sprockets 2.12.5 → 3.0.0.beta.1

data/lib/sprockets/server.rb

@@ -1,9 +1,9 @@
 require 'time'
-require 'uri'
+require 'rack/utils'
 
 module Sprockets
   # `Server` is a concern mixed into `Environment` and
-  # `Index` that provides a Rack compatible `call`
+  # `CachedEnvironment` that provides a Rack compatible `call`
   # interface and url generation helpers.
   module Server
     # `call` implements the Rack 1.x specification which accepts an
@@ -23,59 +23,84 @@ module Sprockets
       start_time = Time.now.to_f
       time_elapsed = lambda { ((Time.now.to_f - start_time) * 1000).to_i }
 
-      msg = "Served asset #{env['PATH_INFO']} -"
+      if env['REQUEST_METHOD'] != 'GET'
+        return method_not_allowed_response
+      end
 
-      # Mark session as "skipped" so no `Set-Cookie` header is set
-      env['rack.session.options'] ||= {}
-      env['rack.session.options'][:defer] = true
-      env['rack.session.options'][:skip] = true
+      msg = "Served asset #{env['PATH_INFO']} -"
 
       # Extract the path from everything after the leading slash
-      path = unescape(env['PATH_INFO'].to_s.sub(/^\//, ''))
-
-      # Strip fingerprint
-      if fingerprint = path_fingerprint(path)
-        path = path.sub("-#{fingerprint}", '')
-      end
+      path = Rack::Utils.unescape(env['PATH_INFO'].to_s.sub(/^\//, ''))
 
       # URLs containing a `".."` are rejected for security reasons.
       if forbidden_request?(path)
         return forbidden_response
       end
 
+      # Strip fingerprint
+      if fingerprint = path_fingerprint(path)
+        path = path.sub("-#{fingerprint}", '')
+      end
+
       # Look up the asset.
-      asset = find_asset(path, :bundle => !body_only?(env))
+      options = {}
+      options[:bundle] = !body_only?(env)
 
-      # `find_asset` returns nil if the asset doesn't exist
-      if asset.nil?
-        logger.info "#{msg} 404 Not Found (#{time_elapsed.call}ms)"
+      if fingerprint
+        if_match = fingerprint
+      elsif env['HTTP_IF_MATCH']
+        if_match = env['HTTP_IF_MATCH'][/^"(\w+)"$/, 1]
+      end
 
-        # Return a 404 Not Found
-        not_found_response
+      if env['HTTP_IF_NONE_MATCH']
+        if_none_match = env['HTTP_IF_NONE_MATCH'][/^"(\w+)"$/, 1]
+      end
 
-      # Check request headers `HTTP_IF_NONE_MATCH` against the asset digest
-      elsif etag_match?(asset, env)
-        logger.info "#{msg} 304 Not Modified (#{time_elapsed.call}ms)"
+      if !if_match && !if_none_match && env['HTTP_ACCEPT_ENCODING']
+        # Accept-Encoding negotiation is only enabled for non-fingerprinted
+        # assets. Avoids the "Apache ETag gzip" bug. Just Google it.
+        # https://issues.apache.org/bugzilla/show_bug.cgi?id=39727
+        options[:accept_encoding] = env['HTTP_ACCEPT_ENCODING']
+      end
 
-        # Return a 304 Not Modified
-        not_modified_response(asset, env)
+      asset = find_asset(path, options)
 
+      if asset.nil?
+        status = :not_found
+      elsif fingerprint && asset.digest != fingerprint
+        status = :not_found
+      elsif if_match && asset.digest != if_match
+        status = :precondition_failed
+      elsif if_none_match && asset.digest == if_none_match
+        status = :not_modified
       else
-        logger.info "#{msg} 200 OK (#{time_elapsed.call}ms)"
+        status = :ok
+      end
 
-        # Return a 200 with the asset contents
+      case status
+      when :ok
+        logger.info "#{msg} 200 OK (#{time_elapsed.call}ms)"
         ok_response(asset, env)
+      when :not_modified
+        logger.info "#{msg} 304 Not Modified (#{time_elapsed.call}ms)"
+        not_modified_response(env, if_none_match)
+      when :not_found
+        logger.info "#{msg} 404 Not Found (#{time_elapsed.call}ms)"
+        not_found_response
+      when :precondition_failed
+        logger.info "#{msg} 412 Precondition Failed (#{time_elapsed.call}ms)"
+        precondition_failed_response
       end
     rescue Exception => e
       logger.error "Error compiling asset #{path}:"
       logger.error "#{e.class.name}: #{e.message}"
 
