roda 3.60.0 → 3.62.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 970d646c144f53a89f4f79e9d54b6929b7c10b55b1bbe9b2d5e72aea6a8eb3ae
-  data.tar.gz: ec2489d3d668b3abd2787a7f19c13de43c94685dce010d800296eb1194e36e11
+  metadata.gz: 912f354ffcb4440bf7955d4db8546f9eccbee3f3a3f91b77604a91228a2433c4
+  data.tar.gz: 8df8254014b7e8e9b6db623fa2b8269ac5485b5087ee53978080a81ba344a60c
 SHA512:
-  metadata.gz: ccc8d09c535a2c6a92ee314ff295ca5b8756b6c942f3224acbabdc6a92de5bf242a928b296c2e410ecf0bf59470a2143ac2c80d118030db5a2f45fb0cf262a8c
-  data.tar.gz: 79114184b64598e3d12d3773c5e7f8d717a05268c63c479758fe3ea1c3c78ccd933531c4e7ef6fd58a6d6af03a150d6e1dde8bf0f27dcc4c0c253482336879f0
+  metadata.gz: bb43bcbad6e5421935d62a11abc3da27c40559ef1f55b9791d71ab22bd8cc4a73933f85bb68d77feb26efd6bf84f840bd5a202c80938ede330ca67cf9b51ca8b
+  data.tar.gz: 6f3234b37c506e3037864e7a7b79280f5b190758e8dada8f213b141cd1e4826a03a98017ddccb806082fa551580af9683088c94080157811867c0a3a1ec92b04

data/CHANGELOG

@@ -1,3 +1,19 @@
+= 3.62.0 (2022-11-14)
+
+* Add typecast_params_sized_integers plugin for converting parameters to sized integers (jeremyevans)
+
+* Add Integer_matcher_max plugin for setting maximum integer value matched by the Integer matcher (jeremyevans)
+
+* Allow class matchers in the class_matchers plugin to skip matching based on regexp match values (jeremyevans)
+
+* Fix RodaRequest#matched_path when using unescape_path plugin (jeremyevans) (#286)
+
+= 3.61.0 (2022-10-12)
+
+* Make Integer matcher limit integer segments to 100 characters by default (jeremyevans)
+
+* Limit input bytesize by default for integer, float, and date/time typecasts in typecast_params (jeremyevans)
+
 = 3.60.0 (2022-09-13)
 
 * Add link_to plugin with link_to method for creating HTML links (jeremyevans)

data/README.rdoc

@@ -1,9 +1,35 @@
-= Roda
-
-Roda is a routing tree web toolkit, designed for building fast and
-maintainable web applications in ruby.
-
-= Installation
+rdoc-image:https://roda.jeremyevans.net/images/roda-logo.svg
+
+A routing tree web toolkit, designed for building fast and maintainable web applications in Ruby.
+
+== Table of contents
+
+- {Installation}[#label-Installation]
+- {Resources}[#label-Resources]
+- {Goals}[#label-Goals]
+- {Usage}[#label-Usage]
+- {Running the application}[#label-Running+the+Application]
+- {The routing tree}[#label-The+Routing+Tree]
+- {Matchers}[#label-Matchers]
+- {Optional segments}[#label-Optional+segments]
+- {Match/Route Block Return Values}[#label-Match-2FRoute+Block+Return+Values]
+- {Status codes}[#label-Status+Codes]
+- {Verb methods}[#label-Verb+Methods]
+- {Root method}[#label-Root+Method]
+- {Request and Response}[#label-Request+and+Response]
+- {Pollution}[#label-Pollution]
+- {Composition}[#label-Composition]
+- {Testing}[#label-Testing]
+- {Settings}[#label-Settings]
+- {Rendering}[#label-Rendering]
+- {Security}[#label-Security]
+- {Code Reloading}[#label-Code+Reloading]
+- {Plugins}[#label-Plugins]
+- {No introspection}[#label-No+Introspection]
+- {Inspiration}[#label-Inspiration]
+- {Ruby Support Policy}[#label-Ruby+Support+Policy]
+
+== Installation
 
   $ gem install roda
 
@@ -140,13 +166,11 @@ for every request.
 == Running the Application
 
 Running a Roda application is similar to running any other rack-based application
-that uses a +config.ru+ file.  You can start a basic server using +rackup+:
+that uses a +config.ru+ file.  You can start a basic server using +rackup+, +puma+,
++unicorn+, +passenger+, or any other webserver that can handle +config.ru+ files:
 
   $ rackup
 
-Ruby web servers such as Unicorn and Puma also ship with their own programs
-that you can use to run a Roda application.
-
 == The Routing Tree
 
 Roda is called a routing tree web toolkit because the way most sites are structured,
@@ -454,7 +478,7 @@ shared branch:
 
 This works well for many cases, but there are also cases where you really want to
 treat it as one route with an optional segment.  One simple way to do that is to
-use a parameter instead of an optional segment (e.g. +/items/123?opt=456+).
+use a parameter instead of an optional segment (e.g. <tt>/items/123?opt=456</tt>).
 
   r.is "items", Integer do |item_id|
     optional_data = r.params['opt'].to_s
@@ -647,14 +671,14 @@ If you have a lot of rack applications that you want to dispatch to, and
 which one to dispatch to is based on the request path prefix, look into the
 +multi_run+ plugin.
 
