sinatra 2.0.5 → 2.0.6
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sinatra might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/CONTRIBUTING.md +1 -7
- data/Gemfile +2 -0
- data/README.de.md +1 -1
- data/README.fr.md +1 -1
- data/README.ja.md +1 -1
- data/README.ko.md +1 -1
- data/README.md +2 -0
- data/README.ru.md +1 -1
- data/README.zh.md +1 -1
- data/Rakefile +8 -5
- data/VERSION +1 -1
- data/lib/sinatra/base.rb +25 -32
- data/lib/sinatra/main.rb +23 -13
- data/lib/sinatra/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 95fdee0ddfdaa7219f3f4d452dccfc797b511aa5fa74f51ee62cdfaf2a311efe
|
4
|
+
data.tar.gz: f99370f645d33f85c07f202a68ad56a8a6822927e084fc9a9d32016fbd8b61da
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9205d789339fdd6a3948dc5e393b3272a389098510ed0c60c845492307ed41958b536a1196c9f2a18d9347836e487cc98571ce63e45110628aa93392c763a6d2
|
7
|
+
data.tar.gz: 6b292ddcdac3b8d6948896451c78bb8c93303dea8c0b9a43be959ba0183230f634caedab15605074336f5fd9eb564047f89f1e4c41fcdae0b5a68e8cf0fe1324
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,21 @@
|
|
1
|
+
## 2.0.6 / 2019-08-21
|
2
|
+
|
3
|
+
* Fix an issue setting environment from command line option [#1547](https://github.com/sinatra/sinatra/pull/1547), [#1554](https://github.com/sinatra/sinatra/pull/1554) by Jordan Owens, Kunpei Sakai
|
4
|
+
|
5
|
+
* Support pandoc as a new markdown renderer [#1533](https://github.com/sinatra/sinatra/pull/1533) by Vasiliy
|
6
|
+
|
7
|
+
* Remove outdated code for tilt 1.x [#1532](https://github.com/sinatra/sinatra/pull/1532) by Vasiliy
|
8
|
+
|
9
|
+
* Remove an extra logic for `force_encoding` [#1527](https://github.com/sinatra/sinatra/pull/1527) by Jordan Owens
|
10
|
+
|
11
|
+
* Avoid multiple errors even if `params` contains special values [#1526](https://github.com/sinatra/sinatra/pull/1527) by Kunpei Sakai
|
12
|
+
|
13
|
+
* Support `bundler/inline` with `require 'sinatra'` integration [#1520](https://github.com/sinatra/sinatra/pull/1520) by Kunpei Sakai
|
14
|
+
|
15
|
+
* Avoid `TypeError` when params contain a key without a value on Ruby < 2.4 [#1516](https://github.com/sinatra/sinatra/pull/1516) by Samuel Giddins
|
16
|
+
|
17
|
+
* Improve development support and documentation and source code by Olle Jonsson, Basavanagowda Kanur, Yuki MINAMIYA
|
18
|
+
|
1
19
|
## 2.0.5 / 2018-12-22
|
2
20
|
|
3
21
|
* Avoid FrozenError when params contains frozen value [#1506](https://github.com/sinatra/sinatra/pull/1506) by Kunpei Sakai
|
data/CONTRIBUTING.md
CHANGED
@@ -36,13 +36,7 @@ can be applied as quickly as possible:
|
|
36
36
|
modify the `README.md` file to reflect that. Again, if you don't
|
37
37
|
update the `README`, we have to, and this holds up acceptance.
|
38
38
|
|
39
|
-
4. **
|
40
|
-
overview of the changes that go into each release, and gives credit
|
41
|
-
where credit is due. We make sure that the change log is up to date
|
42
|
-
before each release, and we always appreciate it when people make
|
43
|
-
it easier to get the release out the door.
|
44
|
-
|
45
|
-
5. **Push it:** Once you're ready, push your changes to a topic branch
|
39
|
+
4. **Push it:** Once you're ready, push your changes to a topic branch
|
46
40
|
and add a note to the ticket with the URL to your branch. Or, say
|
47
41
|
something like, "you can find the patch on johndoe/foobranch". We also
|
48
42
|
gladly accept GitHub [pull requests](http://help.github.com/pull-requests/).
