length to 2083. This is from Internet Explorer's max uri
length. http://support.microsoft.com/kb/208427 [ruby-core:32924]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29617 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
method for generating HTTP/1.1 100 continue response if the client
expects it, otherwise does nothing. Patch by Brian Candler.
ref #855.
* test/webrick/test_httprequest.rb: test added.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29218 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpresponse.rb (WEBrick::HTTPResponse#set_error):
Fix for possible cross-site scripting (CVE-2010-0541).
Found by Apple, reported by Hideki Yamane.
Patch by Hirokazu Nishio <nishio.hirokazu AT gmail.com>.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29002 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
rollup leading slashes. [ruby-core:31657]
patched by Jamison Wilde
NOTE: //authority/path is valid relative URI both RFC2396 and
RFC3986. So when give a relative URI-like string to URI lib,
users must care leading slashes.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28945 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merged r28784 from ruby_1_8: wrongly created dummy SSL certificate
with version == 3 (no such version) and serial == 0 (must be >0).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28803 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(prevent_directory_traversal): apply filesystem encoding to path
only during calling File.expand_path. [ruby-dev:41423]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28354 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(WEBrick::HTTPServlet::CGIHandler#do_GET):
set binary mode for tempfile.
http://pc12.2ch.net/test/read.cgi/tech/1265467681/286
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26887 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
use possessive match for path retrieval to avoid huge recursion
for insanely long path.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20244 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
reduce backtrack. based on a fix by Christian Neukirchen
<chneukirchen AT gmail.com>.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18220 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Set the HTTP status code to 302 if a Location header field is
present and the status code is not valid as a client
redirection. cf. RFC 3875 6.2.3, 6.2.4.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16662 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
name in path_info to prevent script disclosure vulnerability on
DOSISH filesystems. (fix: CVE-2008-1891)
Note: NTFS/FAT filesystem should not be published by the platforms
other than Windows. Pathname interpretation (including short
filename) is less than perfect.
* lib/webrick/httpservlet/abstract.rb
(WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
should escape the value of Location: header.
* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
command line arguments.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
separators in path_info to prevent directory traversal
attacks on DOSISH platforms.
reported by Digital Security Research Group [DSECRG-08-026].
* lib/webrick/httpservlet/filehandler.rb: pathnames which have
not to be published should be checked case-insensitively.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15676 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
WEBrick::HTTPRequest#{host,port,request_uri} is derived having
regards to X-Forwarded-Proto and X-Forwarded-Host.
* lib/webrick/httprequest.rb
(WEBrick::HTTPRequest#server_name?): new method.
(WEBrick::HTTPRequest#remote_ip?): new method.
(WEBrick::HTTPRequest#ssl?): new method.
* string.c (rb_enc_cr_str_buf_cat): fix self appending.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14968 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
call do_XXX which corespond with request method.
(WEBrick::HTTPProxyServer#do_CONNECT,do_GET,do_POST,do_HEAD): added.
* test/webrick/test_httpproxy.rb: add test for WEBrick::HTTPProxyServer.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14816 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
should rescue Errno::EINVAL from TCPServer#accept. this exception
might occur if the server socket is not in ready to listen.
* lib/webrick/server.rb (WEBrick::GenericServer#accept_client):
don't call TCPServer#close if the :ShutdownSocketWithoutClose is set.
* lib/webrick/config.rb (WEBrick::Config::General): add new parameter
:ShutdownSocketWithoutClose.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14306 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
test/rss/rss-assertions.rb, test/rss/test_atom.rb: use
pack/unpack("m") instead of base64 library.
* lib/webrick/httpproxy.rb: use delete("\n") instead of chomp/chop
because the result of pack("m") might be multi-line.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14303 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
header fields shold be read with maximum length. [ruby-talk:231745]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14260 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(WEBrick::HTTPAuth::Authenticator#check_scheme): auth-scheme must be
treated as a case-insensitive token according to RFC 2617 section 1.2.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12692 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpstatus.rb (WEBrick::HTTPStatus::EOFError): adapt
to new syntax.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12658 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Arrays could not be modified in its each block. [ruby-dev:30063]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@11472 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
HTTPUtils::parse_header() takes a string. [ruby-dev:29931]
* lib/webrick/httputils.rb (WEBrick::HTTPUtils::parse_header):
String does no longer have each method.
* lib/webrick/httputils.rb (WEBrick::HTTPUtils::parse_form_data):
ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@11321 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
method to parse multiple cookies per Set-Cookie header.
Thanks to Aaron Patterson <aaron_patterson at speakeasy.net>.
[ruby-core:08802]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10885 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
use String#ord to get ascii code from the one-character string.
[ruby-dev:28901]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10434 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
:InputBufferSize and :OutputBufferSize.
* lib/webrick/utils.rb (WEBrick::Utils.timeout): add new timeout
method. this implementation is expected to be compatible with
timeout.rb and faster than timeout.rb.
