sinatra 1.3.0.f → 1.3.0.g

data/CHANGES

@@ -12,7 +12,7 @@
  * Added support for HTTP PATCH requests. (Konstantin Haase)
 
  * Use rack-protection to defend against common opportunistic attacks.
-   (Konstantin Haase)
+   (Josh Lane, Jacob Burkhart, Konstantin Haase)
 
  * Support for Creole templates, Creole is a standardized wiki markup,
    supported by many wiki implementations. (Konstanin Haase)
@@ -41,7 +41,7 @@
  * The sessions setting may be an options hash now. (Konstantin Haase)
 
  * Important: Ruby 1.8.6 support has been dropped. This version also depends
-   on at least Rack 1.3.0. This means that it is incompatible to Rails prior
+   on at least Rack 1.3.0. This means that it is incompatible with Rails prior
    to 3.1.0. Please use 1.2.x if you require an earlier version of Ruby or
    Rack, which we will continue to supply with bug fixes. (Konstantin Haase)
 
@@ -82,6 +82,11 @@
  * Conditional requests on `etag` helper now work properly for unsafe HTTP
    methods. (Matthew Schinckel, Konstantin Haase)
 
+ * The `last_modified` helper does not stop execution and change the status code
+   if the status code is something different than 200. (Konstantin Haase)
+
+ * Added support for If-Unmodified-Since header. (Konstantin Haase)
+
  * `Sinatra::Base.run!` now prints to stderr rather than stdout. (Andrew
    Armenia)
 

data/Gemfile

@@ -30,13 +30,7 @@ gem 'sass'
 gem 'builder'
 gem 'erubis'
 gem 'less', '~> 1.0'
-
-if RUBY_ENGINE == "maglev"
-  gem 'liquid', :git => "https://github.com/Shopify/liquid.git"
-else
-  gem 'liquid'
-end
-
+gem 'liquid'
 gem 'slim', '~> 1.0'
 gem 'temple', '!= 0.3.3'
 gem 'RedCloth' if RUBY_VERSION < "1.9.3" and not RUBY_ENGINE.start_with? 'ma'
@@ -49,7 +43,7 @@ gem 'creole'
 if RUBY_ENGINE == 'jruby'
   gem 'nokogiri', '!= 1.5.0'
   gem 'jruby-openssl'
-elsif RUBY_ENGINE != 'maglev'
+else
   gem 'nokogiri'
 end
 
@@ -62,16 +56,10 @@ unless RUBY_ENGINE == 'jruby' && JRUBY_VERSION < "1.6.1" && !ENV['TRAVIS']
   #gem 'bluecloth'
 end
 
-if RUBY_ENGINE == 'maglev'
-  gem 'json', :git => "https://github.com/MagLev/json.git"
+platforms :ruby_18, :jruby do
+  gem 'json'
   gem 'markaby'
   gem 'radius'
-else
-  platforms :ruby_18, :jruby do
-    gem 'json'
-    gem 'markaby'
-    gem 'radius'
-  end
 end
 
 platforms :mri_18 do

data/README.es.rdoc

@@ -1055,6 +1055,23 @@ Usá la configuración <tt>:static_cache_control</tt> para agregar el encabezado
 <tt>Cache-Control</tt> a archivos estáticos (ver la sección de configuración
 para más detalles).
 
+De acuerdo con la RFC 2616 tu aplicación debería comportarse diferente si a las
+cabeceras If-Match o If-None-Match se le asigna el valor <tt>*</tt> cuando el
+recurso solicitado ya existe.  Sinatra asume para peticiones seguras (como get)
+e idempotentes (como put) que el recurso existe, mientras que para el resto
+(como post), que no.  Podes cambiar este comportamiento con la opción
+<tt>:new_resource</tt>:
+
+  get '/crear' do
+    etag '', :new_resource => true
+    Articulo.create
+    erb :nuevo_articulo
+  end
+
+Si querés seguir usando una weak ETag, indicalo con la opción <tt>:kind</tt>:
+
+  etag '', :new_resource => true, :kind => :weak
+
 === Enviando Archivos
 
 Para enviar archivos, podés usar el método <tt>send_file</tt>:

data/README.rdoc

@@ -1018,6 +1018,23 @@ try {rack-cache}[http://rtomayko.github.com/rack-cache/]:
 Use the <tt>:static_cache_control</tt> setting (see below) to add
 <tt>Cache-Control</tt> header info to static files.
 
