wsv 0.10.1 → 0.12.0

data/test/range_request_test.rb

@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+
+require_relative "test_helper"
+
+class RangeRequestTest < Minitest::Test
+  def test_nil_header_is_full
+    result = Wsv::RangeRequest.parse(nil, 100)
+
+    assert_predicate result, :full?
+  end
+
+  def test_empty_header_is_full
+    result = Wsv::RangeRequest.parse("", 100)
+
+    assert_predicate result, :full?
+  end
+
+  def test_unparseable_syntax_is_full
+    # Per RFC 7233 an unparseable Range is treated as if absent.
+    result = Wsv::RangeRequest.parse("garbage", 100)
+
+    assert_predicate result, :full?
+  end
+
+  def test_empty_range_is_full
+    # `bytes=-` matches the regex but yields no bounds; treat as absent.
+    result = Wsv::RangeRequest.parse("bytes=-", 100)
+
+    assert_predicate result, :full?
+  end
+
+  def test_bounded_range
+    result = Wsv::RangeRequest.parse("bytes=2-5", 100)
+
+    assert_predicate result, :partial?
+    assert_equal 2..5, result.bounds
+  end
+
+  def test_open_range
+    result = Wsv::RangeRequest.parse("bytes=5-", 10)
+
+    assert_predicate result, :partial?
+    assert_equal 5..9, result.bounds
+  end
+
+  def test_suffix_range
+    result = Wsv::RangeRequest.parse("bytes=-3", 10)
+
+    assert_predicate result, :partial?
+    assert_equal 7..9, result.bounds
+  end
+
+  def test_suffix_larger_than_file_clamps_to_zero
+    result = Wsv::RangeRequest.parse("bytes=-99", 10)
+
+    assert_predicate result, :partial?
+    assert_equal 0..9, result.bounds
+  end
+
+  def test_bounded_last_past_file_clamps_to_end
+    result = Wsv::RangeRequest.parse("bytes=5-99", 10)
+
+    assert_predicate result, :partial?
+    assert_equal 5..9, result.bounds
+  end
+
+  def test_zero_byte_suffix_is_unsatisfiable
+    result = Wsv::RangeRequest.parse("bytes=-0", 10)
+
+    assert_predicate result, :unsatisfiable?
+  end
+
+  def test_suffix_against_empty_file_is_unsatisfiable
+    result = Wsv::RangeRequest.parse("bytes=-3", 0)
+
+    assert_predicate result, :unsatisfiable?
+  end
+
+  def test_open_range_past_file_is_unsatisfiable
+    result = Wsv::RangeRequest.parse("bytes=10-", 5)
+
+    assert_predicate result, :unsatisfiable?
+  end
+
+  def test_bounded_first_past_file_is_unsatisfiable
+    result = Wsv::RangeRequest.parse("bytes=10-20", 5)
+
+    assert_predicate result, :unsatisfiable?
+  end
+
+  def test_inverted_bounded_range_is_unsatisfiable
+    result = Wsv::RangeRequest.parse("bytes=5-3", 100)
+
+    assert_predicate result, :unsatisfiable?
+  end
+
+  def test_bounded_range_at_exact_file_boundary
+    result = Wsv::RangeRequest.parse("bytes=0-9", 10)
+
+    assert_predicate result, :partial?
+    assert_equal(0..9, result.bounds)
+  end
+
+  def test_suffix_range_equal_to_file_size
+    result = Wsv::RangeRequest.parse("bytes=-10", 10)
+
+    assert_predicate result, :partial?
+    assert_equal(0..9, result.bounds)
+  end
+
+  def test_single_byte_range_at_last_position
+    result = Wsv::RangeRequest.parse("bytes=9-9", 10)
+
+    assert_predicate result, :partial?
+    assert_equal(9..9, result.bounds)
+  end
+
+  def test_multipart_range_is_full
+    # `bytes=0-2,5-7` doesn't match the single-range regex; treat as absent.
+    result = Wsv::RangeRequest.parse("bytes=0-2,5-7", 100)
+
+    assert_predicate result, :full?
+  end
+end

data/test/server_test.rb

@@ -5,6 +5,8 @@ require "socket"
 require_relative "test_helper"
 
 class ServerTest < Minitest::Test
+  include TlsTestHelpers
+
   def setup
     @dir = Dir.mktmpdir
     @server = nil
@@ -164,55 +166,74 @@ class ServerTest < Minitest::Test
     socket&.close
   end
 
-  def test_slow_client_does_not_block_other_clients
-    File.write(File.join(@dir, "x.txt"), "ok")
-    start_server(read_timeout: 5)
-
-    slow_socket = TCPSocket.open("127.0.0.1", @server.port)
+  def test_408_carries_cors_header_when_cors_enabled
+    start_server(read_timeout: 0.1, cors: true)
 
