unicorn-camilo 4.8.2.5.19 → 5.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.document +0 -1
- data/.gitignore +2 -2
- data/{.wrongdoc.yml → .olddoc.yml} +7 -2
- data/Documentation/unicorn.1.txt +9 -2
- data/Documentation/unicorn_rails.1.txt +2 -2
- data/FAQ +9 -1
- data/GIT-VERSION-GEN +1 -1
- data/GNUmakefile +31 -46
- data/HACKING +13 -27
- data/ISSUES +80 -16
- data/KNOWN_ISSUES +10 -10
- data/Links +10 -7
- data/PHILOSOPHY +1 -1
- data/README +8 -13
- data/Rakefile +0 -44
- data/Sandbox +1 -1
- data/TUNING +6 -3
- data/archive/.gitignore +3 -0
- data/archive/slrnpull.conf +4 -0
- data/bin/unicorn +1 -1
- data/bin/unicorn_rails +1 -1
- data/examples/unicorn.conf.rb +11 -0
- data/ext/unicorn_http/httpdate.c +1 -1
- data/ext/unicorn_http/unicorn_http.rl +48 -150
- data/lib/unicorn.rb +9 -15
- data/lib/unicorn/configurator.rb +3 -20
- data/lib/unicorn/const.rb +2 -25
- data/lib/unicorn/http_request.rb +4 -1
- data/lib/unicorn/http_response.rb +1 -3
- data/lib/unicorn/http_server.rb +85 -86
- data/lib/unicorn/socket_helper.rb +33 -67
- data/lib/unicorn/tee_input.rb +8 -1
- data/lib/unicorn/tmpio.rb +2 -4
- data/lib/unicorn/util.rb +1 -0
- data/lib/unicorn/worker.rb +1 -13
- data/t/GNUmakefile +1 -5
- data/t/README +1 -1
- data/t/t0002-parser-error.sh +3 -3
- data/test/exec/test_exec.rb +1 -1
- data/test/test_helper.rb +2 -2
- data/test/unit/test_http_parser.rb +3 -3
- data/test/unit/test_http_parser_ng.rb +8 -117
- data/test/unit/test_request.rb +1 -1
- data/test/unit/test_response.rb +3 -9
- data/test/unit/test_server.rb +3 -3
- data/test/unit/test_signals.rb +1 -1
- data/test/unit/test_socket_helper.rb +5 -5
- data/test/unit/test_tee_input.rb +10 -0
- data/test/unit/test_upload.rb +1 -1
- data/test/unit/test_util.rb +1 -1
- data/unicorn.gemspec +7 -10
- metadata +15 -33
- data/examples/git.ru +0 -13
- data/lib/unicorn/app/exec_cgi.rb +0 -154
- data/lib/unicorn/app/inetd.rb +0 -109
- data/lib/unicorn/ssl_client.rb +0 -11
- data/lib/unicorn/ssl_configurator.rb +0 -104
- data/lib/unicorn/ssl_server.rb +0 -42
- data/local.mk.sample +0 -59
- data/script/isolate_for_tests +0 -31
- data/t/t0016-trust-x-forwarded-false.sh +0 -30
- data/t/t0017-trust-x-forwarded-true.sh +0 -30
- data/test/unit/test_http_parser_xftrust.rb +0 -38
- data/test/unit/test_sni_hostnames.rb +0 -47
data/lib/unicorn/app/inetd.rb
DELETED
@@ -1,109 +0,0 @@
|
|
1
|
-
# -*- encoding: binary -*-
|
2
|
-
# :enddoc:
|
3
|
-
# Copyright (c) 2009 Eric Wong
|
4
|
-
# You can redistribute it and/or modify it under the same terms as Ruby 1.8 or
|
5
|
-
