webrick 1.3.1 → 1.5.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of webrick might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/Gemfile +3 -0
- data/LICENSE.txt +22 -0
- data/README.md +63 -0
- data/Rakefile +10 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/lib/webrick/accesslog.rb +9 -1
- data/lib/webrick/cgi.rb +58 -5
- data/lib/webrick/compat.rb +2 -1
- data/lib/webrick/config.rb +47 -10
- data/lib/webrick/cookie.rb +69 -7
- data/lib/webrick/htmlutils.rb +4 -2
- data/lib/webrick/httpauth/authenticator.rb +13 -8
- data/lib/webrick/httpauth/basicauth.rb +16 -8
- data/lib/webrick/httpauth/digestauth.rb +35 -32
- data/lib/webrick/httpauth/htdigest.rb +12 -8
- data/lib/webrick/httpauth/htgroup.rb +10 -6
- data/lib/webrick/httpauth/htpasswd.rb +46 -9
- data/lib/webrick/httpauth/userdb.rb +1 -0
- data/lib/webrick/httpauth.rb +6 -5
- data/lib/webrick/httpproxy.rb +93 -48
- data/lib/webrick/httprequest.rb +192 -27
- data/lib/webrick/httpresponse.rb +221 -70
- data/lib/webrick/https.rb +90 -2
- data/lib/webrick/httpserver.rb +45 -15
- data/lib/webrick/httpservlet/abstract.rb +5 -6
- data/lib/webrick/httpservlet/cgi_runner.rb +3 -2
- data/lib/webrick/httpservlet/cgihandler.rb +22 -10
- data/lib/webrick/httpservlet/erbhandler.rb +4 -3
- data/lib/webrick/httpservlet/filehandler.rb +136 -65
- data/lib/webrick/httpservlet/prochandler.rb +15 -1
- data/lib/webrick/httpservlet.rb +6 -5
- data/lib/webrick/httpstatus.rb +24 -14
- data/lib/webrick/httputils.rb +133 -13
- data/lib/webrick/httpversion.rb +28 -1
- data/lib/webrick/log.rb +25 -5
- data/lib/webrick/server.rb +234 -74
- data/lib/webrick/ssl.rb +100 -12
- data/lib/webrick/utils.rb +98 -69
- data/lib/webrick/version.rb +6 -1
- data/lib/webrick.rb +7 -7
- data/webrick.gemspec +76 -0
- metadata +70 -69
- data/README.txt +0 -21
- data/sample/webrick/demo-app.rb +0 -66
- data/sample/webrick/demo-multipart.cgi +0 -12
- data/sample/webrick/demo-servlet.rb +0 -6
- data/sample/webrick/demo-urlencoded.cgi +0 -12
- data/sample/webrick/hello.cgi +0 -11
- data/sample/webrick/hello.rb +0 -8
- data/sample/webrick/httpd.rb +0 -23
- data/sample/webrick/httpproxy.rb +0 -25
- data/sample/webrick/httpsd.rb +0 -33
- data/test/openssl/utils.rb +0 -313
- data/test/ruby/envutil.rb +0 -208
- data/test/webrick/test_cgi.rb +0 -134
- data/test/webrick/test_cookie.rb +0 -131
- data/test/webrick/test_filehandler.rb +0 -285
- data/test/webrick/test_httpauth.rb +0 -167
- data/test/webrick/test_httpproxy.rb +0 -282
- data/test/webrick/test_httprequest.rb +0 -411
- data/test/webrick/test_httpresponse.rb +0 -49
- data/test/webrick/test_httpserver.rb +0 -305
- data/test/webrick/test_httputils.rb +0 -96
- data/test/webrick/test_httpversion.rb +0 -40
- data/test/webrick/test_server.rb +0 -67
- data/test/webrick/test_utils.rb +0 -64
- data/test/webrick/utils.rb +0 -58
- data/test/webrick/webrick.cgi +0 -36
- data/test/webrick/webrick_long_filename.cgi +0 -36
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 97da95d5faf45f62560954f75b5fb1536ffdb804a991adbfc1a8da2f312282fb
|
4
|
+
data.tar.gz: c4b305ec0e615913868e1707c42656faa197f6f7a26af17505d7b5b38cbaf9dc
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 62878410914483e24c84430af518e417f985e2471b8907655d2a096966afdd5f872c29f2d65dc6ee88ab4df216f7077678b5cdf04ba021185f1b40402e565114
|
7
|
+
data.tar.gz: ec3e25caa3db02dcf9e7d8dc916cab302c571ba6acb1810681e2051ab7fb35eae06752189a0701c6dee9cd4b5e91f7361c78ceb36e779ed82488702c87d305d9
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (C) 1993-2013 Yukihiro Matsumoto. All rights reserved.
