sinatra 2.0.0 → 2.0.8.1

data/README.zh.md

@@ -239,6 +239,17 @@ end
 ```
 顺便一提，除非你禁用了路径遍历攻击防护（见下文），请求路径可能在匹配路由前发生改变。
 
+你也可以通过`:mustermann_opt`选项定义[Mustermann](https://github.com/sinatra/mustermann)来匹配路由。
+
+```ruby
+get '\A/posts\z', :mustermann_opts => { :type => :regexp, :check_anchors => false } do
+  # matches /posts exactly, with explicit anchoring
+  "If you match an anchored pattern clap your hands!"
+end
+```
+
+它看起来像一个[条件](https://github.com/sinatra/sinatra/blob/master/README.zh.md#%E6%9D%A1%E4%BB%B6)，但实际不是！这些选项将被合并到全局的`mustermann_opts`。
+
 ### 条件
 
 路由可以包含各种匹配条件，比如 user agent：
@@ -313,8 +324,8 @@ Rack 堆栈中的下一个中间件。大多数情况下，返回值是一个字
 
 你可以返回任何对象，该对象要么是一个合理的 Rack 响应，要么是一个 Rack body 对象，要么是 HTTP 状态码：
 
-* 一个包含三个元素的数组: `[状态 (Fixnum), 响应首部 (Hash), 响应主体 (可以响应 #each 方法)]`
-* 一个包含两个元素的数组: `[状态 (Fixnum), 响应主体 (可以响应 #each 方法)]`
+* 一个包含三个元素的数组: `[状态 (Integer), 响应首部 (Hash), 响应主体 (可以响应 #each 方法)]`
+* 一个包含两个元素的数组: `[状态 (Integer), 响应主体 (可以响应 #each 方法)]`
 * 一个响应 `#each` 方法，只传回字符串的对象
 * 一个代表状态码的数字
 
@@ -649,7 +660,7 @@ get('/') { markdown :index }
 <table>
   <tr>
     <td>依赖项</td>
-    <td><a href="http://liquidmarkup.org/" title="liquid">liquid</a></td>
+    <td><a href="https://shopify.github.io/liquid/" title="liquid">liquid</a></td>
   </tr>
   <tr>
     <td>文件扩展名</td>
@@ -672,7 +683,7 @@ get('/') { markdown :index }
       下列任一:
         <a href="https://github.com/davidfstr/rdiscount" title="RDiscount">RDiscount</a>,
         <a href="https://github.com/vmg/redcarpet" title="RedCarpet">RedCarpet</a>,
-        <a href="http://deveiate.org/projects/BlueCloth" title="BlueCloth">BlueCloth</a>,
+        <a href="https://github.com/ged/bluecloth" title="bluecloth">BlueCloth</a>,
         <a href="http://kramdown.gettalong.org/" title="kramdown">kramdown</a>,
         <a href="https://github.com/bhollis/maruku" title="maruku">maruku</a>
     </td>
@@ -1302,33 +1313,59 @@ get '/:value' do
 end
 ```
 
