roda 3.43.1 → 3.44.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 95c0306a50aefb2cfa3bd700403ff2d8441acb78438dcca36bdb0341708208fe
-  data.tar.gz: df524e11cab19b33d6f4e2a139f2813b89dc0832863aa2e0ac70c69cc4f98e68
+  metadata.gz: b60182ef0483279ac1d1983495ba020c1803d6c1fe0fa84af882142f816f72bc
+  data.tar.gz: 20f6053b7c73fed454dc3f39e55a516d7a5461a4005356b5788480b8aab36f14
 SHA512:
-  metadata.gz: dc0c531cdc7d9ae5d122cae6394b49ebd9014811c6dfba64ef70bc2b4ffe03d66efe2a10dd11f180a1c68db15a7bf3e048f8fdd8550fa72584d2190d8b3d59ea
-  data.tar.gz: 3f42b2dd764cae91a0b81f43933c230b5795f29f33aebf18a7cbfd800071dfdb9ce29f80b471747105e6caa524571877f207cffde621fdaf3d04b89d5c295f8e
+  metadata.gz: 89359f0c972c236bee671606fc7254f4999c6fc03f1b0ef8ff7c9691b581b6e796197b9fbee6fd109ae4d1026624f041d2e64c6182dbf8c80818756543923c9d
+  data.tar.gz: 2d786d8641f5195a65874f3326abe07057748e4de2df7d0a8e8cd9439b6afceb08e65b6a3733e15b0289e273cc070033c1dc466e1909880410b4d05541fa04ae

data/CHANGELOG

@@ -1,3 +1,9 @@
+= 3.44.0 (2021-05-12)
+
+* Add optimized_segment_matchers plugin for optimized matchers for a single String class argument (jeremyevans)
+
+* Use RFC 5987 UTF-8 and ISO-8859-1 encoded filenames when using send_file and attachment in the sinatra_helpers plugin (jeremyevans)
+
 = 3.43.1 (2021-04-13)
 
 * [SECURITY] Fix issue where loading content_security_policy plugin after default_headers plugin had no effect (jeremyevans)

data/doc/release_notes/3.44.0.txt

@@ -0,0 +1,23 @@
+= New Features
+
+* An optimized_segment_matchers plugin has been added that offers
+  very fast matchers for arbitrary segments (the same segments
+  that would be matched by the String class matcher).  The
+  on_segment method it offers accepts no arguments and yields
+  the next segment if there is a segment.  The is_segment method
+  is similar, but only yields if the next segment is the final
+  segment.
+
+= Other Improvements
+
+* The send_file and attachment methods in the sinatra_helpers plugin
+  now support RFC 5987 UTF-8 and ISO-8859-1 encoded filenames,
+  allowing modern browsers to save files with encoded chracters. For
+  older browsers that do not support RFC 5987, unsupported characters
+  in filenames are replaced with dashes.  This is considered to be an
+  improvement over the previous behavior of using Ruby's inspect
+  output for the filename, which could contain backslashes (backslash
+  is not an allowed chracter in Windows filenames).
+
+* The performance of the String class matcher has been slightly
+  improved.

data/lib/roda/plugins/optimized_segment_matchers.rb

@@ -0,0 +1,53 @@
+# frozen-string-literal: true
+
+#
+class Roda
+  module RodaPlugins
+    # The optimized_segment_matchers plugin adds two optimized matcher methods,
+    # +r.on_segment+ and +r.is_segment+.  +r.on_segment+ is an optimized version of
+    # +r.on String+ that accepts no arguments and yields the next segment if there
+    # is a segment. +r.is_segment+ is an optimized version of +r.is String+ that accepts
+    # no arguments and yields the next segment only if it is the last segment.
+    #
+    #   plugin :optimized_segment_matchers
+    #
+    #   route do |r|
+    #     r.on_segment do |x|
+    #       # matches any segment (e.g. /a, /b, but not /)
+    #       r.is_segment do |y|
+    #         # matches only if final segment (e.g. /a/b, /b/c, but not /c, /c/d/, /c/d/e)
+    #       end
+    #     end
+    #   end
+    module OptimizedSegmentMatchers
+      module RequestMethods
+        # Optimized version of +r.on String+ that yields the next segment if there
+        # is a segment.
+        def on_segment
+          rp = @remaining_path
+          if rp.getbyte(0) == 47
+            if last = rp.index('/', 1)
+              @remaining_path = rp[last, rp.length]
+              always{yield rp[1, last-1]}
+            elsif (len = rp.length) > 1
+              @remaining_path = ""
+              always{yield rp[1, len]}
+            end
+          end
+        end
+
+        # Optimized version of +r.is String+ that yields the next segment only if it
+        # is the final segment.
+        def is_segment
+          rp = @remaining_path
+          if rp.getbyte(0) == 47 && !rp.index('/', 1) && (len = rp.length) > 1
+            @remaining_path = ""
+            always{yield rp[1, len]}
+          end
+        end
+      end
+    end
+
+    register_plugin(:optimized_segment_matchers, OptimizedSegmentMatchers)
+  end
+end

data/lib/roda/plugins/optimized_string_matchers.rb

@@ -19,7 +19,8 @@ class Roda
     #     end
     #   end
     #
-    # Note that both of these methods only work with plain strings, not
+    # If you are using the placeholder_string_matchers plugin, note
+    # that both of these methods only work with plain strings, not
     # with strings with embedded colons for capturing.  Matching will work
     # correctly in such cases, but the captures will not be yielded to the
     # match blocks.