* lib/webrick/httprequest.rb (WEBrick::HTTPRequest#_read_data):
Timeout.timeout is replaced by WEBrick::Utils.timeout.
* lib/webrick/httprequest.rb: WEBrick::HTTPRequest::BUFSIZE is
replaced by config[:InputBufferSize].
* lib/webrick/httpresposne.rb: WEBrick::HTTPResponse::BUFSIZE is
replaced by config[:OutputBufferSize].
* lib/webrick/server.rb: get rid of unnecessary require.
* test/webrick/test_utils.rb: test for WEBrick::Utils.timeout.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10167 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(VisualC++6) so use -O2b2xg- if $(MSC_VER) < 1400. [ruby-core:7040]
* lib/webrick/httpservlet/filehandler.rb: fixed typo. (Kero van Gelder)
[ruby-core:7075]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(WEBrick::HTTPServlet::CGIHandler#do_GET): the value of Set-Cookie:
header field should be splited into each cookie. [ruby-Bugs:2199]
* lib/webrick/cookie.rb (WEBrick::Cookie.parse_set_cookie): new method
to parse the value of Set-Cookie: header field.
* test/webrick/test_cookie.rb, test/webrick/test_cgi.rb,
test/webrick/webrick.cgi: add some test for cookie.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9484 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
It is harmful to permit the access to ~/public_html by default.
suggested by Hiroyuki Iwatsuki.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9386 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
refer the value of QUERY_STRING. [ruby-list:41186]
* lib/webrick/httprequest.rb (WEBrick::HTTPRequest#query_string=):
add new method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9328 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
lib/webrick/httpserver.rb (HTTPServer#intialize),
lib/webrick/httpservlet/cgihandler.rb (CGIHandler#initialize),
lib/webrick/httpservlet/erbhandler.rb (ERBHandler#initialize),
lib/webrick/httpservlet/filehandler.rb(DefaultFileHandler#initialize):
super (called with no arguments) takes default value of optional
arguments. [ruby-dev:26743]
* lib/webrick/httputils.rb: add a media-type "text/html" for .xhtml.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8943 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
sockets should be non-blocking mode. [ruby-dev:26405]
* lib/webrick/utils.rb (WEBrick::Utils.set_non_blocking): new method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8767 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
mistook to merge the patch of [ruby-dev:26235] at
revision 1.11.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8744 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
break the loop if the socket reached to EOF. [ruby-talk:142285]
* lib/webrick/httpserver.rb (WEBrick::HTTPServer#run): send response
without reading the whole request body if keep-alive is diabled.
[experimental]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8540 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
ENV["REQUEST_URI"] is better to get correct Request-URI
than ENV["SCRIPT_NAME"] + ENV["PATH_INFO"]. [ruby-dev:26235]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8531 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
and WEBrick::CGI#config. these are necessary to use an instance of
WEBrick::CGI as the first argument of HTTPServlet#get_instance.
(suggested by Tatsuki Sugiura)
* lib/webrick/cgi.rb
(WEBrick::CGI#initalize): set a dummy to @config[:ServerSoftware]
if SERVER_SOFTWARE environment variable is not given.
(WEBrick::CGI#start): req.path_info must be a String.
(WEBrick::CGI::Socket#request_line): treat REQUEST_METHOD, PATH_INFO
and SCRIPT_NAME to run in console.
* lib/webrick/httputils.rb (WEBrick::HTTPUtils.escape_path): should
not use String#split("/"). it removes trailing empty path component.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8393 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
escape SCRIPT_NAME and PATH_INFO before being parsed as a URI.
* lib/webrick/httputils.rb (WEBrick::HTTPUtils#escape_path): add
new method to escape URI path component.
* lib/webrick/ssl.rb (WEBrick::Config::SSL): the default value
of :SSLEnable is false.
* test/webrick/{test_cgi.rb,webrick.cgi}: new file.
* test/webrick/utils.rb: require "webrick/https.h".
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7758 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
should delete trailing LF from the result of pack("m*").
* lib/webrick/httpproxy.rb (WEBrick::HTTPProxyServer#proxy_connect):
- should delete trailing LF from the result of pack("m*").
- clear Request-Line not to send the sesponse by HTTPServer#run.
* lib/webrick/httputils (WEBrick::HTTPUtils.parse_qvalues):
refine regexp (and change the name of a local variable).
* lib/webrick/server.rb (WEBrick::Daemon.start): prepared stdio
don't allow changing its mode.
* test/webrick/*, sample/webrick/httpproxy.rb: add new files.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7743 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
raise NotImplementedError if password is encrypted by digest
algorithms. This patch is contributed by sheepman. [ruby-list:40467]
* lib/webrick/httpauth/digestauth.rb
(WEBrick::HTTPAuth::DigestAuth#_authenticate): fix digest calculation.
