remove Sinatra::Protection (part of Sinatra now)

sinatra-contrib/README.md

@@ -41,9 +41,6 @@ Currently included:
 
 * `sinatra/namespace`: Adds namespace support to Sinatra.
 
-* `sinatra/protection`: Sets up rack-protection to protect common attacks
-  against your application.
-
 * `sinatra/respond_with`: Choose action and/or template depending automatically
   depending on the incoming request. Adds helpers `respond_to` and
   `respond_with`.
@@ -100,13 +97,13 @@ A single extension (example: sinatra-content-for):
 ``` ruby
 require 'sinatra/base'
 require 'sinatra/content_for'
-require 'sinatra/protection'
+require 'sinatra/namespace'
 
 class MyApp < Sinatra::Base
   # Note: Some modules are extensions, some helpers, see the specific
   # documentation or the source
   helpers Sinatra::ContentFor
-  register Sinatra::Protection
+  register Sinatra::Namespace
 end
 ```
 

sinatra-contrib/lib/sinatra/contrib.rb

@@ -9,7 +9,6 @@ module Sinatra
     module Common
       register :ConfigFile
       register :Namespace
-      register :Protection
       register :RespondWith
 
       helpers :Capture

sinatra-contrib/lib/sinatra/protection.rb

@@ -1,53 +0,0 @@
-require 'sinatra/base'
-require 'rack/protection'
-
-module Sinatra
-
-  # = Sinatra::Protection
-  #
-  # Sets up {rack-protection}[https://github.com/rkh/rack-protection] to
-  # prevent common attacks against your application.
-  #
-  # == Usage
-  # The protection modes used can be configured by the +protection+ setting:
-  #
-  #   require 'sinatra'
-  #   require 'sinatra/protection'
-  #
-  #   set :protection, :except => :path_traversal
-  #
-  # There are a few, partly protection specific options you can set, too:
-  #
-  #   set :protection,
-  #     :reaction      => :deny,  # block malicious requests, alternative: :drop_session
-  #     :frame_options => :deny   # do not allow any embedding in frames (default: :sameorigin)
-  #     
-  # For more information, see rack-protection.
-  #
-  # === Classic Application
-  #
-  # As with any other extension, you have to register this one manually in a
-  # classic application:
-  #
-  #   require 'sinatra/base'
-  #   require 'sinatra/protection'
-  #
-  #   class MyApp < Sinatra::Base
-  #     register Sinatra::Protection
-  #   end
-  module Protection
-    def setup_default_middleware(builder)
-      super
-      if protection
-        options = protection == true ? {} : protection
-        builder.use Rack::Protection, options
-      end
-    end
-    
-    def self.registered(base)
-      base.enable :protection
-    end
-  end
-
-  register Sinatra::Namespace
-end

sinatra-contrib/spec/protection_spec.rb

@@ -1,45 +0,0 @@
-require 'backports'
-require_relative 'spec_helper'
-
-class MiddlewareTracker < Rack::Builder
-  def self.used
-    @used ||= []
-  end
-
-  def use(middleware, *)
-    MiddlewareTracker.used << middleware
-    super
-  end
-end
-
-describe Sinatra::Protection do
-  before do
-    Rack.send :remove_const, :Builder
-    Rack.const_set :Builder, MiddlewareTracker
-    MiddlewareTracker.used.clear
-  end
-
-  after do
-    Rack.send :remove_const, :Builder
-    Rack.const_set :Builder, MiddlewareTracker.superclass
-  end
-
-  it 'sets up Rack::Protection' do
-    Sinatra.new { register Sinatra::Protection }.new
-    MiddlewareTracker.used.should include(Rack::Protection)
-  end
-
-  it 'sets up Rack::Protection::PathTraversal by default' do
-    Sinatra.new { register Sinatra::Protection }.new
-    MiddlewareTracker.used.should include(Rack::Protection::PathTraversal)
-  end
-
-
-  it 'does not set up Rack::Protection::PathTraversal when disabling it' do
-    Sinatra.new do
-      register Sinatra::Protection
-      set :protection, :except => :path_traversal
-    end.new
-    MiddlewareTracker.used.should_not include(Rack::Protection::PathTraversal)
-  end
-end