|
2
|
+
|
3
|
+
Redistribution and use in source and binary forms, with or without
|
4
|
+
modification, are permitted provided that the following conditions
|
5
|
+
are met:
|
6
|
+
1. Redistributions of source code must retain the above copyright
|
7
|
+
notice, this list of conditions and the following disclaimer.
|
8
|
+
2. Redistributions in binary form must reproduce the above copyright
|
9
|
+
notice, this list of conditions and the following disclaimer in the
|
10
|
+
documentation and/or other materials provided with the distribution.
|
11
|
+
|
12
|
+
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
13
|
+
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
14
|
+
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
15
|
+
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
16
|
+
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
17
|
+
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
18
|
+
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
19
|
+
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
20
|
+
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
21
|
+
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
22
|
+
SUCH DAMAGE.
|
data/README.md
ADDED
@@ -0,0 +1,63 @@
|
|
1
|
+
# Webrick
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/ruby/webrick.svg?branch=master)](https://travis-ci.org/ruby/webrick)
|
4
|
+
|
5
|
+
WEBrick is an HTTP server toolkit that can be configured as an HTTPS server, a proxy server, and a virtual-host server.
|
6
|
+
|
7
|
+
WEBrick features complete logging of both server operations and HTTP access.
|
8
|
+
|
9
|
+
WEBrick supports both basic and digest authentication in addition to algorithms not in RFC 2617.
|
10
|
+
|
11
|
+
A WEBrick server can be composed of multiple WEBrick servers or servlets to provide differing behavior on a per-host or per-path basis. WEBrick includes servlets for handling CGI scripts, ERB pages, Ruby blocks and directory listings.
|
12
|
+
|
13
|
+
WEBrick also includes tools for daemonizing a process and starting a process at a higher privilege level and dropping permissions.
|
14
|
+
|
15
|
+
## Installation
|
16
|
+
|
17
|
+
Add this line to your application's Gemfile:
|
18
|
+
|
19
|
+
```ruby
|
20
|
+
gem 'webrick'
|
21
|
+
```
|
22
|
+
|
23
|
+
And then execute:
|
24
|
+
|
25
|
+
$ bundle
|
26
|
+
|
27
|
+
Or install it yourself as:
|
28
|
+
|
29
|
+
$ gem install webrick
|
30
|
+
|
31
|
+
## Usage
|
32
|
+
|
33
|
+
To create a new WEBrick::HTTPServer that will listen to connections on port 8000 and serve documents from the current user's public_html folder:
|
34
|
+
|
35
|
+
```ruby
|
36
|
+
require 'webrick'
|
37
|
+
|
38
|
+
root = File.expand_path '~/public_html'
|
39
|
+
server = WEBrick::HTTPServer.new :Port => 8000, :DocumentRoot => root
|
40
|
+
```
|
41
|
+
|
42
|
+
To run the server you will need to provide a suitable shutdown hook as
|
43
|
+
starting the server blocks the current thread:
|
44
|
+
|
45
|
+
```ruby
|
46
|
+
trap 'INT' do server.shutdown end
|
47
|
+
|
48
|
+
server.start
|
49
|
+
```
|
50
|
+
|
51
|
+
## Development
|
52
|
+
|
53
|
+
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
54
|
+
|
55
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
56
|
+
|
57
|
+
## Contributing
|
58
|
+
|
59
|
+
Bug reports and Patch are welcome on https://bugs.ruby-lang.org/.
|
60
|
+
|
61
|
+
## License
|
62
|
+
|
63
|
+
The gem is available as open source under the terms of the [2-Clause BSD License](https://opensource.org/licenses/BSD-2-Clause).
