sinatra 1.3.0.e → 1.3.0.f

data/README.zh.rdoc

@@ -194,10 +194,10 @@ Rack body对象或者HTTP状态码：
 
 == 静态文件
 
-静态文件是从 <tt>./public</tt> 目录提供服务。你可以通过设置<tt>:public</tt>
+静态文件是从 <tt>./public_folder</tt> 目录提供服务。你可以通过设置<tt>:public</tt>
 选项设定一个不同的位置：
 
-  set :public, File.dirname(__FILE__) + '/static'
+  set :public_folder, File.dirname(__FILE__) + '/static'
 
 请注意public目录名并没有被包含在URL之中。文件
 <tt>./public/css/style.css</tt>是通过
@@ -897,7 +897,7 @@ Session被用来在请求之间保持状态。如果被激活，每一个用户
   get '/foo' do
     status 418
     headers \
-      "Allow"   => "BREW, POST, GET, PROPFIND, WHEN"
+      "Allow"   => "BREW, POST, GET, PROPFIND, WHEN",
       "Refresh" => "Refresh: 20; http://www.ietf.org/rfc/rfc2324.txt"
     body "I'm a tea pot!"
   end
@@ -961,7 +961,7 @@ Sinatra并不理解。使用 +mime_type+ 通过文件扩展名来注册它们：
 
 或者使用session:
 
-  enable :session
+  enable :sessions
 
   get '/foo' do
     session[:secret] = 'foo'
@@ -1268,7 +1268,7 @@ Sinatra会自动处理range请求。
                       <tt>redirect '/foo'</tt> 会和
                       <tt>redirect to('/foo')</tt>起相同作用。默认禁用。
 
-[public]              public文件夹的位置。
+[public_folder]      public文件夹的位置。
 
 [reload_templates]    是否每个请求都重新载入模板。
                       在development mode和 Ruby 1.8.6 中被企业（用来

data/Rakefile

@@ -3,6 +3,12 @@ require 'rake/testtask'
 require 'fileutils'
 require 'date'
 
+# CI Reporter is only needed for the CI
+begin
+  require 'ci/reporter/rake/test_unit'
+rescue LoadError
+end
+
 task :default => :test
 task :spec => :test
 
@@ -77,7 +83,7 @@ task :add_template, [:name] do |t, args|
         puts "Liquid not found in #{file}"
       else
         puts "Adding section to #{file}"
-        template = template.gsub(/Liquid/, args.name.capitalize).gsub(/liquid/, args.name.downcase)        
+        template = template.gsub(/Liquid/, args.name.capitalize).gsub(/liquid/, args.name.downcase)
         code.gsub! /^(\s*===.*CoffeeScript)/, "\n" << template << "\n\\1"
         File.open(file, "w") { |f| f << code }
       end
@@ -102,7 +108,7 @@ end
 
 desc "list of authors"
 task :authors, [:commit_range, :format, :sep] do |t, a|
-  a.with_defaults :format => "%s (%d)", :sep => ", "
+  a.with_defaults :format => "%s (%d)", :sep => ", ", :commit_range => '--all'
   authors = Hash.new { |h,k| h[k] = 0 }
   blake   = "Blake Mizerany"
   overall = 0

data/lib/sinatra/base.rb

@@ -1,6 +1,7 @@
 # external dependencies
 require 'rack'
 require 'tilt'
+require "rack/protection"
 
 # stdlib dependencies
 require 'thread'
@@ -39,6 +40,14 @@ module Sinatra
       @env.include? "HTTP_X_FORWARDED_HOST"
     end
 
