([#2073](https://github.com/rack/rack/pull/2073) ([@jeremyevans])
|
|
43
|
+
- `Rack::Logger` is deprecated. ([#2197](https://github.com/rack/rack/pull/2197), [@ioquatix])
|
|
69
44
|
|
|
70
45
|
### Fixed
|
|
71
46
|
|
data/lib/rack/logger.rb
ADDED
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'logger'
|
|
4
|
+
require_relative 'constants'
|
|
5
|
+
|
|
6
|
+
warn "Rack::Logger is deprecated and will be removed in Rack 3.2.", uplevel: 1
|
|
7
|
+
|
|
8
|
+
module Rack
|
|
9
|
+
# Sets up rack.logger to write to rack.errors stream
|
|
10
|
+
class Logger
|
|
11
|
+
def initialize(app, level = ::Logger::INFO)
|
|
12
|
+
@app, @level = app, level
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def call(env)
|
|
16
|
+
logger = ::Logger.new(env[RACK_ERRORS])
|
|
17
|
+
logger.level = @level
|
|
18
|
+
|
|
19
|
+
env[RACK_LOGGER] = logger
|
|
20
|
+
@app.call(env)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
data/lib/rack/request.rb
CHANGED
|
@@ -616,6 +616,13 @@ module Rack
|
|
|
616
616
|
Rack::Request.ip_filter.call(ip)
|
|
617
617
|
end
|
|
618
618
|
|
|
619
|
+
# like Hash#values_at
|
|
620
|
+
def values_at(*keys)
|
|
621
|
+
warn("Request#values_at is deprecated and will be removed in a future version of Rack. Please use request.params.values_at instead", uplevel: 1)
|
|
622
|
+
|
|
623
|
+
keys.map { |key| params[key] }
|
|
624
|
+
end
|
|
625
|
+
|
|
619
626
|
private
|
|
620
627
|
|
|
621
628
|
def default_session; {}; end
|
data/lib/rack/utils.rb
CHANGED
|
@@ -244,18 +244,26 @@ module Rack
|
|
|
244
244
|
parse_cookies_header env[HTTP_COOKIE]
|
|
245
245
|
end
|
|
246
246
|
|
|
247
|
-
# A valid cookie key according to
|
|
247
|
+
# A valid cookie key according to RFC2616.
|
|
248
248
|
# A <cookie-name> can be any US-ASCII characters, except control characters, spaces, or tabs. It also must not contain a separator character like the following: ( ) < > @ , ; : \ " / [ ] ? = { }.
|
|
249
249
|
VALID_COOKIE_KEY = /\A[!#$%&'*+\-\.\^_`|~0-9a-zA-Z]+\z/.freeze
|
|
250
250
|
private_constant :VALID_COOKIE_KEY
|
|
251
251
|
|
|
252
|
+
private def escape_cookie_key(key)
|
|
253
|
+
if key =~ VALID_COOKIE_KEY
|
|
254
|
+
key
|
|
255
|
+
else
|
|
256
|
+
warn "Cookie key #{key.inspect} is not valid according to RFC2616; it will be escaped. This behaviour is deprecated and will be removed in a future version of Rack.", uplevel: 2
|
|
257
|
+
escape(key)