-      case content_type_of(path)
-      when "application/javascript"
+      case File.extname(path)
+      when ".js"
         # Re-throw JavaScript asset exceptions to the browser
         logger.info "#{msg} 500 Internal Server Error\n\n"
         return javascript_exception_response(e)
-      when "text/css"
+      when ".css"
         # Display CSS asset exceptions in the browser
         logger.info "#{msg} 500 Internal Server Error\n\n"
         return css_exception_response(e)
@@ -90,7 +115,17 @@ module Sprockets
         #
         #     http://example.org/assets/../../../etc/passwd
         #
-        path.include?("..") || Pathname.new(path).absolute? || path.include?("://")
+        path.include?("..")
+      end
+
+      # Returns a 200 OK response tuple
+      def ok_response(asset, env)
+        [ 200, headers(env, asset, asset.length), asset ]
+      end
+
+      # Returns a 304 Not Modified response tuple
+      def not_modified_response(env, digest)
+        [ 304, cache_headers(env, digest), [] ]
       end
 
       # Returns a 403 Forbidden response tuple
@@ -103,12 +138,20 @@ module Sprockets
         [ 404, { "Content-Type" => "text/plain", "Content-Length" => "9", "X-Cascade" => "pass" }, [ "Not found" ] ]
       end
 
+      def method_not_allowed_response
+        [ 405, { "Content-Type" => "text/plain", "Content-Length" => "18" }, [ "Method Not Allowed" ] ]
+      end
+
+      def precondition_failed_response
+        [ 412, { "Content-Type" => "text/plain", "Content-Length" => "19", "X-Cascade" => "pass" }, [ "Precondition Failed" ] ]
+      end
+
       # Returns a JavaScript response that re-throws a Ruby exception
       # in the browser
       def javascript_exception_response(exception)
-        err  = "#{exception.class.name}: #{exception.message}"
+        err  = "#{exception.class.name}: #{exception.message}\n  (in #{exception.backtrace[0]})"
         body = "throw Error(#{err.inspect})"
-        [ 200, { "Content-Type" => "application/javascript", "Content-Length" => Rack::Utils.bytesize(body).to_s }, [ body ] ]
+        [ 200, { "Content-Type" => "application/javascript", "Content-Length" => body.bytesize.to_s }, [ body ] ]
       end
 
       # Returns a CSS response that hides all elements on the page and
@@ -161,7 +204,7 @@ module Sprockets
           }
         CSS
 
-        [ 200, { "Content-Type" => "text/css;charset=utf-8", "Content-Length" => Rack::Utils.bytesize(body).to_s }, [ body ] ]
+        [ 200, { "Content-Type" => "text/css; charset=utf-8", "Content-Length" => body.bytesize.to_s }, [ body ] ]
       end
 
       # Escape special characters for use inside a CSS content("...") string
@@ -173,47 +216,53 @@ module Sprockets
           gsub('/',  '\\\\002f ')
       end
 
-      # Compare the requests `HTTP_IF_NONE_MATCH` against the assets digest
-      def etag_match?(asset, env)
-        env["HTTP_IF_NONE_MATCH"] == etag(asset)
-      end
-
       # Test if `?body=1` or `body=true` query param is set
       def body_only?(env)
         env["QUERY_STRING"].to_s =~ /body=(1|t)/
       end
 
-      # Returns a 304 Not Modified response tuple
-      def not_modified_response(asset, env)
-        [ 304, {}, [] ]
-      end
+      def cache_headers(env, digest)
+        headers = {}
 
-      # Returns a 200 OK response tuple
-      def ok_response(asset, env)
-        [ 200, headers(env, asset, asset.length), asset ]
+        # Set caching headers
+        headers["Cache-Control"] = "public"
+        headers["ETag"]          = %("#{digest}")
+
+        # If the request url contains a fingerprint, set a long
+        # expires on the response
+        if path_fingerprint(env["PATH_INFO"])
+          headers["Cache-Control"] << ", max-age=31536000"
+
+        # Otherwise set `must-revalidate` since the asset could be modified.
+        else
+          headers["Cache-Control"] << ", must-revalidate"
+          headers["Vary"] = "Accept-Encoding"
+        end
+
+        headers
       end
 
