webrick 1.3.1 → 1.4.0.beta1

data/lib/webrick/httpauth/basicauth.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: false
 #
 # httpauth/basicauth.rb -- HTTP basic access authentication
 #
@@ -34,7 +35,7 @@ module WEBrick
     class BasicAuth
       include Authenticator
 
-      AuthScheme = "Basic"
+      AuthScheme = "Basic" # :nodoc:
 
       ##
       # Used by UserDB to create a basic password entry
@@ -89,8 +90,7 @@ module WEBrick
       end
 
       ##
-      # Returns a challenge response which asks for for authentication
-      # information
+      # Returns a challenge response which asks for authentication information
 
       def challenge(req, res)
         res[@response_field] = "#{@auth_scheme} realm=\"#{@realm}\""

data/lib/webrick/httpauth/digestauth.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: false
 #
 # httpauth/digestauth.rb -- HTTP digest access authentication
 #
@@ -45,9 +46,22 @@ module WEBrick
     class DigestAuth
       include Authenticator
 
-      AuthScheme = "Digest"
-      OpaqueInfo = Struct.new(:time, :nonce, :nc)
-      attr_reader :algorithm, :qop
+      AuthScheme = "Digest" # :nodoc:
+
+      ##
+      # Struct containing the opaque portion of the digest authentication
+
+      OpaqueInfo = Struct.new(:time, :nonce, :nc) # :nodoc:
+
+      ##
+      # Digest authentication algorithm
+
+      attr_reader :algorithm
+
+      ##
+      # Quality of protection.  RFC 2617 defines "auth" and "auth-int"
+
+      attr_reader :qop
 
       ##
       # Used by UserDB to create a digest password entry
@@ -97,7 +111,7 @@ module WEBrick
         @instance_key = hexdigest(self.__id__, Time.now.to_i, Process.pid)
         @opaques = {}
         @last_nonce_expire = Time.now
-        @mutex = Mutex.new
+        @mutex = Thread::Mutex.new
       end
 
       ##
@@ -115,8 +129,7 @@ module WEBrick
       end
 
       ##
-      # Returns a challenge response which asks for for authentication
-      # information
+      # Returns a challenge response which asks for authentication information
 
       def challenge(req, res, stale=false)
         nonce = generate_next_nonce(req)
@@ -142,6 +155,8 @@ module WEBrick
 
       private
 
+      # :stopdoc:
+
       MustParams = ['username','realm','nonce','uri','response']
       MustParamsAuth = ['cnonce','nc']
 
@@ -189,7 +204,7 @@ module WEBrick
 
         password = @userdb.get_passwd(@realm, auth_req['username'], @reload_db)
         unless password
-          error('%s: the user is not allowd.', auth_req['username'])
+          error('%s: the user is not allowed.', auth_req['username'])
           return false
         end
 
@@ -297,7 +312,7 @@ module WEBrick
       def generate_next_nonce(req)
         now = "%012d" % req.request_time.to_i
         pk  = hexdigest(now, @instance_key)[0,32]
-        nonce = [now + ":" + pk].pack("m*").chop # it has 60 length of chars.
+        nonce = [now + ":" + pk].pack("m0") # it has 60 length of chars.
         nonce
       end
 
@@ -375,6 +390,7 @@ module WEBrick
         @h.hexdigest(args.join(":"))
       end
 
+      # :startdoc:
     end
 
     ##
@@ -384,7 +400,7 @@ module WEBrick
       include ProxyAuthenticator
 
       private
-      def check_uri(req, auth_req)
+      def check_uri(req, auth_req) # :nodoc:
         return true
       end
     end

data/lib/webrick/httpauth/htdigest.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: false
 #
 # httpauth/htdigest.rb -- Apache compatible htdigest file
 #
@@ -37,7 +38,7 @@ module WEBrick
         @path = path
         @mtime = Time.at(0)
         @digest = Hash.new
-        @mutex = Mutex::new
+        @mutex = Thread::Mutex::new
         @auth_type = DigestAuth
         open(@path,"a").close unless File::exist?(@path)
         reload
@@ -70,13 +71,16 @@ module WEBrick
 