-=== hash_routes plugin
+=== hash_branches plugin
 
 If you are just looking to split up the main route block up by branches,
-you should use the +hash_routes+ plugin,
+you should use the +hash_branches+ plugin,
 which keeps the current scope of the +route+ block:
 
   class App < Roda
-    plugin :hash_routes
+    plugin :hash_branches
 
     hash_branch "api" do |r|
       r.is do
@@ -663,7 +687,7 @@ which keeps the current scope of the +route+ block:
     end
 
     route do |r|
-      r.hash_routes
+      r.hash_branches
     end
   end
 
@@ -1120,3 +1144,4 @@ MIT
 == Maintainer
 
 Jeremy Evans <code@jeremyevans.net>
+

data/doc/release_notes/3.61.0.txt

@@ -0,0 +1,24 @@
+= Improvements
+
+* The typecast_params plugin now limits input bytesize for integer,
+  float, and date/time typecasts.  If the input is over the allowed
+  bytesize, typecasting will fail.  This prevents issues with trying
+  to typecast arbitrarily large input.
+
+* The default Integer class matcher now limits integer segments to
+  100 characters by default, also to prevent issues with typecasting
+  arbitrarily large input.  Segments larger than 100 characters will
+  no longer be matched by the Integer class matcher.
+
+= Backwards Compatibility
+
+* If the input bytesize limits in the typecast_params plugin cause
+  issues in your application, you can use the :skip_bytesize_checking
+  option when loading the plugin to disable the checks.
+
+* If the default Integer class matcher limit causes problems in your
+  application, you can use the class_matchers plugin to override the
+  matcher to not use a limit:
+
+    plugin :class_matchers
+    class_matcher(Integer, /(\d+)/){|a| [a.to_i]}

data/doc/release_notes/3.62.0.txt

@@ -0,0 +1,41 @@
+= New Features
+
+* An Integer_matcher_max plugin has been added for setting the
+  maximum value matched by the Integer matcher (the minimum is
+  always 0, since the Integer matcher does not match negative
+  integers).  The default maximum value when using the plugin
+  is 2**63-1, the maximum value for a signed 64-bit integer.
+  You can specify a different maximum value by passing an argument
+  when loading the plugin.
+
+* A typecast_params_sized_integers plugin has been added for
+  converting parameters to integers only if the integer is within a
+  specific size.  By default, the plugin supports 8-bit, 16-bit,
+  32-bit, and 64-bit signed and unsigned integer types, with the
+  following typecast_params methods added by the plugin:
+
+    * int8, uint8, pos_int8, pos_uint8, Integer8, Integeru8
+    * int16, uint16, pos_int16, pos_uint16, Integer16, Integeru16
+    * int32, uint32, pos_int32, pos_uint32, Integer32, Integeru32
+    * int64, uint64, pos_int64, pos_uint64, Integer64, Integeru64
+
+  You can override what sizes are added by default by using the
+  :sizes option.  You can also specify a :default_size option,
+  in which case the default int, pos_int, and Integer conversions
+  will use the given size.  So if you want to change the default
+  typecast_params integer conversion behavior to only support
+  integer values that can fit in 64-bit signed integers, you can
+  use:
+
+    plugin :typecast_params_sized_integers, sizes: [64],
+      default_size: 64
+
+= Other Improvements
+
+* The block passed to the class_matcher method in the class_matchers
+  plugin can now return nil/false to signal that it should not match.
+  This is useful when the regexp argument provided matches segments
+  not valid for the class.
+
+* RodaRequest#matched_path now works correctly when using the
+  unescape_path plugin.