       def headers(env, asset, length)
-        Hash.new.tap do |headers|
-          # Set content type and length headers
-          headers["Content-Type"]   = asset.content_type
-          headers["Content-Length"] = length.to_s
-
-          # Set caching headers
-          headers["Cache-Control"]  = "public"
-          headers["Last-Modified"]  = asset.mtime.httpdate
-          headers["ETag"]           = etag(asset)
-
-          # If the request url contains a fingerprint, set a long
-          # expires on the response
-          if path_fingerprint(env["PATH_INFO"])
-            headers["Cache-Control"] << ", max-age=31536000"
-
-          # Otherwise set `must-revalidate` since the asset could be modified.
-          else
-            headers["Cache-Control"] << ", must-revalidate"
+        headers = {}
+
+        # Set content encoding
+        if asset.encoding
+          headers["Content-Encoding"] = asset.encoding
+        end
+
+        # Set content length header
+        headers["Content-Length"] = length.to_s
+
+        # Set content type header
+        if type = asset.content_type
+          # Set charset param for text/* mime types
+          if type.start_with?("text/") && asset.charset
+            type += "; charset=#{asset.charset}"
           end
+          headers["Content-Type"] = type
         end
+
+        headers.merge(cache_headers(env, asset.digest))
       end
 
       # Gets digest fingerprint.
@@ -222,26 +271,7 @@ module Sprockets
       #     # => "0aa2105d29558f3eb790d411d7d8fb66"
       #
       def path_fingerprint(path)
-        path[/-([0-9a-f]{7,40})\.[^.]+\z/, 1]
-      end
-
-      # URI.unescape is deprecated on 1.9. We need to use URI::Parser
-      # if its available.
-      if defined? URI::DEFAULT_PARSER
-        def unescape(str)
-          str = URI::DEFAULT_PARSER.unescape(str)
-          str.force_encoding(Encoding.default_internal) if Encoding.default_internal
-          str
-        end
-      else
-        def unescape(str)
-          URI.unescape(str)
-        end
-      end
-
-      # Helper to quote the assets digest for use as an ETag.
-      def etag(asset)
-        %("#{asset.digest}")
+        path[/-([0-9a-f]{7,40})\.[^.]+$/, 1]
       end
   end
 end

data/lib/sprockets/transformers.rb

@@ -0,0 +1,69 @@
+module Sprockets
+  module Transformers
+    # Public: Two level mapping of a source mime type to a target mime type.
+    #
+    #   environment.transformers
+    #   # => { 'text/coffeescript' => {
+    #            'application/javascript' => ConvertCoffeeScriptToJavaScript
+    #          }
+    #        }
+    #
+    attr_reader :transformers
+
+    # Public: Register a transformer from and to a mime type.
+    #
+    # from - String mime type
+    # to   - String mime type
+    # proc - Callable block that accepts an input Hash.
+    #
+    # Examples
+    #
+    #   register_transformer 'text/coffeescript', 'application/javascript',
+    #     ConvertCoffeeScriptToJavaScript
+    #
+    #   register_transformer 'image/svg+xml', 'image/png', ConvertSvgToPng
+    #
+    # Returns nothing.
+    def register_transformer(from, to, proc)
+      mutate_hash_config(:transformers, from) do |transformers|
+        transformers.merge(to => proc)
+      end
+    end
+
+    # Public: Resolve target mime type that the source type should be
+    # transformed to.
+    #
+    # type   - String from mime type
+    # accept - String accept type list (default: '*/*')
+    #
+    # Examples
+    #
+    #   resolve_transform_type('text/plain', 'text/plain')
+    #   # => 'text/plain'
+    #
+    #   resolve_transform_type('image/svg+xml', 'image/png, image/*')
+    #   # => 'image/png'
+    #
+    #   resolve_transform_type('text/css', 'image/png')
+    #   # => nil
+    #
+    # Returns String mime type or nil is no type satisfied the accept value.
+    def resolve_transform_type(type, accept = nil)
+      find_best_mime_type_match(accept || '*/*', [type].compact + transformers[type].keys)
+    end
+
+    # Internal: Find and load transformer by from and to mime type.
+    #
+    # from - String mime type
+    # to   - String mime type
+    #
+    # Returns Array of Procs.
+    def unwrap_transformer(from, to)
+      if processor = transformers[from][to]
+        [unwrap_processor(processor)]
+      else
+        []
+      end
+    end
+  end
+end

data/lib/sprockets/uglifier_compressor.rb

@@ -1,28 +1,49 @@
-require 'tilt'
+require 'uglifier'
 
 module Sprockets
-  class UglifierCompressor < Tilt::Template
-    self.default_mime_type = 'application/javascript'
+  # Public: Uglifier/Uglify compressor.
+  #
+  # To accept the default options
+  #
+  #     environment.register_bundle_processor 'application/javascript',
+  #       Sprockets::UglifierCompressor
+  #
+  # Or to pass options to the Uglifier class.
+  #
+  #     environment.register_bundle_processor 'application/javascript',
+  #       Sprockets::UglifierCompressor.new(comments: :copyright)
+  #
+  class UglifierCompressor
+    VERSION = '1'
 