This patch is contributed by sheepman. [ruby-list:40482]
* lib/webrick/{httpauth.rb,httpauth/basicauth.rb,httpproxy.rb}: use
pack/unpack-template char "m" instead of lib/base64.rb to do base64
encoding/decoding. fixed: [ruby-dev:25336]
* test/webrick/test_httpauth.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7708 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
lib/webrick/httpauth/{basicauth.rb,digestauth.rb}: use
pack/unpack-template char "m" instead of lib/base64.rb to do base64
encoding/decoding.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7593 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
should log about all accepted socket. [ruby-core:03962]
* lib/webrick/accesslog.rb (WEBrick::AccessLog#setup_params):
"%%" and "%u" are supported. [webricken:135]
* lib/webrick/httpservlet/filehandler.rb
(WEBrick::HTTPServlet::FileHandler#check_filename):
:NondisclosureName is acceptable if it is Enumerable.
* lib/webrick/config.rb (WEBrick::Config::FileHandler):
default value of :NondisclosureName is [".ht*", "*~"].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7566 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SecurityError. [ruby-dev:24970]
* lib/webrick/httpserver.rb (WEBrick::HTTPServer#run): should wait
for reading request till data arrive. [ruby-talk:121068]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7523 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
add WEBrick::Config::FileHandler[:AcceptableLanguages].
* lib/webrick/httpservlet/filehandler.rb
(WEBrick::HTTPServlet::FileHandler#set_filename): search files
having suffix of language-name which Accept-Language header field
includes if :AcceptableLanguages options is present.
* lib/webrick/httpservlet/filehandler.rb
(WEBrick::HTTPServlet::FileHandler#get_servlet): new method to
search servlet correspond to the suffix of filename.
* lib/webrick/httprequest.rb: add attributes access methods: accept,
accept_charset, accept_encoding, accept_language, content_length
and content_type.
* lib/webrick/httpresponse.rb: add attribute access methods:
content_length, content_length=, content_type and content_type=.
* lib/webrick/httputils.rb (WEBrick::HTTPUtils.mime_types):
use the second suffix to detect media type. (the first suffix
may be a language name.)
* lib/webrick/httputils.rb (WEBrick::HTTPUtils.parse_qvalues):
add method to parse Accept header field. it returns an Array of
values sorted by the qvalues.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7033 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
to request.user attribute.
* lib/webrick/httpservlet/filehandler.rb
(WEBrick::HTTPServlet::FileHandler#initialize): should expand
the pathname of document root directory.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6913 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(WEBrick::HTTPServlet::ERBHandler#do_GET): should select media type
by suffix of script filename.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6751 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
(WEBrick::HTTPServlet::CGIhandler#do_GET): set SystemRoot environment
variable to CGI process on Windows native platforms. [ruby-dev:23936]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6675 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
sort @virtual_hosts in address, port, host order.
* lib/webrick/httpserver.rb (WEBrick::HTTPServer#lookup_server):
hostname should not be match if :ServerAlias is not given.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5996 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
:DoNotReverseLookup.
* lib/webrick/server.rb (WEBrick::GenericServer#accept): call
do_not_reverse_lookup for each socket if :DoNotReverseLookup
is set. [ruby-code:02357]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5941 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
to :RequestCallback and add new option :ServerAlias.
* lib/webrick/httpserver.rb (WEBrick::HTTPServer#run): use
:RequestCallback and warn if :RequestHandler is in server's option.
* lib/webrick/httpserver.rb (WEBrick::HTTPServer#run): should print
error message for WEBrick::HTTPSataus::Error.
* lib/webrick/httpserver.rb (WEBrick::HTTPServer#lookup_server):
lookup for hostname from :ServerAlias if the req.host is not match
to :ServerName.
* lib/webrick/httpservlet.rb (WEBrick::HTTPServlet::CGIHandler#do_GET):
use $?.exitstatus and refine log message.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5917 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/cgi.rb (CGI::Socket): add check for existence of
OpenSSL module in all HTTPS related methods.
* lib/webrick/cgi.rb (CGI::Socket#cipher): should create similar
value to OpenSSL::SSLSocket#cipher.
* lib/webrick/httpresponse.rb (HTTPResponse#setup_header): should
set "connection: close" if @keep_alive is false.
* lib/webrick/https.rb (HTTPrequest#meta_vars): add supprt for
SSL_PROTOCOL, SSL_CIPHER_USEKEYSIZE and SSL_CIPHER_ALGKEYSIZE.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5254 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
HTTP_CONTENT_TYPE and HTTP_CONTENT_LENGTH.
* lib/webrick/https.rb (HTTPRequest#parse): should check presence
of cert() method to detect SSLSocket.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5221 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Exception to avoid unexpected aborting. [ruby-core:01853]
* lib/webrick/server.rb (GenericServer#start_thread): should check
that peeraddr isn't nil before printing.
* lib/webrick/httpresponse.rb (HTTPResponse#start_thread): should
rescue Exception to avoid unexpected aborting of thread.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5098 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
naruse
drbrain
nahi
shyouhei
mame
nobu
akr
matz
kazu
gotoyuzo
knu
ko1
ocean