data/lib/roda/plugins/Integer_matcher_max.rb

@@ -0,0 +1,54 @@
+# frozen-string-literal: true
+
+#
+class Roda
+  module RodaPlugins
+    # The Integer_matcher_max plugin sets the maximum integer value
+    # value that the Integer class matcher will match by default.
+    # By default, loading this plugin sets the maximum value to
+    # 2**63-1, the largest signed 64-bit integer value:
+    #
+    #   plugin :Integer_matcher_max
+    #   route do |r|
+    #     r.is Integer do
+    #       # Matches /9223372036854775807
+    #       # Does not match /9223372036854775808
+    #     end
+    #   end
+    #
+    # To specify a different maximum value, you can pass a different
+    # maximum value when loading the plugin:
+    # 
+    #   plugin :Integer_matcher_max, 2**64-1
+    module IntegerMatcherMax
+      def self.configure(app, max=nil)
+        if max
+          app::RodaRequest.class_eval do
+            define_method(:_match_class_max_Integer){max}
+            alias_method :_match_class_max_Integer, :_match_class_max_Integer
+            private :_match_class_max_Integer
+          end
+        end
+      end
+
+      module RequestMethods
+        private
+
+        # Do not have the Integer matcher max when over the maximum
+        # configured Integer value.
+        def _match_class_convert_Integer(value)
+          value = super
+          value if value <= _match_class_max_Integer
+        end
+
+        # Use 2**63-1 as the default maximum value for the Integer
+        # matcher.
+        def _match_class_max_Integer
+          9223372036854775807
+        end
+      end
+    end
+
+    register_plugin(:Integer_matcher_max, IntegerMatcherMax)
+  end
+end

data/lib/roda/plugins/_optimized_matching.rb

@@ -52,9 +52,9 @@ class Roda
                   end
                 end
               elsif matcher == Integer
-                if matchdata = /\A\/(\d+)(?=\/|\z)/.match(@remaining_path)
+                if (matchdata = /\A\/(\d{1,100})(?=\/|\z)/.match(@remaining_path)) && (value = _match_class_convert_Integer(matchdata[1]))
                   @remaining_path = matchdata.post_match
-                  always{yield(matchdata[1].to_i)}
+                  always{yield(value)}
                 end
               else
                 path = @remaining_path
@@ -151,9 +151,9 @@ class Roda
                 always{yield rp[1, len]}
               end
             elsif matcher == Integer
-              if matchdata = /\A\/(\d+)\z/.match(@remaining_path)
+              if (matchdata = /\A\/(\d{1,100})\z/.match(@remaining_path)) && (value = _match_class_convert_Integer(matchdata[1]))
                 @remaining_path = ''
-                always{yield(matchdata[1].to_i)}
+                always{yield(value)}
               end
             else
               path = @remaining_path

data/lib/roda/plugins/class_matchers.rb

@@ -28,6 +28,18 @@ class Roda
     # This is useful to DRY up code if you are using the same type of pattern and
     # type conversion in multiple places in your application.
     #
+    # If you have a segment match the passed regexp, but decide during block
+    # processing that you do not want to treat it as a match, you can have the
+    # block return nil or false.  This is useful if you want to make sure you
+    # are using valid data:
+    #
+    #   class_matcher(Date, /(\dd\d)-(\d\d)-(\d\d)/) do |y, m, d|
+    #     y = y.to_i
+    #     m = m.to_i
+    #     d = d.to_i
+    #     [Date.new(y, m, d)] if Date.valid_date?(y, m, d)
+    #   end
+    #
     # This plugin does not work with the params_capturing plugin, as it does not
     # offer the ability to associate block arguments with named keys.
     module ClassMatchers

data/lib/roda/plugins/common_logger.rb

@@ -11,7 +11,7 @@ class Roda
     # * Doesn't include middleware timing
     # * Doesn't proxy the body
     # * Doesn't support different capitalization of the Content-Length response header
-    # * Logs to $stderr instead of env['rack.errors'] if explicit logger not passed
+    # * Logs to +$stderr+ instead of <tt>env['rack.errors']</tt> if explicit logger not passed
     #
     # Example:
     #

data/lib/roda/plugins/halt.rb

@@ -56,7 +56,7 @@ class Roda
     #     r.halt(:template) if r.params['a']
     #
     #     # symbol_views plugin, specifying status code, headers, and template file to render as body
-    #     r.halt(500, 'header=>'value', :other_template) if r.params['c']
+    #     r.halt(500, {'header'=>'value'}, :other_template) if r.params['c']
     #
     #     # json plugin, specifying status code and JSON body
     #     r.halt(500, [{'error'=>'foo'}]) if r.params['b']

data/lib/roda/plugins/typecast_params.rb

@@ -5,34 +5,26 @@ require 'time'
 
