webrick 1.3.1 → 1.6.1

data/test/webrick/test_cgi.rb

@@ -1,134 +0,0 @@
-require_relative "utils"
-require "webrick"
-require "test/unit"
-
-class TestWEBrickCGI < Test::Unit::TestCase
-  CRLF = "\r\n"
-
-  def start_cgi_server(&block)
-    config = {
-      :CGIInterpreter => TestWEBrick::RubyBin,
-      :DocumentRoot => File.dirname(__FILE__),
-      :DirectoryIndex => ["webrick.cgi"],
-      :RequestCallback => Proc.new{|req, res|
-        def req.meta_vars
-          meta = super
-          meta["RUBYLIB"] = $:.join(File::PATH_SEPARATOR)
-          meta[RbConfig::CONFIG['LIBPATHENV']] = ENV[RbConfig::CONFIG['LIBPATHENV']] if RbConfig::CONFIG['LIBPATHENV']
-          return meta
-        end
-      },
-    }
-    if RUBY_PLATFORM =~ /mswin32|mingw|cygwin|bccwin32/
-      config[:CGIPathEnv] = ENV['PATH'] # runtime dll may not be in system dir.
-    end
-    TestWEBrick.start_httpserver(config){|server, addr, port, log|
-      block.call(server, addr, port, log)
-    }
-  end
-
-  def test_cgi
-    start_cgi_server{|server, addr, port, log|
-      http = Net::HTTP.new(addr, port)
-      req = Net::HTTP::Get.new("/webrick.cgi")
-      http.request(req){|res| assert_equal("/webrick.cgi", res.body, log.call)}
-      req = Net::HTTP::Get.new("/webrick.cgi/path/info")
-      http.request(req){|res| assert_equal("/path/info", res.body, log.call)}
-      req = Net::HTTP::Get.new("/webrick.cgi/%3F%3F%3F?foo=bar")
-      http.request(req){|res| assert_equal("/???", res.body, log.call)}
-      req = Net::HTTP::Get.new("/webrick.cgi/%A4%DB%A4%B2/%A4%DB%A4%B2")
-      http.request(req){|res|
-        assert_equal("/\xA4\xDB\xA4\xB2/\xA4\xDB\xA4\xB2", res.body, log.call)}
-      req = Net::HTTP::Get.new("/webrick.cgi?a=1;a=2;b=x")
-      http.request(req){|res| assert_equal("a=1, a=2, b=x", res.body, log.call)}
-      req = Net::HTTP::Get.new("/webrick.cgi?a=1&a=2&b=x")
-      http.request(req){|res| assert_equal("a=1, a=2, b=x", res.body, log.call)}
-
-      req = Net::HTTP::Post.new("/webrick.cgi?a=x;a=y;b=1")
-      req["Content-Type"] = "application/x-www-form-urlencoded"
-      http.request(req, "a=1;a=2;b=x"){|res|
-        assert_equal("a=1, a=2, b=x", res.body, log.call)}
-      req = Net::HTTP::Post.new("/webrick.cgi?a=x&a=y&b=1")
-      req["Content-Type"] = "application/x-www-form-urlencoded"
-      http.request(req, "a=1&a=2&b=x"){|res|
-        assert_equal("a=1, a=2, b=x", res.body, log.call)}
-      req = Net::HTTP::Get.new("/")
-      http.request(req){|res|
-        ary = res.body.lines.to_a
-        assert_match(%r{/$}, ary[0], log.call)
-        assert_match(%r{/webrick.cgi$}, ary[1], log.call)
-      }
-
-      req = Net::HTTP::Get.new("/webrick.cgi")
-      req["Cookie"] = "CUSTOMER=WILE_E_COYOTE; PART_NUMBER=ROCKET_LAUNCHER_0001"
-      http.request(req){|res|
-        assert_equal(
-          "CUSTOMER=WILE_E_COYOTE\nPART_NUMBER=ROCKET_LAUNCHER_0001\n",
-          res.body, log.call)
-      }
-
-      req = Net::HTTP::Get.new("/webrick.cgi")
-      cookie =  %{$Version="1"; }
-      cookie << %{Customer="WILE_E_COYOTE"; $Path="/acme"; }
-      cookie << %{Part_Number="Rocket_Launcher_0001"; $Path="/acme"; }
-      cookie << %{Shipping="FedEx"; $Path="/acme"}
-      req["Cookie"] = cookie
-      http.request(req){|res|
-        assert_equal("Customer=WILE_E_COYOTE, Shipping=FedEx",
-                     res["Set-Cookie"], log.call)
-        assert_equal("Customer=WILE_E_COYOTE\n" +