+    def safe?
+      get? or head? or options? or trace?
+    end
+
+    def idempotent?
+      safe? or put? or delete?
+    end
+
     private
 
     def accept_entry(entry)
@@ -55,8 +64,8 @@ module Sinatra
   # http://rack.rubyforge.org/doc/classes/Rack/Response/Helpers.html
   class Response < Rack::Response
     def body=(value)
-      value = value.body while value.respond_to? :body and value.body != value
-      @body = value.respond_to?(:to_str) ? [value.to_str] : value
+      value = value.body while Rack::Response === value
+      @body = String === value ? [value.to_str] : value
     end
 
     def each
@@ -64,10 +73,17 @@ module Sinatra
     end
 
     def finish
-      if body.respond_to? :to_ary and not [204, 304].include?(status.to_i)
+      if status.to_i / 100 == 1
+        headers.delete "Content-Length"
+        headers.delete "Content-Type"
+      elsif Array === body and not [204, 304].include?(status.to_i)
         headers["Content-Length"] = body.inject(0) { |l, p| l + Rack::Utils.bytesize(p) }.to_s
       end
-      super
+
+      # Rack::Response#finish sometimes returns self as response body. We don't want that.
+      status, headers, result = super
+      result = body if result == self
+      [status, headers, result]
     end
   end
 
@@ -98,7 +114,11 @@ module Sinatra
 
     # Halt processing and redirect to the URI provided.
     def redirect(uri, *args)
-      status 302
+      if env['HTTP_VERSION'] == 'HTTP/1.1' and env["REQUEST_METHOD"] != 'GET'
+        status 303
+      else
+        status 302
+      end
 
       # According to RFC 2616 section 14.30, "the field value consists of a
       # single absolute URI"
@@ -186,6 +206,8 @@ module Sinatra
       if filename
         params = '; filename="%s"' % File.basename(filename)
         response['Content-Disposition'] << params
+        ext = File.extname(filename)
+        content_type(ext) unless response['Content-Type'] or ext.empty?
       end
     end
 
@@ -212,6 +234,61 @@ module Sinatra
       not_found
     end
 
+    # Class of the response body in case you use #stream.
+    #
+    # Three things really matter: The front and back block (back being the
+    # blog generating content, front the one sending it to the client) and
+    # the scheduler, integrating with whatever concurrency feature the Rack
+    # handler is using.
+    #
+    # Scheduler has to respond to defer and schedule.
+    class Stream
+      def self.schedule(*) yield end
+      def self.defer(*)    yield end
+
+      def initialize(scheduler = self.class, keep_open = false, &back)
+        @back, @scheduler, @callback, @keep_open = back.to_proc, scheduler, nil, keep_open
+      end
+
+      def close
+        @scheduler.schedule { @callback.call if @callback }
+      end
+
+      def each(&front)
+        @front = front
+        @scheduler.defer do
+          begin
+            @back.call(self)
+          rescue Exception => e
+            @scheduler.schedule { raise e }
+          end
+          close unless @keep_open
+        end
+      end
+
+      def <<(data)
+        @scheduler.schedule { @front.call(data.to_s) }
+        self
+      end
+
+      def callback(&block)
+        @callback = block
+      end
+
+      alias errback callback
+    end
+
+    # Allows to start sending data to the client even though later parts of
+    # the response body have not yet been generated.
+    #
+    # The close parameter specifies whether Stream#close should be called
+    # after the block has been executed. This is only relevant for evented
+    # servers like Thin or Rainbows.
+    def stream(keep_open = false, &block)
+      scheduler = env['async.callback'] ? EventMachine : Stream
+      body Stream.new(scheduler, keep_open, &block)
+    end
+
     # Specify response freshness policy for HTTP caches (Cache-Control header).
     # Any number of non-value directives (:public, :private, :no_cache,
     # :no_store, :must_revalidate, :proxy_revalidate) may be passed along with
@@ -298,10 +375,13 @@ module Sinatra
       value = 'W/' + value if kind == :weak
       response['ETag'] = value
 
-      # Conditional GET check
       if etags = env['HTTP_IF_NONE_MATCH']
         etags = etags.split(/\s*,\s*/)
-        halt 304 if etags.include?(value) || etags.include?('*')
+        if etags.include?(value) or etags.include?('*')
+          halt 304 if request.safe?
+        else
+          halt 412 unless request.safe?
+        end
       end
     end
 
