rack_encoding_scrubber 0.2 → 0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rack_encoding_scrubber.rb +15 -3
  3. data/rack_encoding_scrubber.gemspec +1 -1
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2e0a07bacea98dda1215c58bb28286da356f7779
4
- data.tar.gz: 5269737c3ab7c3d90cb7bdd35ce48104502328e4
3
+ metadata.gz: b97f7ce7430b37a35ccf1053b0900a51397772a9
4
+ data.tar.gz: 3c703aef6858a77b5881d4daa0b16670b04e5dfe
5
5
  SHA512:
6
- metadata.gz: 42dbdc7c4021e5f3736ce0e3b5faf80358560051db99ef9a0d8b6ab6a71897c00b40416101690fb2cc88a762a1c65622cdad9a694d45e1675346e460e1ff5f80
7
- data.tar.gz: b0872a45d0d414c0d8347d3302c1d34de53c1ec96703e0802467db294ec5135a5d15881d1a3d9aa7e489beec83380de00335bb7cd273c4e0164965ad9d2635f7
6
+ metadata.gz: 4251eb3439c033c5a7d9fc3937b2b7dde29c4bc93df9228f0140c5cd646841020f3e9dfa6dc3e611f1baa7b475c1a43096365d22849d76f5c03116abbf22c22b
7
+ data.tar.gz: 19b1e4d7a7bc7edd3b7072cc9bf7bdc6a788e28e3779eae0a2aa4b4215b0183df57a6e75bba95f95458fe6f21fe099798bfa705b48dd39191e6cc3907eb5545f
data/lib/rack_encoding_scrubber.rb CHANGED
@@ -1,6 +1,8 @@
1
1
  require "rack_encoding_scrubber/version"
2
2
 
3
3
  class RackEncodingScrubber
4
+ REGEX_UTF = /%u00\h{0,2}/
5
+ REGEX_MB = /%[a-fA-F]\h/
4
6
  def initialize(app)
5
7
  @app = app
6
8
  end
@@ -14,9 +16,19 @@ class RackEncodingScrubber
14
16
  request_method = env['REQUEST_METHOD']
15
17
  if request_method == 'GET'
16
18
  %w[QUERY_STRING REQUEST_PATH PATH_INFO QUERY_STRING REQUEST_URI ORIGINAL_FULLPATH].each do |header|
17
- if env[header] and env[header]["%u00"]
18
- env[header].gsub!(/%u00\h{0,2}/, "")
19
- env[header].gsub!(/%\h{0,2}/,"")
19
+ if h = env[header]
20
+ if h["%u00"]
21
+ h.gsub!(REGEX_UTF, "")
22
+ end
23
+ if h[REGEX_MB] # check for byte
24
+ tmp = CGI.unescape(h).force_encoding('utf-8')
25
+ if !tmp.valid_encoding?
26
+ env[header] = CGI.escape(tmp.scrub(''))
27
+ if %w[REQUEST_PATH PATH_INFO REQUEST_URI].include? header
28
+ env[header].gsub! '%2F', '/'
29
+ end
30
+ end
31
+ end
20
32
  end
21
33
  end
22
34
  end
data/rack_encoding_scrubber.gemspec CHANGED
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
 
5
5
  Gem::Specification.new do |spec|
6
6
  spec.name = "rack_encoding_scrubber"
7
- spec.version = '0.2'
7
+ spec.version = '0.3'
8
8
  spec.authors = ["Andy Schreiter"]
9
9
  spec.email = ["andy.schreiter@pludoni.de"]
10
10
  spec.summary = %q{Removes invalid %-encoding}
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack_encoding_scrubber
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.2'
4
+ version: '0.3'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andy Schreiter