-                     "Part_Number=Rocket_Launcher_0001\n" +
-                     "Shipping=FedEx\n", res.body, log.call)
-      }
-    }
-  end
-
-  def test_bad_request
-    start_cgi_server{|server, addr, port, log|
-      sock = TCPSocket.new(addr, port)
-      begin
-        sock << "POST /webrick.cgi HTTP/1.0" << CRLF
-        sock << "Content-Type: application/x-www-form-urlencoded" << CRLF
-        sock << "Content-Length: 1024" << CRLF
-        sock << CRLF
-        sock << "a=1&a=2&b=x"
-        sock.close_write
-        assert_match(%r{\AHTTP/\d.\d 400 Bad Request}, sock.read, log.call)
-      ensure
-        sock.close
-      end
-    }
-  end
-
-  CtrlSeq = [0x7f, *(1..31)].pack("C*").gsub(/\s+/, '')
-  CtrlPat = /#{Regexp.quote(CtrlSeq)}/o
-  DumpPat = /#{Regexp.quote(CtrlSeq.dump[1...-1])}/o
-
-  def test_bad_uri
-    start_cgi_server{|server, addr, port, log|
-      res = TCPSocket.open(addr, port) {|sock|
-        sock << "GET /#{CtrlSeq}#{CRLF}#{CRLF}"
-        sock.close_write
-        sock.read
-      }
-      assert_match(%r{\AHTTP/\d.\d 400 Bad Request}, res)
-      s = log.call.each_line.grep(/ERROR bad URI/)[0]
-      assert_match(DumpPat, s)
-      assert_not_match(CtrlPat, s)
-    }
-  end
-
-  def test_bad_header
-    start_cgi_server{|server, addr, port, log|
-      res = TCPSocket.open(addr, port) {|sock|
-        sock << "GET / HTTP/1.0#{CRLF}#{CtrlSeq}#{CRLF}#{CRLF}"
-        sock.close_write
-        sock.read
-      }
-      assert_match(%r{\AHTTP/\d.\d 400 Bad Request}, res)
-      s = log.call.each_line.grep(/ERROR bad header/)[0]
-      assert_match(DumpPat, s)
-      assert_not_match(CtrlPat, s)
-    }
-  end
-end

data/test/webrick/test_cookie.rb

@@ -1,131 +0,0 @@
-require "test/unit"
-require "webrick/cookie"
-
-class TestWEBrickCookie < Test::Unit::TestCase
-  def test_new
-    cookie = WEBrick::Cookie.new("foo","bar")
-    assert_equal("foo", cookie.name)
-    assert_equal("bar", cookie.value)
-    assert_equal("foo=bar", cookie.to_s)
-  end
-
-  def test_time
-    cookie = WEBrick::Cookie.new("foo","bar")
-    t = 1000000000
-    cookie.max_age = t
-    assert_match(t.to_s, cookie.to_s)
-
-    cookie = WEBrick::Cookie.new("foo","bar")
-    t = Time.at(1000000000)
-    cookie.expires = t
-    assert_equal(Time, cookie.expires.class)
-    assert_equal(t, cookie.expires)
-    ts = t.httpdate
-    cookie.expires = ts
-    assert_equal(Time, cookie.expires.class)
-    assert_equal(t, cookie.expires)
-    assert_match(ts, cookie.to_s)
-  end
-
-  def test_parse
-    data = ""
-    data << '$Version="1"; '
-    data << 'Customer="WILE_E_COYOTE"; $Path="/acme"; '
-    data << 'Part_Number="Rocket_Launcher_0001"; $Path="/acme"; '
-    data << 'Shipping="FedEx"; $Path="/acme"'
-    cookies = WEBrick::Cookie.parse(data)
-    assert_equal(3, cookies.size)
-    assert_equal(1, cookies[0].version)
-    assert_equal("Customer", cookies[0].name)
-    assert_equal("WILE_E_COYOTE", cookies[0].value)
-    assert_equal("/acme", cookies[0].path)
-    assert_equal(1, cookies[1].version)
-    assert_equal("Part_Number", cookies[1].name)
-    assert_equal("Rocket_Launcher_0001", cookies[1].value)
-    assert_equal(1, cookies[2].version)
-    assert_equal("Shipping", cookies[2].name)
-    assert_equal("FedEx", cookies[2].value)
-
-    data = "hoge=moge; __div__session=9865ecfd514be7f7"
-    cookies = WEBrick::Cookie.parse(data)
-    assert_equal(0, cookies[0].version)