|
data/Rakefile
ADDED
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "webrick"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
# require "pry"
|
11
|
+
# Pry.start
|
12
|
+
|
13
|
+
require "irb"
|
14
|
+
IRB.start(__FILE__)
|
data/bin/setup
ADDED
data/lib/webrick/accesslog.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: false
|
1
2
|
#--
|
2
3
|
# accesslog.rb -- Access log handling utilities
|
3
4
|
#
|
@@ -85,7 +86,7 @@ module WEBrick
|
|
85
86
|
# %q:: Request query string
|
86
87
|
# %r:: First line of the request
|
87
88
|
# %s:: Request status
|
88
|
-
# %t:: Time the request was
|
89
|
+
# %t:: Time the request was received
|
89
90
|
# %T:: Time taken to process the request
|
90
91
|
# %u:: Remote user from auth
|
91
92
|
# %U:: Unparsed URI
|
@@ -115,6 +116,10 @@ module WEBrick
|
|
115
116
|
params
|
116
117
|
end
|
117
118
|
|
119
|
+
##
|
120
|
+
# Formats +params+ according to +format_string+ which is described in
|
121
|
+
# setup_params.
|
122
|
+
|
118
123
|
def format(format_string, params)
|
119
124
|
format_string.gsub(/\%(?:\{(.*?)\})?>?([a-zA-Z%])/){
|
120
125
|
param, spec = $1, $2
|
@@ -140,6 +145,9 @@ module WEBrick
|
|
140
145
|
}
|
141
146
|
end
|
142
147
|
|
148
|
+
##
|
149
|
+
# Escapes control characters in +data+
|
150
|
+
|
143
151
|
def escape(data)
|
144
152
|
if data.tainted?
|
145
153
|
data.gsub(/[[:cntrl:]\\]+/) {$&.dump[1...-1]}.untaint
|
data/lib/webrick/cgi.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: false
|
1
2
|
#
|
2
3
|
# cgi.rb -- Yet another CGI library
|
3
4
|
#
|
@@ -7,16 +8,50 @@
|
|
7
8
|
#
|
8
9
|
# $Id$
|
9
10
|
|
10
|
-
|
11
|
-
|
12
|
-
|
11
|
+
require_relative "httprequest"
|
12
|
+
require_relative "httpresponse"
|
13
|
+
require_relative "config"
|
13
14
|
require "stringio"
|
14
15
|
|
15
16
|
module WEBrick
|
17
|
+
|
18
|
+
# A CGI library using WEBrick requests and responses.
|
19
|
+
#
|
20
|
+
# Example:
|
21
|
+
#
|
22
|
+
# class MyCGI < WEBrick::CGI
|
23
|
+
# def do_GET req, res
|
24
|
+
# res.body = 'it worked!'
|
25
|
+
# res.status = 200
|
26
|
+
# end
|
27
|
+
# end
|
28
|
+
#
|
29
|
+
# MyCGI.new.start
|
30
|
+
|
16
31
|
class CGI
|
32
|
+
|
33
|
+
# The CGI error exception class
|
34
|
+
|
17
35
|
CGIError = Class.new(StandardError)
|
18
36
|
|
19
|
-
|
37
|
+
##
|
38
|
+
# The CGI configuration. This is based on WEBrick::Config::HTTP
|
39
|
+
|
40
|
+
attr_reader :config
|
41
|
+
|
42
|
+
##
|
43
|
+
# The CGI logger
|
44
|
+
|
45
|
+
attr_reader :logger
|
46
|
+
|
47
|
+
##
|
48
|
+
# Creates a new CGI interface.
|
49
|
+
#
|
50
|
+
# The first argument in +args+ is a configuration hash which would update
|
51
|
+
# WEBrick::Config::HTTP.
|
52
|
+
#
|
53
|
+
# Any remaining arguments are stored in the <code>@options</code> instance
|
54
|
+
# variable for use by a subclass.
|
20
55
|
|
21
56
|
def initialize(*args)
|
22
57
|
if defined?(MOD_RUBY)
|
@@ -41,10 +76,17 @@ module WEBrick
|
|
41
76
|
@options = args
|
42
77
|
end
|
43
78
|
|
79
|
+
##
|
80
|
+
# Reads +key+ from the configuration
|
81
|
+
|
44
82
|
def [](key)
|
45
83
|
@config[key]