-    started = Time.now
-    response = get("/x.txt")
-    elapsed = Time.now - started
+    socket = TCPSocket.open("127.0.0.1", @server.port)
+    response = socket.read
 
-    assert_equal "200", response.code
-    assert_equal "ok", response.body
-    assert_operator elapsed, :<, 1.0, "request should not be serialized behind slow client"
+    assert_includes response, "HTTP/1.1 408"
+    assert_includes response, "Access-Control-Allow-Origin: *"
   ensure
-    slow_socket&.close
+    socket&.close
   end
 
-  def test_warns_when_binding_to_non_loopback
-    err = StringIO.new
-    server = Wsv::Server.new(host: "0.0.0.0", port: 0, root: @dir, out: StringIO.new, err: err)
-    server.send(:log_startup)
+  def test_414_carries_cors_header_when_cors_enabled
+    start_server(cors: true)
 
-    assert_includes err.string, "WARNING"
-    assert_includes err.string, "0.0.0.0"
+    long_path = "/" + ("a" * 9000)
+    socket = TCPSocket.open("127.0.0.1", @server.port)
+    socket.write("GET #{long_path} HTTP/1.1\r\nHost: localhost\r\n\r\n")
+    response = socket.read
+
+    assert_includes response, "HTTP/1.1 414"
+    assert_includes response, "Access-Control-Allow-Origin: *"
+  ensure
+    socket&.close
   end
 
-  def test_no_warning_for_loopback_bind
-    err = StringIO.new
-    server = Wsv::Server.new(host: "127.0.0.1", port: 0, root: @dir, out: StringIO.new, err: err)
-    server.send(:log_startup)
+  def test_200_carries_cors_header_when_cors_enabled
+    File.write(File.join(@dir, "x.txt"), "hi")
+    start_server(cors: true)
+
+    response = get("/x.txt")
 
-    refute_includes err.string, "WARNING"
+    assert_equal "200", response.code
+    assert_equal "*", response["access-control-allow-origin"]
+    assert_equal "Origin", response["vary"]
   end
 
-  def test_banner_brackets_ipv6_address_in_url
-    out = StringIO.new
-    server = Wsv::Server.new(host: "::1", port: 8000, root: @dir, out: out, err: StringIO.new)
-    server.send(:log_startup)
+  def test_options_preflight_carries_cors_headers_when_cors_enabled
+    start_server(cors: true)
 
-    assert_includes out.string, "http://[::1]:8000/"
-    refute_includes out.string, "http://::1:8000/"
+    socket = TCPSocket.open("127.0.0.1", @server.port)
+    socket.write("OPTIONS /x.txt HTTP/1.1\r\nHost: localhost\r\n" \
+                 "Access-Control-Request-Method: GET\r\n\r\n")
+    response = socket.read
+
+    assert_includes response, "HTTP/1.1 204"
+    assert_includes response, "Access-Control-Allow-Origin: *"
+    assert_includes response, "Access-Control-Allow-Methods: GET, HEAD, OPTIONS"
+    assert_includes response, "Vary: Origin"
+  ensure
+    socket&.close
   end
 
-  def test_banner_percent_encodes_ipv6_zone_identifier
-    out = StringIO.new
-    server = Wsv::Server.new(host: "fe80::1%eth0", port: 8000, root: @dir, out: out, err: StringIO.new)
-    server.send(:log_startup)
+  def test_slow_client_does_not_block_other_clients
+    File.write(File.join(@dir, "x.txt"), "ok")
+    start_server(read_timeout: 5)
+
+    slow_socket = TCPSocket.open("127.0.0.1", @server.port)
+
+    started = Time.now
+    response = get("/x.txt")
+    elapsed = Time.now - started
 
-    assert_includes out.string, "http://[fe80::1%25eth0]:8000/"
+    assert_equal "200", response.code
+    assert_equal "ok", response.body
+    assert_operator elapsed, :<, 1.0, "request should not be serialized behind slow client"
+  ensure
+    slow_socket&.close
   end
 
   def test_accept_loop_survives_transient_accept_error
@@ -272,7 +293,7 @@ class ServerTest < Minitest::Test
 
   def test_serves_over_tls
     File.write(File.join(@dir, "x.txt"), "secret")
-    start_server(tls: build_ephemeral_tls)
+    start_server(tls: ephemeral_tls)
 
     response = Net::HTTP.start("127.0.0.1", @server.port, use_ssl: true,
                                                           verify_mode: OpenSSL::SSL::VERIFY_NONE) do |http|
@@ -283,36 +304,44 @@ class ServerTest < Minitest::Test
     assert_equal "secret", response.body
   end
 
