* test/webrick/test_filehandler.rb (test_short_filename): pass
document root path to cmd.exe instead of chdir there, as cmd.exe
does not start on UNC path.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51238 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
on Windows 7), file name and permissions are strange (can access
by short file name and so on).
Simply skip on such tests on such FS. To detect strange FS, this
patch use a part of code `File.executable?(__FILE__)`.
Please correct them if there are better ways.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/webrick/test_filehandler.rb (test_script_disclosure): Alternate
Data Stream is available only on NTFS.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41525 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* test/webrick/test_filehandler.rb (test_short_filename): use backtick
to reap zombie, instead of leaving opened stream after reading.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41524 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
no guarantee of existance of RbConfig::CONFIG['LIBPATHENV'].
it only exists in Unix-like environments.
* test/webrick/test_filehandler.rb
(WEBrick::TestFileHandler#test_script_disclosure): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33772 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(WEBrick::TestFileHandler#test_short_filename): the cgi doesn't exist
on current directory.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31208 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
read real short filename by cmd because smb mounted files
have different naming convention.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31205 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
name in path_info to prevent script disclosure vulnerability on
DOSISH filesystems. (fix: CVE-2008-1891)
Note: NTFS/FAT filesystem should not be published by the platforms
other than Windows. Pathname interpretation (including short
filename) is less than perfect.
* lib/webrick/httpservlet/abstract.rb
(WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
should escape the value of Location: header.
* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
command line arguments.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
separators in path_info to prevent directory traversal
attacks on DOSISH platforms.
reported by Digital Security Research Group [DSECRG-08-026].
* lib/webrick/httpservlet/filehandler.rb: pathnames which have
not to be published should be checked case-insensitively.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15676 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(for constant reference).
* eval.c (rb_call0): use TMP_ALLOC() instead of allocating
a temporary array object.
* eval.c (eval): need not to protect $SAFE value.
[ruby-core:07177]
* error.c (Init_Exception): change NameError to direct subclass of
Exception so that default rescue do not handle it silently.
* struct.c (rb_struct_select): update RDoc description.
[ruby-core:7254]
* numeric.c (int_upto): return an enumerator if no block is
attached to the method.
* numeric.c (int_downto): ditto.
* numeric.c (int_dotimes): ditto.
* enum.c (enum_first): new method Enumerable#first to take first n
element from an enumerable.
* enum.c (enum_group_by): new method Enumerable#group_by that
groups enumerable values according to their block values.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9880 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
should delete trailing LF from the result of pack("m*").
* lib/webrick/httpproxy.rb (WEBrick::HTTPProxyServer#proxy_connect):
- should delete trailing LF from the result of pack("m*").
- clear Request-Line not to send the sesponse by HTTPServer#run.
* lib/webrick/httputils (WEBrick::HTTPUtils.parse_qvalues):
refine regexp (and change the name of a local variable).
* lib/webrick/server.rb (WEBrick::Daemon.start): prepared stdio
don't allow changing its mode.
* test/webrick/*, sample/webrick/httpproxy.rb: add new files.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7743 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