-请注意 `enable :sessions` 实际将所有的数据保存在一个 cookie 中。
-这可能并不总是你想要的（cookie 中存储大量的数据会增加你的流量）。
-你可以使用任何 Rack session 中间件：要达到此目的，**不要**使用 `enable :sessions`，
-而是按照自己的需要引入想使用的中间件：
+#### 会话加密
+
+为提高安全性，cookie 中的会话数据使用`HMAC-SHA1`进行加密。会话加密的最佳实践应当是像`HMAC-SHA1`这样生成大于或等于64字节 (512 bits, 128 hex characters)的随机值。应当避免使用少于32字节(256 bits, 64 hex characters)的随机值。应当使用生成器来创建安全的密钥，而不是拍脑袋决定。
+
+默认情况下，Sinatra会生成一个32字节的密钥，但随着应用程序的每次重新启动，它都会发生改变。如果有多个应用程序的实例，使用Sinatra生成密钥，每个实例将有不同的密钥，这可能不是您想要的。
+
+为了更好的安全性和可用性，[建议](https://12factor.net/config)生成安全的随机密钥，并将其存储在运行应用程序的每个主机上的环境变量中，以便所有应用程序实例都将共享相同的密钥。并且应该定期更新会话密钥。下面是一些创建64比特密钥的例子:
+
+#### 生成密钥
 
 ```ruby
-use Rack::Session::Pool, :expire_after => 2592000
+$ ruby -e "require 'securerandom'; puts SecureRandom.hex(64)"
+99ae8af...snip...ec0f262ac
+```
 
-get '/' do
-  "value = " << session['value'].inspect
-end
+#### 生成密钥(小贴士)
 
-get '/:value' do
-  session['value'] = params['value']
-end
+MRI Ruby目前认为[sysrandom gem](https://github.com/cryptosphere/sysrandom)使用系统的随机数生成器要比用户态的`OpenSSL`好。
+
+```ruby
+$ gem install sysrandom
+Building native extensions.  This could take a while...
+Successfully installed sysrandom-1.x
+1 gem installed
+
+$ ruby -e "require 'sysrandom/securerandom'; puts SecureRandom.hex(64)"
+99ae8af...snip...ec0f262ac
 ```
 
-为提高安全性，cookie 中的会话数据会被一个会话密码保护。Sinatra 会为你生成一个随机的密码。
-然而，每次启动应用时，该密码都会变化，你也可以自己设置该密码，以便所有的应用实例共享：
+#### 从环境变量使用密钥
 
+将Sinatra的SESSION_SECRET环境变量设置为生成的值。在主机的重新启动之间保存这个值。由于这样做的方法会因系统而异，仅供说明之用：
 ```
-set :session_secret, 'super secret'
+# echo "export SESSION_SECRET=99ae8af...snip...ec0f262ac" >> ~/.bashrc
 ```
 
-如果你想进一步配置会话，可以在设置 `sessions` 时提供一个选项 hash 作为第二个参数：
+#### 应用的密钥配置
 
+如果SESSION SECRET环境变量不可用，将把应用的随机密钥设置为不安全的。
+
+关于[sysrandom gem](https://github.com/cryptosphere/sysrandom)的更多用法:
+
+```ruby
+require 'securerandom'
+# -or- require 'sysrandom/securerandom'
+set :session_secret, ENV.fetch('SESSION_SECRET') { SecureRandom.hex(64) }
 ```
+
+#### 会话配置
+
+如果你想进一步配置会话，可以在设置 `sessions` 时提供一个选项 hash 作为第二个参数：
+
+```ruby
 set :sessions, :domain => 'foo.com'
 ```
 
@@ -1338,6 +1375,31 @@ set :sessions, :domain => 'foo.com'
 set :sessions, :domain => '.foo.com'
 ```
 
+#### 选择你自己的会话中间件
+
+请注意 `enable :sessions` 实际将所有的数据保存在一个 cookie 中。
+这可能并不总是你想要的（cookie 中存储大量的数据会增加你的流量）。
+你可以使用任何 Rack session 中间件：要达到此目的，**不要**使用 `enable :sessions`，
+而是按照自己的需要引入想使用的中间件：
+
+```ruby
+enable :sessions
+set :session_store, Rack::Session::Pool
+```
+
+另一种选择是不要调用enable：sessions，而是像你想要的其他中间件一样加入你的中间件。
+
+重要的是要注意，使用此方法时，默认情况下不会启用基于会话的保护。
+
+还需要添加Rack中间件：
+
+```ruby
+use Rack::Session::Pool, :expire_after => 2592000
+use Rack::Protection::RemoteToken
+use Rack::Protection::SessionHijacking
+```
+更多[安全防护配置](https://github.com/sinatra/sinatra#configuring-attack-protection)的信息。
+
 ### 中断请求
 
 要想在过滤器或路由中立即中断一个请求：
@@ -1965,7 +2027,7 @@ end
 
 ### 配置攻击防护
 
-Sinatra 使用 [Rack::Protection](https://github.com/sinatra/rack-protection#readme)
+Sinatra 使用 [Rack::Protection](https://github.com/sinatra/sinatra/tree/master/rack-protection#readme)
 来抵御常见的攻击。你可以轻易地禁用该行为（但这会大大增加应用被攻击的概率）。
 