-  def test_logs_https_scheme_when_tls_enabled
-    out = StringIO.new
-    @server = Wsv::Server.new(host: "127.0.0.1", port: 0, root: @dir,
-                              out: out, err: StringIO.new, tls: build_ephemeral_tls)
-    @server.send(:log_startup)
+  def test_unsupported_method
+    start_server
+
+    response = raw_request("POST / HTTP/1.1\r\nHost: 127.0.0.1\r\nContent-Length: 0\r\n\r\n")
 
-    assert_includes out.string, "https://"
+    assert_includes response, "HTTP/1.1 405 Method Not Allowed"
+    assert_includes response, "Allow: GET, HEAD"
   end
 
-  def test_warns_about_self_signed_cert
-    err = StringIO.new
-    @server = Wsv::Server.new(host: "127.0.0.1", port: 0, root: @dir,
-                              out: StringIO.new, err: err, tls: build_ephemeral_tls)
-    @server.send(:log_startup)
+  def test_emits_access_log_by_default
+    File.write(File.join(@dir, "ok.txt"), "hello")
+    out = StringIO.new
+    @server = Wsv::Server.new(host: "127.0.0.1", port: free_port, root: @dir, out: out, err: StringIO.new)
+    @thread = Thread.new { @server.start }
+    wait_until_ready
 
-    assert_includes err.string, "self-signed"
+    get("/ok.txt")
+
+    assert_includes out.string, %("GET /ok.txt HTTP/1.1" 200 5)
   end
 
-  def test_unsupported_method
-    start_server
+  def test_quiet_suppresses_access_log
+    File.write(File.join(@dir, "ok.txt"), "hello")
+    out = StringIO.new
+    @server = Wsv::Server.new(host: "127.0.0.1", port: free_port, root: @dir,
+                              out: out, err: StringIO.new, quiet: true)
+    @thread = Thread.new { @server.start }
+    wait_until_ready
+    baseline = out.string.dup
 
-    response = raw_request("POST / HTTP/1.1\r\nHost: 127.0.0.1\r\nContent-Length: 0\r\n\r\n")
+    get("/ok.txt")
 
-    assert_includes response, "HTTP/1.1 405 Method Not Allowed"
-    assert_includes response, "Allow: GET, HEAD"
+    assert_equal baseline, out.string
   end
 
   private
 
-  def start_server(read_timeout: Wsv::Server::DEFAULT_READ_TIMEOUT, tls: nil)
+  def start_server(read_timeout: Wsv::Server::DEFAULT_READ_TIMEOUT, tls: nil, cors: false)
     @server = Wsv::Server.new(
       host: "127.0.0.1",
       port: free_port,
@@ -320,39 +349,32 @@ class ServerTest < Minitest::Test
       out: StringIO.new,
       err: StringIO.new,
       read_timeout: read_timeout,
-      tls: tls
+      tls: tls,
+      cors: cors
     )
     @thread = Thread.new { @server.start }
     wait_until_ready
   end
 
+  # Wrap accept_loop so the very first call to @server.accept raises a
+  # transient error. Avoids redefining Server#start, which would silently
+  # drift if start grew new steps (open_in_browser, etc.).
   def inject_one_accept_error(server, error_class)
+    original_accept_loop = server.method(:accept_loop)
     fired = false
-    server.define_singleton_method(:start) do
-      @server = TCPServer.new(host, port)
-      original = @server.method(:accept)
+    server.define_singleton_method(:accept_loop) do
+      original_accept = @server.method(:accept)
       @server.define_singleton_method(:accept) do
         unless fired
           fired = true
           raise error_class, "injected"
         end
-        original.call
+        original_accept.call
       end
-      @running = true
-      log_startup
-      trap_signals
-      accept_loop
-    ensure
-      close
+      original_accept_loop.call
     end
   end
 
-  def build_ephemeral_tls
-    key = OpenSSL::PKey::RSA.new(2048)
-    cert = Wsv::TlsContext::SelfSignedCert.build(key)
-    Wsv::TlsContext.new(cert: cert, key: key, ephemeral: true)
-  end
-
   def free_port
     server = TCPServer.new("127.0.0.1", 0)
     server.addr[1]