|
46
84
|
end
|
47
85
|
|
86
|
+
##
|
87
|
+
# Starts the CGI process with the given environment +env+ and standard
|
88
|
+
# input and output +stdin+ and +stdout+.
|
89
|
+
|
48
90
|
def start(env=ENV, stdin=$stdin, stdout=$stdout)
|
49
91
|
sock = WEBrick::CGI::Socket.new(@config, env, stdin, stdout)
|
50
92
|
req = HTTPRequest.new(@config)
|
@@ -108,6 +150,10 @@ module WEBrick
|
|
108
150
|
end
|
109
151
|
end
|
110
152
|
|
153
|
+
##
|
154
|
+
# Services the request +req+ which will fill in the response +res+. See
|
155
|
+
# WEBrick::HTTPServlet::AbstractServlet#service for details.
|
156
|
+
|
111
157
|
def service(req, res)
|
112
158
|
method_name = "do_" + req.request_method.gsub(/-/, "_")
|
113
159
|
if respond_to?(method_name)
|
@@ -118,7 +164,10 @@ module WEBrick
|
|
118
164
|
end
|
119
165
|
end
|
120
166
|
|
121
|
-
|
167
|
+
##
|
168
|
+
# Provides HTTP socket emulation from the CGI environment
|
169
|
+
|
170
|
+
class Socket # :nodoc:
|
122
171
|
include Enumerable
|
123
172
|
|
124
173
|
private
|
@@ -216,6 +265,10 @@ module WEBrick
|
|
216
265
|
@out_port << data
|
217
266
|
end
|
218
267
|
|
268
|
+
def write(data)
|
269
|
+
@out_port.write(data)
|
270
|
+
end
|
271
|
+
|
219
272
|
def cert
|
220
273
|
return nil unless defined?(OpenSSL)
|
221
274
|
if pem = @env["SSL_SERVER_CERT"]
|
data/lib/webrick/compat.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: false
|
1
2
|
#
|
2
3
|
# compat.rb -- cross platform compatibility
|
3
4
|
#
|
@@ -9,7 +10,7 @@
|
|
9
10
|
# $IPR: compat.rb,v 1.6 2002/10/01 17:16:32 gotoyuzo Exp $
|
10
11
|
|
11
12
|
##
|
12
|
-
# System call error module used by webrick for cross platform
|
13
|
+
# System call error module used by webrick for cross platform compatibility.
|
13
14
|
#
|
14
15
|
# EPROTO:: protocol error
|
15
16
|
# ECONNRESET:: remote host reset the connection request
|
data/lib/webrick/config.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: false
|
1
2
|
#
|
2
3
|
# config.rb -- Default configurations.
|
3
4
|
#
|
@@ -8,19 +9,25 @@
|
|
8
9
|
#
|
9
10
|
# $IPR: config.rb,v 1.52 2003/07/22 19:20:42 gotoyuzo Exp $
|
10
11
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
12
|
+
require_relative 'version'
|
13
|
+
require_relative 'httpversion'
|
14
|
+
require_relative 'httputils'
|
15
|
+
require_relative 'utils'
|
16
|
+
require_relative 'log'
|
16
17
|
|
17
18
|
module WEBrick
|
18
19
|
module Config
|
19
|
-
LIBDIR = File::dirname(__FILE__)
|
20
|
+
LIBDIR = File::dirname(__FILE__) # :nodoc:
|
20
21
|
|
21
22
|
# for GenericServer
|
22
|
-
General = {
|
23
|
-
|
23
|
+
General = Hash.new { |hash, key|
|
24
|
+
case key
|
25
|
+
when :ServerName
|
26
|
+
hash[key] = Utils.getservername
|
27
|
+
else
|
28
|
+
nil
|
29
|
+
end
|
30
|
+
}.update(
|
24
31
|
:BindAddress => nil, # "0.0.0.0" or "::" or nil
|
25
32
|
:Port => nil, # users MUST specify this!!
|
26
33
|
:MaxClients => 100, # maximum number of the concurrent connections
|
@@ -33,9 +40,9 @@ module WEBrick
|
|
33
40
|
:StartCallback => nil,
|
34
41
|
:StopCallback => nil,
|
35
42
|
:AcceptCallback => nil,
|
36
|
-
:DoNotReverseLookup =>
|
43
|
+
:DoNotReverseLookup => true,
|
37
44
|
:ShutdownSocketWithoutClose => false,
|
38
|
-
|
45
|
+
)