|
data/Gemfile
CHANGED
data/README.de.md
CHANGED
@@ -2236,7 +2236,7 @@ end
|
|
2236
2236
|
#### Einstellung des Angriffsschutzes
|
2237
2237
|
|
2238
2238
|
Sinatra verwendet
|
2239
|
-
[Rack::Protection](https://github.com/sinatra/rack-protection#readme), um die
|
2239
|
+
[Rack::Protection](https://github.com/sinatra/sinatra/tree/master/rack-protection#readme), um die
|
2240
2240
|
Anwendung vor häufig vorkommenden Angriffen zu schützen. Diese Voreinstellung
|
2241
2241
|
lässt sich selbstverständlich deaktivieren, der damit verbundene
|
2242
2242
|
Geschwindigkeitszuwachs steht aber in keinem Verhätnis zu den möglichen
|
data/README.fr.md
CHANGED
@@ -2048,7 +2048,7 @@ end
|
|
2048
2048
|
|
2049
2049
|
### Se protéger des attaques
|
2050
2050
|
|
2051
|
-
Sinatra utilise [Rack::Protection](https://github.com/sinatra/rack-protection#readme)
|
2051
|
+
Sinatra utilise [Rack::Protection](https://github.com/sinatra/sinatra/tree/master/rack-protection#readme)
|
2052
2052
|
pour protéger votre application contre les principales attaques opportunistes.
|
2053
2053
|
Vous pouvez très simplement désactiver cette fonctionnalité (ce qui exposera
|
2054
2054
|
votre application à beaucoup de vulnerabilités courantes) :
|
data/README.ja.md
CHANGED
@@ -1952,7 +1952,7 @@ end
|
|
1952
1952
|
|
1953
1953
|
### 攻撃防御に対する設定
|
1954
1954
|
|
1955
|
-
Sinatraは[Rack::Protection](https://github.com/sinatra/rack-protection#readme)を使用することで、アプリケーションを一般的な日和見的攻撃から守っています。これは簡単に無効化できます(が、アプリケーションに大量の一般的な脆弱性を埋め込むことになってしまいます)。
|
1955
|
+
Sinatraは[Rack::Protection](https://github.com/sinatra/sinatra/tree/master/rack-protection#readme)を使用することで、アプリケーションを一般的な日和見的攻撃から守っています。これは簡単に無効化できます(が、アプリケーションに大量の一般的な脆弱性を埋め込むことになってしまいます)。
|
1956
1956
|
|
1957
1957
|
```ruby
|
1958
1958
|
disable :protection
|
data/README.ko.md
CHANGED
@@ -2023,7 +2023,7 @@ end
|
|
2023
2023
|
|
2024
2024
|
### 공격 방어 설정하기(Configuring attack protection)
|
2025
2025
|
|
2026
|
-
Sinatra는 [Rack::Protection](https://github.com/sinatra/rack-protection#readme)을 사용하여
|
2026
|
+
Sinatra는 [Rack::Protection](https://github.com/sinatra/sinatra/tree/master/rack-protection#readme)을 사용하여
|
2027
2027
|
일반적이고 일어날 수 있는 공격에 대비합니다. 이 모듈은 간단하게 비활성시킬 수 있습니다.
|
2028
2028
|
(하지만 애플리케이션에 엄청나게 많은 취약성을 야기합니다.)
|
2029
2029
|
|
data/README.md
CHANGED
@@ -750,6 +750,8 @@ template, you almost always want to pass locals to it.
