sinatra 2.2.2 → 2.2.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f6b8730578692f8db32fb574c1cf27c820afae370f0de28de6e3b96523130fd8
4
- data.tar.gz: 22a5f5e701f27316173b91346823e0b82219627fb01008477434ca2a41a1bf5d
3
+ metadata.gz: 80e0d4f746b7bf91aecaa4af649cb63f04212975287e6ef37288a9e71e73a4ec
4
+ data.tar.gz: 5fcda18c311ca7ba08a2cbdf9ed60f97ed564bc9d54af4b600a86c2c6103ddc3
5
5
  SHA512:
6
- metadata.gz: 436f31687f5d18ca518e55c30ce2223dd585bd2366ed03236bbf3f90a1047ed4cac669755a13e10c83f6554fc07c8dcb48492b831df722c26f0015cce0499f30
7
- data.tar.gz: d535d71adf2d75f9f2d1e29f3bd9b4cc6e60f34e77f9a38d9b65e8494b5fe372c77142ddd161730388966c557b9e89b21eb5a0c9300e3761ff00e528c0ac3cb9
6
+ metadata.gz: 82d744ca87a984b3e96175269d1225184f885f8ae052c1089cc2973fb740376ca354579fd1c463ad4accb38e9c27bc200d0344290258ecdeb7d347b81a3ab7f6
7
+ data.tar.gz: 8242b52ec226acf2c29fc902b9d5855c7090f60191c874b1fbaf68ead68b15ad47257a0bfdfd2648173f8545158b2cab7fe262ff74a2d3e0d9a692b84dfd8c32
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ ## 2.2.3 / 2022-11-25
2
+
3
+ * Fix: Escape filename in the Content-Disposition header. [#1841](https://github.com/sinatra/sinatra/pull/1841) by Kunpei Sakai
4
+
5
+ ## 2.2.2 / 2022-07-23
6
+
7
+ * Update mustermann dependency to version 2.
8
+
1
9
  ## 2.2.1 / 2022-07-15
2
10
 
3
11
  * Fix JRuby regression by using ruby2_keywords for delegation. [#1750](https://github.com/sinatra/sinatra/pull/1750) by Patrik Ragnarsson
@@ -6,6 +14,8 @@
6
14
 
7
15
  ## 2.2.0 / 2022-02-15
8
16
 
17
+ * Breaking change: Add #select, #reject and #compact methods to Sinatra::IndifferentHash. If hash keys need to be converted to symbols, call #to_h to get a Hash instance first. #1711 by Olivier Bellone
18
+
9
19
  * Handle EOFError raised by Rack and return Bad Request 400 status. [#1743](https://github.com/sinatra/sinatra/pull/1743) by tamazon
10
20
 
11
21
  * Update README.es.md with removal of Thin. [#1630](https://github.com/sinatra/sinatra/pull/1630) by Espartaco Palma
@@ -48,9 +58,6 @@
48
58
 
49
59
  * Remove unnecessary `test_files` from the gemspec. [#1712](https://github.com/sinatra/sinatra/pull/1712) by Masataka Pocke Kuwabara
50
60
 
51
- * Add `#select`, `#reject` and `#compact` methods to `Sinatra::IndifferentHash`. [#1711](https://github.com/sinatra/sinatra/pull/1711) by Olivier Bellone
52
-
53
-
54
61
  ### CI
55
62
 
56
63
  * Use latest JRuby 9.2.16.0 on CI. [#1682](https://github.com/sinatra/sinatra/pull/1682) by Olle Jonsson
data/Gemfile CHANGED
@@ -23,7 +23,7 @@ gem "twitter-text", "1.14.7"
23
23
 
24
24
  if RUBY_ENGINE == 'jruby'
25
25
  gem 'nokogiri', '!= 1.5.0'
26
- gem 'puma'
26
+ gem 'puma', '~> 5'
27
27
  end
28
28
 
29
29
  if RUBY_ENGINE == 'jruby' || RUBY_ENGINE == 'ruby'
@@ -38,14 +38,13 @@ if RUBY_ENGINE == "ruby"
38
38
  gem 'bluecloth'
39
39
  gem 'rdiscount'
40
40
  gem 'RedCloth'
41
- gem 'puma'
41
+ gem 'puma', '~> 5'
42
42
  gem 'yajl-ruby'
43
43
  gem 'nokogiri'
44
44
  gem 'rainbows'
45
45
  gem 'eventmachine'
46
46
  gem 'slim', '~> 2.0'
47
47
  gem 'coffee-script', '>= 2.0'
48
- gem 'rdoc'
49
48
  gem 'kramdown'
50
49
  gem 'maruku'
51
50
  gem 'creole'
data/VERSION CHANGED
@@ -1 +1 @@
1
- 2.2.2
1
+ 2.2.3
data/lib/sinatra/base.rb CHANGED
@@ -381,16 +381,23 @@ module Sinatra
381
381
  response['Content-Type'] = mime_type
382
382
  end
383
383
 
384
+ # https://html.spec.whatwg.org/#multipart-form-data
385
+ MULTIPART_FORM_DATA_REPLACEMENT_TABLE = {
386
+ '"' => '%22',
387
+ "\r" => '%0D',
388
+ "\n" => '%0A'
389
+ }.freeze
390
+
384
391
  # Set the Content-Disposition to "attachment" with the specified filename,
385
392
  # instructing the user agents to prompt to save.
386
393
  def attachment(filename = nil, disposition = :attachment)
387
394
  response['Content-Disposition'] = disposition.to_s.dup
388
- if filename
389
- params = '; filename="%s"' % File.basename(filename)
390
- response['Content-Disposition'] << params
391
- ext = File.extname(filename)
392
- content_type(ext) unless response['Content-Type'] or ext.empty?
393
- end
395
+ return unless filename
396
+
397
+ params = format('; filename="%s"', File.basename(filename).gsub(/["\r\n]/, MULTIPART_FORM_DATA_REPLACEMENT_TABLE))
398
+ response['Content-Disposition'] << params
399
+ ext = File.extname(filename)
400
+ content_type(ext) unless response['Content-Type'] || ext.empty?
394
401
  end
395
402
 
396
403
  # Use the contents of the file at +path+ as the response body.
@@ -1,3 +1,3 @@
1
1
  module Sinatra
2
- VERSION = '2.2.1'
2
+ VERSION = '2.2.2'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sinatra
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.2
4
+ version: 2.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Blake Mizerany
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2022-07-23 00:00:00.000000000 Z
14
+ date: 2022-11-25 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: rack
@@ -47,14 +47,14 @@ dependencies:
47
47
  requirements:
48
48
  - - '='
49
49
  - !ruby/object:Gem::Version
50
- version: 2.2.2
50
+ version: 2.2.3
51
51
  type: :runtime
52
52
  prerelease: false
53
53
  version_requirements: !ruby/object:Gem::Requirement
54
54
  requirements:
55
55
  - - '='
56
56
  - !ruby/object:Gem::Version
57
- version: 2.2.2
57
+ version: 2.2.3
58
58
  - !ruby/object:Gem::Dependency
59
59
  name: mustermann
60
60
  requirement: !ruby/object:Gem::Requirement
@@ -145,7 +145,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
145
145
  - !ruby/object:Gem::Version
146
146
  version: '0'
147
147
  requirements: []
148
- rubygems_version: 3.0.3.1
148
+ rubyforge_project:
149
+ rubygems_version: 2.7.6.3
149
150
  signing_key:
150
151
  specification_version: 4
151
152
  summary: Classy web-development dressed in a DSL