|
39
46
|
|
40
47
|
# for HTTPServer, HTTPRequest, HTTPResponse ...
|
41
48
|
HTTP = General.dup.update(
|
@@ -67,6 +74,30 @@ module WEBrick
|
|
67
74
|
:Escape8bitURI => false
|
68
75
|
)
|
69
76
|
|
77
|
+
##
|
78
|
+
# Default configuration for WEBrick::HTTPServlet::FileHandler
|
79
|
+
#
|
80
|
+
# :AcceptableLanguages::
|
81
|
+
# Array of languages allowed for accept-language. There is no default
|
82
|
+
# :DirectoryCallback::
|
83
|
+
# Allows preprocessing of directory requests. There is no default
|
84
|
+
# callback.
|
85
|
+
# :FancyIndexing::
|
86
|
+
# If true, show an index for directories. The default is true.
|
87
|
+
# :FileCallback::
|
88
|
+
# Allows preprocessing of file requests. There is no default callback.
|
89
|
+
# :HandlerCallback::
|
90
|
+
# Allows preprocessing of requests. There is no default callback.
|
91
|
+
# :HandlerTable::
|
92
|
+
# Maps file suffixes to file handlers. DefaultFileHandler is used by
|
93
|
+
# default but any servlet can be used.
|
94
|
+
# :NondisclosureName::
|
95
|
+
# Do not show files matching this array of globs. .ht* and *~ are
|
96
|
+
# excluded by default.
|
97
|
+
# :UserDir::
|
98
|
+
# Directory inside ~user to serve content from for /~user requests.
|
99
|
+
# Only works if mounted on /. Disabled by default.
|
100
|
+
|
70
101
|
FileHandler = {
|
71
102
|
:NondisclosureName => [".ht*", "*~"],
|
72
103
|
:FancyIndexing => false,
|
@@ -78,6 +109,12 @@ module WEBrick
|
|
78
109
|
:AcceptableLanguages => [] # ["en", "ja", ... ]
|
79
110
|
}
|
80
111
|
|
112
|
+
##
|
113
|
+
# Default configuration for WEBrick::HTTPAuth::BasicAuth
|
114
|
+
#
|
115
|
+
# :AutoReloadUserDB:: Reload the user database provided by :UserDB
|
116
|
+
# automatically?
|
117
|
+
|
81
118
|
BasicAuth = {
|
82
119
|
:AutoReloadUserDB => true,
|
83
120
|
}
|
data/lib/webrick/cookie.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: false
|
1
2
|
#
|
2
3
|
# cookie.rb -- Cookie class
|
3
4
|
#
|
@@ -9,17 +10,59 @@
|
|
9
10
|
# $IPR: cookie.rb,v 1.16 2002/09/21 12:23:35 gotoyuzo Exp $
|
10
11
|
|
11
12
|
require 'time'
|
12
|
-
|
13
|
+
require_relative 'httputils'
|
13
14
|
|
14
15
|
module WEBrick
|
16
|
+
|
17
|
+
##
|
18
|
+
# Processes HTTP cookies
|
19
|
+
|
15
20
|
class Cookie
|
16
21
|
|
22
|
+
##
|
23
|
+
# The cookie name
|
24
|
+
|
17
25
|
attr_reader :name
|
18
|
-
|
19
|
-
|
20
|
-
|
26
|
+
|
27
|
+
##
|
28
|
+
# The cookie value
|
29
|
+
|
30
|
+
attr_accessor :value
|
31
|
+
|
32
|
+
##
|
33
|
+
# The cookie version
|
34
|
+
|
35
|
+
attr_accessor :version
|
36
|
+
|
37
|
+
##
|
38
|
+
# The cookie domain
|
39
|
+
attr_accessor :domain
|
40
|
+
|
41
|
+
##
|
42
|
+
# The cookie path
|
43
|
+
|
44
|
+
attr_accessor :path
|
45
|
+
|
46
|
+
##
|
47
|
+
# Is this a secure cookie?
|
48
|
+
|
49
|
+
attr_accessor :secure
|
50
|
+
|
51
|
+
##
|
52
|
+
# The cookie comment
|
53
|
+
|
54
|
+
attr_accessor :comment
|
55
|
+
|
56
|
+
##
|
57
|
+
# The maximum age of the cookie
|
58
|
+
|
59
|
+
attr_accessor :max_age
|
60
|
+
|
21
61
|
#attr_accessor :comment_url, :discard, :port
|
22
62
|
|
63
|
+
##
|
64
|
+
# Creates a new cookie with the given +name+ and +value+
|
65
|
+
|
23
66
|
def initialize(name, value)