 ```ruby

data/Rakefile

@@ -30,7 +30,7 @@ end
 
 Rake::TestTask.new(:test) do |t|
   t.test_files = FileList['test/*_test.rb']
-  t.ruby_opts = ['-rubygems'] if defined? Gem
+  t.ruby_opts = ['-r rubygems'] if defined? Gem
   t.ruby_opts << '-I.'
   t.warning = true
 end
@@ -41,7 +41,7 @@ Rake::TestTask.new(:"test:core") do |t|
      readme request response result route_added_hook
      routing server settings sinatra static templates]
   t.test_files = core_tests.map {|n| "test/#{n}_test.rb"}
-  t.ruby_opts = ["-rubygems"] if defined? Gem
+  t.ruby_opts = ["-r rubygems"] if defined? Gem
   t.ruby_opts << "-I."
   t.warning = true
 end
@@ -202,11 +202,14 @@ if defined?(Gem)
 
     desc "Commits the version to github repository"
     task :commit_version do
-      sh <<-SH
-        sed -i "s/.*VERSION.*/  VERSION = '#{source_version}'/" lib/sinatra/version.rb
-        sed -i "s/.*VERSION.*/    VERSION = '#{source_version}'/" sinatra-contrib/lib/sinatra/contrib/version.rb
-        sed -i "s/.*VERSION.*/    VERSION = '#{source_version}'/" rack-protection/lib/rack/protection/version.rb
-      SH
+      %w[
+        lib/sinatra
+        sinatra-contrib/lib/sinatra/contrib
+        rack-protection/lib/rack/protection
+      ].each do |path|
+        path = File.join(path, 'version.rb')
+        File.write(path, File.read(path).sub(/VERSION = '(.+?)'/, "VERSION = '#{source_version}'"))
+      end
 
       sh <<-SH
         git commit --allow-empty -a -m '#{source_version} release'  &&

data/VERSION

@@ -0,0 +1 @@
+2.0.8.1

data/lib/sinatra/base.rb

@@ -78,7 +78,7 @@ module Sinatra
     def params
       super
     rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
-      raise BadRequest, "Invalid query parameters: #{e.message}"
+      raise BadRequest, "Invalid query parameters: #{Rack::Utils.escape_html(e.message)}"
     end
 
     private
@@ -132,7 +132,7 @@ module Sinatra
   # http://rubydoc.info/github/rack/rack/master/Rack/Response
   # http://rubydoc.info/github/rack/rack/master/Rack/Response/Helpers
   class Response < Rack::Response
-    DROP_BODY_RESPONSES = [204, 205, 304]
+    DROP_BODY_RESPONSES = [204, 304]
     def initialize(*)
       super
       headers['Content-Type'] ||= 'text/html'
@@ -360,7 +360,7 @@ module Sinatra
     # Set the Content-Disposition to "attachment" with the specified filename,
     # instructing the user agents to prompt to save.
     def attachment(filename = nil, disposition = :attachment)
-      response['Content-Disposition'] = disposition.to_s
+      response['Content-Disposition'] = disposition.to_s.dup
       if filename
         params = '; filename="%s"' % File.basename(filename)
         response['Content-Disposition'] << params
@@ -461,7 +461,7 @@ module Sinatra
     # Specify response freshness policy for HTTP caches (Cache-Control header).
     # Any number of non-value directives (:public, :private, :no_cache,
     # :no_store, :must_revalidate, :proxy_revalidate) may be passed along with
-    # a Hash of value directives (:max_age, :min_stale, :s_maxage).
+    # a Hash of value directives (:max_age, :s_maxage).
     #
     #   cache_control :public, :must_revalidate, :max_age => 60
     #   => Cache-Control: public, must-revalidate, max-age=60
@@ -722,6 +722,7 @@ module Sinatra
     end
 
     def markdown(template, options = {}, locals = {})
+      options[:exclude_outvar] = true
       render :markdown, template, options, locals
     end
 
