Граф коммитов

203 Коммитов

Автор SHA1 Сообщение Дата
Jeremy Evans 957efa95cc [ruby/webrick] Allow empty POST and PUT requests without content length
RFC 7230 section 3.3.3 allows for this.

Fixes #30

https://github.com/ruby/webrick/commit/069e9b1908
2020-11-13 11:35:10 +09:00
Hiroshi SHIBATA 53acf6686a
Revert "[ruby/webrick] Add test for shutdown_pipe"
This reverts commit c06eab1329.
2020-09-25 07:54:01 +09:00
Hiroshi SHIBATA c5960d51d1
Revert "[ruby/webrick] Fix shutdown_pipe test issue"
This reverts commit b8fdd38b2e.
2020-09-25 07:33:25 +09:00
Hiroshi SHIBATA 757e185cee
Revert "[ruby/webrick] Allow empty POST and PUT requests without content length"
This reverts commit ed12019ce6.

  https://github.com/ruby/ruby/runs/1160423667?check_suite_focus=true#step:14:752
2020-09-24 22:20:02 +09:00
Hiroshi SHIBATA 588ac990ff
[ruby/webrick] Manually pick commit from upstream repo
Fix test when run with US-ASCII encoding

  f402aafb36
2020-09-24 21:41:11 +09:00
Jeremy Evans c12c7fea70 [ruby/webrick] Only run test_big_bodies test on Ruby 2.5+
It was added after Ruby 2.5, and it looks like it never ran correctly
on Ruby <2.5.

https://github.com/ruby/webrick/commit/65fb03cb6a
2020-09-24 21:34:41 +09:00
Jeremy Evans ed12019ce6 [ruby/webrick] Allow empty POST and PUT requests without content length
RFC 7230 section 3.3.3 allows for this.

Fixes #30

https://github.com/ruby/webrick/commit/069e9b1908
2020-09-24 21:34:07 +09:00
Jeremy Evans 0fe6461148 [ruby/webrick] Allow EPROTOTYPE error when writing junk to a socket
MacOS seems to raise this error in some cases.

https://github.com/ruby/webrick/commit/0f0c9f1e61
2020-09-24 21:33:16 +09:00
John W Higgins b8fdd38b2e [ruby/webrick] Fix shutdown_pipe test issue
https://github.com/ruby/webrick/commit/9676704c60
2020-09-24 21:32:14 +09:00
John W Higgins 4715a24dd2 [ruby/webrick] Ensure server port numbers are numeric and ensure they are stored as integers
https://github.com/ruby/webrick/commit/86ed621e11
2020-09-24 21:31:55 +09:00
John W Higgins c06eab1329 [ruby/webrick] Add test for shutdown_pipe
https://github.com/ruby/webrick/commit/1daacc1849
2020-09-24 21:31:35 +09:00
Jeremy Evans d969cf6059 [ruby/webrick] Do not use ensure in a block without begin
This syntax is not supported until Ruby 2.5, and Webrick still
targets Ruby 2.3+.

https://github.com/ruby/webrick/commit/fbe85b885f
2020-09-24 21:30:34 +09:00
Charles Oliver Nutter 46ba416a1f [ruby/webrick] Skip env-locale-sensitive CGI test on the "java" platform
JRuby's environment variables are provided by the Java Development
Kit's (JDK's) classes, which present them as a map from string to
string. In order to do this, those environment variable names and
values must be decoded into characters, which breaks any variables
that are intended to be "raw" bytes not necessarily decodable with
the default system encoding.

This issue is detailed in jruby/jruby#6248. The only solution on
the JRuby side will be to bypass the JDK environment variable API
and go directly to the native getenv/setenv system calls. This is
not likely to happen in the near future, due to the complexity of
such a change and the rarity of undecodable environment values.