# the GPLv2+ (GPLv3+ preferred)
|
6
|
-
|
7
|
-
# this class *must* be used with Rack::Chunked
|
8
|
-
module Unicorn::App
|
9
|
-
class Inetd < Struct.new(:cmd)
|
10
|
-
|
11
|
-
class CatBody < Struct.new(:errors, :err_rd, :out_rd, :pid_map)
|
12
|
-
def initialize(env, cmd)
|
13
|
-
self.errors = env['rack.errors']
|
14
|
-
in_rd, in_wr = IO.pipe
|
15
|
-
self.err_rd, err_wr = IO.pipe
|
16
|
-
self.out_rd, out_wr = IO.pipe
|
17
|
-
|
18
|
-
cmd_pid = fork {
|
19
|
-
inp, out, err = (0..2).map { |i| IO.new(i) }
|
20
|
-
inp.reopen(in_rd)
|
21
|
-
out.reopen(out_wr)
|
22
|
-
err.reopen(err_wr)
|
23
|
-
[ in_rd, in_wr, err_rd, err_wr, out_rd, out_wr ].each { |i| i.close }
|
24
|
-
exec(*cmd)
|
25
|
-
}
|
26
|
-
[ in_rd, err_wr, out_wr ].each { |io| io.close }
|
27
|
-
[ in_wr, err_rd, out_rd ].each { |io| io.binmode }
|
28
|
-
in_wr.sync = true
|
29
|
-
|
30
|
-
# Unfortunately, input here must be processed inside a seperate
|
31
|
-
# thread/process using blocking I/O since env['rack.input'] is not
|
32
|
-
# IO.select-able and attempting to make it so would trip Rack::Lint
|
33
|
-
inp_pid = fork {
|
34
|
-
input = env['rack.input']
|
35
|
-
[ err_rd, out_rd ].each { |io| io.close }
|
36
|
-
|
37
|
-
# this is dependent on input.read having readpartial semantics:
|
38
|
-
buf = input.read(16384)
|
39
|
-
begin
|
40
|
-
in_wr.write(buf)
|
41
|
-
end while input.read(16384, buf)
|
42
|
-
}
|
43
|
-
in_wr.close
|
44
|
-
self.pid_map = {
|
45
|
-
inp_pid => 'input streamer',
|
46
|
-
cmd_pid => cmd.inspect,
|
47
|
-
}
|
48
|
-
end
|
49
|
-
|
50
|
-
def each
|
51
|
-
begin
|
52
|
-
rd, = IO.select([err_rd, out_rd])
|
53
|
-
rd && rd.first or next
|
54
|
-
|
55
|
-
if rd.include?(err_rd)
|
56
|
-
begin
|
57
|
-
errors.write(err_rd.read_nonblock(16384))
|
58
|
-
rescue Errno::EINTR
|
59
|
-
rescue Errno::EAGAIN
|
60
|
-
break
|
61
|
-
end while true
|
62
|
-
end
|
63
|
-
|
64
|
-
rd.include?(out_rd) or next
|
65
|
-
|
66
|
-
begin
|
67
|
-
yield out_rd.read_nonblock(16384)
|
68
|
-
rescue Errno::EINTR
|
69
|
-
rescue Errno::EAGAIN
|
70
|
-
break
|
71
|
-
end while true
|
72
|
-
rescue EOFError,Errno::EPIPE,Errno::EBADF,Errno::EINVAL
|
73
|
-
break
|
74
|
-
end while true
|
75
|
-
|
76
|
-
self
|
77
|
-
end
|
78
|
-
|
79
|
-
def close
|
80
|
-
pid_map.each { |pid, str|
|
81
|
-
begin
|
82
|
-
pid, status = Process.waitpid2(pid)
|
83
|
-
status.success? or
|
84
|
-
errors.write("#{str}: #{status.inspect} (PID:#{pid})\n")
|
85
|
-
rescue Errno::ECHILD
|
86
|
-
errors.write("Failed to reap #{str} (PID:#{pid})\n")
|
87
|
-
end
|
88
|