 class Roda
   module RodaPlugins
-    # The typecast_params plugin allows for the simple type conversion for
-    # submitted parameters.  Submitted parameters should be considered
-    # untrusted input, and in standard use with browsers, parameters are
-    # submitted as strings (or a hash/array containing strings).  In most
-    # cases it makes sense to explicitly convert the parameter to the
+    # The typecast_params plugin allows for type conversion of submitted parameters.
+    # Submitted parameters should be considered untrusted input, and in standard use
+    # with browsers, parameters are # submitted as strings (or a hash/array containing
+    # strings).  In most # cases it makes sense to explicitly convert the parameter to the
     # desired type.  While this can be done via manual conversion:
     #
-    #   key = request.params['key'].to_i
-    #   key = nil unless key > 0
+    #   val = request.params['key'].to_i
+    #   val = nil unless val > 0
     #
     # the typecast_params plugin adds a friendlier interface:
     #
-    #   key = typecast_params.pos_int('key')
+    #   val = typecast_params.pos_int('key')
     #
-    # As +typecast_params+ is a fairly long method name, you may want to
-    # consider aliasing it to something more terse in your application,
-    # such as +tp+.
-    #
-    # One advantage of using typecast_params is that access or conversion
-    # errors are raised as a specific exception class
-    # (+Roda::RodaPlugins::TypecastParams::Error+).  This allows you to handle
-    # this specific exception class globally and return an appropriate 4xx
-    # response to the client.  You can use the Error#param_name and Error#reason 
-    # methods to get more information about the error.
+    # As +typecast_params+ is a fairly long method name, and may be a method you call
+    # frequently, you may want to consider aliasing it to something more terse in your
+    # application, such as +tp+.
     #
     # typecast_params offers support for default values:
     #
-    #   key = typecast_params.pos_int('key', 1)
+    #   val = typecast_params.pos_int('key', 1)
     #
     # The default value is only used if no value has been submitted for the parameter,
     # or if the conversion of the value results in +nil+.  Handling defaults for parameter
@@ -43,35 +35,41 @@ class Roda
     # In many cases, parameters should be required, and if they aren't submitted, that
     # should be considered an error.  typecast_params handles this with ! methods:
     #
-    #   key = typecast_params.pos_int!('key')
+    #   val = typecast_params.pos_int!('key')
     #
     # These ! methods raise an error instead of returning +nil+, and do not allow defaults.
     #
+    # The errors raised by this plugin use a specific exception class,
+    # +Roda::RodaPlugins::TypecastParams::Error+.  This allows you to handle
+    # this specific exception class globally and return an appropriate 4xx
+    # response to the client.  You can use the Error#param_name and Error#reason 
+    # methods to get more information about the error.
+    #
     # To make it easy to handle cases where many parameters need the same conversion
     # done, you can pass an array of keys to a conversion method, and it will return an array
     # of converted values:
     #
-    #   key1, key2 = typecast_params.pos_int(['key1', 'key2'])
+    #   val1, val2 = typecast_params.pos_int(['key1', 'key2'])
     #
     # This is equivalent to:
     #
-    #   key1 = typecast_params.pos_int('key1')
-    #   key2 = typecast_params.pos_int('key2')
+    #   val1 = typecast_params.pos_int('key1')
+    #   val2 = typecast_params.pos_int('key2')
     #
     # The ! methods also support arrays, ensuring that all parameters have a value:
     #
-    #   key1, key2 = typecast_params.pos_int!(['key1', 'key2'])
+    #   val1, val2 = typecast_params.pos_int!(['key1', 'key2'])
     #
     # For handling of array parameters, where all entries in the array use the
     # same conversion, there is an +array+ method which takes the type as the first argument
     # and the keys to convert as the second argument:
     #
-    #   keys = typecast_params.array(:pos_int, 'keys')
+    #   vals = typecast_params.array(:pos_int, 'keys')
     #
     # If you want to ensure that all entries in the array are converted successfully and that
     # there is a value for the array itself, you can use +array!+:
     #
-    #   keys = typecast_params.array!(:pos_int, 'keys')
+    #   vals = typecast_params.array!(:pos_int, 'keys')
     #
     # This will raise an exception if any of the values in the array for parameter +keys+ cannot
     # be converted to integer.
@@ -79,8 +77,8 @@ class Roda
     # Both +array+ and +array!+ support default values which are used if no value is present
     # for the parameter:
     #
-    #   keys = typecast_params.array(:pos_int, 'keys', [])
-    #   keys = typecast_params.array!(:pos_int, 'keys', [])
+    #   vals1 = typecast_params.array(:pos_int, 'keys1', [])
+    #   vals2 = typecast_params.array!(:pos_int, 'keys2', [])
     #
     # You can also pass an array of keys to +array+ or +array!+, if you would like to perform
