Yusuke Endoh
0e75b2f2e6
[ruby/cgi] Prevent CRLF injection
...
Throw a RuntimeError if the HTTP response header contains CR or LF to
prevent HTTP response splitting.
https://hackerone.com/reports/1204695
https://github.com/ruby/cgi/commit/64c5045c0a
2022-11-22 02:00:11 +00:00
kazu
fbd5cda6aa
{lib,test}/cgi: Specify frozen_string_literal: true.
...
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57652 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-02-18 05:52:16 +00:00
nobu
e7440de279
test: use assert_include
...
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55757 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-07-26 13:02:33 +00:00
naruse
3e92b635fb
Add frozen_string_literal: false for all files
...
When you change this to true, you may need to add more tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-16 05:07:31 +00:00
nobu
05c29680e5
fix env leaks
...
* lib/rubygems/test_case.rb (setup, teardown): fix
environment variable change leaks.
* test/cgi/update_env.rb: ditto.
* test/rake/test_rake_application_options.rb (setup, teardown):
ditto.
* test/rake/test_rake_file_utils.rb (setup, teardown): ditto.
* test/rubygems/test_gem_request.rb (setup): add https_proxy.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49950 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-03-12 14:57:33 +00:00
hsbt
556f805493
* test/cgi/test_cgi_core.rb: removed obsoleted condition for Ruby 1.8.
...
* test/cgi/test_cgi_header.rb: ditto.
* test/cgi/test_cgi_multipart.rb: ditto.
* test/cgi/test_cgi_tag_helper.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@47110 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-08-09 01:19:18 +00:00
xibbar
6837f3dc54
Sun Nov 4 20:41:28 2012 Takeyuki FUJIOKA <xibbar@ruby-lang.org>
...
* lib/cgi.rb, lib/cgi/*/rb: rename CGI#header to
CGI#http_header,
add and update HTML5 tag generater. [Bug #7110 ]
Patch provided by Marcus Stollsteimer, thank you !
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37466 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-11-04 11:48:05 +00:00
naruse
b3a4461df2
Suppress warnings.
...
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36694 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-08-14 06:52:41 +00:00
sorah
2ab094ba4d
* test/cgi/test_cgi_header.rb(test_cgi_header_nph): Validate date in
...
"Date:" header
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32423 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-06 13:13:09 +00:00
sorah
5738ab331e
* test/cgi/test_cgi_header.rb(test_cgi_header_nph): Adding space after
...
comma.
* test/cgi/test_cgi_header.rb(test_cgi_header_nph): Remove variable
`now`. Suppress warning.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32417 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-06 09:12:33 +00:00
sorah
453726f26a
* test/cgi/test_cgi_header.rb(test_cgi_header_nph): Fix bug depends to
...
time. The test fails if time past 1 second in line 136-145
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32415 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-06 05:54:01 +00:00
naruse
10c73a7b44
Prevent timing failure.
...
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29786 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-11-15 02:37:19 +00:00
yugui
f2077294f1
* lib/rubygems/timer.rb: removed svn:executable.
...
* lib/rubygems/validator.rb: ditto
* test/cgi/test_cgi_modruby.rb: ditto
* test/cgi/test_cgi_multipart.rb: ditto
* test/cgi/test_cgi_session.rb: ditto: ditto
* test/cgi/testdata/file1.html: ditto
* test/cgi/testdata/small.png: ditto
* test/cgi/testdata/large.png: ditto
* test/cgi/test_cgi_core.rb: ditto
* test/cgi/test_cgi_header.rb: ditto
* test/cgi/test_cgi_cookie.rb: ditto
* test/cgi/test_cgi_tag_helper.rb: ditto
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20215 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-11-11 15:09:21 +00:00
xibbar
0f6375be69
* test/cgi/test_cgi_multipart.rb : revert last change.
...
( deprecated is assert_raises. )
* test/cgi/test_cgi_core.rb : ditto.
* test/cgi/test_cgi_header.rb : ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19531 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-09-24 14:43:05 +00:00
xibbar
2798319088
* test/cgi/test_cgi_multipart.rb : test for miniunit.
...
* test/cgi/test_cgi_core.rb : ditto.
* test/cgi/test_cgi_header.rb : ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19516 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-09-24 06:25:44 +00:00
xibbar
49f69c3f2e
* lib/cgi/core.rb: performance improvement.
...
From CGIAlt http://cgialt.rubyforge.org/
* test/cgi/test_cgi_header.rb: exception class fixed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19386 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-09-16 13:30:05 +00:00
naruse
f30670001b
* test/cgi/test_cgi_header.rb: add test for CGI::Header.
...
Patch by Takeyuki Fujioka. [ruby-dev:36010] [ruby-dev:36011]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18888 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-08-28 00:19:26 +00:00