-
}
|
89
|
-
out_rd.close
|
90
|
-
err_rd.close
|
91
|
-
end
|
92
|
-
|
93
|
-
end
|
94
|
-
|
95
|
-
def initialize(*cmd)
|
96
|
-
self.cmd = cmd
|
97
|
-
end
|
98
|
-
|
99
|
-
def call(env)
|
100
|
-
/\A100-continue\z/i =~ env[Unicorn::Const::HTTP_EXPECT] and
|
101
|
-
return [ 100, {} , [] ]
|
102
|
-
|
103
|
-
[ 200, { 'Content-Type' => 'application/octet-stream' },
|
104
|
-
CatBody.new(env, cmd) ]
|
105
|
-
end
|
106
|
-
|
107
|
-
end
|
108
|
-
|
109
|
-
end
|
data/lib/unicorn/ssl_client.rb
DELETED
@@ -1,11 +0,0 @@
|
|
1
|
-
# -*- encoding: binary -*-
|
2
|
-
# :stopdoc:
|
3
|
-
class Unicorn::SSLClient < Kgio::SSL
|
4
|
-
alias write kgio_write
|
5
|
-
alias close kgio_close
|
6
|
-
|
7
|
-
# this is no-op for now, to be fixed in kgio-monkey if people care
|
8
|
-
# about SSL support...
|
9
|
-
def shutdown(how = nil)
|
10
|
-
end
|
11
|
-
end
|
@@ -1,104 +0,0 @@
|
|
1
|
-
# -*- encoding: binary -*-
|
2
|
-
# :stopdoc:
|
3
|
-
# This module is included in Unicorn::Configurator
|
4
|
-
# :startdoc:
|
5
|
-
#
|
6
|
-
module Unicorn::SSLConfigurator
|
7
|
-
def ssl(&block)
|
8
|
-
ssl_require!
|
9
|
-
before = @set[:listeners].dup
|
10
|
-
opts = @set[:ssl_opts] = {}
|
11
|
-
yield
|
12
|
-
(@set[:listeners] - before).each do |address|
|
13
|
-
(@set[:listener_opts][address] ||= {})[:ssl_opts] = opts
|
14
|
-
end
|
15
|
-
ensure
|
16
|
-
@set.delete(:ssl_opts)
|
17
|
-
end
|
18
|
-
|
19
|
-
def ssl_certificate(file)
|
20
|
-
ssl_set(:ssl_certificate, file)
|
21
|
-
end
|
22
|
-
|
23
|
-
def ssl_certificate_key(file)
|
24
|
-
ssl_set(:ssl_certificate_key, file)
|
25
|
-
end
|
26
|
-
|
27
|
-
def ssl_client_certificate(file)
|
28
|
-
ssl_set(:ssl_client_certificate, file)
|
29
|
-
end
|
30
|
-
|
31
|
-
def ssl_dhparam(file)
|
32
|
-
ssl_set(:ssl_dhparam, file)
|
33
|
-
end
|
34
|
-
|
35
|
-
def ssl_ciphers(openssl_cipherlist_spec)
|
36
|
-
ssl_set(:ssl_ciphers, openssl_cipherlist_spec)
|
37
|
-
end
|
38
|
-
|
39
|
-
def ssl_crl(file)
|
40
|
-
ssl_set(:ssl_crl, file)
|
41
|
-
end
|
42
|
-
|
43
|
-
def ssl_prefer_server_ciphers(bool)
|
44
|
-
ssl_set(:ssl_prefer_server_ciphers, check_bool(bool))
|
45
|
-
end
|
46
|
-
|
47
|
-
def ssl_protocols(list)
|
48
|
-
ssl_set(:ssl_protocols, list)
|
49
|
-
end
|
50
|
-
|
51
|
-
def ssl_verify_client(on_off_optional)
|
52
|
-
ssl_set(:ssl_verify_client, on_off_optional)
|
53
|
-
end
|
54
|
-
|
55
|
-
def ssl_session_timeout(seconds)
|
56
|
-
ssl_set(:ssl_session_timeout, seconds)
|
57
|
-
end
|
58
|
-
|
59
|
-
def ssl_verify_depth(depth)
|
60
|
-
ssl_set(:ssl_verify_depth, depth)