     # the same conversion on multiple arrays:
@@ -88,7 +86,7 @@ class Roda
     #   foo_ids, bar_ids = typecast_params.array!(:pos_int, ['foo_ids', 'bar_ids'])
     #
     # The previous examples have shown use of the +pos_int+ method, which uses +to_i+ to convert the
-    # value to an integer, but returns nil if the resulting integer is not positive.  Unless you need
+    # value to an integer, but returns +nil+ if the resulting integer is not positive.  Unless you need
     # to handle negative numbers, it is recommended to use +pos_int+ instead of +int+ as +int+ will
     # convert invalid values to 0 (since that is how <tt>String#to_i</tt> works).
     #
@@ -224,10 +222,10 @@ class Roda
     #   # }
     #
     # Using the +:symbolize+ option makes it simpler to transition from untrusted external
-    # data (string keys), to trusted data that can be used internally (trusted in the sense that
-    # the expected types are used).
+    # data (string keys), to semitrusted data that can be used internally (trusted in the sense that
+    # the expected types are used, not that you trust the values).
     #
-    # Note that if there are multiple conversion Error raised inside a +convert!+ or +convert_each!+ 
+    # Note that if there are multiple conversion errors raised inside a +convert!+ or +convert_each!+ 
     # block, they are recorded and a single TypecastParams::Error instance is raised after
     # processing the block.  TypecastParams::Error#param_names can be called on the exception to
     # get an array of all parameter names with conversion issues, and TypecastParams::Error#all_errors
@@ -245,14 +243,18 @@ class Roda
     # specific to the Roda application.  You can add support for custom types by passing a block
     # when loading the typecast_params plugin.  This block is executed in the context of the
     # subclass, and calling +handle_type+ in the block can be used to add conversion methods.
-    # +handle_type+ accepts a type name and the block used to convert the type:
+    # +handle_type+ accepts a type name, an options hash, and the block used to convert the type.
+    # The only currently supported option is +:max_input_bytesize+, specifying the maximum bytesize of
+    # string input.  You can also override the max input bytesize of an existing type using the
+    # +max_input_bytesize+ method.
     #
     #   plugin :typecast_params do
-    #     handle_type(:album) do |value|
+    #     handle_type(:album, max_input_bytesize: 100) do |value|
     #       if id = convert_pos_int(val)
     #         Album[id]
     #       end
     #     end
+    #     max_input_bytesize(:date, 256)
     #   end
     #
     # By default, the typecast_params conversion procs are passed the parameter value directly
@@ -260,10 +262,18 @@ class Roda
     # strip leading and trailing whitespace from parameter string values before processing, which
     # you can do by passing the <tt>strip: :all</tt> option when loading the plugin.
     #
-    # By default, the typecast_params conversion procs check that null bytes are not allowed
-    # in param string values. This check for null bytes occurs prior to any type conversion.
+    # By default, the typecasting methods for some types check whether the bytesize of input
+    # strings is over the maximum expected values, and raise an error in such cases. The input
+    # bytesize is checked prior to any type conversion.  If you would like to skip this check
+    # and allow any bytesize when doing type conversion for param string values, you can do so by
+    # passing the # <tt>:skip_bytesize_checking</tt> option when loading the plugin. By default,
+    # there is an 100 byte limit on integer input, an 1000 byte input on float input, and a 128
+    # byte limit on date/time input.
+    #
+    # By default, the typecasting methods check whether input strings have null bytes, and raise
+    # an error in such cases.  This check for null bytes occurs prior to any type conversion.
     # If you would like to skip this check and allow null bytes in param string values,
-    # you can do by passing the <tt>:allow_null_bytes</tt> option when loading the plugin.
+    # you can do so by passing the <tt>:allow_null_bytes</tt> option when loading the plugin.
     #
     # You can use the :date_parse_input_handler option to specify custom handling of date
     # parsing input.  Modern versions of Ruby and the date gem internally raise if the input to
@@ -282,6 +292,11 @@ class Roda
     #       string.b[0, 128]
     #     }
     #
+    # The +date_parse_input_handler+ is only called if the value is under the max input
+    # bytesize, so you may need to call +max_input_bytesize+ for the +:date+, +:time+, and
+    # +:datetime+ methods to override the max input bytesize if you want to use this option
+    # for input strings over 128 bytes.
+    #
     # By design, typecast_params only deals with string keys, it is not possible to use
     # symbol keys as arguments to the conversion methods and have them converted.
     module TypecastParams
@@ -409,6 +424,14 @@ class Roda
         end
       end
 