data/lib/roda/plugins/sinatra_helpers.rb

@@ -211,6 +211,10 @@ class Roda
     # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
     # OTHER DEALINGS IN THE SOFTWARE.
     module SinatraHelpers
+      UTF8_ENCODING = Encoding.find('UTF-8')
+      ISO88591_ENCODING = Encoding.find('ISO-8859-1')
+      BINARY_ENCODING = Encoding.find('BINARY')
+
       # Depend on the status_303 plugin.
       def self.load_dependencies(app, _opts = nil)
         app.plugin :status_303
@@ -432,7 +436,25 @@ class Roda
         # instructing the user agents to prompt to save.
         def attachment(filename = nil, disposition='attachment')
           if filename
-            params = "; filename=#{File.basename(filename).inspect}"
+            param_filename = File.basename(filename)
+            encoding = param_filename.encoding
+
+            needs_encoding = param_filename.gsub!(/[^ 0-9a-zA-Z!\#$&\+\.\^_`\|~]+/, '-')
+            params = "; filename=#{param_filename.inspect}"
+
+            if needs_encoding && (encoding == UTF8_ENCODING || encoding == ISO88591_ENCODING)
+              # File name contains non attr-char characters from RFC 5987 Section 3.2.1
+
+              encoded_filename = File.basename(filename).force_encoding(BINARY_ENCODING)
+              # Similar regexp as above, but treat each byte separately, and encode
+              # space characters, since those aren't allowed in attr-char
+              encoded_filename.gsub!(/[^0-9a-zA-Z!\#$&\+\.\^_`\|~]/) do |c|
+                "%%%X" % c.ord
+              end
+
+              encoded_params = "; filename*=#{encoding.to_s}''#{encoded_filename}"
+            end
+
             unless @headers["Content-Type"]
               ext = File.extname(filename)
               unless ext.empty?
@@ -440,7 +462,7 @@ class Roda
               end
             end
           end
-          @headers["Content-Disposition"] = "#{disposition}#{params}"
+          @headers["Content-Disposition"] = "#{disposition}#{params}#{encoded_params}"
         end
 
         # Whether or not the status is set to 1xx. Returns nil if status not yet set.

data/lib/roda/request.rb

@@ -468,8 +468,8 @@ class Roda
             if last = rp.index('/', 1)
               @captures << rp[1, last-1]
               @remaining_path = rp[last, rp.length]
-            elsif rp.length > 1
-              @captures << rp[1,rp.length]
+            elsif (len = rp.length) > 1
+              @captures << rp[1, len]
               @remaining_path = ""
             end
           end

data/lib/roda/version.rb

@@ -4,11 +4,11 @@ class Roda
   RodaMajorVersion = 3
 
   # The minor version of Roda, updated for new feature releases of Roda.
-  RodaMinorVersion = 43
+  RodaMinorVersion = 44
 
   # The patch version of Roda, updated only for bug fixes from the last
   # feature release.
-  RodaPatchVersion = 1
+  RodaPatchVersion = 0
 
   # The full version of Roda as a string.
   RodaVersion = "#{RodaMajorVersion}.#{RodaMinorVersion}.#{RodaPatchVersion}".freeze

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: roda
 version: !ruby/object:Gem::Version
-  version: 3.43.1
+  version: 3.44.0
 platform: ruby
 authors:
 - Jeremy Evans
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-04-13 00:00:00.000000000 Z
+date: 2021-05-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -214,6 +214,7 @@ extra_rdoc_files:
 - doc/release_notes/3.41.0.txt
 - doc/release_notes/3.42.0.txt
 - doc/release_notes/3.43.0.txt
+- doc/release_notes/3.44.0.txt
 - doc/release_notes/3.5.0.txt
 - doc/release_notes/3.6.0.txt
 - doc/release_notes/3.7.0.txt
@@ -264,6 +265,7 @@ files:
 - doc/release_notes/3.41.0.txt
 - doc/release_notes/3.42.0.txt
 - doc/release_notes/3.43.0.txt
+- doc/release_notes/3.44.0.txt
 - doc/release_notes/3.5.0.txt
 - doc/release_notes/3.6.0.txt
 - doc/release_notes/3.7.0.txt
@@ -333,6 +335,7 @@ files:
 - lib/roda/plugins/named_templates.rb
 - lib/roda/plugins/not_allowed.rb
 - lib/roda/plugins/not_found.rb
+- lib/roda/plugins/optimized_segment_matchers.rb
 - lib/roda/plugins/optimized_string_matchers.rb
 - lib/roda/plugins/padrino_render.rb
 - lib/roda/plugins/param_matchers.rb