|
|
750
750
|
<a href="https://github.com/ged/bluecloth" title="BlueCloth">BlueCloth</a>,
|
751
751
|
<a href="https://kramdown.gettalong.org/" title="kramdown">kramdown</a>,
|
752
752
|
<a href="https://github.com/bhollis/maruku" title="maruku">maruku</a>
|
753
|
+
<a href="https://github.com/gjtorikian/commonmarker" title="commonmarker">commonmarker</a>
|
754
|
+
<a href="https://github.com/alphabetum/pandoc-ruby" title="pandoc">pandoc</a>
|
753
755
|
</td>
|
754
756
|
</tr>
|
755
757
|
<tr>
|
data/README.ru.md
CHANGED
@@ -2226,7 +2226,7 @@ end
|
|
2226
2226
|
### Настройка защиты от атак
|
2227
2227
|
|
2228
2228
|
Sinatra использует
|
2229
|
-
[Rack::Protection](https://github.com/sinatra/rack-protection#readme) для защиты
|
2229
|
+
[Rack::Protection](https://github.com/sinatra/sinatra/tree/master/rack-protection#readme) для защиты
|
2230
2230
|
приложения от простых атак. Вы можете легко выключить эту защиту (что сделает
|
2231
2231
|
ваше приложение чрезвычайно уязвимым к большому числу различных уязвимостей):
|
2232
2232
|
|
data/README.zh.md
CHANGED
@@ -2027,7 +2027,7 @@ end
|
|
2027
2027
|
|
2028
2028
|
### 配置攻击防护
|
2029
2029
|
|
2030
|
-
Sinatra 使用 [Rack::Protection](https://github.com/sinatra/rack-protection#readme)
|
2030
|
+
Sinatra 使用 [Rack::Protection](https://github.com/sinatra/sinatra/tree/master/rack-protection#readme)
|
2031
2031
|
来抵御常见的攻击。你可以轻易地禁用该行为(但这会大大增加应用被攻击的概率)。
|
2032
2032
|
|
2033
2033
|
```ruby
|
data/Rakefile
CHANGED
@@ -202,11 +202,14 @@ if defined?(Gem)
|
|
202
202
|
|
203
203
|
desc "Commits the version to github repository"
|
204
204
|
task :commit_version do
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
205
|
+
%w[
|
206
|
+
lib/sinatra
|
207
|
+
sinatra-contrib/lib/sinatra/contrib
|
208
|
+
rack-protection/lib/rack/protection
|
209
|
+
].each do |path|
|
210
|
+
path = File.join(path, 'version.rb')
|
211
|
+
File.write(path, File.read(path).sub(/VERSION = '(.+?)'/, "VERSION = '#{source_version}'"))
|
212
|
+
end
|
210
213
|
|
211
214
|
sh <<-SH
|
212
215
|
git commit --allow-empty -a -m '#{source_version} release' &&
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
2.0.
|
1
|
+
2.0.6
|
data/lib/sinatra/base.rb
CHANGED
@@ -722,6 +722,7 @@ module Sinatra
|
|
722
722
|
end
|
723
723
|
|
724
724
|
def markdown(template, options = {}, locals = {})
|
725
|
+
options[:exclude_outvar] = true
|
725
726
|
render :markdown, template, options, locals
|
726
727
|
end
|
727
728
|
|
@@ -786,15 +787,8 @@ module Sinatra
|
|
786
787
|
def find_template(views, name, engine)
|
787
788
|
yield ::File.join(views, "#{name}.#{@preferred_extension}")
|
788
789
|
|
789
|
-
|
790
|
-
|
791
|
-
next unless ext != @preferred_extension and engines.include? engine
|
792
|
-
yield ::File.join(views, "#{name}.#{ext}")
|
793
|
-
end
|
794
|
-
else
|
795
|
-
Tilt.default_mapping.extensions_for(engine).each do |ext|
|
796
|
-
yield ::File.join(views, "#{name}.#{ext}") unless ext == @preferred_extension
|
797
|
-
end
|
790
|
+
Tilt.default_mapping.extensions_for(engine).each do |ext|
|
791
|
+
yield ::File.join(views, "#{name}.#{ext}") unless ext == @preferred_extension
|
798
792
|
end
|
799
793
|
end
|
800
794
|
|
@@ -825,10 +819,11 @@ module Sinatra
|
|
825
819
|
content_type = options.delete(:content_type) || content_type
|
826
820
|
layout_engine = options.delete(:layout_engine) || engine
|
827
821
|
scope = options.delete(:scope) || self
|
822
|
+
exclude_outvar = options.delete(:exclude_outvar)
|
828
823
|
options.delete(:layout)
|
829
824
|
|
830
825
|
# set some defaults
|
831
|
-
options[:outvar]
|
826
|
+
options[:outvar] ||= '@_out_buf' unless exclude_outvar
|
832
827
|
options[:default_encoding] ||= settings.default_encoding
|
833
828
|
|
834
829
|
# compile and render template
|
@@ -1089,7 +1084,12 @@ module Sinatra
|
|
1089
1084
|
|
1090
1085
|
# Dispatch a request with error handling.
|
1091
1086
|
def dispatch!