|
61
|
-
end
|
62
|
-
|
63
|
-
# Allows specifying an engine for OpenSSL to use. We have not been
|
64
|
-
# able to successfully test this feature due to a lack of hardware,
|
65
|
-
# Reports of success or patches to mongrel-unicorn@rubyforge.org is
|
66
|
-
# greatly appreciated.
|
67
|
-
def ssl_engine(engine)
|
68
|
-
ssl_warn_global(:ssl_engine)
|
69
|
-
ssl_require!
|
70
|
-
OpenSSL::Engine.load
|
71
|
-
OpenSSL::Engine.by_id(engine)
|
72
|
-
@set[:ssl_engine] = engine
|
73
|
-
end
|
74
|
-
|
75
|
-
def ssl_compression(bool)
|
76
|
-
# OpenSSL uses the SSL_OP_NO_COMPRESSION flag, Flipper follows suit
|
77
|
-
# with :ssl_no_compression, but we negate it to avoid exposing double
|
78
|
-
# negatives to the user.
|
79
|
-
ssl_set(:ssl_no_compression, check_bool(:ssl_compression, ! bool))
|
80
|
-
end
|
81
|
-
|
82
|
-
private
|
83
|
-
|
84
|
-
def ssl_warn_global(func) # :nodoc:
|
85
|
-
Hash === @set[:ssl_opts] or return
|
86
|
-
warn("`#{func}' affects all SSL contexts in this process, " \
|
87
|
-
"not just this block")
|
88
|
-
end
|
89
|
-
|
90
|
-
def ssl_set(key, value) # :nodoc:
|
91
|
-
cur = @set[:ssl_opts]
|
92
|
-
Hash === cur or
|
93
|
-
raise ArgumentError, "#{key} must be called inside an `ssl' block"
|
94
|
-
cur[key] = value
|
95
|
-
end
|
96
|
-
|
97
|
-
def ssl_require! # :nodoc:
|
98
|
-
require "flipper"
|
99
|
-
require "unicorn/ssl_client"
|
100
|
-
rescue LoadError
|
101
|
-
warn "install 'kgio-monkey' for SSL support"
|
102
|
-
raise
|
103
|
-
end
|
104
|
-
end
|
data/lib/unicorn/ssl_server.rb
DELETED
@@ -1,42 +0,0 @@
|
|
1
|
-
# -*- encoding: binary -*-
|
2
|
-
# :stopdoc:
|
3
|
-
# this module is meant to be included in Unicorn::HttpServer
|
4
|
-
# It is an implementation detail and NOT meant for users.
|
5
|
-
module Unicorn::SSLServer
|
6
|
-
attr_accessor :ssl_engine
|
7
|
-
|
8
|
-
def ssl_enable!
|
9
|
-
sni_hostnames = rack_sni_hostnames(@app)
|
10
|
-
seen = {} # we map a single SSLContext to multiple listeners
|
11
|
-
listener_ctx = {}
|
12
|
-
@listener_opts.each do |address, address_opts|
|
13
|
-
ssl_opts = address_opts[:ssl_opts] or next
|
14
|
-
listener_ctx[address] = seen[ssl_opts.object_id] ||= begin
|
15
|
-
unless sni_hostnames.empty?