The exclude here was added due to the Windows platform also having
a similar sensitivity to character encodings when working with
environment variables. It seems appropriate to expand this skip
to the "java" platform, as the root issue is largely the same.

https://github.com/ruby/webrick/commit/dc453e5c3c
2020-09-24 21:21:38 +09:00
Kazuhiro NISHIYAMA 61743f0c83
Add tests of nested multibyte path and DirectoryIndex 2020-06-22 17:31:07 +09:00
Kazuhiro NISHIYAMA 640e6c9be6
Use section sign instead of Hiragana Letter A
It can convert to Windows-1252and Windows-31J.

```
"\u00a7".encode("Windows-1252") #=> "\xA7"
"\u00a7".encode("Windows-31J")  #=> "\x{8198}"
```

https://github.com/ruby/ruby/runs/788357527?check_suite_focus=true#step:14:959
```
  1) Failure:
WEBrick::TestFileHandler#test_cjk_in_path [D:/a/ruby/ruby/src/test/webrick/utils.rb:72]:
exceptions on 2 threads:
webrick log start:
  [2020-06-19 14:49:38] ERROR Encoding::CompatibilityError: incompatible character encodings: ASCII-8BIT and Windows-1252
  	D:/a/ruby/ruby/src/lib/webrick/httpservlet/filehandler.rb:341:in `+'
  	D:/a/ruby/ruby/src/lib/webrick/httpservlet/filehandler.rb:341:in `set_filename'
  	D:/a/ruby/ruby/src/lib/webrick/httpservlet/filehandler.rb:310:in `exec_handler'
  	D:/a/ruby/ruby/src/lib/webrick/httpservlet/filehandler.rb:245:in `do_GET'
  	D:/a/ruby/ruby/src/lib/webrick/httpservlet/abstract.rb:105:in `service'
  	D:/a/ruby/ruby/src/lib/webrick/httpservlet/filehandler.rb:241:in `service'
  	D:/a/ruby/ruby/src/lib/webrick/httpserver.rb:140:in `service'
  	D:/a/ruby/ruby/src/lib/webrick/httpserver.rb:96:in `run'
  	D:/a/ruby/ruby/src/lib/webrick/server.rb:307:in `block in start_thread'
```
2020-06-20 00:17:07 +09:00
Kazuhiro NISHIYAMA 97c1782db6
Use filesystem encoding as FileHandler's encoding
instead of `@root.encoding`.
And fallback to ASCII-8BIT when filesystem encoding is US-ASCII.

When `@root.encoding` is not compatible filesystem encoding,
`Encoding::CompatibilityError` raised at `webrick/httpservlet/filehandler.rb:341`.
So `DocumentRoot` must be compatible with filesystem encoding.
2020-06-19 22:56:29 +09:00
Kazuhiro NISHIYAMA 6fe1919486
Fix failure on mswin CI
https://rubyci.org/logs/mswinci.japaneast.cloudapp.azure.com/vc12-x64/ruby-master/log/20200619T054159Z.fail.html.gz
```
  1) Failure:
WEBrick::TestFileHandler#test_cjk_in_path [D:/tmp/mswin-build20200619-14304-utgij/ruby/test/webrick/utils.rb:72]:
exceptions on 2 threads:
webrick log start:
  [2020-06-19 16:28:42] ERROR `/あ.txt' not found.

webrick log end
Filesystem encoding is Windows-31J.
<"200"> expected but was
<"404">.
---
<[]> expected but was
<["[2020-06-19 16:28:42] ERROR `/\xE3\x81\x82.txt' not found.\n"]>.
```

`prevent_directory_traversal` treats `path_info` as filesystem encoding.
So path_info should be filesystem encoding in request URL.

On some environments, fallback to ASCII-8BIT when EncodingError.
2020-06-19 20:13:22 +09:00
Yusuke Endoh 26c1cf6a60 test/webrick/test_httpresponse.rb: Use a longer indicator for crack
"hack" was too short.  The tests checks the error html, which includes
hostname.  GitHub Actions hostname seems randomly generated, and it may
include the indicator string.

https://github.com/ruby/ruby/runs/784896235
```
  1) Failure:
WEBrick::TestHTTPResponse#test_prevent_response_splitting_cookie_headers_cr [/home/runner/work/ruby/ruby/src/test/webrick/test_httpresponse.rb:71]:
Expected /hack/ to not match "HTTP/1.1 500 Internal Server Error\r\nContent-Type: text/html; charset=ISO-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0//EN\">\n<HTML>\n  <HEAD><TITLE>Internal Server Error</TITLE></HEAD>\n  <BODY>\n    <H1>Internal Server Error</H1>\n    WEBrick::HTTPResponse::InvalidHeader\n    <HR>\n    <ADDRESS>\n     WEBrick/1.6.0 (Ruby/2.8.0/2020-06-18) at\n     fv-az89.dddawhu1s14uzpjkiz5fhackre.cx.internal.cloudapp.net:80\n    </ADDRESS>\n  </BODY>\n</HTML>\n".
```