       def flush(output=nil)
         output ||= @path
-        tmp = Tempfile.new("htpasswd", File::dirname(output))
+        tmp = Tempfile.create("htpasswd", File::dirname(output))
+        renamed = false
         begin
           each{|item| tmp.puts(item.join(":")) }
           tmp.close
           File::rename(tmp.path, output)
-        rescue
-          tmp.close(true)
+          renamed = true
+        ensure
+          tmp.close
+          File.unlink(tmp.path) if !renamed
         end
       end
 

data/lib/webrick/httpauth/htgroup.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: false
 #
 # httpauth/htgroup.rb -- Apache compatible htgroup file
 #

data/lib/webrick/httpauth/htpasswd.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: false
 #
 # httpauth/htpasswd -- Apache compatible htpasswd file
 #
@@ -75,13 +76,16 @@ module WEBrick
 
       def flush(output=nil)
         output ||= @path
-        tmp = Tempfile.new("htpasswd", File::dirname(output))
+        tmp = Tempfile.create("htpasswd", File::dirname(output))
+        renamed = false
         begin
           each{|item| tmp.puts(item.join(":")) }
           tmp.close
           File::rename(tmp.path, output)
-        rescue
-          tmp.close(true)
+          renamed = true
+        ensure
+          tmp.close
+          File.unlink(tmp.path) if !renamed
         end
       end
 

data/lib/webrick/httpauth/userdb.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: false
 #--
 # httpauth/userdb.rb -- UserDB mix-in module.
 #

data/lib/webrick/httpproxy.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: false
 #
 # httpproxy.rb -- HTTPProxy Class
 #
@@ -12,19 +13,18 @@
 require "webrick/httpserver"
 require "net/http"
 
-Net::HTTP::version_1_2 if RUBY_VERSION < "1.7"
-
 module WEBrick
-  NullReader = Object.new
-  class << NullReader
+
+  NullReader = Object.new # :nodoc:
+  class << NullReader # :nodoc:
     def read(*args)
       nil
     end
     alias gets read
   end
 
-  FakeProxyURI = Object.new
-  class << FakeProxyURI
+  FakeProxyURI = Object.new # :nodoc:
+  class << FakeProxyURI # :nodoc:
     def method_missing(meth, *args)
       if %w(scheme host port path query userinfo).member?(meth.to_s)
         return nil
@@ -33,8 +33,38 @@ module WEBrick
     end
   end
 
+  # :startdoc:
+
   ##
   # An HTTP Proxy server which proxies GET, HEAD and POST requests.
+  #
+  # To create a simple proxy server:
+  #
+  #   require 'webrick'
+  #   require 'webrick/httpproxy'
+  #
+  #   proxy = WEBrick::HTTPProxyServer.new Port: 8000
+  #
+  #   trap 'INT'  do proxy.shutdown end
+  #   trap 'TERM' do proxy.shutdown end
+  #
+  #   proxy.start
+  #
+  # See ::new for proxy-specific configuration items.
+  #
+  # == Modifying proxied responses
+  #
+  # To modify content the proxy server returns use the +:ProxyContentHandler+
+  # option:
+  #
+  #   handler = proc do |req, res|
+  #     if res['content-type'] == 'text/plain' then
+  #       res.body << "\nThis content was proxied!\n"
+  #     end
+  #   end
+  #
+  #   proxy =
+  #     WEBrick::HTTPProxyServer.new Port: 8000, ProxyContentHandler: handler
 
   class HTTPProxyServer < HTTPServer
 
@@ -46,7 +76,7 @@ module WEBrick
     #                  request
     # :ProxyVia:: Appended to the via header
     # :ProxyURI:: The proxy server's URI
-    # :ProxyContentHandler:: Called with a request and resopnse and allows
+    # :ProxyContentHandler:: Called with a request and response and allows
     #                        modification of the response
     # :ProxyTimeout:: Sets the proxy timeouts to 30 seconds for open and 60
     #                 seconds for read operations
@@ -57,6 +87,7 @@ module WEBrick
       @via = "#{c[:HTTPVersion]} #{c[:ServerName]}:#{c[:Port]}"
     end
 