+      module SkipBytesizeChecking
+        private
+
+        # Do not check max input bytesize
+        def check_allowed_bytesize(v, max)
+        end
+      end
+
       # Class handling conversion of submitted parameters to desired types.
       class Params
         # Handle conversions for the given type using the given block.
@@ -422,23 +445,29 @@ class Roda
         # This method is used to define all type conversions, even the built
         # in ones.  It can be called in subclasses to setup subclass-specific
         # types.
-        def self.handle_type(type, &block)
+        def self.handle_type(type, opts=OPTS, &block)
           convert_meth = :"convert_#{type}"
           define_method(convert_meth, &block)
 
+          max_input_bytesize = opts[:max_input_bytesize]
+          max_input_bytesize_meth = :"_max_input_bytesize_for_#{type}"
+          define_method(max_input_bytesize_meth){max_input_bytesize}
+
           convert_array_meth = :"_convert_array_#{type}"
           define_method(convert_array_meth) do |v|
             raise Error, "expected array but received #{v.inspect}" unless v.is_a?(Array)
             v.map! do |val|
+              check_allowed_bytesize(val, send(max_input_bytesize_meth))
               check_null_byte(val)
               send(convert_meth, val)
             end
           end
 
-          private convert_meth, convert_array_meth
+          private convert_meth, convert_array_meth, max_input_bytesize_meth
+          alias_method max_input_bytesize_meth, max_input_bytesize_meth
 
           define_method(type) do |key, default=nil|
-            process_arg(convert_meth, key, default) if require_hash!
+            process_arg(convert_meth, key, default, send(max_input_bytesize_meth)) if require_hash!
           end
 
           define_method(:"#{type}!") do |key|
@@ -446,6 +475,15 @@ class Roda
           end
         end
 
+        # Override the maximum input bytesize for the given type. This is mostly useful
+        # for overriding the sizes for the default input types.
+        def self.max_input_bytesize(type, bytesize)
+          max_input_bytesize_meth = :"_max_input_bytesize_for_#{type}"
+          define_method(max_input_bytesize_meth){bytesize}
+          private max_input_bytesize_meth
+          alias_method max_input_bytesize_meth, max_input_bytesize_meth
+        end
+
         # Create a new instance with the given object and nesting level.
         # +obj+ should be an array or hash, and +nesting+ should be an
         # array.  Designed for internal use, should not be called by
@@ -485,17 +523,18 @@ class Roda
           end
         end
 
-        handle_type(:int) do |v|
+        handle_type(:int, :max_input_bytesize=>100) do |v|
           string_or_numeric!(v) && v.to_i
         end
+        alias base_convert_int convert_int
 
-        handle_type(:pos_int) do |v|
-          if (v = convert_int(v)) && v > 0
+        handle_type(:pos_int, :max_input_bytesize=>100) do |v|
+          if (v = base_convert_int(v)) && v > 0
             v
           end
         end
 
-        handle_type(:Integer) do |v|
+        handle_type(:Integer, :max_input_bytesize=>100) do |v|
           if string_or_numeric!(v)
             case v
             when String
@@ -509,12 +548,13 @@ class Roda
             end
           end
         end
+        alias base_convert_Integer convert_Integer
 
-        handle_type(:float) do |v|
+        handle_type(:float, :max_input_bytesize=>1000) do |v|
           string_or_numeric!(v) && v.to_f
         end
 
-        handle_type(:Float) do |v|
+        handle_type(:Float, :max_input_bytesize=>1000) do |v|
           string_or_numeric!(v) && ::Kernel::Float(v)
         end
 
@@ -523,15 +563,15 @@ class Roda
           v
         end
 
-        handle_type(:date) do |v|
+        handle_type(:date, :max_input_bytesize=>128) do |v|
           parse!(::Date, v)
         end
 
-        handle_type(:time) do |v|
+        handle_type(:time, :max_input_bytesize=>128) do |v|
           parse!(::Time, v)
         end
 
-        handle_type(:datetime) do |v|
+        handle_type(:datetime, :max_input_bytesize=>128) do |v|
           parse!(::DateTime, v)
         end
 
@@ -712,7 +752,7 @@ class Roda
         def array(type, key, default=nil)
           meth = :"_convert_array_#{type}"
           raise ProgrammerError, "no typecast_params type registered for #{type.inspect}" unless respond_to?(meth, true)
-          process_arg(meth, key, default) if require_hash!
+          process_arg(meth, key, default, send(:"_max_input_bytesize_for_#{type}")) if require_hash!
         end
 
         # Call +array+ with the +type+, +key+, and +default+, but if the return value is nil or any value in
@@ -945,10 +985,10 @@ class Roda
 
         # If +key+ is not an array, convert the value at the given +key+ using the +meth+ method and +default+
         # value.  If +key+ is an array, return an array with the conversion done for each respective member of +key+.
-        def process_arg(meth, key, default)
+        def process_arg(meth, key, default, max_input_bytesize=nil)
           case key
           when String
-            v = process(meth, key, default)
+            v = process(meth, key, default, max_input_bytesize)
 
             if @capture
               key = key.to_sym if symbolize?
@@ -961,13 +1001,20 @@ class Roda
           when Array
             key.map do |k|
               raise ProgrammerError, "non-String element in array argument passed to typecast_params: #{k.inspect}" unless k.is_a?(String)
-              process_arg(meth, k, default)
+              process_arg(meth, k, default, max_input_bytesize)
             end
           else
             raise ProgrammerError, "Unsupported argument for typecast_params conversion method: #{key.inspect}"
           end
         end
 
+        # Raise an Error if the value is a string with bytesize over max (if max is given)
+        def check_allowed_bytesize(v, max)
+          if max && v.is_a?(String) && v.bytesize > max
+            handle_error(nil, :too_long, "string parameter is too long for type", true)
+          end
+        end
+
         # Raise an Error if the value is a string containing a null byte.
         def check_null_byte(v)
           if v.is_a?(String) && v.index("\0")
@@ -977,10 +1024,11 @@ class Roda
 