|
1092
|
-
|
1087
|
+
# Avoid passing frozen string in force_encoding
|
1088
|
+
@params.merge!(@request.params).each do |key, val|
|
1089
|
+
next unless val.respond_to?(:force_encoding)
|
1090
|
+
val = val.dup if val.frozen?
|
1091
|
+
@params[key] = force_encoding(val)
|
1092
|
+
end
|
1093
1093
|
|
1094
1094
|
invoke do
|
1095
1095
|
static! if settings.static? && (request.get? || request.head?)
|
@@ -1168,7 +1168,7 @@ module Sinatra
|
|
1168
1168
|
/^\(.*\)$/, # generated code
|
1169
1169
|
/rubygems\/(custom|core_ext\/kernel)_require\.rb$/, # rubygems require hacks
|
1170
1170
|
/active_support/, # active_support require hacks
|
1171
|
-
/bundler(\/runtime)?\.rb/,
|
1171
|
+
/bundler(\/(?:runtime|inline))?\.rb/, # bundler require hacks
|
1172
1172
|
/<internal:/, # internal in ruby >= 1.9.2
|
1173
1173
|
/src\/kernel\/bootstrap\/[A-Z]/ # maglev kernel files
|
1174
1174
|
]
|
@@ -1743,29 +1743,22 @@ module Sinatra
|
|
1743
1743
|
end
|
1744
1744
|
end
|
1745
1745
|
|
1746
|
-
#
|
1747
|
-
#
|
1748
|
-
|
1749
|
-
|
1750
|
-
|
1751
|
-
|
1752
|
-
|
1753
|
-
|
1754
|
-
|
1755
|
-
|
1756
|
-
if data.respond_to? :force_encoding
|
1757
|
-
data.force_encoding(encoding).encode!
|
1758
|
-
elsif data.respond_to? :each_value
|
1759
|
-
data.each_value { |v| force_encoding(v, encoding) }
|
1760
|
-
elsif data.respond_to? :each
|
1761
|
-
data.each { |v| force_encoding(v, encoding) }
|
1762
|
-
end
|
1763
|
-
data
|
1746
|
+
# Force data to specified encoding. It defaults to settings.default_encoding
|
1747
|
+
# which is UTF-8 by default
|
1748
|
+
def self.force_encoding(data, encoding = default_encoding)
|
1749
|
+
return if data == settings || data.is_a?(Tempfile)
|
1750
|
+
if data.respond_to? :force_encoding
|
1751
|
+
data.force_encoding(encoding).encode!
|
1752
|
+
elsif data.respond_to? :each_value
|
1753
|
+
data.each_value { |v| force_encoding(v, encoding) }
|
1754
|
+
elsif data.respond_to? :each
|
1755
|
+
data.each { |v| force_encoding(v, encoding) }
|
1764
1756
|
end
|
1765
|
-
|
1766
|
-
def self.force_encoding(data, *) data end
|
1757
|
+
data
|
1767
1758
|
end
|
1768
1759
|
|
1760
|
+
def force_encoding(*args) settings.force_encoding(*args) end
|
1761
|
+
|
1769
1762
|
reset!
|
1770
1763
|
|
1771
1764
|
set :environment, (ENV['APP_ENV'] || ENV['RACK_ENV'] || :development).to_sym
|
data/lib/sinatra/main.rb
CHANGED
@@ -1,6 +1,25 @@
|
|
1
|
-
require 'sinatra/base'
|
2
|
-
|
3
1
|
module Sinatra
|
2
|
+
ParamsConfig = {}
|
3
|
+
|
4
|
+
if ARGV.any?
