Граф коммитов

17 Коммитов

Автор SHA1 Сообщение Дата
Yusuke Endoh 0e75b2f2e6 [ruby/cgi] Prevent CRLF injection
Throw a RuntimeError if the HTTP response header contains CR or LF to
prevent HTTP response splitting.

https://hackerone.com/reports/1204695

https://github.com/ruby/cgi/commit/64c5045c0a
2022-11-22 02:00:11 +00:00
kazu fbd5cda6aa {lib,test}/cgi: Specify frozen_string_literal: true.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57652 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-02-18 05:52:16 +00:00
nobu e7440de279 test: use assert_include
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55757 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-07-26 13:02:33 +00:00
naruse 3e92b635fb Add frozen_string_literal: false for all files
When you change this to true, you may need to add more tests.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-16 05:07:31 +00:00
nobu 05c29680e5 fix env leaks
* lib/rubygems/test_case.rb (setup, teardown): fix
  environment variable change leaks.

* test/cgi/update_env.rb: ditto.

* test/rake/test_rake_application_options.rb (setup, teardown):
  ditto.

* test/rake/test_rake_file_utils.rb (setup, teardown): ditto.

* test/rubygems/test_gem_request.rb (setup): add https_proxy.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49950 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-03-12 14:57:33 +00:00
hsbt 556f805493 * test/cgi/test_cgi_core.rb: removed obsoleted condition for Ruby 1.8.
* test/cgi/test_cgi_header.rb: ditto.
* test/cgi/test_cgi_multipart.rb: ditto.
* test/cgi/test_cgi_tag_helper.rb: ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@47110 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-08-09 01:19:18 +00:00
xibbar 6837f3dc54 Sun Nov 4 20:41:28 2012 Takeyuki FUJIOKA <xibbar@ruby-lang.org>
* lib/cgi.rb, lib/cgi/*/rb: rename CGI#header to
    CGI#http_header,
    add  and update HTML5 tag generater.  [Bug #7110]
    Patch provided by Marcus Stollsteimer, thank you !

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37466 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-11-04 11:48:05 +00:00
naruse b3a4461df2 Suppress warnings.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36694 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-08-14 06:52:41 +00:00
sorah 2ab094ba4d * test/cgi/test_cgi_header.rb(test_cgi_header_nph): Validate date in
"Date:" header

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32423 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-06 13:13:09 +00:00
sorah 5738ab331e * test/cgi/test_cgi_header.rb(test_cgi_header_nph): Adding space after
comma.

* test/cgi/test_cgi_header.rb(test_cgi_header_nph): Remove variable
  `now`. Suppress warning.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32417 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-06 09:12:33 +00:00
sorah 453726f26a * test/cgi/test_cgi_header.rb(test_cgi_header_nph): Fix bug depends to
time. The test fails if time past 1 second in line 136-145

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32415 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-07-06 05:54:01 +00:00
naruse 10c73a7b44 Prevent timing failure.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29786 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-11-15 02:37:19 +00:00
yugui f2077294f1 * lib/rubygems/timer.rb: removed svn:executable.
* lib/rubygems/validator.rb: ditto
* test/cgi/test_cgi_modruby.rb: ditto
* test/cgi/test_cgi_multipart.rb: ditto
* test/cgi/test_cgi_session.rb: ditto: ditto
* test/cgi/testdata/file1.html: ditto
* test/cgi/testdata/small.png: ditto
* test/cgi/testdata/large.png: ditto
* test/cgi/test_cgi_core.rb: ditto
* test/cgi/test_cgi_header.rb: ditto
* test/cgi/test_cgi_cookie.rb: ditto
* test/cgi/test_cgi_tag_helper.rb: ditto



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20215 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-11-11 15:09:21 +00:00
xibbar 0f6375be69 * test/cgi/test_cgi_multipart.rb : revert last change.
( deprecated is assert_raises. )
* test/cgi/test_cgi_core.rb      : ditto.
* test/cgi/test_cgi_header.rb    : ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19531 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-09-24 14:43:05 +00:00
xibbar 2798319088 * test/cgi/test_cgi_multipart.rb : test for miniunit.
* test/cgi/test_cgi_core.rb      : ditto.
* test/cgi/test_cgi_header.rb    : ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19516 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-09-24 06:25:44 +00:00
xibbar 49f69c3f2e * lib/cgi/core.rb: performance improvement.
From CGIAlt http://cgialt.rubyforge.org/

* test/cgi/test_cgi_header.rb: exception class fixed.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19386 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-09-16 13:30:05 +00:00
naruse f30670001b * test/cgi/test_cgi_header.rb: add test for CGI::Header.
Patch by Takeyuki Fujioka. [ruby-dev:36010] [ruby-dev:36011]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@18888 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-08-28 00:19:26 +00:00