data/test/sse_test.rb

@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+
+require_relative "test_helper"
+
+class SseBodyTest < Minitest::Test
+  def test_requires_a_block
+    assert_raises(ArgumentError) { Wsv::Response::SseBody.new }
+  end
+
+  def test_to_s_raises_not_implemented
+    body = Wsv::Response::SseBody.new { |io| io }
+    assert_raises(NotImplementedError) { body.to_s }
+  end
+
+  def test_bytesize_is_zero
+    body = Wsv::Response::SseBody.new { |io| io }
+
+    assert_equal 0, body.bytesize
+  end
+
+  def test_write_to_invokes_producer_with_io
+    received_io = nil
+    body = Wsv::Response::SseBody.new { |io| received_io = io }
+    buffer = StringIO.new
+    body.write_to(buffer)
+
+    assert_equal buffer, received_io
+  end
+
+  def test_producer_can_write_multiple_chunks
+    body = Wsv::Response::SseBody.new do |io|
+      io.write("data: hello\n\n")
+      io.write("data: world\n\n")
+    end
+    buffer = StringIO.new
+    body.write_to(buffer)
+
+    assert_equal "data: hello\n\ndata: world\n\n", buffer.string
+  end
+end
+
+class ResponseSseTest < Minitest::Test
+  def test_sse_helper_returns_response_with_sse_defaults
+    response = Wsv::Response.sse { |io| io }
+
+    assert_equal 200, response.status
+    assert_equal "text/event-stream; charset=utf-8", response.headers["Content-Type"]
+    assert_equal "no-cache", response.headers["Cache-Control"]
+    assert_equal "no", response.headers["X-Accel-Buffering"]
+  end
+
+  def test_sse_helper_allows_custom_status
+    response = Wsv::Response.sse(status: 503) { |io| io }
+
+    assert_equal 503, response.status
+  end
+
+  def test_sse_helper_merges_extra_headers
+    response = Wsv::Response.sse(headers: { "X-Custom" => "v" }) { |io| io }
+
+    assert_equal "v", response.headers["X-Custom"]
+    assert_equal "no-cache", response.headers["Cache-Control"]
+  end
+
+  def test_sse_helper_overrides_default_headers_when_supplied
+    response = Wsv::Response.sse(headers: { "Content-Type" => "application/x-ndjson" }) { |io| io }
+
+    assert_equal "application/x-ndjson", response.headers["Content-Type"]
+  end
+
+  def test_response_write_to_does_not_inject_content_length_for_sse
+    response = Wsv::Response.sse do |io|
+      io.write("data: hi\n\n")
+    end
+    buffer = StringIO.new
+    response.write_to(buffer)
+
+    refute_match(/^Content-Length:/i, buffer.string)
+    assert_match(%r{^Content-Type: text/event-stream}i, buffer.string)
+    assert_match(/data: hi\n\n\z/, buffer.string)
+  end
+
+  def test_bytesize_of_sse_response_is_zero
+    response = Wsv::Response.sse { |io| io }
+
+    assert_equal 0, response.bytesize
+  end
+end

data/test/test_helper.rb

@@ -7,3 +7,11 @@ require "fileutils"
 require "stringio"
 require "tmpdir"
 require "wsv"
+
+module TlsTestHelpers
+  def ephemeral_tls
+    key = OpenSSL::PKey::RSA.new(2048)
+    cert = Wsv::TlsContext::SelfSignedCert.build(key)
+    Wsv::TlsContext.new(cert: cert, key: key, ephemeral: true)
+  end
+end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: wsv
 version: !ruby/object:Gem::Version
-  version: 0.10.1
+  version: 0.12.0
 platform: ruby
 authors:
 - takahashim
 bindir: exe
 cert_chain: []
-date: 2026-05-07 00:00:00.000000000 Z
+date: 2026-05-16 00:00:00.000000000 Z
 dependencies: []
 description: 'wsv is a Ruby CLI that previews a directory over HTTP/HTTPS. Stdlib-only,
   no runtime dependencies. Defensive by design: blocks dotfiles, binds to loopback,
@@ -29,15 +29,19 @@ files:
 - lib/wsv/cors.rb
 - lib/wsv/mime_types.rb
 - lib/wsv/path_resolver.rb
+- lib/wsv/range_request.rb
 - lib/wsv/request.rb
 - lib/wsv/request/parser.rb
 - lib/wsv/request/too_large.rb
 - lib/wsv/response.rb
 - lib/wsv/response/file_body.rb
 - lib/wsv/response/file_builder.rb
+- lib/wsv/response/sse_body.rb
+- lib/wsv/response/sse_builder.rb
 - lib/wsv/response/string_body.rb
 - lib/wsv/response/text_builder.rb
 - lib/wsv/server.rb
+- lib/wsv/server/access_log.rb
 - lib/wsv/server/banner.rb
 - lib/wsv/server/browser_launcher.rb
 - lib/wsv/server/connection.rb
@@ -49,13 +53,19 @@ files:
 - lib/wsv/tls_context/resolver.rb
 - lib/wsv/tls_context/self_signed_cert.rb
 - lib/wsv/version.rb
+- test/access_log_test.rb
 - test/app_test.rb
+- test/banner_test.rb
 - test/browser_launcher_test.rb
 - test/cli_test.rb
+- test/cors_test.rb
+- test/custom_app_test.rb
 - test/path_resolver_test.rb
+- test/range_request_test.rb
 - test/request_test.rb
 - test/response_test.rb
 - test/server_test.rb
+- test/sse_test.rb
 - test/test_helper.rb
 - test/tls_context_test.rb
 - wsv.gemspec