|
|
258
|
+
end
|
|
259
|
+
end
|
|
260
|
+
|
|
252
261
|
# :call-seq:
|
|
253
262
|
# set_cookie_header(key, value) -> encoded string
|
|
254
263
|
#
|
|
255
264
|
# Generate an encoded string using the provided +key+ and +value+ suitable
|
|
256
265
|
# for the +set-cookie+ header according to RFC6265. The +value+ may be an
|
|
257
|
-
# instance of either +String+ or +Hash+.
|
|
258
|
-
# defined by RFC6265), an +ArgumentError+ will be raised.
|
|
266
|
+
# instance of either +String+ or +Hash+.
|
|
259
267
|
#
|
|
260
268
|
# If the cookie +value+ is an instance of +Hash+, it considers the following
|
|
261
269
|
# cookie attribute keys: +domain+, +max_age+, +expires+ (must be instance
|
|
@@ -263,6 +271,10 @@ module Rack
|
|
|
263
271
|
# details about the interpretation of these fields, consult
|
|
264
272
|
# [RFC6265 Section 5.2](https://datatracker.ietf.org/doc/html/rfc6265#section-5.2).
|
|
265
273
|
#
|
|
274
|
+
# An extra cookie attribute +escape_key+ can be provided to control whether
|
|
275
|
+
# or not the cookie key is URL encoded. If explicitly set to +false+, the
|
|
276
|
+
# cookie key name will not be url encoded (escaped). The default is +true+.
|
|
277
|
+
#
|
|
266
278
|
# set_cookie_header("myname", "myvalue")
|
|
267
279
|
# # => "myname=myvalue"
|
|
268
280
|
#
|
|
@@ -270,12 +282,9 @@ module Rack
|
|
|
270
282
|
# # => "myname=myvalue; max-age=10"
|
|
271
283
|
#
|
|
272
284
|
def set_cookie_header(key, value)
|
|
273
|
-
unless key =~ VALID_COOKIE_KEY
|
|
274
|
-
raise ArgumentError, "invalid cookie key: #{key.inspect}"
|
|
275
|
-
end
|
|
276
|
-
|
|
277
285
|
case value
|
|
278
286
|
when Hash
|
|
287
|
+
key = escape_cookie_key(key) unless value[:escape_key] == false
|
|
279
288
|
domain = "; domain=#{value[:domain]}" if value[:domain]
|
|
280
289
|
path = "; path=#{value[:path]}" if value[:path]
|
|
281
290
|
max_age = "; max-age=#{value[:max_age]}" if value[:max_age]
|
|
@@ -297,6 +306,8 @@ module Rack
|
|
|
297
306
|
end
|
|
298
307
|
partitioned = "; partitioned" if value[:partitioned]
|
|
299
308
|
value = value[:value]
|
|
309
|
+
else
|
|
310
|
+
key = escape_cookie_key(key)
|
|
300
311
|
end
|
|
301
312
|
|
|
302
313
|
value = [value] unless Array === value
|
data/lib/rack/version.rb
CHANGED
|
@@ -5,13 +5,17 @@
|
|
|
5
5
|
# Rack is freely distributable under the terms of an MIT-style license.
|
|
6
6
|
# See MIT-LICENSE or https://opensource.org/licenses/MIT.
|
|
7
7
|
|
|
8
|
-
module Rack
|
|
9
|
-
|
|
8
|
+
# The Rack main module, serving as a namespace for all core Rack
|
|
9
|
+
# modules and classes.
|
|
10
|
+
#
|
|
11
|
+
# All modules meant for use in your application are <tt>autoload</tt>ed here,
|
|
12
|
+
# so it should be enough just to <tt>require 'rack'</tt> in your code.
|
|
10
13
|
|
|
11
|
-
|
|
14
|
+
module Rack
|
|
15
|
+
RELEASE = "3.1.2"
|
|
12
16
|
|
|
13
17
|
# Return the Rack release as a dotted string.
|
|
14
18
|
def self.release
|
|
15
|
-
|
|
19
|
+
RELEASE
|
|
16
20
|
end
|
|
17
21
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.1.
|
|
4
|
+
version: 3.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Leah Neukirchen
|
|
@@ -108,6 +108,7 @@ files:
|
|
|
108
108
|
- lib/rack/headers.rb
|
|
109
109
|
- lib/rack/lint.rb
|
|
110
110
|
- lib/rack/lock.rb
|
|
111
|
+
- lib/rack/logger.rb
|
|
111
112
|
- lib/rack/media_type.rb
|
|
112
113
|
- lib/rack/method_override.rb
|
|
113
114
|
- lib/rack/mime.rb
|