@@ -786,15 +787,8 @@ module Sinatra
     def find_template(views, name, engine)
       yield ::File.join(views, "#{name}.#{@preferred_extension}")
 
-      if Tilt.respond_to?(:mappings)
-        Tilt.mappings.each do |ext, engines|
-          next unless ext != @preferred_extension and engines.include? engine
-          yield ::File.join(views, "#{name}.#{ext}")
-        end
-      else
-        Tilt.default_mapping.extensions_for(engine).each do |ext|
-          yield ::File.join(views, "#{name}.#{ext}") unless ext == @preferred_extension
-        end
+      Tilt.default_mapping.extensions_for(engine).each do |ext|
+        yield ::File.join(views, "#{name}.#{ext}") unless ext == @preferred_extension
       end
     end
 
@@ -825,10 +819,11 @@ module Sinatra
       content_type    = options.delete(:content_type)   || content_type
       layout_engine   = options.delete(:layout_engine)  || engine
       scope           = options.delete(:scope)          || self
+      exclude_outvar  = options.delete(:exclude_outvar)
       options.delete(:layout)
 
       # set some defaults
-      options[:outvar]           ||= '@_out_buf'
+      options[:outvar] ||= '@_out_buf' unless exclude_outvar
       options[:default_encoding] ||= settings.default_encoding
 
       # compile and render template
@@ -915,6 +910,7 @@ module Sinatra
 
     def call!(env) # :nodoc:
       @env      = env
+      @params   = IndifferentHash.new
       @request  = Request.new(env)
       @response = Response.new
       template_cache.clear if settings.reload_templates
@@ -1022,12 +1018,14 @@ module Sinatra
       return unless params = pattern.params(route)
 
       params.delete("ignore") # TODO: better params handling, maybe turn it into "smart" object or detect changes
-      original, @params = @params, @params.merge(params) if params.any?
+      force_encoding(params)
+      @params = @params.merge(params) if params.any?
 
-      if pattern.is_a? Mustermann::Regular
-        captures           = pattern.match(route).captures
+      regexp_exists = pattern.is_a?(Mustermann::Regular) || (pattern.respond_to?(:patterns) && pattern.patterns.any? {|subpattern| subpattern.is_a?(Mustermann::Regular)} )
+      if regexp_exists
+        captures           = pattern.match(route).captures.map { |c| URI_INSTANCE.unescape(c) if c }
         values            += captures
-        @params[:captures] = captures
+        @params[:captures] = force_encoding(captures) unless captures.nil? || captures.empty?
       else
         values += params.values.flatten
       end
@@ -1040,7 +1038,8 @@ module Sinatra
       @env['sinatra.error.params'] = @params
       raise
     ensure
-      @params = original if original
+      params ||= {}
+      params.each { |k, _| @params.delete(k) } unless @env['sinatra.error.params']
     end
 
     # No matching route was found or all routes passed. The default
@@ -1052,7 +1051,7 @@ module Sinatra
       if @app
         forward
       else
-        raise NotFound
+        raise NotFound, "#{request.request_method} #{request.path_info}"
       end
     end
 
@@ -1086,7 +1085,12 @@ module Sinatra
 
     # Dispatch a request with error handling.
     def dispatch!
-      force_encoding(@params = IndifferentHash[@request.params])
+      # Avoid passing frozen string in force_encoding
+      @params.merge!(@request.params).each do |key, val|
+        next unless val.respond_to?(:force_encoding)
+        val = val.dup if val.frozen?
+        @params[key] = force_encoding(val)
+      end
 
       invoke do
         static! if settings.static? && (request.get? || request.head?)
@@ -1160,12 +1164,12 @@ module Sinatra
 