|
5
|
+
require 'optparse'
|
6
|
+
OptionParser.new { |op|
|
7
|
+
op.on('-p port', 'set the port (default is 4567)') { |val| ParamsConfig[:port] = Integer(val) }
|
8
|
+
op.on('-s server', 'specify rack server/handler (default is thin)') { |val| ParamsConfig[:server] = val }
|
9
|
+
op.on('-q', 'turn on quiet mode (default is off)') { ParamsConfig[:quiet] = true }
|
10
|
+
op.on('-x', 'turn on the mutex lock (default is off)') { ParamsConfig[:lock] = true }
|
11
|
+
op.on('-e env', 'set the environment (default is development)') do |val|
|
12
|
+
ENV['RACK_ENV'] = val
|
13
|
+
ParamsConfig[:environment] = val.to_sym
|
14
|
+
end
|
15
|
+
op.on('-o addr', "set the host (default is (env == 'development' ? 'localhost' : '0.0.0.0'))") do |val|
|
16
|
+
ParamsConfig[:bind] = val
|
17
|
+
end
|
18
|
+
}.parse!(ARGV.dup)
|
19
|
+
end
|
20
|
+
|
21
|
+
require 'sinatra/base'
|
22
|
+
|
4
23
|
class Application < Base
|
5
24
|
|
6
25
|
# we assume that the first file that requires 'sinatra' is the
|
@@ -10,19 +29,10 @@ module Sinatra
|
|
10
29
|
|
11
30
|
set :run, Proc.new { File.expand_path($0) == File.expand_path(app_file) }
|
12
31
|
|
13
|
-
if run? && ARGV.any?
|
14
|
-
require 'optparse'
|
15
|
-
OptionParser.new { |op|
|
16
|
-
op.on('-p port', 'set the port (default is 4567)') { |val| set :port, Integer(val) }
|
17
|
-
op.on('-o addr', "set the host (default is #{bind})") { |val| set :bind, val }
|
18
|
-
op.on('-e env', 'set the environment (default is development)') { |val| set :environment, val.to_sym }
|
19
|
-
op.on('-s server', 'specify rack server/handler (default is thin)') { |val| set :server, val }
|
20
|
-
op.on('-q', 'turn on quiet mode (default is off)') { set :quiet, true }
|
21
|
-
op.on('-x', 'turn on the mutex lock (default is off)') { set :lock, true }
|
22
|
-
}.parse!(ARGV.dup)
|
23
|
-
end
|
32
|
+
ParamsConfig.each { |k, v| set k, v } if run? && ARGV.any?
|
24
33
|
end
|
25
34
|
|
35
|
+
remove_const(:ParamsConfig)
|
26
36
|
at_exit { Application.run! if $!.nil? && Application.run? }
|
27
37
|
end
|
28
38
|
|
data/lib/sinatra/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sinatra
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Blake Mizerany
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2019-08-21 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rack
|
@@ -47,14 +47,14 @@ dependencies:
|
|
47
47
|
requirements:
|
48
48
|
- - '='
|
49
49
|
- !ruby/object:Gem::Version
|
50
|
-
version: 2.0.
|
50
|
+
version: 2.0.6
|
51
51
|
type: :runtime
|
52
52
|
prerelease: false
|
53
53
|
version_requirements: !ruby/object:Gem::Requirement
|
54
54
|
requirements:
|
55
55
|
- - '='
|
56
56
|
- !ruby/object:Gem::Version
|
57
|
-
version: 2.0.
|
57
|
+
version: 2.0.6
|
58
58
|
- !ruby/object:Gem::Dependency
|
59
59
|
name: mustermann
|
60
60
|
requirement: !ruby/object:Gem::Requirement
|
@@ -156,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
156
156
|
version: '0'
|
157
157
|
requirements: []
|
158
158
|
rubyforge_project:
|
159
|
-
rubygems_version: 2.7.
|
159
|
+
rubygems_version: 2.7.3
|
160
160
|
signing_key:
|
161
161
|
specification_version: 4
|
162
162
|
summary: Classy web-development dressed in a DSL
|