-    assert_equal("hoge", cookies[0].name)
-    assert_equal("moge", cookies[0].value)
-    assert_equal("__div__session", cookies[1].name)
-    assert_equal("9865ecfd514be7f7", cookies[1].value)
-  end
-
-  def test_parse_no_whitespace
-    data = [
-      '$Version="1"; ',
-      'Customer="WILE_E_COYOTE";$Path="/acme";', # no SP between cookie-string
-      'Part_Number="Rocket_Launcher_0001";$Path="/acme";', # no SP between cookie-string
-      'Shipping="FedEx";$Path="/acme"'
-    ].join
-    cookies = WEBrick::Cookie.parse(data)
-    assert_equal(1, cookies.size)
-  end
-
-  def test_parse_too_much_whitespaces
-    # According to RFC6265,
-    #   cookie-string = cookie-pair *( ";" SP cookie-pair )
-    # So single 0x20 is needed after ';'. We allow multiple spaces here for
-    # compatibility with older WEBrick versions.
-    data = [
-      '$Version="1"; ',
-      'Customer="WILE_E_COYOTE";$Path="/acme";     ', # no SP between cookie-string
-      'Part_Number="Rocket_Launcher_0001";$Path="/acme";     ', # no SP between cookie-string
-      'Shipping="FedEx";$Path="/acme"'
-    ].join
-    cookies = WEBrick::Cookie.parse(data)
-    assert_equal(3, cookies.size)
-  end
-
-  def test_parse_set_cookie
-    data = %(Customer="WILE_E_COYOTE"; Version="1"; Path="/acme")
-    cookie = WEBrick::Cookie.parse_set_cookie(data)
-    assert_equal("Customer", cookie.name)
-    assert_equal("WILE_E_COYOTE", cookie.value)
-    assert_equal(1, cookie.version)
-    assert_equal("/acme", cookie.path)
-
-    data = %(Shipping="FedEx"; Version="1"; Path="/acme"; Secure)
-    cookie = WEBrick::Cookie.parse_set_cookie(data)
-    assert_equal("Shipping", cookie.name)
-    assert_equal("FedEx", cookie.value)
-    assert_equal(1, cookie.version)
-    assert_equal("/acme", cookie.path)
-    assert_equal(true, cookie.secure)
-  end
-
-  def test_parse_set_cookies
-    data = %(Shipping="FedEx"; Version="1"; Path="/acme"; Secure)
-    data << %(, CUSTOMER=WILE_E_COYOTE; path=/; expires=Wednesday, 09-Nov-99 23:12:40 GMT; path=/; Secure)
-    data << %(, name="Aaron"; Version="1"; path="/acme")
-    cookies = WEBrick::Cookie.parse_set_cookies(data)
-    assert_equal(3, cookies.length)
-
-    fed_ex = cookies.find { |c| c.name == 'Shipping' }
-    assert_not_nil(fed_ex)
-    assert_equal("Shipping", fed_ex.name)
-    assert_equal("FedEx", fed_ex.value)
-    assert_equal(1, fed_ex.version)
-    assert_equal("/acme", fed_ex.path)
-    assert_equal(true, fed_ex.secure)
-
-    name = cookies.find { |c| c.name == 'name' }
-    assert_not_nil(name)
-    assert_equal("name", name.name)
-    assert_equal("Aaron", name.value)
-    assert_equal(1, name.version)
-    assert_equal("/acme", name.path)
-
-    customer = cookies.find { |c| c.name == 'CUSTOMER' }
-    assert_not_nil(customer)
-    assert_equal("CUSTOMER", customer.name)
-    assert_equal("WILE_E_COYOTE", customer.value)
-    assert_equal(0, customer.version)
-    assert_equal("/", customer.path)
-    assert_equal(Time.utc(1999, 11, 9, 23, 12, 40), customer.expires)
-  end
-end

data/test/webrick/test_filehandler.rb

@@ -1,285 +0,0 @@
-require "test/unit"
-require_relative "utils.rb"
-require "webrick"
-require "stringio"
-
-class WEBrick::TestFileHandler < Test::Unit::TestCase
-  def default_file_handler(filename)
-    klass = WEBrick::HTTPServlet::DefaultFileHandler
-    klass.new(WEBrick::Config::HTTP, filename)
-  end
-
-  def windows?