+    # :stopdoc:
     def service(req, res)
       if req.request_method == "CONNECT"
         do_CONNECT(req, res)
@@ -112,7 +143,7 @@ module WEBrick
       if proxy = proxy_uri(req, res)
         proxy_request_line = "CONNECT #{host}:#{port} HTTP/1.0"
         if proxy.userinfo
-          credentials = "Basic " + [proxy.userinfo].pack("m").delete("\n")
+          credentials = "Basic " + [proxy.userinfo].pack("m0")
         end
         host, port = proxy.host, proxy.port
       end
@@ -126,12 +157,12 @@ module WEBrick
           os << proxy_request_line << CRLF
           @logger.debug("CONNECT: > #{proxy_request_line}")
           if credentials
-            @logger.debug("CONNECT: sending a credentials")
+            @logger.debug("CONNECT: sending credentials")
             os << "Proxy-Authorization: " << credentials << CRLF
           end
           os << CRLF
           proxy_status_line = os.gets(LF)
-          @logger.debug("CONNECT: read a Status-Line form the upstream server")
+          @logger.debug("CONNECT: read Status-Line from the upstream server")
           @logger.debug("CONNECT: < #{proxy_status_line}")
           if %r{^HTTP/\d+\.\d+\s+200\s*} =~ proxy_status_line
             while line = os.gets(LF)
@@ -154,7 +185,7 @@ module WEBrick
         res.send_response(ua)
         access_log(@config, req, res)
 
-        # Should clear request-line not to send the sesponse twice.
+        # Should clear request-line not to send the response twice.
         # see: HTTPServer#run
         req.parse(NullReader) rescue nil
       end
@@ -171,7 +202,7 @@ module WEBrick
             ua.syswrite(buf)
           end
         end
-      rescue => ex
+      rescue
         os.close
         @logger.debug("CONNECT #{host}:#{port}: closed")
       end
@@ -263,7 +294,7 @@ module WEBrick
       if upstream = proxy_uri(req, res)
         if upstream.userinfo
           header['proxy-authorization'] =
-            "Basic " + [upstream.userinfo].pack("m").delete("\n")
+            "Basic " + [upstream.userinfo].pack("m0")
         end
         return upstream
       end
@@ -282,7 +313,7 @@ module WEBrick
       http.start do
         if @config[:ProxyTimeout]
           ##################################   these issues are
-          http.open_timeout = 30   # secs  #   necessary (maybe bacause
+          http.open_timeout = 30   # secs  #   necessary (maybe because
           http.read_timeout = 60   # secs  #   Ruby's bug, but why?)
           ##################################
         end
@@ -301,5 +332,7 @@ module WEBrick
       set_via(res)
       res.body = response.body
     end
+
+    # :stopdoc:
   end
 end

data/lib/webrick/httprequest.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: false
 #
 # httprequest.rb -- HTTPRequest Class
 #
@@ -17,31 +18,137 @@ require 'webrick/cookie'
 module WEBrick
 
   ##
-  # An HTTP request.
+  # An HTTP request.  This is consumed by service and do_* methods in
+  # WEBrick servlets
+
   class HTTPRequest
 
-    BODY_CONTAINABLE_METHODS = [ "POST", "PUT" ]
+    BODY_CONTAINABLE_METHODS = [ "POST", "PUT" ] # :nodoc:
 
     # :section: Request line
+
+    ##
+    # The complete request line such as:
+    #
+    #   GET / HTTP/1.1
+
     attr_reader :request_line
-    attr_reader :request_method, :unparsed_uri, :http_version
+
+    ##
+    # The request method, GET, POST, PUT, etc.
+
+    attr_reader :request_method
+
+    ##
+    # The unparsed URI of the request
+
+    attr_reader :unparsed_uri
+
+    ##
+    # The HTTP version of the request
+
+    attr_reader :http_version
 
     # :section: Request-URI
-    attr_reader :request_uri, :path
-    attr_accessor :script_name, :path_info, :query_string
+
+    ##
+    # The parsed URI of the request
+
+    attr_reader :request_uri
+
+    ##
+    # The request path
+
+    attr_reader :path
+
+    ##
+    # The script name (CGI variable)
+
+    attr_accessor :script_name
+
+    ##
+    # The path info (CGI variable)
+
+    attr_accessor :path_info
+
+    ##
+    # The query from the URI of the request
+
+    attr_accessor :query_string
 