+According to RFC 2616 your application should behave differently if the If-Match
+or If-None-Match header is set to <tt>*</tt> depending on whether the resource
+requested is already in existence. Sinatra assumes resources for safe (like get)
+and idempotent (like put) requests are already in existence, whereas other
+resources (for instance for post requests), are treated as new resources. You
+can change this behavior by passing in a <tt>:new_resource</tt> option:
+
+  get '/create' do
+    etag '', :new_resource => true
+    Article.create
+    erb :new_article
+  end
+
+If you still want to use a weak ETag, pass in a <tt>:kind</tt> option:
+
+  etag '', :new_resource => true, :kind => :weak
+
 === Sending Files
 
 For sending files, you can use the <tt>send_file</tt> helper method:

data/lib/sinatra/base.rb

@@ -355,8 +355,19 @@ module Sinatra
       return unless time
       time = time_for time
       response['Last-Modified'] = time.httpdate
-      # compare based on seconds since epoch
-      halt 304 if Time.httpdate(env['HTTP_IF_MODIFIED_SINCE']).to_i >= time.to_i
+      return if env['HTTP_IF_NONE_MATCH']
+
+      if status == 200 and env['HTTP_IF_MODIFIED_SINCE']
+        # compare based on seconds since epoch
+        since = Time.httpdate(env['HTTP_IF_MODIFIED_SINCE']).to_i
+        halt 304 if since >= time.to_i
+      end
+
+      if (success? or status == 412) and env['HTTP_IF_UNMODIFIED_SINCE']
+        # compare based on seconds since epoch
+        since = Time.httpdate(env['HTTP_IF_UNMODIFIED_SINCE']).to_i
+        halt 412 if since < time.to_i
+      end
     rescue ArgumentError
     end
 
@@ -369,18 +380,27 @@ module Sinatra
     # When the current request includes an 'If-None-Match' header with a
     # matching etag, execution is immediately halted. If the request method is
     # GET or HEAD, a '304 Not Modified' response is sent.
-    def etag(value, kind = :strong)
-      raise ArgumentError, ":strong or :weak expected" unless [:strong,:weak].include?(kind)
+    def etag(value, options = {})
+      # Before touching this code, please double check RFC 2616 14.24 and 14.26.
+      options      = {:kind => options} unless Hash === options
+      kind         = options[:kind] || :strong
+      new_resource = options.fetch(:new_resource) { request.post? }
+
+      unless [:strong, :weak].include?(kind)
+        raise ArgumentError, ":strong or :weak expected"
+      end
+
       value = '"%s"' % value
       value = 'W/' + value if kind == :weak
       response['ETag'] = value
 
-      if etags = env['HTTP_IF_NONE_MATCH']
-        etags = etags.split(/\s*,\s*/)
-        if etags.include?(value) or etags.include?('*')
-          halt 304 if request.safe?
-        else
-          halt 412 unless request.safe?
+      if success? or status == 304
+        if etag_matches? env['HTTP_IF_NONE_MATCH'], new_resource
+          halt(request.safe? ? 304 : 412)
+        end
+
+        if env['HTTP_IF_MATCH']
+          halt 412 unless etag_matches? env['HTTP_IF_MATCH'], new_resource
         end
       end
     end
@@ -445,6 +465,14 @@ module Sinatra
     rescue Exception
       raise ArgumentError, "unable to convert #{value.inspect} to a Time object"
     end
+
+    private
+
+    # Helper method checking if a ETag value list includes the current ETag.
+    def etag_matches?(list, new_resource = request.post?)
+      return !new_resource if list == '*'
+      list.to_s.split(/\s*,\s*/).include? response['ETag']
+    end
   end
 
   private
@@ -634,7 +662,7 @@ module Sinatra
           path, line = settings.caller_locations.first
           template.new(path, line.to_i, options, &body)
         else
-          raise ArgumentError
+          raise ArgumentError, "Sorry, don't know how to render #{data.inspect}."
         end
       end
     end
@@ -1184,7 +1212,6 @@ module Sinatra
       def compile(path)
         keys = []
         if path.respond_to? :to_str
-          special_chars = %w{. + ( ) $}
           pattern = path.to_str.gsub(/[^\?\%\\\/\:\*\w]/) { |c| encoded(c) }
           pattern.gsub! /((:\w+)|\*)/ do |match|
             if match == "*"
@@ -1333,7 +1360,7 @@ module Sinatra
 