-    File.directory?("\\")
-  end
-
-  def get_res_body(res)
-    if defined? res.body.read
-      res.body.read
-    else
-      res.body
-    end
-  end
-
-  def make_range_request(range_spec)
-    msg = <<-END_OF_REQUEST
-      GET / HTTP/1.0
-      Range: #{range_spec}
-
-    END_OF_REQUEST
-    return StringIO.new(msg.gsub(/^ {6}/, ""))
-  end
-
-  def make_range_response(file, range_spec)
-    req = WEBrick::HTTPRequest.new(WEBrick::Config::HTTP)
-    req.parse(make_range_request(range_spec))
-    res = WEBrick::HTTPResponse.new(WEBrick::Config::HTTP)
-    size = File.size(file)
-    handler = default_file_handler(file)
-    handler.make_partial_content(req, res, file, size)
-    return res
-  end
-
-  def test_make_partial_content
-    filename = __FILE__
-    filesize = File.size(filename)
-
-    res = make_range_response(filename, "bytes=#{filesize-100}-")
-    assert_match(%r{^text/plain}, res["content-type"])
-    assert_equal(get_res_body(res).size, 100)
-
-    res = make_range_response(filename, "bytes=-100")
-    assert_match(%r{^text/plain}, res["content-type"])
-    assert_equal(get_res_body(res).size, 100)
-
-    res = make_range_response(filename, "bytes=0-99")
-    assert_match(%r{^text/plain}, res["content-type"])
-    assert_equal(get_res_body(res).size, 100)
-
-    res = make_range_response(filename, "bytes=100-199")
-    assert_match(%r{^text/plain}, res["content-type"])
-    assert_equal(get_res_body(res).size, 100)
-
-    res = make_range_response(filename, "bytes=0-0")
-    assert_match(%r{^text/plain}, res["content-type"])
-    assert_equal(get_res_body(res).size, 1)
-
-    res = make_range_response(filename, "bytes=-1")
-    assert_match(%r{^text/plain}, res["content-type"])
-    assert_equal(get_res_body(res).size, 1)
-
-    res = make_range_response(filename, "bytes=0-0, -2")
-    assert_match(%r{^multipart/byteranges}, res["content-type"])
-  end
-
-  def test_filehandler
-    config = { :DocumentRoot => File.dirname(__FILE__), }
-    this_file = File.basename(__FILE__)
-    filesize = File.size(__FILE__)
-    this_data = File.open(__FILE__, "rb") {|f| f.read}
-    range = nil
-    bug2593 = '[ruby-dev:40030]'
-
-    TestWEBrick.start_httpserver(config) do |server, addr, port, log|
-      http = Net::HTTP.new(addr, port)
-      req = Net::HTTP::Get.new("/")
-      http.request(req){|res|
-        assert_equal("200", res.code, log.call)
-        assert_equal("text/html", res.content_type, log.call)
-        assert_match(/HREF="#{this_file}"/, res.body, log.call)
-      }
-      req = Net::HTTP::Get.new("/#{this_file}")
-      http.request(req){|res|
-        assert_equal("200", res.code, log.call)
-        assert_equal("text/plain", res.content_type, log.call)
-        assert_equal(File.read(__FILE__), res.body, log.call)
-      }
-
-      req = Net::HTTP::Get.new("/#{this_file}", "range"=>"bytes=#{filesize-100}-")
-      http.request(req){|res|
-        assert_equal("206", res.code, log.call)
-        assert_equal("text/plain", res.content_type, log.call)
-        assert_nothing_raised(bug2593) {range = res.content_range}
-        assert_equal((filesize-100)..(filesize-1), range, log.call)
-        assert_equal(this_data[-100..-1], res.body, log.call)
-      }
-
-      req = Net::HTTP::Get.new("/#{this_file}", "range"=>"bytes=-100")
-      http.request(req){|res|
-        assert_equal("206", res.code, log.call)
-        assert_equal("text/plain", res.content_type, log.call)
-        assert_nothing_raised(bug2593) {range = res.content_range}
-        assert_equal((filesize-100)..(filesize-1), range, log.call)
