Commit 9ae43ca7aabfac13528cb1b58fdc9d7f987cef72 to macournoyer's thin

9ae43ca
all branches
- libev
- master
- stable
all tags
- v0.8.2
- v0.8.1
- v0.7.1
- v0.7.0
- v0.6.3
- v0.6.2
- v0.6.1
- v0.6.0
- v0.5.3
- v0.5.2
comments

macournoyer / thin

Description:	A very fast & simple Ruby web server
Homepage:	http://code.macournoyer.com/thin/
Clone URL:	git://github.com/macournoyer/thin.git Give this clone URL to anyone. `git clone git://github.com/macournoyer/thin.git`
Search Repo:

Port mongrel r996 parser fix to accept some weird ie6 headers:

  accept '"' (double-quote), '<', and '>' characters in URLs

  Some broken web browsers don't properly escape ", <, and > 
  characters
  in URLs, however these URLs to occasionally legitimate and sometimes
  show up

macournoyer (author)

Wed Apr 02 17:20:55 -0700 2008

commit 9ae43ca7aabfac13528cb1b58fdc9d7f987cef72
tree 85c9b5303810db6057eb14ca18bff25263a71bca
parent dfb9dde6a75f83bb4617904bf15efa518f2431a1

ext/thin_parser/common.rl
ext/thin_parser/parser.c
spec/request/parser_spec.rb

ext/thin_parser/common.rl

0
@@ -11,11 +11,12 @@
0
   safe = ("$" | "-" | "_" | ".");
0
   extra = ("!" | "*" | "'" | "(" | ")" | ",");
0
   reserved = (";" | "/" | "?" | ":" | "@" | "&" | "=" | "+");
0
-  unsafe = (CTL | " " | "\"" | "#" | "%" | "<" | ">");
0
+  sorta_safe = ("\"" | "<" | ">");
0
+  unsafe = (CTL | " " | "#" | "%" | sorta_safe);
0
   national = any -- (alpha | digit | reserved | extra | safe | unsafe);
0
   unreserved = (alpha | digit | safe | extra | national);
0
   escape = ("%" xdigit xdigit);
0
-  uchar = (unreserved | escapee);
0
+  uchar = (unreserved | escape | sorta_safe);
0
   pchar = (uchar | ":" | "@" | "&" | "=" | "+");
0
   tspecials = ("(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\\" | "\"" | "/" | "[" | "]" | "?" | "=" | "{" | "}" | " " | "\t");
0