|
24
67
|
@name = name
|
25
68
|
@value = value
|
@@ -29,14 +72,25 @@ module WEBrick
|
|
29
72
|
@expires = @comment_url = @discard = @port = nil
|
30
73
|
end
|
31
74
|
|
75
|
+
##
|
76
|
+
# Sets the cookie expiration to the time +t+. The expiration time may be
|
77
|
+
# a false value to disable expiration or a Time or HTTP format time string
|
78
|
+
# to set the expiration date.
|
79
|
+
|
32
80
|
def expires=(t)
|
33
81
|
@expires = t && (t.is_a?(Time) ? t.httpdate : t.to_s)
|
34
82
|
end
|
35
83
|
|
84
|
+
##
|
85
|
+
# Retrieves the expiration time as a Time
|
86
|
+
|
36
87
|
def expires
|
37
88
|
@expires && Time.parse(@expires)
|
38
89
|
end
|
39
90
|
|
91
|
+
##
|
92
|
+
# The cookie string suitable for use in an HTTP header
|
93
|
+
|
40
94
|
def to_s
|
41
95
|
ret = ""
|
42
96
|
ret << @name << "=" << @value
|
@@ -50,14 +104,16 @@ module WEBrick
|
|
50
104
|
ret
|
51
105
|
end
|
52
106
|
|
53
|
-
|
54
|
-
#
|
107
|
+
##
|
108
|
+
# Parses a Cookie field sent from the user-agent. Returns an array of
|
109
|
+
# cookies.
|
110
|
+
|
55
111
|
def self.parse(str)
|
56
112
|
if str
|
57
113
|
ret = []
|
58
114
|
cookie = nil
|
59
115
|
ver = 0
|
60
|
-
str.split(
|
116
|
+
str.split(/;\s+/).each{|x|
|
61
117
|
key, val = x.split(/=/,2)
|
62
118
|
val = val ? HTTPUtils::dequote(val) : ""
|
63
119
|
case key
|
@@ -76,6 +132,9 @@ module WEBrick
|
|
76
132
|
end
|
77
133
|
end
|
78
134
|
|
135
|
+
##
|
136
|
+
# Parses the cookie in +str+
|
137
|
+
|
79
138
|
def self.parse_set_cookie(str)
|
80
139
|
cookie_elem = str.split(/;/)
|
81
140
|
first_elem = cookie_elem.shift
|
@@ -101,6 +160,9 @@ module WEBrick
|
|
101
160
|
return cookie
|
102
161
|
end
|
103
162
|
|
163
|
+
##
|
164
|
+
# Parses the cookies in +str+
|
165
|
+
|
104
166
|
def self.parse_set_cookies(str)
|
105
167
|
return str.split(/,(?=[^;,]*=)|,$/).collect{|c|
|
106
168
|
parse_set_cookie(c)
|
data/lib/webrick/htmlutils.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: false
|
1
2
|
#--
|
2
3
|
# htmlutils.rb -- HTMLUtils Module
|
3
4
|
#
|
@@ -15,12 +16,13 @@ module WEBrick
|
|
15
16
|
# Escapes &, ", > and < in +string+
|
16
17
|
|
17
18
|
def escape(string)
|
18
|
-
|
19
|
+
return "" unless string
|
20
|
+
str = string.b
|
19
21
|
str.gsub!(/&/n, '&')
|
20
22
|
str.gsub!(/\"/n, '"')
|
21
23
|
str.gsub!(/>/n, '>')
|
22
24
|
str.gsub!(/</n, '<')
|
23
|
-
str
|
25
|
+
str.force_encoding(string.encoding)