     class << self
       CALLERS_TO_IGNORE = [ # :nodoc:
-        /\/sinatra(\/(base|main|show_exceptions))?\.rb$/,    # all sinatra code
+        /\/sinatra(\/(base|main|show_exceptions))?\.rb$/,   # all sinatra code
         /lib\/tilt.*\.rb$/,                                 # all tilt code
         /^\(.*\)$/,                                         # generated code
         /rubygems\/(custom|core_ext\/kernel)_require\.rb$/, # rubygems require hacks
         /active_support/,                                   # active_support require hacks
-        /bundler(\/runtime)?\.rb/,                          # bundler require hacks
+        /bundler(\/(?:runtime|inline))?\.rb/,               # bundler require hacks
         /<internal:/,                                       # internal in ruby >= 1.9.2
         /src\/kernel\/bootstrap\/[A-Z]/                     # maglev kernel files
       ]
@@ -1245,8 +1249,8 @@ module Sinatra
           end
         end
 
-        define_singleton("#{option}=", setter) if setter
-        define_singleton(option, getter) if getter
+        define_singleton("#{option}=", setter)
+        define_singleton(option, getter)
         define_singleton("#{option}?", "!!#{option}") unless method_defined? "#{option}?"
         self
       end
@@ -1342,19 +1346,19 @@ module Sinatra
       # context as route handlers and may access/modify the request and
       # response.
       def before(path = /.*/, **options, &block)
-        add_filter(:before, path, options, &block)
+        add_filter(:before, path, **options, &block)
       end
 
       # Define an after filter; runs after all requests within the same
       # context as route handlers and may access/modify the request and
       # response.
       def after(path = /.*/, **options, &block)
-        add_filter(:after, path, options, &block)
+        add_filter(:after, path, **options, &block)
       end
 
       # add a filter
       def add_filter(type, path = /.*/, **options, &block)
-        filters[type] << compile!(type, path, block, options)
+        filters[type] << compile!(type, path, block, **options)
       end
 
       # Add a route condition. The route is considered non-matching when the
@@ -1434,7 +1438,7 @@ module Sinatra
         return unless running?
         # Use Thin's hard #stop! if available, otherwise just #stop.
         running_server.respond_to?(:stop!) ? running_server.stop! : running_server.stop
-        $stderr.puts "== Sinatra has ended his set (crowd applauds)" unless supress_messages?
+        $stderr.puts "== Sinatra has ended his set (crowd applauds)" unless suppress_messages?
         set :running_server, nil
         set :handler_name, nil
       end
@@ -1520,7 +1524,7 @@ module Sinatra
         prototype
         # Run the instance we created:
         handler.run(self, server_settings) do |server|
-          unless supress_messages?
+          unless suppress_messages?
             $stderr.puts "== Sinatra (v#{Sinatra::VERSION}) has taken the stage on #{port} for #{environment} with backup from #{handler_name}"
           end
 
@@ -1533,7 +1537,7 @@ module Sinatra
         end
       end
 
-      def supress_messages?
+      def suppress_messages?
         handler_name =~ /cgi/i || quiet
       end
 
@@ -1598,7 +1602,7 @@ module Sinatra
 
       def route(verb, path, options = {}, &block)
         enable :empty_path_info if path == "" and empty_path_info.nil?
-        signature = compile!(verb, path, block, options)
+        signature = compile!(verb, path, block, **options)
         (@routes[verb] ||= []) << signature
         invoke_hook(:route_added, verb, path, block)
         signature
@@ -1635,7 +1639,7 @@ module Sinatra
       end
 
       def compile(path, route_mustermann_opts = {})
-        Mustermann.new(path, mustermann_opts.merge(route_mustermann_opts))
+        Mustermann.new(path, **mustermann_opts.merge(route_mustermann_opts))
       end
 
       def setup_default_middleware(builder)
@@ -1740,29 +1744,22 @@ module Sinatra
       end
     end
 