|
16
|
-
ssl_opts = ssl_opts.dup
|
17
|
-
ssl_opts[:sni_hostnames] = sni_hostnames
|
18
|
-
end
|
19
|
-
ctx = Flipper.ssl_context(ssl_opts)
|
20
|
-
# FIXME: make configurable
|
21
|
-
ctx.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_OFF
|
22
|
-
ctx
|
23
|
-
end
|
24
|
-
end
|
25
|
-
Unicorn::HttpServer::LISTENERS.each do |listener|
|
26
|
-
ctx = listener_ctx[sock_name(listener)] or next
|
27
|
-
listener.extend(Kgio::SSLServer)
|
28
|
-
listener.ssl_ctx = ctx
|
29
|
-
listener.kgio_ssl_class = Unicorn::SSLClient
|
30
|
-
end
|
31
|
-
end
|
32
|
-
|
33
|
-
# ugh, this depends on Rack internals...
|
34
|
-
def rack_sni_hostnames(rack_app) # :nodoc:
|
35
|
-
hostnames = {}
|
36
|
-
if Rack::URLMap === rack_app
|
37
|
-
mapping = rack_app.instance_variable_get(:@mapping)
|
38
|
-
mapping.each { |hostname,_,_,_| hostnames[hostname] = true }
|
39
|
-
end
|
40
|
-
hostnames.keys
|
41
|
-
end
|
42
|
-
end
|
data/local.mk.sample
DELETED
@@ -1,59 +0,0 @@
|
|
1
|
-
# this is the local.mk file used by Eric Wong on his dev boxes.
|
2
|
-
# GNUmakefile will source local.mk in the top-level source tree
|
3
|
-
# if it is present.
|
4
|
-
#
|
5
|
-
# This is depends on a bunch of GNU-isms from bash, sed, touch.
|
6
|
-
|
7
|
-
DLEXT := so
|
8
|
-
|
9
|
-
# Avoid loading rubygems to speed up tests because gmake is
|
10
|
-
# fork+exec heavy with Ruby.
|
11
|
-
prefix = $(HOME)
|
12
|
-
|
13
|
-
# XXX clean this up
|
14
|
-
ifeq ($(r192),)
|
15
|
-
ifeq ($(r19),)
|
16
|
-
ifeq ($(rbx),)
|
17
|
-
ifeq ($(r186),)
|
18
|
-
RUBY := $(prefix)/bin/ruby
|
19
|
-
else
|
20
|
-
prefix := $(prefix)/r186-p114
|
21
|
-
export PATH := $(prefix)/bin:$(PATH)
|
22
|
-
RUBY := $(prefix)/bin/ruby
|
23
|
-
endif
|
24
|
-
else
|
25
|
-
prefix := $(prefix)/rbx
|
26
|
-
export PATH := $(prefix)/bin:$(PATH)
|
27
|
-
RUBY := $(prefix)/bin/rbx
|
28
|
-
endif
|
29
|
-
else
|
30
|
-
prefix := $(prefix)/ruby-1.9
|
31
|
-
export PATH := $(prefix)/bin:$(PATH)
|
32
|
-
RUBY := $(prefix)/bin/ruby --disable-gems
|
33
|
-
endif
|
34
|
-
else
|
35
|
-
prefix := $(prefix)/ruby-1.9.2
|
36
|
-
export PATH := $(prefix)/bin:$(PATH)
|
37
|
-
RUBY := $(prefix)/bin/ruby --disable-gems
|
38
|
-
endif
|
39
|
-
|
40
|
-
# pipefail is THE reason to use bash (v3+) or never revisions of ksh93
|
41
|
-
# SHELL := /bin/bash -e -o pipefail
|
42
|
-
SHELL := /bin/ksh93 -e -o pipefail
|
43
|
-
|
44
|
-
full-test: test-18 test-191 test-192 test-rbx test-186
|
45
|
-
|
46
|
-
# FIXME: keep eye on Rubinius activity and wait for fixes from upstream
|
47
|
-
# so we don't need RBX_SKIP anymore
|
48
|
-
test-rbx: export RBX_SKIP := 1
|
49
|
-
test-rbx: export RUBY := $(RUBY)
|
50
|
-
test-rbx:
|
51
|
-
$(MAKE) test test-integration rbx=T 2>&1 |sed -e 's!^!rbx !'