-    def self.engine_initialized?
-      defined?(::Uglifier)
+    def self.call(*args)
+      new.call(*args)
     end
 
-    def initialize_engine
-      require_template_library 'uglifier'
-    end
-
-    def prepare
-    end
-
-    def evaluate(context, locals, &block)
+    def initialize(options = {})
       # Feature detect Uglifier 2.0 option support
       if Uglifier::DEFAULTS[:copyright]
         # Uglifier < 2.x
-        Uglifier.new(:copyright => false).compile(data)
+        options[:copyright] ||= false
       else
         # Uglifier >= 2.x
-        Uglifier.new(:comments => :none).compile(data)
+        options[:copyright] ||= :none
+      end
+
+      @uglifier = ::Uglifier.new(options)
+
+      @cache_key = [
+        'UglifierCompressor',
+        ::Uglifier::VERSION,
+        VERSION,
+        options
+      ]
+    end
+
+    def call(input)
+      data = input[:data]
+      input[:cache].fetch(@cache_key + [data]) do
+        @uglifier.compile(data)
       end
     end
   end

data/lib/sprockets/utils.rb

@@ -1,55 +1,48 @@
+require 'digest/sha1'
+require 'set'
+
 module Sprockets
   # `Utils`, we didn't know where else to put it!
   module Utils
-    # If theres encoding support (aka Ruby 1.9)
-    if "".respond_to?(:valid_encoding?)
-      # Define UTF-8 BOM pattern matcher.
-      # Avoid using a Regexp literal because it inheirts the files
-      # encoding and we want to avoid syntax errors in other interpreters.
-      UTF8_BOM_PATTERN = Regexp.new("\\A\uFEFF".encode('utf-8'))
-
-      def self.read_unicode(pathname, external_encoding = Encoding.default_external)
-        pathname.open("r:#{external_encoding}") do |f|
-          f.read.tap do |data|
-            # Eager validate the file's encoding. In most cases we
-            # expect it to be UTF-8 unless `default_external` is set to
-            # something else. An error is usually raised if the file is
-            # saved as UTF-16 when we expected UTF-8.
-            if !data.valid_encoding?
-              raise EncodingError, "#{pathname} has a invalid " +
-                "#{data.encoding} byte sequence"
-
-            # If the file is UTF-8 and theres a BOM, strip it for safe concatenation.
-            elsif data.encoding.name == "UTF-8" && data =~ UTF8_BOM_PATTERN
-              data.sub!(UTF8_BOM_PATTERN, "")
-            end
-          end
+    extend self
+
+    # Internal: Check if string has a trailing semicolon.
+    #
+    # str - String
+    #
+    # Returns true or false.
+    def string_end_with_semicolon?(str)
+      i = str.size - 1
+      while i >= 0
+        c = str[i]
+        i -= 1
+        if c == "\n" || c == " " || c == "\t"
+          next
+        elsif c != ";"
+          return false
+        else
+          return true
         end
       end
+      true
+    end
 
-    else
-      # Define UTF-8 and UTF-16 BOM pattern matchers.
-      # Avoid using a Regexp literal to prevent syntax errors in other interpreters.
-      UTF8_BOM_PATTERN  = Regexp.new("\\A\\xEF\\xBB\\xBF")
-      UTF16_BOM_PATTERN = Regexp.new("\\A(\\xFE\\xFF|\\xFF\\xFE)")
-
-      def self.read_unicode(pathname)
-        pathname.read.tap do |data|
-          # If the file is UTF-8 and theres a BOM, strip it for safe concatenation.
-          if data =~ UTF8_BOM_PATTERN
-            data.sub!(UTF8_BOM_PATTERN, "")
-
-          # If we find a UTF-16 BOM, theres nothing we can do on
-          # 1.8. Only UTF-8 is supported.
-          elsif data =~ UTF16_BOM_PATTERN
-            raise EncodingError, "#{pathname} has a UTF-16 BOM. " +
-              "Resave the file as UTF-8 or upgrade to Ruby 1.9."
-          end
-        end
+    # Internal: Accumulate asset source to buffer and append a trailing
+    # semicolon if necessary.
+    #
+    # buf   - String memo
+    # asset - Asset
+    #
+    # Returns appended buffer String.
+    def concat_javascript_sources(buf, source)
+      if string_end_with_semicolon?(buf)
+        buf + source
+      else
+        buf + ";\n" + source
       end
     end
 