       def setup_protection(builder)
         return unless protection?
-        options = Hash === protection ? protection.dup : {}
+        options = Hash === protection ? protection.dup : {:except => [:escaped_params]}
         options[:except] = Array options[:except]
         options[:except] += [:session_hijacking, :remote_token] unless sessions?
         builder.use Rack::Protection, options

data/lib/sinatra/main.rb

@@ -8,7 +8,7 @@ module Sinatra
     # on this path by default.
     set :app_file, caller_files.first || $0
 
-    set :run, Proc.new { $0 == app_file }
+    set :run, Proc.new { File.expand_path($0) == File.expand_path(app_file) }
 
     if run? && ARGV.any?
       require 'optparse'

data/lib/sinatra/version.rb

@@ -1,3 +1,3 @@
 module Sinatra
-  VERSION = '1.3.0.f'
+  VERSION = '1.3.0.g'
 end

data/test/filter_test.rb

@@ -97,6 +97,17 @@ class BeforeFilterTest < Test::Unit::TestCase
     assert_equal 'cool', body
   end
 
+  it "properly unescapes parameters" do
+    mock_app {
+      before { @foo = params['foo'] }
+      get('/foo') { @foo }
+    }
+
+    get '/foo?foo=bar%3Abaz%2Fbend'
+    assert ok?
+    assert_equal 'bar:baz/bend', body
+  end
+
   it "runs filters defined in superclasses" do
     base = Class.new(Sinatra::Base)
     base.before { @foo = 'hello from superclass' }

data/test/helper.rb

@@ -72,6 +72,10 @@ class Test::Unit::TestCase
     assert_equal value.lstrip.gsub(/\s*\n\s*/, ""), body.lstrip.gsub(/\s*\n\s*/, "")
   end
 
+  def assert_status(expected)
+    assert_equal Integer(expected), Integer(status)
+  end
+
   def assert_like(a,b)
     pattern = /id=['"][^"']*["']|\s+/
     assert_equal a.strip.gsub(pattern, ""), b.strip.gsub(pattern, "")

data/test/helpers_test.rb

@@ -858,6 +858,20 @@ class HelpersTest < Test::Unit::TestCase
       assert ! response['Last-Modified']
     end
 
+    it 'does not change a status other than 200' do
+      mock_app do
+        get '/' do
+          status 299
+          last_modified Time.at(0)
+          'ok'
+        end
+      end
+
+      get('/', {}, 'HTTP_IF_MODIFIED_SINCE' => 'Sun, 26 Sep 2030 23:43:52 GMT')
+      assert_status 299
+      assert_body 'ok'
+    end
+
     [Time.now, DateTime.now, Date.today, Time.now.to_i,
       Struct.new(:to_time).new(Time.now) ].each do |last_modified_time|
       describe "with #{last_modified_time.class.name}" do
@@ -955,74 +969,641 @@ class HelpersTest < Test::Unit::TestCase
             assert_equal '', body
           end
         end
+
+        context "If-Unmodified-Since" do
+          it 'results in 200 if resource has not been modified' do
+            get '/', {}, { 'HTTP_IF_UNMODIFIED_SINCE' => 'Sun, 26 Sep 2030 23:43:52 GMT' }
+            assert_equal 200, status
+            assert_equal 'Boo!', body
+          end
+
+          it 'results in 412 if resource has been modified' do
+            get '/', {}, { 'HTTP_IF_UNMODIFIED_SINCE' => Time.at(0).httpdate }
+            assert_equal 412, status
+            assert_equal '', body
+          end
+        end
       end
     end
   end
 
   describe 'etag' do
-    setup do
-      mock_app {
-        get '/' do
-          body { 'Hello World' }
-          etag 'FOO'
-          'Boo!'
+    context "safe requests" do
+      it 'returns 200 for normal requests' do
+        mock_app do
+          get '/' do
+            etag 'foo'
+            'ok'
+          end
         end
 
-        post '/' do
-          etag 'FOO'
-          'Matches!'
+        get('/')
+        assert_status 200
+        assert_body 'ok'
+      end
+
+      context "If-None-Match" do
+        it 'returns 304 when If-None-Match is *' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 304
+          assert_body ''
         end
-      }
-    end
 