         # Get the value of +key+ for the object, and convert it to the expected type using +meth+.
         # If the value either before or after conversion is nil, return the +default+ value.
-        def process(meth, key, default)
+        def process(meth, key, default, max_input_bytesize=nil)
           v = param_value(key)
 
           unless v.nil?
+            check_allowed_bytesize(v, max_input_bytesize)
             check_null_byte(v)
             v = send(meth, v)
           end
@@ -1049,6 +1097,9 @@ class Roda
         if opts[:allow_null_bytes]
           app::TypecastParams.send(:include, AllowNullByte)
         end
+        if opts[:skip_bytesize_checking]
+          app::TypecastParams.send(:include, SkipBytesizeChecking)
+        end
         if opts[:date_parse_input_handler]
           app::TypecastParams.class_eval do
             include DateParseInputHandler

data/lib/roda/plugins/typecast_params_sized_integers.rb

@@ -0,0 +1,107 @@
+# frozen-string-literal: true
+
+#
+class Roda
+  module RodaPlugins
+    # The typecast_params_sized_integers plugin adds sized integer conversion
+    # methods to typecast_params:
+    #
+    # * int8, uint8, pos_int8, pos_uint8, Integer8, Integeru8
+    # * int16, uint16, pos_int16, pos_uint16, Integer16, Integeru16
+    # * int32, uint32, pos_int32, pos_uint32, Integer32, Integeru32
+    # * int64, uint64, pos_int64, pos_uint64, Integer64, Integeru64
+    #
+    # The int*, pos_int*, and Integer* methods operate the same as the
+    # standard int, pos_int, and Integer methods in typecast_params,
+    # except that they will only handle parameter values in the given
+    # range for the signed integer type.  The uint*, pos_int*, and
+    # Integeru* methods are similar to the int*, pos_int*, and
+    # Integer* methods, except they use the range of the unsigned
+    # integer type instead of the range of the signed integer type.
+    #
+    # Here are the signed and unsigned integer type ranges:
+    # 8 :: [-128, 127], [0, 255]
+    # 16 :: [-32768, 32767], [0, 65535]
+    # 32 :: [-2147483648, 2147483647], [0, 4294967295]
+    # 64 :: [-9223372036854775808, 9223372036854775807], [0, 18446744073709551615]
+    #
+    # To only create methods for certain integer sizes, you can pass a
+    # :sizes option when loading the plugin, and it will only create
+    # methods for the sizes you specify.
+    #
+    # You can provide a :default_size option when loading the plugin,
+    # in which case the int, uint, pos_int, pos_uint, Integer, and Integeru,
+    # typecast_params conversion methods will be aliases to the conversion
+    # methods for the given sized type:
+    #
+    #  plugin :typecast_params_sized_integers, default_size: 64
+    #
+    #  route do |r|
+    #    # Returns nil unless param.to_i > 0 && param.to_i <= 9223372036854775807
+    #    typecast_params.pos_int('param_name')
+    #  end
+    module TypecastParamsSizedIntegers
+      def self.load_dependencies(app, opts=OPTS)
+        app.plugin :typecast_params do
+          (opts[:sizes] || [8, 16, 32, 64]).each do |i|
+            # Avoid defining the same methods more than once
+            next if method_defined?(:"pos_int#{i}")
+
+            min_signed = -(2**(i-1))
+            max_signed = 2**(i-1)-1
+            max_unsigned = 2**i-1
+
+            handle_type(:"int#{i}", :max_input_bytesize=>100) do |v|
+              if (v = base_convert_int(v)) && v >= min_signed && v <= max_signed
+                v
+              end
+            end
+
+            handle_type(:"uint#{i}", :max_input_bytesize=>100) do |v|
+              if (v = base_convert_int(v)) && v >= 0 && v <= max_unsigned
+                v
+              end
+            end
+
+            handle_type(:"pos_int#{i}", :max_input_bytesize=>100) do |v|
+              if (v = base_convert_int(v)) && v > 0 && v <= max_signed
+                v
+              end
+            end
+
+            handle_type(:"pos_uint#{i}", :max_input_bytesize=>100) do |v|
+              if (v = base_convert_int(v)) && v > 0 && v <= max_unsigned
+                v
+              end
+            end
+
+            handle_type(:"Integer#{i}", :max_input_bytesize=>100) do |v|
+              if (v = base_convert_Integer(v)) && v >= min_signed && v <= max_signed
+                v
+              end
+            end
+
+            handle_type(:"Integeru#{i}", :max_input_bytesize=>100) do |v|
+              if (v = base_convert_Integer(v)) && v >= 0 && v <= max_unsigned
+                v
+              end
+            end
+          end
+        end
+
+        if default = opts[:default_size]
+          app::TypecastParams.class_eval do
+            %w[int uint pos_int pos_uint Integer Integeru].each do |type|
+              ['', 'convert_', '_convert_array_', '_max_input_bytesize_for_'].each do |prefix|
+                alias_method :"#{prefix}#{type}", :"#{prefix}#{type}#{default}"
+              end
+              alias_method :"#{type}!", :"#{type}#{default}!"
+            end
+          end
+        end
+      end
+    end
+
+    register_plugin(:typecast_params_sized_integers, TypecastParamsSizedIntegers)
+  end
+end