-    # Fixes encoding issues by
-    # * defaulting to UTF-8
-    # * casting params to Encoding.default_external
-    #
-    # The latter might not be necessary if Rack handles it one day.
-    # Keep an eye on Rack's LH #100.
-    def force_encoding(*args) settings.force_encoding(*args) end
-    if defined? Encoding
-      def self.force_encoding(data, encoding = default_encoding)
-        return if data == settings || data.is_a?(Tempfile)
-        if data.respond_to? :force_encoding
-          data.force_encoding(encoding).encode!
-        elsif data.respond_to? :each_value
-          data.each_value { |v| force_encoding(v, encoding) }
-        elsif data.respond_to? :each
-          data.each { |v| force_encoding(v, encoding) }
-        end
-        data
+    # Force data to specified encoding. It defaults to settings.default_encoding
+    # which is UTF-8 by default
+    def self.force_encoding(data, encoding = default_encoding)
+      return if data == settings || data.is_a?(Tempfile)
+      if data.respond_to? :force_encoding
+        data.force_encoding(encoding).encode!
+      elsif data.respond_to? :each_value
+        data.each_value { |v| force_encoding(v, encoding) }
+      elsif data.respond_to? :each
+        data.each { |v| force_encoding(v, encoding) }
       end
-    else
-      def self.force_encoding(data, *) data end
+      data
     end
 
+    def force_encoding(*args) settings.force_encoding(*args) end
+
     reset!
 
     set :environment, (ENV['APP_ENV'] || ENV['RACK_ENV'] || :development).to_sym
@@ -1810,10 +1807,9 @@ module Sinatra
       server.unshift 'control_tower'
     else
       server.unshift 'reel'
+      server.unshift 'puma'
       server.unshift 'mongrel'  if ruby_engine.nil?
-      server.unshift 'puma'     if ruby_engine != 'rbx'
       server.unshift 'thin'     if ruby_engine != 'jruby'
-      server.unshift 'puma'     if ruby_engine == 'rbx'
       server.unshift 'trinidad' if ruby_engine == 'jruby'
     end
 

data/lib/sinatra/indifferent_hash.rb

@@ -1,4 +1,12 @@
 # frozen_string_literal: true
+$stderr.puts <<EOF if !Hash.method_defined?(:slice) && !$LOAD_PATH.grep(%r{gems/activesupport}).empty? && ENV['SINATRA_ACTIVESUPPORT_WARNING'] != 'false'
+WARNING: If you plan to load any of ActiveSupport's core extensions to Hash, be
+sure to do so *before* loading Sinatra::Application or Sinatra::Base. If not,
+you may disregard this warning.
+
+Set SINATRA_ACTIVESUPPORT_WARNING=false in the environment to hide this warning.
+EOF
+
 module Sinatra
   # A poor man's ActiveSupport::HashWithIndifferentAccess, with all the Rails-y
   # stuff removed.
@@ -41,11 +49,15 @@ module Sinatra
     end
 
     def initialize(*args)
-      super(*args.map(&method(:convert_value)))
+      args.map!(&method(:convert_value))
+
+      super(*args)
     end
 
     def default(*args)
-      super(*args.map(&method(:convert_key)))
+      args.map!(&method(:convert_key))
+
+      super(*args)
     end
 
     def default=(value)
@@ -61,7 +73,9 @@ module Sinatra
     end
 
     def fetch(key, *args)
-      super(convert_key(key), *args.map(&method(:convert_value)))
+      args.map!(&method(:convert_value))
+
+      super(convert_key(key), *args)
     end
 
     def [](key)
@@ -101,20 +115,34 @@ module Sinatra
     end if method_defined?(:dig) # Added in Ruby 2.3
 
     def fetch_values(*keys)
-      super(*keys.map(&method(:convert_key)))
+      keys.map!(&method(:convert_key))
+
+      super(*keys)
     end if method_defined?(:fetch_values) # Added in Ruby 2.3
 
-    def values_at(*keys)
-      super(*keys.map(&method(:convert_key)))
-    end
+    def slice(*keys)
+      keys.map!(&method(:convert_key))
 
-    def merge!(other_hash)
-      return super if other_hash.is_a?(self.class)
+      self.class[super(*keys)]
+    end if method_defined?(:slice) # Added in Ruby 2.5
 