This change uses longer indicator "cracked_indicator_for_test" instead.
2020-06-19 00:57:18 +09:00
Yusuke Endoh 750203c514 lib/webrick/httpservlet/filehandler.rb: always handle a path as UTF-8
https://rubyci.org/logs/mswinci.japaneast.cloudapp.azure.com/vc12-x64/ruby-master/log/20200618T113134Z.fail.html.gz
```
  1) Failure:
WEBrick::TestFileHandler#test_cjk_in_path [D:/tmp/mswin-build20200618-84004-1t0dh8f/ruby/test/webrick/utils.rb:72]:
exceptions on 2 threads:
webrick log start:
  [2020-06-18 22:18:07] ERROR `/??.txt' not found.

webrick log end
Filesystem encoding is Windows-31J.
<"200"> expected but was
<"404">.
```
2020-06-18 23:43:48 +09:00
Nobuyoshi Nakada cf1ee151b1
Read in ASCII-8BIT to get rid of invalid encoding error 2020-06-18 11:36:21 +09:00
Yusuke Endoh 5755397064 test/webrick/test_filehandler.rb: implicitly fall back to UTF-8
https://ci.appveyor.com/project/ruby/ruby/builds/33588714/job/hcgin7xo3sarr0r2
```
  2) Failure:
WEBrick::TestFileHandler#test_cjk_in_path
[D:/a/ruby/ruby/src/test/webrick/utils.rb:72]:
exceptions on 1 threads:
U+3042 to WINDOWS-1252 in conversion from UTF-8 to WINDOWS-1252
```
2020-06-18 10:18:32 +09:00
Yusuke Endoh 82354afbf9 test/webrick/test_filehandler.rb: remove unused variable 2020-06-18 09:40:44 +09:00
Yusuke Endoh bed17974a1 test/webrick/test_filehandler.rb: no `.encode("filesystem")` if US-ASCII
http://ci.rvm.jp/logfiles/brlog.trunk-theap-asserts.20200618-002305
```
I, [2020-06-18T00:28:11.661066 #31625]  INFO -- :   1) Failure:
I, [2020-06-18T00:28:11.661157 #31625]  INFO -- : WEBrick::TestFileHandler#test_cjk_in_path [/tmp/ruby/v3/src/trunk-theap-asserts/test/webrick/utils.rb:72]:
I, [2020-06-18T00:28:11.661216 #31625]  INFO -- : exceptions on 1 threads:
I, [2020-06-18T00:28:11.661269 #31625]  INFO -- : U+3042 from UTF-8 to US-ASCII
```
2020-06-18 09:37:54 +09:00
Yusuke Endoh 2d817e0564 test/webrick/test_filehandler.rb: Second try to fix the CI error
93e6fa1d31 failed to fix the issue.
I suspect that the request path must be encoded as filesystem encoding.
2020-06-18 09:14:13 +09:00
Kazuhiro NISHIYAMA 7325bed2b4
Show filesystem encoding in failure message
`test_cjk_in_path` failed on mswinci yet.

https://rubyci.org/logs/mswinci.japaneast.cloudapp.azure.com/vc12-x64/ruby-master/log/20200616T192319Z.fail.html.gz
```
  1) Failure:
WEBrick::TestFileHandler#test_cjk_in_path [D:/tmp/mswin-build20200617-120024-1brdn58/ruby/test/webrick/utils.rb:72]:
exceptions on 2 threads:
webrick log start:
  [2020-06-17 06:12:53] ERROR `/あ.txt' not found.

webrick log end.
<"200"> expected but was
<"404">.
---
<[]> expected but was
<["[2020-06-17 06:12:53] ERROR `/\xE3\x81\x82.txt' not found.\n"]>.
```
2020-06-17 12:08:34 +09:00
Kazuhiro NISHIYAMA e698bf1a7f [ruby/webrick] Fix httpd error in CJK directory
[Bug #16753]