-        assert_equal(this_data[-100..-1], res.body, log.call)
-      }
-
-      req = Net::HTTP::Get.new("/#{this_file}", "range"=>"bytes=0-99")
-      http.request(req){|res|
-        assert_equal("206", res.code, log.call)
-        assert_equal("text/plain", res.content_type, log.call)
-        assert_nothing_raised(bug2593) {range = res.content_range}
-        assert_equal(0..99, range, log.call)
-        assert_equal(this_data[0..99], res.body, log.call)
-      }
-
-      req = Net::HTTP::Get.new("/#{this_file}", "range"=>"bytes=100-199")
-      http.request(req){|res|
-        assert_equal("206", res.code, log.call)
-        assert_equal("text/plain", res.content_type, log.call)
-        assert_nothing_raised(bug2593) {range = res.content_range}
-        assert_equal(100..199, range, log.call)
-        assert_equal(this_data[100..199], res.body, log.call)
-      }
-
-      req = Net::HTTP::Get.new("/#{this_file}", "range"=>"bytes=0-0")
-      http.request(req){|res|
-        assert_equal("206", res.code, log.call)
-        assert_equal("text/plain", res.content_type, log.call)
-        assert_nothing_raised(bug2593) {range = res.content_range}
-        assert_equal(0..0, range, log.call)
-        assert_equal(this_data[0..0], res.body, log.call)
-      }
-
-      req = Net::HTTP::Get.new("/#{this_file}", "range"=>"bytes=-1")
-      http.request(req){|res|
-        assert_equal("206", res.code, log.call)
-        assert_equal("text/plain", res.content_type, log.call)
-        assert_nothing_raised(bug2593) {range = res.content_range}
-        assert_equal((filesize-1)..(filesize-1), range, log.call)
-        assert_equal(this_data[-1, 1], res.body, log.call)
-      }
-
-      req = Net::HTTP::Get.new("/#{this_file}", "range"=>"bytes=0-0, -2")
-      http.request(req){|res|
-        assert_equal("206", res.code, log.call)
-        assert_equal("multipart/byteranges", res.content_type, log.call)
-      }
-
-    end
-  end
-
-  def test_non_disclosure_name
-    config = { :DocumentRoot => File.dirname(__FILE__), }
-    this_file = File.basename(__FILE__)
-    TestWEBrick.start_httpserver(config) do |server, addr, port, log|
-      http = Net::HTTP.new(addr, port)
-      doc_root_opts = server[:DocumentRootOptions]
-      doc_root_opts[:NondisclosureName] = %w(.ht* *~ test_*)
-      req = Net::HTTP::Get.new("/")
-      http.request(req){|res|
-        assert_equal("200", res.code, log.call)
-        assert_equal("text/html", res.content_type, log.call)
-        assert_no_match(/HREF="#{File.basename(__FILE__)}"/, res.body)
-      }
-      req = Net::HTTP::Get.new("/#{this_file}")
-      http.request(req){|res|
-        assert_equal("404", res.code, log.call)
-      }
-      doc_root_opts[:NondisclosureName] = %w(.ht* *~ TEST_*)
-      http.request(req){|res|
-        assert_equal("404", res.code, log.call)
-      }
-    end
-  end
-
-  def test_directory_traversal
-    config = { :DocumentRoot => File.dirname(__FILE__), }
-    this_file = File.basename(__FILE__)
-    TestWEBrick.start_httpserver(config) do |server, addr, port, log|
-      http = Net::HTTP.new(addr, port)
-      req = Net::HTTP::Get.new("/../../")
-      http.request(req){|res| assert_equal("400", res.code, log.call) }
-      req = Net::HTTP::Get.new("/..%5c../#{File.basename(__FILE__)}")
-      http.request(req){|res| assert_equal(windows? ? "200" : "404", res.code, log.call) }
-      req = Net::HTTP::Get.new("/..%5c..%5cruby.c")
-      http.request(req){|res| assert_equal("404", res.code, log.call) }
-    end
-  end
-
-  def test_unwise_in_path
-    if windows?