-    it 'sets the ETag header' do
-      get '/'
-      assert_equal '"FOO"', response['ETag']
-    end
+        it 'returns 200 when If-None-Match is * for new resources' do
+          mock_app do
+            get '/' do
+              etag 'foo', :new_resource => true
+              'ok'
+            end
+          end
 
-    it 'returns a body when conditional get misses' do
-      get '/'
-      assert_equal 200, status
-      assert_equal 'Boo!', body
-    end
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
 
-    it 'returns a body when posting with no If-None-Match header' do
-      post '/'
-      assert_equal 200, status
-      assert_equal 'Matches!', body
-    end
+        it 'returns 304 when If-None-Match is * for existing resources' do
+          mock_app do
+            get '/' do
+              etag 'foo', :new_resource => false
+              'ok'
+            end
+          end
 
-    it 'returns a body when conditional post matches' do
-      post '/', {}, { 'HTTP_IF_NONE_MATCH' => '"FOO"' }
-      assert_equal 200, status
-      assert_equal 'Matches!', body
-    end
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 304
+          assert_body ''
+        end
 
-    it 'halts with 412 when conditional post misses' do
-      post '/', {}, { 'HTTP_IF_NONE_MATCH' => '"BAR"' }
-      assert_equal 412, status
-      assert_equal '', body
+        it 'returns 304 when If-None-Match is the etag' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '"foo"')
+          assert_status 304
+          assert_body ''
+        end
+
+        it 'returns 304 when If-None-Match includes the etag' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar", "foo"')
+          assert_status 304
+          assert_body ''
+        end
+
+        it 'returns 200 when If-None-Match does not include the etag' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'ignores If-Modified-Since if If-None-Match does not match' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              last_modified Time.at(0)
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'does not change a status code other than 2xx or 304' do
+          mock_app do
+            get '/' do
+              status 499
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '"foo"')
+          assert_status 499
+          assert_body 'ok'
+        end
+
+        it 'does change 2xx status codes' do
+          mock_app do
+            get '/' do
+              status 299
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '"foo"')
+          assert_status 304
+          assert_body ''
+        end
+
+        it 'does not send a body on 304 status codes' do
+          mock_app do
+            get '/' do
+              status 304
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_NONE_MATCH' => '"foo"')
+          assert_status 304
+          assert_body ''
+        end
+      end
+
+      context "If-Match" do
+        it 'returns 200 when If-Match is the etag' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_MATCH' => '"foo"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 200 when If-Match includes the etag' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_MATCH' => '"foo", "bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 200 when If-Match is *' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 412 when If-Match is * for new resources' do
+          mock_app do
+            get '/' do
+              etag 'foo', :new_resource => true
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 200 when If-Match is * for existing resources' do
+          mock_app do
+            get '/' do
+              etag 'foo', :new_resource => false
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 412 when If-Match does not include the etag' do
+          mock_app do
+            get '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          get('/', {}, 'HTTP_IF_MATCH' => '"bar"')
+          assert_status 412
+          assert_body ''
+        end
+      end
     end
 
-    it 'halts when a conditional GET matches' do
-      get '/', {}, { 'HTTP_IF_NONE_MATCH' => '"FOO"' }
-      assert_equal 304, status
-      assert_equal '', body
+    context "idempotent requests" do
+      it 'returns 200 for normal requests' do
+        mock_app do
+          put '/' do
+            etag 'foo'
+            'ok'
+          end
+        end
+
+        put('/')
+        assert_status 200
+        assert_body 'ok'
+      end
+
+      context "If-None-Match" do
+        it 'returns 412 when If-None-Match is *' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 200 when If-None-Match is * for new resources' do
+          mock_app do
+            put '/' do
+              etag 'foo', :new_resource => true
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 412 when If-None-Match is * for existing resources' do
+          mock_app do
+            put '/' do
+              etag 'foo', :new_resource => false
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 412 when If-None-Match is the etag' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_NONE_MATCH' => '"foo"')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 412 when If-None-Match includes the etag' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar", "foo"')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 200 when If-None-Match does not include the etag' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'ignores If-Modified-Since if If-None-Match does not match' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              last_modified Time.at(0)
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+      end
+
+      context "If-Match" do
+        it 'returns 200 when If-Match is the etag' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_MATCH' => '"foo"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 200 when If-Match includes the etag' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_MATCH' => '"foo", "bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 200 when If-Match is *' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 412 when If-Match is * for new resources' do
+          mock_app do
+            put '/' do
+              etag 'foo', :new_resource => true
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 200 when If-Match is * for existing resources' do
+          mock_app do
+            put '/' do
+              etag 'foo', :new_resource => false
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 412 when If-Match does not include the etag' do
+          mock_app do
+            put '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          put('/', {}, 'HTTP_IF_MATCH' => '"bar"')
+          assert_status 412
+          assert_body ''
+        end
+      end
     end
 