|
52
|
-
test-186:
|
53
|
-
$(MAKE) test-all r186=1 2>&1 |sed 's!^!1.8.6 !'
|
54
|
-
test-18:
|
55
|
-
$(MAKE) test-all 2>&1 |sed 's!^!1.8 !'
|
56
|
-
test-191:
|
57
|
-
$(MAKE) test-all r19=1 2>&1 |sed 's!^!1.9.1 !'
|
58
|
-
test-192:
|
59
|
-
$(MAKE) test-all r192=1 2>&1 |sed 's!^!1.9.2 !'
|
data/script/isolate_for_tests
DELETED
@@ -1,31 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
# scripts/Makefiles can read and eval the output of this script and
|
3
|
-
# use it as RUBYLIB
|
4
|
-
require 'rubygems'
|
5
|
-
require 'isolate'
|
6
|
-
fp = File.open(__FILE__, "rb")
|
7
|
-
fp.flock(File::LOCK_EX)
|
8
|
-
|
9
|
-
ruby_engine = defined?(RUBY_ENGINE) ? RUBY_ENGINE : 'ruby'
|
10
|
-
opts = {
|
11
|
-
:system => false,
|
12
|
-
# we want "ruby-1.8.7" and not "ruby-1.8", so disable :multiruby
|
13
|
-
:multiruby => false,
|
14
|
-
:path => "tmp/isolate/#{ruby_engine}-#{RUBY_VERSION}",
|
15
|
-
}
|
16
|
-
|
17
|
-
pid = fork do
|
18
|
-
Isolate.now!(opts) do
|
19
|
-
gem 'raindrops', '0.13.0'
|
20
|
-
gem 'kgio', '2.9.2'
|
21
|
-
gem 'rack', '1.5.2'
|
22
|
-
end
|
23
|
-
end
|
24
|
-
_, status = Process.waitpid2(pid)
|
25
|
-
status.success? or abort status.inspect
|
26
|
-
lib_paths = Dir["#{opts[:path]}/gems/*-*/lib"].map { |x| File.expand_path(x) }
|
27
|
-
dst = "tmp/isolate/#{ruby_engine}-#{RUBY_VERSION}.mk"
|
28
|
-
File.open("#{dst}.#$$", "w") do |fp|
|
29
|
-
fp.puts "ISOLATE_LIBS=#{lib_paths.join(':')}"
|
30
|
-
end
|
31
|
-
File.rename("#{dst}.#$$", dst)
|
@@ -1,30 +0,0 @@
|
|
1
|
-
#!/bin/sh
|
2
|
-
. ./test-lib.sh
|
3
|
-
t_plan 5 "trust_x_forwarded=false configuration test"
|
4
|
-
|
5
|
-
t_begin "setup and start" && {
|
6
|
-
unicorn_setup
|
7
|
-
echo "trust_x_forwarded false" >> $unicorn_config
|
8
|
-
unicorn -D -c $unicorn_config env.ru
|
9
|
-
unicorn_wait_start
|
10
|
-
}
|
11
|
-
|
12
|
-
t_begin "spoofed request with X-Forwarded-Proto does not trigger" && {
|
13
|
-
curl -H 'X-Forwarded-Proto: https' http://$listen/ | \
|
14
|
-
grep -F '"rack.url_scheme"=>"http"'
|
15
|
-
}
|
16
|
-
|
17
|
-
t_begin "spoofed request with X-Forwarded-SSL does not trigger" && {
|
18
|
-
curl -H 'X-Forwarded-SSL: on' http://$listen/ | \
|
19
|
-
grep -F '"rack.url_scheme"=>"http"'
|
20
|
-
}
|
21
|
-
|
22
|
-
t_begin "killing succeeds" && {
|
23
|
-
kill $unicorn_pid
|
24
|
-
}
