1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

* lib/webrick/cgi.rb (WEBrick::CGI::Socket#request_line): should

escape SCRIPT_NAME and PATH_INFO before being parsed as a URI.

* lib/webrick/httputils.rb (WEBrick::HTTPUtils#escape_path): add
  new method to escape URI path component.

* lib/webrick/ssl.rb (WEBrick::Config::SSL): the default value
  of :SSLEnable is false.

* test/webrick/{test_cgi.rb,webrick.cgi}: new file.

* test/webrick/utils.rb: require "webrick/https.h".


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7758 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
gotoyuzo 2005-01-10 06:29:58 +00:00
parent c744d6f62d
commit a9a02401a8
7 changed files with 100 additions and 6 deletions

View file

@ -1,3 +1,18 @@
Mon Jan 10 15:28:51 2005 GOTOU Yuuzou <gotoyuzo@notwork.org>
* lib/webrick/cgi.rb (WEBrick::CGI::Socket#request_line): should
escape SCRIPT_NAME and PATH_INFO before being parsed as a URI.
* lib/webrick/httputils.rb (WEBrick::HTTPUtils#escape_path): add
new method to escape URI path component.
* lib/webrick/ssl.rb (WEBrick::Config::SSL): the default value
of :SSLEnable is false.
* test/webrick/{test_cgi.rb,webrick.cgi}: new file.
* test/webrick/utils.rb: require "webrick/https.h".
Sun Jan 9 14:12:17 2005 Nobuyoshi Nakada <nobu@ruby-lang.org>
* io.c (rb_f_select): IO list could be altered. [ruby-dev:25312]

View file

@ -147,6 +147,7 @@ module WEBrick
if path_info = @env["PATH_INFO"]
url << path_info
end
url = WEBrick::HTTPUtils.escape_path(url)
if query_string = @env["QUERY_STRING"]
unless query_string.empty?
url << "?" << query_string

View file

@ -352,15 +352,18 @@ module WEBrick
unwise = '{}|\\^[]`'
nonascii = (0x80..0xff).collect{|c| c.chr }.join
module_function
def _make_regex(str) /([#{Regexp.escape(str)}])/n end
def _make_regex!(str) /([^#{Regexp.escape(str)}])/n end
def _escape(str, regex) str.gsub(regex){ "%%%02X" % $1[0] } end
def _unescape(str, regex) str.gsub(regex){ $1.hex.chr } end
module_function :_make_regex, :_escape, :_unescape
UNESCAPED = _make_regex(control+space+delims+unwise+nonascii)
UNESCAPED_FORM = _make_regex(reserved+control+delims+unwise+nonascii)
NONASCII = _make_regex(nonascii)
ESCAPED = /%([0-9a-fA-F]{2})/
UNESCAPED_PCHAR = _make_regex!(unreserved+":@&=+$,")
def escape(str)
_escape(str, UNESCAPED)
@ -380,12 +383,14 @@ module WEBrick
_unescape(str.gsub(/\+/, " "), ESCAPED)
end
def escape_path(str)
str.split("/").collect{|i|
_escape(i, UNESCAPED_PCHAR)
}.join("/")
end
def escape8bit(str)
_escape(str, NONASCII)
end
module_function :escape, :unescape, :escape_form, :unescape_form,
:escape8bit
end
end

View file

@ -14,7 +14,7 @@ module WEBrick
osslv = ::OpenSSL::OPENSSL_VERSION.split[1]
SSL = {
:ServerSoftware => "#{svrsoft} OpenSSL/#{osslv}",
:SSLEnable => true,
:SSLEnable => false,
:SSLCertificate => nil,
:SSLPrivateKey => nil,
:SSLClientCA => nil,

46
test/webrick/test_cgi.rb Normal file
View file

@ -0,0 +1,46 @@
require "webrick"
require File.join(File.dirname(__FILE__), "utils.rb")
require "test/unit"
begin
loadpath = $:.dup
$:.replace($: | [File.expand_path("../ruby", File.dirname(__FILE__))])
require 'envutil'
ensure
$:.replace(loadpath)
end
class TestWEBrickCGI < Test::Unit::TestCase
def test_cgi
accepted = started = stopped = 0
requested0 = requested1 = 0
config = {
:CGIInterpreter => EnvUtil.rubybin,
:DocumentRoot => File.dirname(__FILE__),
}
TestWEBrick.start_httpserver(config){|server, addr, port|
http = Net::HTTP.new(addr, port)
req = Net::HTTP::Get.new("/webrick.cgi")
http.request(req){|res| assert_equal("/webrick.cgi", res.body)}
req = Net::HTTP::Get.new("/webrick.cgi/path/info")
http.request(req){|res| assert_equal("/path/info", res.body)}
req = Net::HTTP::Get.new("/webrick.cgi/%3F%3F%3F?foo=bar")
http.request(req){|res| assert_equal("/???", res.body)}
req = Net::HTTP::Get.new("/webrick.cgi/%A4%DB%A4%B2/%A4%DB%A4%B2")
http.request(req){|res|
assert_equal("/\xA4\xDB\xA4\xB2/\xA4\xDB\xA4\xB2", res.body)}
req = Net::HTTP::Get.new("/webrick.cgi?a=1;a=2;b=x")
http.request(req){|res| assert_equal("a=1, a=2, b=x", res.body)}
req = Net::HTTP::Get.new("/webrick.cgi?a=1&a=2&b=x")
http.request(req){|res| assert_equal("a=1, a=2, b=x", res.body)}
req = Net::HTTP::Post.new("/webrick.cgi?a=x;a=y;b=1")
req["Content-Type"] = "application/x-www-form-urlencoded"
http.request(req, "a=1;a=2;b=x"){|res|
assert_equal("a=1, a=2, b=x", res.body)}
req = Net::HTTP::Post.new("/webrick.cgi?a=x&a=y&b=1")
req["Content-Type"] = "application/x-www-form-urlencoded"
http.request(req, "a=1&a=2&b=x"){|res|
assert_equal("a=1, a=2, b=x", res.body)}
}
end
end

View file

@ -1,4 +1,5 @@
require "webrick"
require "webrick/https"
require "webrick/httpproxy"
module TestWEBrick

26
test/webrick/webrick.cgi Normal file
View file

@ -0,0 +1,26 @@
#!ruby -d
require "webrick/cgi"
class TestApp < WEBrick::CGI
def do_GET(req, res)
res["content-type"] = "text/plain"
if p = req.path_info
res.body = p
elsif (q = req.query).size > 0
res.body = q.keys.sort.collect{|key|
q[key].list.sort.collect{|v|
"#{key}=#{v}"
}.join(", ")
}.join(", ")
else
res.body = req.script_name
end
end
def do_POST(req, res)
do_GET(req, res)
end
end
cgi = TestApp.new
cgi.start