https://github.com/ruby/webrick/commit/83cf440858
2020-06-11 13:38:32 +09:00
Koichi Sasada cb681c20c0 restore server[:DocumentRootOptions] setting.
Surprisingly (at least for me), `server[:DocumentRootOptions]`
on Webrick is global information and it affect the result of
test_short_filename. Random order test fails because of global
information change. I doubt it is bug, but to fix random order
test, I restore the value.
2020-02-29 00:43:41 +09:00
S-H-GAMELINKS 572d9b93bb support multi-run test for test/webrick/test_filehandler.rb 2020-02-13 10:37:40 +09:00
Nobuyoshi Nakada 5e9f08647c [ruby/webrick] Check the feature by itself, instead of the version number
https://github.com/ruby/webrick/commit/79d7922de9
2019-11-30 17:52:05 +09:00
Jeremy Evans a98632d5c2 [ruby/webrick] Enabled chunked encoding if Transfer-Encoding: chunked header is set
Patch from Leonard Garvey.

Fixes Ruby Bug 9986.

https://github.com/ruby/webrick/commit/8cff7f3995
2019-11-30 17:50:13 +09:00
Jeremy Evans c75100d004 [ruby/webrick] Allow WEBrick::HTTPServlet::CGIHandler :CGIInterpreter option to be array
This way you don't need to escape each entry.

Implements Ruby Feature 15170.

https://github.com/ruby/webrick/commit/d8086e600c
2019-11-30 17:48:15 +09:00
Jeremy Evans c28d50a753 [ruby/webrick] Support literal IPv6 addresses in X-Forwarded-Host
https://github.com/ruby/webrick/commit/6b6990ec81
2019-10-24 19:47:20 +09:00
Jeremy Evans 37c266aa57 [ruby/webrick] Remove the squishing of whitespace in header values
While the stripping of header values is required by RFC 2616 4.2 and
RFC 7230 3.2.4, the squishing is not and can break things, such as
when one header contains an HMAC of another header.

Fixes Ruby Bug 7021.

https://github.com/ruby/webrick/commit/8b96088a86
2019-10-24 19:47:10 +09:00
thekuwayama f0452574b1 [ruby/webrick] after ruby-2.6.0, set Net::HTTP#write_timeout
https://github.com/ruby/webrick/commit/3b51f6b4d2
2019-10-24 19:46:01 +09:00
Yusuke Endoh 3ce238b5f9 WEBrick: prevent response splitting and header injection
This is a follow up to d9d4a28f1c.
The commit prevented CRLR, but did not address an isolated CR or an
isolated LF.

Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
2019-10-01 19:19:56 +09:00
Nobuyoshi Nakada 36e057e26e Loop with String#scan without creating substrings
Create the substrings necessary parts only, instead of cutting the
rest of the buffer.  Also removed a useless, probable typo, regexp.
2019-10-01 19:19:56 +09:00
Nobuyoshi Nakada d29bccb39b
Adjust indent [ci skip] 2019-08-11 00:44:13 +09:00
Hiroshi SHIBATA b39efb163d
Aliases capture_output to capture_io for test-unit compatiblity. 2019-08-08 17:19:23 +09:00
Tanaka Akira d34303ad10 remove an unused variable. 2019-07-11 13:04:07 +09:00
Tanaka Akira 50d85436f8 WEBrick::HTTPResponse create tempfile if required.
WEBrick::HTTPProxyServer implementes HTTP proxy using
WEBrick and Net::HTTP.
WEBrick accepts HTTP/1.0 clients and
Net::HTTP uses always HTTP/1.1.

However HTTP/1.1 supports chunked transfer coding HTTP/1.0 doesn't.

Chunked transfer coding doesn't require that
content-length before the content is sent.
But non-chunked transfer coding require content-length before
the content is sent.

So, when HTTP/1.0 clients connects WEBrick::HTTPProxyServer and
origin server returns chunked response,
WEBrick::HTTPProxyServer needs to store whole content to
know the length of it.