ext/thin_parser/parser.c

0
@@ -484,15 +484,11 @@
0
 #line 485 "parser.c"
0
   switch( (*p) ) {
0
     case 32: goto tr30;
0
+		case 35: goto st0;
0
     case 37: goto tr31;
0
-		case 60: goto st0;
0
-		case 62: goto st0;
0
     case 127: goto st0;
0
   }
0
-	if ( (*p) > 31 ) {
0
-		if ( 34 <= (*p) && (*p) <= 35 )
0
-			goto st0;
0
-	} else if ( (*p) >= 0 )
0
+	if ( 0 <= (*p) && (*p) <= 31 )
0
     goto st0;
0
   goto tr29;
0
 tr29:
0
0
0
0
@@ -503,18 +499,14 @@
0
   if ( ++p == pe )
0
     goto _out21;
0
 case 21:
0
-#line 507 "parser.c"
0
+#line 503 "parser.c"
0
   switch( (*p) ) {
0
     case 32: goto tr30;
0
+		case 35: goto st0;
0
     case 37: goto st22;
0
-		case 60: goto st0;
0
-		case 62: goto st0;
0
     case 127: goto st0;
0
   }
0
-	if ( (*p) > 31 ) {
0
-		if ( 34 <= (*p) && (*p) <= 35 )
0
-			goto st0;
0
-	} else if ( (*p) >= 0 )
0
+	if ( 0 <= (*p) && (*p) <= 31 )
0
     goto st0;
0
   goto st21;
0
 tr31:
0
@@ -525,7 +517,7 @@
0
   if ( ++p == pe )
0
     goto _out22;
0
 case 22:
0
-#line 529 "parser.c"
0
+#line 521 "parser.c"
0
   if ( (*p) < 65 ) {
0
     if ( 48 <= (*p) && (*p) <= 57 )
0
       goto st23;
0
@@ -556,7 +548,7 @@
0
   if ( ++p == pe )
0
     goto _out24;
0
 case 24:
0
-#line 560 "parser.c"
0
+#line 552 "parser.c"
0
   switch( (*p) ) {
0
     case 43: goto st24;
0
     case 58: goto st25;
0
0
0
@@ -581,14 +573,11 @@
0
   if ( ++p == pe )
0
     goto _out25;
0
 case 25:
0
-#line 585 "parser.c"
0
+#line 577 "parser.c"
0
   switch( (*p) ) {
0
     case 32: goto tr8;
0
-		case 34: goto st0;
0
     case 35: goto tr9;
0
     case 37: goto st26;
0
-		case 60: goto st0;
0
-		case 62: goto st0;
0
     case 127: goto st0;
0
   }
0
   if ( 0 <= (*p) && (*p) <= 31 )
0
0
0
@@ -628,15 +617,12 @@
0
   if ( ++p == pe )
0
     goto _out28;
0
 case 28:
0
-#line 632 "parser.c"
0
+#line 621 "parser.c"
0
   switch( (*p) ) {
0
     case 32: goto tr40;
0
-		case 34: goto st0;
0
     case 35: goto tr41;
0
     case 37: goto st29;
0
     case 59: goto tr43;
0
-		case 60: goto st0;
0
-		case 62: goto st0;
0
     case 63: goto tr44;
0
     case 127: goto st0;
0
   }
0
0
0
@@ -681,14 +667,11 @@
0
   if ( ++p == pe )
0
     goto _out31;
0
 case 31:
0
-#line 685 "parser.c"
0
+#line 671 "parser.c"
0
   switch( (*p) ) {
0
     case 32: goto tr8;
0
-		case 34: goto st0;
0
     case 35: goto tr9;
0
     case 37: goto st32;
0
-		case 60: goto st0;
0
-		case 62: goto st0;
0
     case 63: goto st34;
0
     case 127: goto st0;
0
   }
0
0
0
@@ -733,14 +716,11 @@
0
   if ( ++p == pe )
0
     goto _out34;
0
 case 34:
0
-#line 737 "parser.c"
0
+#line 720 "parser.c"
0
   switch( (*p) ) {
0
     case 32: goto tr51;
0
-		case 34: goto st0;
0
     case 35: goto tr52;
0
     case 37: goto tr53;
0
-		case 60: goto st0;
0
-		case 62: goto st0;
0
     case 127: goto st0;
0
   }
0
   if ( 0 <= (*p) && (*p) <= 31 )
0
0
0
@@ -754,14 +734,11 @@
0
   if ( ++p == pe )
0
     goto _out35;
0
 case 35:
0
-#line 758 "parser.c"
0
+#line 738 "parser.c"
0
   switch( (*p) ) {
0
     case 32: goto tr55;
0
-		case 34: goto st0;
0
     case 35: goto tr56;
0
     case 37: goto st36;
0
-		case 60: goto st0;
0
-		case 62: goto st0;
0
     case 127: goto st0;
0
   }
0
   if ( 0 <= (*p) && (*p) <= 31 )
0
@@ -775,7 +752,7 @@
0
   if ( ++p == pe )
0
     goto _out36;
0
 case 36:
0
-#line 779 "parser.c"
0
+#line 756 "parser.c"
0
   if ( (*p) < 65 ) {
0
     if ( 48 <= (*p) && (*p) <= 57 )
0
       goto st37;
0
@@ -1205,7 +1182,7 @@
0
   if(parser->body_start) {
0
     /* final \r\n combo encountered so stop right here */
0
     
0
-#line 1209 "parser.c"
0
+#line 1186 "parser.c"
0
 #line 130 "parser.rl"
0
     parser->nread++;
0
   }
0
@@ -1218,7 +1195,7 @@
0
   int cs = parser->cs;
0
 
0
   
0
-#line 1222 "parser.c"
0
+#line 1199 "parser.c"
0
 #line 141 "parser.rl"
0
 
0
   parser->cs = cs;

spec/request/parser_spec.rb

0
@@ -154,5 +154,23 @@
0
     request.body.read.should == 'aye'
0
   end
0
   
0
+  it "should parse ie6 urls" do
0
+    %w(/some/random/path"
0
+       /some/random/path>
0
+       /some/random/path<
0
+       /we/love/you/ie6?q=<"">
0
+       /url?<="&>="
0
+       /mal"formed"?
0
+    ).each do |path|
0
+      parser     = HttpParser.new
0
+      req        = {}
0
+      sorta_safe = %(GET #{path} HTTP/1.1\r\n\r\n)
0
+      nread      = parser.execute(req, sorta_safe, 0)
0
+
0
+      sorta_safe.size.should == nread
0
+      parser.should be_finished
0
+      parser.should_not have_error
0
+    end
0
+  end
0
 end

Comments

No one has commented yet.