|
25
|
-
|
26
|
-
t_begin "check stderr has no errors" && {
|
27
|
-
check_stderr
|
28
|
-
}
|
29
|
-
|
30
|
-
t_done
|
@@ -1,30 +0,0 @@
|
|
1
|
-
#!/bin/sh
|
2
|
-
. ./test-lib.sh
|
3
|
-
t_plan 5 "trust_x_forwarded=true configuration test"
|
4
|
-
|
5
|
-
t_begin "setup and start" && {
|
6
|
-
unicorn_setup
|
7
|
-
echo "trust_x_forwarded true " >> $unicorn_config
|
8
|
-
unicorn -D -c $unicorn_config env.ru
|
9
|
-
unicorn_wait_start
|
10
|
-
}
|
11
|
-
|
12
|
-
t_begin "spoofed request with X-Forwarded-Proto sets 'https'" && {
|
13
|
-
curl -H 'X-Forwarded-Proto: https' http://$listen/ | \
|
14
|
-
grep -F '"rack.url_scheme"=>"https"'
|
15
|
-
}
|
16
|
-
|
17
|
-
t_begin "spoofed request with X-Forwarded-SSL sets 'https'" && {
|
18
|
-
curl -H 'X-Forwarded-SSL: on' http://$listen/ | \
|
19
|
-
grep -F '"rack.url_scheme"=>"https"'
|
20
|
-
}
|
21
|
-
|
22
|
-
t_begin "killing succeeds" && {
|
23
|
-
kill $unicorn_pid
|
24
|
-
}
|
25
|
-
|
26
|
-
t_begin "check stderr has no errors" && {
|
27
|
-
check_stderr
|
28
|
-
}
|
29
|
-
|
30
|
-
t_done
|
@@ -1,38 +0,0 @@
|
|
1
|
-
# -*- encoding: binary -*-
|
2
|
-
require 'test/test_helper'
|
3
|
-
|
4
|
-
include Unicorn
|
5
|
-
|
6
|
-
class HttpParserXFTrustTest < Test::Unit::TestCase
|
7
|
-
def setup
|
8
|
-
assert HttpParser.trust_x_forwarded?
|
9
|
-
end
|
10
|
-
|
11
|
-
def test_xf_trust_false_xfp
|
12
|
-
HttpParser.trust_x_forwarded = false
|
13
|
-
parser = HttpParser.new
|
14
|
-
parser.buf << "GET / HTTP/1.1\r\nHost: foo:\r\n" \
|
15
|
-
"X-Forwarded-Proto: https\r\n\r\n"
|
16
|
-
env = parser.parse
|
17
|
-
assert_kind_of Hash, env
|
18
|
-
assert_equal 'foo', env['SERVER_NAME']
|
19
|
-
assert_equal '80', env['SERVER_PORT']
|
20
|
-
assert_equal 'http', env['rack.url_scheme']
|
21
|
-
end
|
22
|
-
|
23
|
-
def test_xf_trust_false_xfs
|
24
|
-
HttpParser.trust_x_forwarded = false
|
25
|
-
parser = HttpParser.new
|
26
|
-
parser.buf << "GET / HTTP/1.1\r\nHost: foo:\r\n" \
|
27
|
-
"X-Forwarded-SSL: on\r\n\r\n"
|
28
|
-
env = parser.parse
|
29
|
-
assert_kind_of Hash, env
|
30
|
-
assert_equal 'foo', env['SERVER_NAME']
|
31
|
-
assert_equal '80', env['SERVER_PORT']
|
32
|
-
assert_equal 'http', env['rack.url_scheme']
|
33
|
-
end
|
34
|
-
|
35
|
-
def teardown
|
36
|
-
HttpParser.trust_x_forwarded = true
|
37
|
-
end
|
38
|
-
end
|