     # :section: Header and entity body
-    attr_reader :raw_header, :header, :cookies
-    attr_reader :accept, :accept_charset
-    attr_reader :accept_encoding, :accept_language
+
+    ##
+    # The raw header of the request
+
+    attr_reader :raw_header
+
+    ##
+    # The parsed header of the request
+
+    attr_reader :header
+
+    ##
+    # The parsed request cookies
+
+    attr_reader :cookies
+
+    ##
+    # The Accept header value
+
+    attr_reader :accept
+
+    ##
+    # The Accept-Charset header value
+
+    attr_reader :accept_charset
+
+    ##
+    # The Accept-Encoding header value
+
+    attr_reader :accept_encoding
+
+    ##
+    # The Accept-Language header value
+
+    attr_reader :accept_language
 
     # :section:
+
+    ##
+    # The remote user (CGI variable)
+
     attr_accessor :user
-    attr_reader :addr, :peeraddr
+
+    ##
+    # The socket address of the server
+
+    attr_reader :addr
+
+    ##
+    # The socket address of the client
+
+    attr_reader :peeraddr
+
+    ##
+    # Hash of request attributes
+
     attr_reader :attributes
+
+    ##
+    # Is this a keep-alive connection?
+
     attr_reader :keep_alive
+
+    ##
+    # The local time this request was received
+
     attr_reader :request_time
 
+    ##
+    # Creates a new HTTP request.  WEBrick::Config::HTTP is the default
+    # configuration.
+
     def initialize(config)
       @config = config
       @buffer_size = @config[:InputBufferSize]
@@ -78,6 +185,10 @@ module WEBrick
         @forwarded_server = @forwarded_for = nil
     end
 
+    ##
+    # Parses a request from +socket+.  This is called internally by
+    # WEBrick::HTTPServer.
+
     def parse(socket=nil)
       @socket = socket
       begin
@@ -126,16 +237,21 @@ module WEBrick
       end
     end
 
+    ##
     # Generate HTTP/1.1 100 continue response if the client expects it,
     # otherwise does nothing.
-    def continue
+
+    def continue # :nodoc:
       if self['expect'] == '100-continue' && @config[:HTTPVersion] >= "1.1"
         @socket << "HTTP/#{@config[:HTTPVersion]} 100 continue#{CRLF}#{CRLF}"
         @header.delete('expect')
       end
     end
 
-    def body(&block)
+    ##
+    # Returns the request body.
+
+    def body(&block) # :yields: body_chunk
       block ||= Proc.new{|chunk| @body << chunk }
       read_body(@socket, block)
       @body.empty? ? nil : @body
@@ -237,11 +353,14 @@ module WEBrick
       ret
     end
 
-    def fixup()
+    ##
+    # Consumes any remaining body and updates keep-alive status
+
+    def fixup() # :nodoc:
       begin
         body{|chunk| }   # read remaining body
       rescue HTTPStatus::Error => ex
-        @logger.error("HTTPRequest#fixup: #{ex.class} occured.")
+        @logger.error("HTTPRequest#fixup: #{ex.class} occurred.")
         @keep_alive = false
       rescue => ex
         @logger.error(ex)
@@ -251,7 +370,8 @@ module WEBrick
 
     # This method provides the metavariables defined by the revision 3
     # of "The WWW Common Gateway Interface Version 1.1"
-    # http://Web.Golux.Com/coar/cgi/
+    # To browse the current document of CGI Version 1.1, see below:
+    # http://tools.ietf.org/html/rfc3875
 
     def meta_vars
       meta = Hash.new
@@ -290,6 +410,8 @@ module WEBrick
 
     private
 
+    # :stopdoc:
+
     MAX_URI_LENGTH = 2083 # :nodoc:
 
     def read_request_line(socket)
@@ -400,7 +522,7 @@ module WEBrick
         }
       rescue Errno::ECONNRESET
         return nil
-      rescue TimeoutError
+      rescue Timeout::Error
         raise HTTPStatus::RequestTimeout
       end
     end
@@ -445,7 +567,9 @@ module WEBrick
       if @forwarded_server = self["x-forwarded-server"]
         @forwarded_server = @forwarded_server.split(",", 2).first
       end
-      @forwarded_proto = self["x-forwarded-proto"]
+      if @forwarded_proto = self["x-forwarded-proto"]
+        @forwarded_proto = @forwarded_proto.split(",", 2).first
+      end
       if host_port = self["x-forwarded-host"]
         host_port = host_port.split(",", 2).first
         @forwarded_host, tmp = host_port.split(":", 2)
@@ -457,5 +581,7 @@ module WEBrick
         @forwarded_for = addrs.first
       end
     end
+
+    # :startdoc:
   end
 end