-    # Prepends a leading "." to an extension if its missing.
+    # Internal: Prepends a leading "." to an extension if its missing.
     #
     #     normalize_extension("js")
     #     # => ".js"
@@ -57,7 +50,7 @@ module Sprockets
     #     normalize_extension(".css")
     #     # => ".css"
     #
-    def self.normalize_extension(extension)
+    def normalize_extension(extension)
       extension = extension.to_s
       if extension[/^\./]
         extension
@@ -65,5 +58,129 @@ module Sprockets
         ".#{extension}"
       end
     end
+
+    # Internal: Feature detect if UnboundMethods can #bind to any Object or
+    # just Objects that share the same super class.
+    # Basically if RUBY_VERSION >= 2.
+    UNBOUND_METHODS_BIND_TO_ANY_OBJECT = begin
+      foo = Module.new { def bar; end }
+      foo.instance_method(:bar).bind(Object.new)
+      true
+    rescue TypeError
+      false
+    end
+
+    # Internal: Inject into target module for the duration of the block.
+    #
+    # mod - Module
+    #
+    # Returns result of block.
+    def module_include(base, mod)
+      old_methods = {}
+
+      mod.instance_methods.each do |sym|
+        old_methods[sym] = base.instance_method(sym) if base.method_defined?(sym)
+      end
+
+      unless UNBOUND_METHODS_BIND_TO_ANY_OBJECT
+        base.send(:include, mod) unless base < mod
+      end
+
+      mod.instance_methods.each do |sym|
+        method = mod.instance_method(sym)
+        base.send(:define_method, sym, method)
+      end
+
+      yield
+    ensure
+      mod.instance_methods.each do |sym|
+        base.send(:undef_method, sym) if base.method_defined?(sym)
+      end
+      old_methods.each do |sym, method|
+        base.send(:define_method, sym, method)
+      end
+    end
+
+    # Internal: Generate a hexdigest for a nested JSON serializable object.
+    #
+    # obj - A JSON serializable object.
+    #
+    # Returns a String SHA1 digest of the object.
+    def hexdigest(obj)
+      digest = Digest::SHA1.new
+      queue  = [obj]
+
+      while queue.length > 0
+        obj = queue.shift
+        klass = obj.class
+
+        if klass == String
+          digest << 'String'
+          digest << obj
+        elsif klass == Symbol
+          digest << 'Symbol'
+          digest << obj.to_s
+        elsif klass == Fixnum
+          digest << 'Fixnum'
+          digest << obj.to_s
+        elsif klass == TrueClass
+          digest << 'TrueClass'
+        elsif klass == FalseClass
+          digest << 'FalseClass'
+        elsif klass == NilClass
+          digest << 'NilClass'
+        elsif klass == Array
+          digest << 'Array'
+          queue.concat(obj)
+        elsif klass == Hash
+          digest << 'Hash'
+          queue.concat(obj.sort)
+        elsif klass == Set
+          digest << 'Set'
+          queue.concat(obj.to_a)
+        elsif klass == Encoding
+          digest << 'Encoding'
+          digest << obj.name
+        else
+          raise TypeError, "couldn't digest #{klass}"
+        end
+      end
+
+      digest.hexdigest
+    end
+
+    # Internal: Post-order Depth-First search algorithm.
+    #
+    # Used for resolving asset dependencies.
+    #
+    # initial - Initial Array of nodes to traverse.
+    # block   -
+    #   node  - Current node to get children of
+    #
+    # Returns a Set of nodes.
+    def dfs(initial)
+      nodes, seen = Set.new, Set.new
+      stack = Array(initial).reverse
+
+      while node = stack.pop
+        if seen.include?(node)
+          nodes.add(node)
+        else
+          seen.add(node)
+          stack.push(node)
+          stack.concat(Array(yield node).reverse)
+        end
+      end
+
+      nodes
+    end
+
+    def benchmark_start
+      Time.now.to_f
+    end
+
+    def benchmark_end(start_time)
+      ((Time.now.to_f - start_time) * 1000).to_i
+    end
   end
 end