@@ -310,11 +390,38 @@ module Sinatra
       request.referer
     end
 
-    private
+    # whether or not the status is set to 1xx
+    def informational?
+      status.between? 100, 199
+    end
+
+    # whether or not the status is set to 2xx
+    def success?
+      status.between? 200, 299
+    end
+
+    # whether or not the status is set to 3xx
+    def redirect?
+      status.between? 300, 399
+    end
+
+    # whether or not the status is set to 4xx
+    def client_error?
+      status.between? 400, 499
+    end
+
+    # whether or not the status is set to 5xx
+    def server_error?
+      status.between? 500, 599
+    end
+
+    # whether or not the status is set to 404
+    def not_found?
+      status == 404
+    end
 
-    # Ruby 1.8 has no #to_time method.
-    # This can be removed and calls to it replaced with to_time,
-    # if 1.8 support is dropped.
+    # Generates a Time object from the given value.
+    # Used by #expires and #last_modified.
     def time_for(value)
       if value.respond_to? :to_time
         value.to_time
@@ -340,6 +447,8 @@ module Sinatra
     end
   end
 
+  private
+
   # Template rendering methods. Each method takes the name of a template
   # to render as a Symbol and returns a String with the rendered output,
   # as well as an optional hash with additional options.
@@ -374,7 +483,7 @@ module Sinatra
 
     def erubis(template, options={}, locals={})
       warn "Sinatra::Templates#erubis is deprecated and will be removed, use #erb instead.\n" \
-        "If you have Erubis installed, it will be used automatically.\n\tfrom #{caller.first}"
+        "If you have Erubis installed, it will be used automatically."
       render :erubis, template, options, locals
     end
 
@@ -567,7 +676,7 @@ module Sinatra
       invoke { error_block!(response.status) }
 
       unless @response['Content-Type']
-        if body.respond_to? :to_ary and body[0].respond_to? :content_type
+        if Array === body and body[0].respond_to? :content_type
           content_type body[0].content_type
         else
           content_type :html
@@ -589,7 +698,7 @@ module Sinatra
 
     def options
       warn "Sinatra::Base#options is deprecated and will be removed, " \
-        "use #settings instead.\n\tfrom #{caller.first}"
+        "use #settings instead."
       settings
     end
 
@@ -653,12 +762,12 @@ module Sinatra
     # Revert params afterwards.
     #
     # Returns pass block.
-    def process_route(pattern, keys, conditions, block = nil)
+    def process_route(pattern, keys, conditions, block = nil, values = [])
       @original_params ||= @params
       route = @request.path_info
       route = '/' if route.empty? and not settings.empty_path_info?
       if match = pattern.match(route)
-        values = match.captures.to_a.map { |v| force_encoding URI.decode(v) if v }
+        values += match.captures.to_a.map { |v| force_encoding URI.decode(v) if v }
         params =
           if keys.any?
             keys.zip(values).inject({}) do |hash,(k,v)|
@@ -701,7 +810,7 @@ module Sinatra
     # Attempt to serve static files from public directory. Throws :halt when
     # a matching file is found, returns nil otherwise.
     def static!
-      return if (public_dir = settings.public).nil?
+      return if (public_dir = settings.public_folder).nil?
       public_dir = File.expand_path(public_dir)
 
       path = File.expand_path(public_dir + unescape(request.path_info))
@@ -753,32 +862,34 @@ module Sinatra
     # Error handling during requests.
     def handle_exception!(boom)
       @env['sinatra.error'] = boom
-      dump_errors!(boom) if settings.dump_errors?
-      raise boom if settings.show_exceptions? and settings.show_exceptions != :after_handler
-      @response.status = boom.respond_to?(:code) ? Integer(boom.code) : 500
+      status boom.respond_to?(:code) ? Integer(boom.code) : 500
 