-      other_hash.each_pair do |key, value|
-        key = convert_key(key)
-        value = yield(key, self[key], value) if block_given? && key?(key)
-        self[key] = convert_value(value)
+    def values_at(*keys)
+      keys.map!(&method(:convert_key))
+
+      super(*keys)
+    end
+
+    def merge!(*other_hashes)
+      other_hashes.each do |other_hash|
+        if other_hash.is_a?(self.class)
+          super(other_hash)
+        else
+          other_hash.each_pair do |key, value|
+            key = convert_key(key)
+            value = yield(key, self[key], value) if block_given? && key?(key)
+            self[key] = convert_value(value)
+          end
+        end
       end
 
       self
@@ -122,14 +150,36 @@ module Sinatra
 
     alias_method :update, :merge!
 
-    def merge(other_hash, &block)
-      dup.merge!(other_hash, &block)
+    def merge(*other_hashes, &block)
+      dup.merge!(*other_hashes, &block)
     end
 
     def replace(other_hash)
       super(other_hash.is_a?(self.class) ? other_hash : self.class[other_hash])
     end
 
+    if method_defined?(:transform_values!) # Added in Ruby 2.4
+      def transform_values(&block)
+        dup.transform_values!(&block)
+      end
+
+      def transform_values!
+        super
+        super(&method(:convert_value))
+      end
+    end
+
+    if method_defined?(:transform_keys!) # Added in Ruby 2.5
+      def transform_keys(&block)
+        dup.transform_keys!(&block)
+      end
+
+      def transform_keys!
+        super
+        super(&method(:convert_key))
+      end
+    end
+
     private
 
     def convert_key(key)

data/lib/sinatra/main.rb

@@ -1,6 +1,30 @@
-require 'sinatra/base'
-
 module Sinatra
+  ParamsConfig = {}
+
+  if ARGV.any?
+    require 'optparse'
+    parser = OptionParser.new { |op|
+      op.on('-p port',   'set the port (default is 4567)')                { |val| ParamsConfig[:port] = Integer(val) }
+      op.on('-s server', 'specify rack server/handler (default is thin)') { |val| ParamsConfig[:server] = val }
+      op.on('-q',        'turn on quiet mode (default is off)')           {       ParamsConfig[:quiet] = true }
+      op.on('-x',        'turn on the mutex lock (default is off)')       {       ParamsConfig[:lock] = true }
+      op.on('-e env',    'set the environment (default is development)')  do |val|
+        ENV['RACK_ENV'] = val
+        ParamsConfig[:environment] = val.to_sym
+      end
+      op.on('-o addr', "set the host (default is (env == 'development' ? 'localhost' : '0.0.0.0'))") do |val|
+        ParamsConfig[:bind] = val
+      end
+    }
+    begin
+      parser.parse!(ARGV.dup)
+    rescue => evar
+      ParamsConfig[:optparse_error] = evar
+    end
+  end
+
+  require 'sinatra/base'
+
   class Application < Base
 
     # we assume that the first file that requires 'sinatra' is the
@@ -11,18 +35,13 @@ module Sinatra
     set :run, Proc.new { File.expand_path($0) == File.expand_path(app_file) }
 
     if run? && ARGV.any?
-      require 'optparse'
-      OptionParser.new { |op|
-        op.on('-p port',   'set the port (default is 4567)')                { |val| set :port, Integer(val) }
-        op.on('-o addr',   "set the host (default is #{bind})")             { |val| set :bind, val }
-        op.on('-e env',    'set the environment (default is development)')  { |val| set :environment, val.to_sym }
-        op.on('-s server', 'specify rack server/handler (default is thin)') { |val| set :server, val }
-        op.on('-q',        'turn on quiet mode (default is off)')           {       set :quiet, true }
-        op.on('-x',        'turn on the mutex lock (default is off)')       {       set :lock, true }
-      }.parse!(ARGV.dup)
+      error = ParamsConfig.delete(:optparse_error)
+      raise error if error
+      ParamsConfig.each { |k, v| set k, v }
     end
   end
 
+  remove_const(:ParamsConfig)
   at_exit { Application.run! if $!.nil? && Application.run? }
 end