-    it 'should handle multiple ETag values in If-None-Match header' do
-      get '/', {}, { 'HTTP_IF_NONE_MATCH' => '"BAR", *' }
-      assert_equal 304, status
-      assert_equal '', body
+    context "post requests" do
+      it 'returns 200 for normal requests' do
+        mock_app do
+          post '/' do
+            etag 'foo'
+            'ok'
+          end
+        end
+
+        post('/')
+        assert_status 200
+        assert_body 'ok'
+      end
+
+      context "If-None-Match" do
+        it 'returns 200 when If-None-Match is *' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 200 when If-None-Match is * for new resources' do
+          mock_app do
+            post '/' do
+              etag 'foo', :new_resource => true
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 412 when If-None-Match is * for existing resources' do
+          mock_app do
+            post '/' do
+              etag 'foo', :new_resource => false
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_NONE_MATCH' => '*')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 412 when If-None-Match is the etag' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_NONE_MATCH' => '"foo"')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 412 when If-None-Match includes the etag' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar", "foo"')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 200 when If-None-Match does not include the etag' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'ignores If-Modified-Since if If-None-Match does not match' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              last_modified Time.at(0)
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_NONE_MATCH' => '"bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+      end
+
+      context "If-Match" do
+        it 'returns 200 when If-Match is the etag' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_MATCH' => '"foo"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 200 when If-Match includes the etag' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_MATCH' => '"foo", "bar"')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 412 when If-Match is *' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 412 when If-Match is * for new resources' do
+          mock_app do
+            post '/' do
+              etag 'foo', :new_resource => true
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 412
+          assert_body ''
+        end
+
+        it 'returns 200 when If-Match is * for existing resources' do
+          mock_app do
+            post '/' do
+              etag 'foo', :new_resource => false
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_MATCH' => '*')
+          assert_status 200
+          assert_body 'ok'
+        end
+
+        it 'returns 412 when If-Match does not include the etag' do
+          mock_app do
+            post '/' do
+              etag 'foo'
+              'ok'
+            end
+          end
+
+          post('/', {}, 'HTTP_IF_MATCH' => '"bar"')
+          assert_status 412
+          assert_body ''
+        end
+      end
     end
 
     it 'uses a weak etag with the :weak option' do
-      mock_app {
+      mock_app do
         get '/' do
           etag 'FOO', :weak
           "that's weak, dude."
         end
-      }
+      end
       get '/'
       assert_equal 'W/"FOO"', response['ETag']
     end

data/test/rack_test.rb

@@ -0,0 +1,45 @@
+require File.expand_path('../helper', __FILE__)
+require 'rack'
+
+class RackTest < Test::Unit::TestCase
+  setup do
+    @foo = Sinatra.new { get('/foo') { 'foo' }}
+    @bar = Sinatra.new { get('/bar') { 'bar' }}
+  end
+
+  def build(*middleware)
+    endpoint = middleware.pop
+    @app = Rack::Builder.app do
+      middleware.each { |m| use m }
+      run endpoint
+    end
+  end
+
+  def check(*middleware)
+    build(*middleware)
+    assert get('/foo').ok?
+    assert_body 'foo'
+    assert get('/bar').ok?
+    assert_body 'bar'
+  end
+
+  it 'works as middleware in front of Rack::Lock, with lock enabled' do
+    @foo.enable :lock
+    check(@foo, Rack::Lock, @bar)
+  end
+
+  it 'works as middleware behind Rack::Lock, with lock enabled' do
+    @foo.enable :lock
+    check(Rack::Lock, @foo, @bar)
+  end
+
+  it 'works as middleware in front of Rack::Lock, with lock disabled' do
+    @foo.disable :lock
+    check(@foo, Rack::Lock, @bar)
+  end
+
+  it 'works as middleware behind Rack::Lock, with lock disabled' do
+    @foo.disable :lock
+    check(Rack::Lock, @foo, @bar)
+  end
+end