-      if @response.status == 404
-        @response.headers['X-Cascade'] = 'pass'
-        @response.body = ['<h1>Not Found</h1>']
+      if server_error?
+        dump_errors! boom if settings.dump_errors?
+        raise boom if settings.show_exceptions? and settings.show_exceptions != :after_handler
       end
 
-      if res = error_block!(boom.class)
-        res
-      elsif @response.status >= 500
-        raise boom if settings.raise_errors? or settings.show_exceptions?
-        error_block! Exception
+      if not_found?
+        headers['X-Cascade'] = 'pass'
+        body '<h1>Not Found</h1>'
       end
+
+      res = error_block!(boom.class, boom) || error_block!(status, boom)
+      return res if res or not server_error?
+      raise boom if settings.raise_errors? or settings.show_exceptions?
+      error_block! Exception, boom
     end
 
     # Find an custom error block for the key(s) specified.
-    def error_block!(key)
+    def error_block!(key, *block_params)
       base = settings
       while base.respond_to?(:errors)
         next base = base.superclass unless args = base.errors[key]
+        args += [block_params]
         return process_route(*args)
       end
       return false unless key.respond_to? :superclass and key.superclass < Exception
-      error_block! key.superclass
+      error_block!(key.superclass, *block_params)
     end
 
     def dump_errors!(boom)
@@ -979,6 +1090,11 @@ module Sinatra
         @conditions << generate_method(name, &block)
       end
 
+      def public=(value)
+        warn ":public is no longer used to avoid overloading Module#public, use :public_folder instead"
+        set(:public_folder, value)
+      end
+
    private
       # Condition for matching host name. Parameter might be String or Regexp.
       def host_name(pattern)
@@ -1036,8 +1152,10 @@ module Sinatra
         # Because of self.options.host
         host_name(options.delete(:host)) if options.key?(:host)
         enable :empty_path_info if path == "" and empty_path_info.nil?
-        (@routes[verb] ||= []) << compile!(verb, path, block, options)
+        signature = compile!(verb, path, block, options)
+        (@routes[verb] ||= []) << signature
         invoke_hook(:route_added, verb, path, block)
+        signature
       end
 
       def invoke_hook(name, *args)
@@ -1134,23 +1252,28 @@ module Sinatra
       def quit!(server, handler_name)
         # Use Thin's hard #stop! if available, otherwise just #stop.
         server.respond_to?(:stop!) ? server.stop! : server.stop
-        STDERR.puts "\n== Sinatra has ended his set (crowd applauds)" unless handler_name =~/cgi/i
+        $stderr.puts "\n== Sinatra has ended his set (crowd applauds)" unless handler_name =~/cgi/i
       end
 
       # Run the Sinatra app as a self-hosted server using
-      # Thin, Mongrel or WEBrick (in that order)
+      # Thin, Mongrel or WEBrick (in that order). If given a block, will call
+      # with the constructed handler once we have taken the stage.
       def run!(options={})
         set options
         handler      = detect_rack_handler
         handler_name = handler.name.gsub(/.*::/, '')
-        STDERR.puts "== Sinatra/#{Sinatra::VERSION} has taken the stage " +
-          "on #{port} for #{environment} with backup from #{handler_name}" unless handler_name =~/cgi/i
         handler.run self, :Host => bind, :Port => port do |server|
+          unless handler_name =~ /cgi/i
+            $stderr.puts "== Sinatra/#{Sinatra::VERSION} has taken the stage " +
+            "on #{port} for #{environment} with backup from #{handler_name}"
+          end
           [:INT, :TERM].each { |sig| trap(sig) { quit!(server, handler_name) } }
+          server.threaded = settings.threaded if server.respond_to? :threaded=
           set :running, true
+          yield server if block_given?
         end
       rescue Errno::EADDRINUSE => e
-        STDERR.puts "== Someone is already performing on port #{port}!"
+        $stderr.puts "== Someone is already performing on port #{port}!"
       end
 