data/lib/roda/plugins/unescape_path.rb

@@ -20,6 +20,13 @@ class Roda
     #   end
     module UnescapePath
       module RequestMethods
+        # Make sure the matched path calculation handles the unescaping
+        # of the remaining path.
+        def matched_path
+          e = @env
+          Rack::Utils.unescape(e["SCRIPT_NAME"] + e["PATH_INFO"]).chomp(@remaining_path)
+        end
+
         private
 
         # Unescape the path.

data/lib/roda/request.rb

@@ -440,10 +440,19 @@ class Roda
           hash.all?{|k,v| send("match_#{k}", v)}
         end
 
-        # Match integer segment, and yield resulting value as an
+        # Match integer segment of up to 100 decimal characters, and yield resulting value as an
         # integer.
         def _match_class_Integer
-          consume(/\A\/(\d+)(?=\/|\z)/){|i| [i.to_i]}
+          consume(/\A\/(\d{1,100})(?=\/|\z)/) do |i|
+            if i = _match_class_convert_Integer(i)
+              [i]
+            end
+          end
+        end
+
+        # Convert the segment matched by the Integer matcher to an integer.
+        def _match_class_convert_Integer(value)
+          value.to_i
         end
 
         # Match only if all of the arguments in the given array match.
@@ -548,9 +557,11 @@ class Roda
         # path from PATH_INFO, and updates captures with any regex captures.
         def consume(pattern)
           if matchdata = pattern.match(@remaining_path)
-            @remaining_path = matchdata.post_match
             captures = matchdata.captures
-            captures = yield(*captures) if defined?(yield)
+            if defined?(yield)
+              return unless captures = yield(*captures)
+            end
+            @remaining_path = matchdata.post_match
             @captures.concat(captures)
           end
         end

data/lib/roda/version.rb

@@ -4,7 +4,7 @@ class Roda
   RodaMajorVersion = 3
 
   # The minor version of Roda, updated for new feature releases of Roda.
-  RodaMinorVersion = 60
+  RodaMinorVersion = 62
 
   # The patch version of Roda, updated only for bug fixes from the last
   # feature release.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: roda
 version: !ruby/object:Gem::Version
-  version: 3.60.0
+  version: 3.62.0
 platform: ruby
 authors:
 - Jeremy Evans
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-09-13 00:00:00.000000000 Z
+date: 2022-11-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -164,7 +164,7 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: 
+description:
 email:
 - code@jeremyevans.net
 executables: []
@@ -233,6 +233,8 @@ extra_rdoc_files:
 - doc/release_notes/3.59.0.txt
 - doc/release_notes/3.6.0.txt
 - doc/release_notes/3.60.0.txt
+- doc/release_notes/3.61.0.txt
+- doc/release_notes/3.62.0.txt
 - doc/release_notes/3.7.0.txt
 - doc/release_notes/3.8.0.txt
 - doc/release_notes/3.9.0.txt
@@ -300,12 +302,15 @@ files:
 - doc/release_notes/3.59.0.txt
 - doc/release_notes/3.6.0.txt
 - doc/release_notes/3.60.0.txt
+- doc/release_notes/3.61.0.txt
+- doc/release_notes/3.62.0.txt
 - doc/release_notes/3.7.0.txt
 - doc/release_notes/3.8.0.txt
 - doc/release_notes/3.9.0.txt
 - lib/roda.rb
 - lib/roda/cache.rb
 - lib/roda/plugins.rb
+- lib/roda/plugins/Integer_matcher_max.rb
 - lib/roda/plugins/_after_hook.rb
 - lib/roda/plugins/_before_hook.rb
 - lib/roda/plugins/_optimized_matching.rb
@@ -421,6 +426,7 @@ files:
 - lib/roda/plugins/timestamp_public.rb
 - lib/roda/plugins/type_routing.rb
 - lib/roda/plugins/typecast_params.rb
+- lib/roda/plugins/typecast_params_sized_integers.rb
 - lib/roda/plugins/unescape_path.rb
 - lib/roda/plugins/view_options.rb
 - lib/roda/request.rb
@@ -436,7 +442,7 @@ metadata:
   documentation_uri: https://roda.jeremyevans.net/documentation.html
   mailing_list_uri: https://github.com/jeremyevans/roda/discussions
   source_code_uri: https://github.com/jeremyevans/roda
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -452,7 +458,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.3.7
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Routing tree web toolkit
 test_files: []