metadata

@@ -1,16 +1,10 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: sinatra
-version: !ruby/object:Gem::Version 
-  hash: 585748570905747555
+version: !ruby/object:Gem::Version
+  version: 1.3.0.g
   prerelease: 6
-  segments: 
-  - 1
-  - 3
-  - 0
-  - f
-  version: 1.3.0.f
 platform: ruby
-authors: 
+authors:
 - Blake Mizerany
 - Ryan Tomayko
 - Simon Rozet
@@ -18,62 +12,47 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2011-09-11 00:00:00 -07:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2011-09-25 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: rack
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
+  requirement: &2158234720 !ruby/object:Gem::Requirement
     none: false
-    requirements: 
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 2609263317959306961
-        segments: 
-        - 1
-        - 3
-        version: "1.3"
+      - !ruby/object:Gem::Version
+        version: '1.3'
   type: :runtime
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency 
-  name: rack-protection
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  version_requirements: *2158234720
+- !ruby/object:Gem::Dependency
+  name: rack-protection
+  requirement: &2158234220 !ruby/object:Gem::Requirement
     none: false
-    requirements: 
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 3882215148898798703
-        segments: 
-        - 1
-        - 1
-        version: "1.1"
+      - !ruby/object:Gem::Version
+        version: '1.1'
   type: :runtime
-  version_requirements: *id002
-- !ruby/object:Gem::Dependency 
-  name: tilt
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
+  version_requirements: *2158234220
+- !ruby/object:Gem::Dependency
+  name: tilt
+  requirement: &2158233760 !ruby/object:Gem::Requirement
     none: false
-    requirements: 
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 2609263317959306961
-        segments: 
-        - 1
-        - 3
-        version: "1.3"
+      - !ruby/object:Gem::Version
+        version: '1.3'
   type: :runtime
-  version_requirements: *id003
-description: Sinatra is a DSL for quickly creating web applications in Ruby with minimal effort.
+  prerelease: false
+  version_requirements: *2158233760
+description: Sinatra is a DSL for quickly creating web applications in Ruby with minimal
+  effort.
 email: sinatrarb@googlegroups.com
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - README.de.rdoc
 - README.es.rdoc
 - README.fr.rdoc
@@ -85,7 +64,7 @@ extra_rdoc_files:
 - README.ru.rdoc
 - README.zh.rdoc
 - LICENSE
-files: 
+files:
 - .gitignore
 - .travis.yml
 - .yardopts
@@ -133,6 +112,7 @@ files:
 - test/middleware_test.rb
 - test/nokogiri_test.rb
 - test/public/favicon.ico
+- test/rack_test.rb
 - test/radius_test.rb
 - test/rdoc_test.rb
 - test/readme_test.rb
@@ -191,48 +171,40 @@ files:
 - test/views/layout2.test
 - test/views/nested.str
 - test/views/utf8.erb
-has_rdoc: true
 homepage: http://www.sinatrarb.com/
 licenses: []
-
 post_install_message: 
-rdoc_options: 
+rdoc_options:
 - --line-numbers
 - --inline-source
 - --title
 - Sinatra
 - --main
 - README.rdoc
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 2002549777813010636
-      segments: 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+      hash: -519161154716123522
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">"
-    - !ruby/object:Gem::Version 
-      hash: 1960248522488440439
-      segments: 
-      - 1
-      - 3
-      - 1
+  requirements:
+  - - ! '>'
+    - !ruby/object:Gem::Version
       version: 1.3.1
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.5.2
+rubygems_version: 1.8.6
 signing_key: 
 specification_version: 3
 summary: Classy web-development dressed in a DSL
-test_files: 
+test_files:
 - test/base_test.rb
 - test/builder_test.rb
 - test/coffee_test.rb
@@ -251,6 +223,7 @@ test_files:
 - test/markdown_test.rb
 - test/middleware_test.rb
 - test/nokogiri_test.rb
+- test/rack_test.rb
 - test/radius_test.rb
 - test/rdoc_test.rb
 - test/readme_test.rb