       # The prototype instance used to process requests.
@@ -1186,8 +1309,9 @@ module Sinatra
         builder.use ShowExceptions       if show_exceptions?
         builder.use Rack::MethodOverride if method_override?
         builder.use Rack::Head
-        setup_logging  builder
-        setup_sessions builder
+        setup_logging    builder
+        setup_sessions   builder
+        setup_protection builder
       end
 
       def setup_middleware(builder)
@@ -1207,6 +1331,14 @@ module Sinatra
         end
       end
 
+      def setup_protection(builder)
+        return unless protection?
+        options = Hash === protection ? protection.dup : {}
+        options[:except] = Array options[:except]
+        options[:except] += [:session_hijacking, :remote_token] unless sessions?
+        builder.use Rack::Protection, options
+      end
+
       def setup_sessions(builder)
         return unless sessions?
         options = {}
@@ -1219,7 +1351,7 @@ module Sinatra
         servers = Array(server)
         servers.each do |server_name|
           begin
-            return Rack::Handler.get(server_name)
+            return Rack::Handler.get(server_name.to_s)
           rescue LoadError
           rescue NameError
           end
@@ -1250,7 +1382,8 @@ module Sinatra
         /rubygems\/custom_require\.rb$/,                 # rubygems require hacks
         /active_support/,                                # active_support require hacks
         /bundler(\/runtime)?\.rb/,                       # bundler require hacks
-        /<internal:/                                     # internal in ruby >= 1.9.2
+        /<internal:/,                                    # internal in ruby >= 1.9.2
+        /src\/kernel\/bootstrap\/[A-Z]/                  # maglev kernel files
       ]
 
       # add rubinius (and hopefully other VM impls) ignore patterns ...
@@ -1259,16 +1392,26 @@ module Sinatra
       # Like Kernel#caller but excluding certain magic entries and without
       # line / method information; the resulting array contains filenames only.
       def caller_files
-        caller_locations.
-          map { |file,line| file }
+        cleaned_caller(1).flatten
       end
 
       # Like caller_files, but containing Arrays rather than strings with the
       # first element being the file, and the second being the line.
       def caller_locations
+        cleaned_caller 2
+      end
+
+    private
+      # used for deprecation warnings
+      def warn(message)
+        super message + "\n\tfrom #{cleaned_caller.first.join(':')}"
+      end
+
+      # Like Kernel#caller but excluding certain magic entries
+      def cleaned_caller(keep = 3)
         caller(1).
-          map    { |line| line.split(/:(?=\d|in )/)[0,2] }.
-          reject { |file,line| CALLERS_TO_IGNORE.any? { |pattern| file =~ pattern } }
+          map    { |line| line.split(/:(?=\d|in )/, 3)[0,keep] }.
+          reject { |file, *_| CALLERS_TO_IGNORE.any? { |pattern| file =~ pattern } }
       end
     end
 
@@ -1303,6 +1446,7 @@ module Sinatra
     set :show_exceptions, Proc.new { development? }
     set :sessions, false
     set :logging, false
+    set :protection, true
     set :method_override, false
     set :default_encoding, "utf-8"
     set :add_charset, %w[javascript xml xhtml+xml json].map { |t| "application/#{t}" }
@@ -1337,9 +1481,10 @@ module Sinatra
     set :views, Proc.new { root && File.join(root, 'views') }
     set :reload_templates, Proc.new { development? }
     set :lock, false
+    set :threaded, true
 
-    set :public, Proc.new { root && File.join(root, 'public') }
-    set :static, Proc.new { public && File.exist?(public) }
+    set :public_folder, Proc.new { root && File.join(root, 'public') }
+    set :static, Proc.new { public_folder && File.exist?(public_folder) }
     set :static_cache_control, false
 
     error ::Exception do