This patch do it using tempfile.
2019-07-11 09:18:41 +09:00
masakazutakewaka edbad4adcc httpstatus.rb 100% coverage 2019-06-24 10:12:07 +09:00
Nobuyoshi Nakada 11a60f9bdb Remove extraneous spaces at the end of status line
Remove extraneous spaces after the status code that is
non-compliant with RFC, i.e `HTTP 200 OK `, to unnecessary
confusion for WEBrick users, by a risk that WEBrick instances in
the wild will have server responses flagged as suspicious or
malicious due to a similar bug in [Cobalt Strike
misconfiguration].

Reported by Matt Tennis <mtennis@paloaltonetworks.com>

[Cobalt Strike misconfiguration]: https://blog.fox-it.com/2019/02/26/identifying-cobalt-strike-team-servers-in-the-wild/
2019-06-24 10:11:47 +09:00
Yusuke Endoh 56d595198b test/webrick/test_ssl_server.rb: Use EnvUtil.timeout for timeout scale factor
https://rubyci.org/logs/rubyci.s3.amazonaws.com/scw-9d6766/ruby-master/log/20190613T091708Z.fail.html.gz
https://rubyci.org/logs/rubyci.s3.amazonaws.com/scw-9d6766/ruby-master/log/20190612T011708Z.fail.html.gz
https://rubyci.org/logs/rubyci.s3.amazonaws.com/scw-9d6766/ruby-master/log/20190611T211707Z.fail.html.gz
https://rubyci.org/logs/rubyci.s3.amazonaws.com/scw-9d6766/ruby-master/log/20190604T171708Z.fail.html.gz
https://rubyci.org/logs/rubyci.s3.amazonaws.com/scw-9d6766/ruby-master/log/20190529T091707Z.fail.html.gz
https://rubyci.org/logs/rubyci.s3.amazonaws.com/scw-9d6766/ruby-master/log/20190528T031708Z.fail.html.gz
2019-06-13 23:04:41 +09:00
Yusuke Endoh 9f941f61ef test/webrick/test_filehandler.rb: extend the timeout for Solaris CI
https://rubyci.org/logs/rubyci.s3.amazonaws.com/unstable10s/ruby-master/log/20190602T031908Z.fail.html.gz
2019-06-06 21:50:30 +09:00
Jeremy Evans 4b9869e7e0 Update String#crypt tests to work on OpenBSD
Skip the webrick httpauth tests that use crypt when testing on
OpenBSD.

Fixes [Bug #11363]
2019-06-01 10:50:06 -07:00
Hiroshi SHIBATA 9eecd7a2fd
Ignore warnings about ambiguous first argument of regexp with assert match. 2019-06-01 14:44:24 +03:00
hsbt 098ec6eb50 Added to check MJIT constant for the Ruby 2.3-2.5.
This commit picked from 2c13beca2c

  Co-authored-by: Colby Swandale <me@colby.fyi>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2019-03-11 10:09:48 +00:00
k0kubun b0b0ded5aa webrick/test_utils.rb: loosen timeout severity
to stabilize CI failure like:
https://rubyci.org/logs/rubyci.s3.amazonaws.com/osx1013/ruby-trunk/log/20181228T114501Z.fail.html.gz

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66616 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-12-28 14:18:05 +00:00
normal 4038d0137f webrick: add the ability to override res, req creation
So that a customized HTTPServer subclass can use it's own
Request/Response classes.

To apply the override, make a subclass of WEBrick::HTTPServer
and override the
`create_request_and_response(with_webrick_config)` method. The
method should return an Array of [request, response].

To check whether the Server supports this method (i.e. when
using older versions of WEBrick when needing this
functionality), you can ask the server if it responds to the
method

    server.respond_to?(:create_request_and_response)

This is backportable.

[ruby-core:69604] [Feature #11266]

From: Julik Tarkhanov <me@julik.nl>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66452 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-12-19 11:08:05 +00:00
normal a063f71a7c webrick: fix tests on Debian sid/unstable with OpenSSL 1.1.1a
OpenSSL complains abour our keys being small and weak :<
Make them big and strong with 2048-bit RSA keys and SHA256 digests

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-12-03 04:51:08 +00:00