|
24
26
|
end
|
25
27
|
module_function :escape
|
26
28
|
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: false
|
1
2
|
#--
|
2
3
|
# httpauth/authenticator.rb -- Authenticator mix-in module.
|
3
4
|
#
|
@@ -16,10 +17,10 @@ module WEBrick
|
|
16
17
|
|
17
18
|
module Authenticator
|
18
19
|
|
19
|
-
RequestField = "Authorization"
|
20
|
-
ResponseField = "WWW-Authenticate"
|
21
|
-
ResponseInfoField = "Authentication-Info"
|
22
|
-
AuthException = HTTPStatus::Unauthorized
|
20
|
+
RequestField = "Authorization" # :nodoc:
|
21
|
+
ResponseField = "WWW-Authenticate" # :nodoc:
|
22
|
+
ResponseInfoField = "Authentication-Info" # :nodoc:
|
23
|
+
AuthException = HTTPStatus::Unauthorized # :nodoc:
|
23
24
|
|
24
25
|
##
|
25
26
|
# Method of authentication, must be overridden by the including class
|
@@ -43,6 +44,8 @@ module WEBrick
|
|
43
44
|
|
44
45
|
private
|
45
46
|
|
47
|
+
# :stopdoc:
|
48
|
+
|
46
49
|
##
|
47
50
|
# Initializes the authenticator from +config+
|
48
51
|
|
@@ -96,6 +99,8 @@ module WEBrick
|
|
96
99
|
log(:info, fmt, *args)
|
97
100
|
end
|
98
101
|
end
|
102
|
+
|
103
|
+
# :startdoc:
|
99
104
|
end
|
100
105
|
|
101
106
|
##
|
@@ -103,10 +108,10 @@ module WEBrick
|
|
103
108
|
# authentication schemes for proxies.
|
104
109
|
|
105
110
|
module ProxyAuthenticator
|
106
|
-
RequestField = "Proxy-Authorization"
|
107
|
-
ResponseField = "Proxy-Authenticate"
|
108
|
-
InfoField = "Proxy-Authentication-Info"
|
109
|
-
AuthException = HTTPStatus::ProxyAuthenticationRequired
|
111
|
+
RequestField = "Proxy-Authorization" # :nodoc:
|
112
|
+
ResponseField = "Proxy-Authenticate" # :nodoc:
|
113
|
+
InfoField = "Proxy-Authentication-Info" # :nodoc:
|
114
|
+
AuthException = HTTPStatus::ProxyAuthenticationRequired # :nodoc:
|
110
115
|
end
|
111
116
|
end
|
112
117
|
end
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: false
|
1
2
|
#
|
2
3
|
# httpauth/basicauth.rb -- HTTP basic access authentication
|
3
4
|
#
|
@@ -7,9 +8,9 @@
|
|
7
8
|
#
|
8
9
|
# $IPR: basicauth.rb,v 1.5 2003/02/20 07:15:47 gotoyuzo Exp $
|
9
10
|
|
10
|
-
|
11
|
-
|
12
|
-
|
11
|
+
require_relative '../config'
|
12
|
+
require_relative '../httpstatus'
|
13
|
+
require_relative 'authenticator'
|
13
14
|
|
14
15
|
module WEBrick
|
15
16
|
module HTTPAuth
|
@@ -23,7 +24,7 @@ module WEBrick
|
|
23
24
|
#
|
24
25
|
# config = { :Realm => 'BasicAuth example realm' }
|
25
26
|
#
|
26
|
-
# htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
|
27
|
+
# htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file', password_hash: :bcrypt
|
27
28
|
# htpasswd.set_passwd config[:Realm], 'username', 'password'
|
28
29
|
# htpasswd.flush
|
29
30
|
#
|
@@ -34,7 +35,7 @@ module WEBrick
|
|
34
35
|
class BasicAuth
|
35
36
|
include Authenticator
|
36
37
|
|
37
|
-
AuthScheme = "Basic"
|
38
|
+
AuthScheme = "Basic" # :nodoc:
|
38
39
|
|
39
40
|
##
|
40
41
|
# Used by UserDB to create a basic password entry
|
@@ -80,7 +81,15 @@ module WEBrick
|
|
80
81
|
error("%s: the user is not allowed.", userid)
|
81
82
|
challenge(req, res)
|
82
83
|
end
|
83
|
-
|
84
|
+
|
85
|
+
case encpass
|
86
|
+
when /\A\$2[aby]\$/
|
87
|
+
password_matches = BCrypt::Password.new(encpass.sub(/\A\$2[aby]\$/, '$2a$')) == password
|
88
|
+
else
|
89
|
+
password_matches = password.crypt(encpass) == encpass
|
90
|
+
end
|
91
|
+
|
92
|
+
unless password_matches
|
84
93
|
error("%s: password unmatch.", userid)
|
85
94
|
challenge(req, res)
|
86
95
|
end
|
@@ -89,8 +98,7 @@ module WEBrick
|
|
89
98
|
end
|
90
99
|
|
91
100
|
##
|
92
|
-
# Returns a challenge response which asks for
|
93
|
-
# information
|
101
|
+
# Returns a challenge response which asks for authentication information
|
94
102
|
|
95
103
|
def challenge(req, res)
|
96
104
|
res[@response_field] = "#{@auth_scheme} realm=\"#{@realm}\""
|