-      config = { :DocumentRoot => File.dirname(__FILE__), }
-      this_file = File.basename(__FILE__)
-      TestWEBrick.start_httpserver(config) do |server, addr, port, log|
-        http = Net::HTTP.new(addr, port)
-        req = Net::HTTP::Get.new("/..%5c..")
-        http.request(req){|res| assert_equal("301", res.code, log.call) }
-      end
-    end
-  end
-
-  def test_short_filename
-    config = {
-      :CGIInterpreter => TestWEBrick::RubyBin,
-      :DocumentRoot => File.dirname(__FILE__),
-      :CGIPathEnv => ENV['PATH'],
-    }
-    TestWEBrick.start_httpserver(config) do |server, addr, port, log|
-      http = Net::HTTP.new(addr, port)
-      if windows?
-        fname = nil
-        Dir.chdir(config[:DocumentRoot]) do
-          fname = IO.popen("dir /x webrick_long_filename.cgi", "r").read.match(/\s(w.+?cgi)\s/i)[1].downcase
-        end
-      else
-        fname = "webric~1.cgi"
-      end
-      req = Net::HTTP::Get.new("/#{fname}/test")
-      http.request(req) do |res|
-        if windows?
-          assert_equal("200", res.code, log.call)
-          assert_equal("/test", res.body, log.call)
-        else
-          assert_equal("404", res.code, log.call)
-        end
-      end
-
-      req = Net::HTTP::Get.new("/.htaccess")
-      http.request(req) {|res| assert_equal("404", res.code, log.call) }
-      req = Net::HTTP::Get.new("/htacce~1")
-      http.request(req) {|res| assert_equal("404", res.code, log.call) }
-      req = Net::HTTP::Get.new("/HTACCE~1")
-      http.request(req) {|res| assert_equal("404", res.code, log.call) }
-    end
-  end
-
-  def test_script_disclosure
-    config = {
-      :CGIInterpreter => TestWEBrick::RubyBin,
-      :DocumentRoot => File.dirname(__FILE__),
-      :CGIPathEnv => ENV['PATH'],
-      :RequestCallback => Proc.new{|req, res|
-        def req.meta_vars
-          meta = super
-          meta["RUBYLIB"] = $:.join(File::PATH_SEPARATOR)
-          meta[RbConfig::CONFIG['LIBPATHENV']] = ENV[RbConfig::CONFIG['LIBPATHENV']] if RbConfig::CONFIG['LIBPATHENV']
-          return meta
-        end
-      },
-    }
-    TestWEBrick.start_httpserver(config) do |server, addr, port, log|
-      http = Net::HTTP.new(addr, port)
-
-      req = Net::HTTP::Get.new("/webrick.cgi/test")
-      http.request(req) do |res|
-        assert_equal("200", res.code, log.call)
-        assert_equal("/test", res.body, log.call)
-      end
-
-      response_assertion = Proc.new do |res|
-        if windows?
-          assert_equal("200", res.code, log.call)
-          assert_equal("/test", res.body, log.call)
-        else
-          assert_equal("404", res.code, log.call)
-        end
-      end
-      req = Net::HTTP::Get.new("/webrick.cgi%20/test")
-      http.request(req, &response_assertion)
-      req = Net::HTTP::Get.new("/webrick.cgi./test")
-      http.request(req, &response_assertion)
-      req = Net::HTTP::Get.new("/webrick.cgi::$DATA/test")
-      http.request(req, &response_assertion)
-    end
-  end
-end