Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rack 2.1 #305

Merged
merged 1 commit into from Jan 14, 2020
Merged

Rack 2.1 #305

merged 1 commit into from Jan 14, 2020

Conversation

@jodosha
Copy link
Member

jodosha commented Jan 14, 2020

Technical details

  • For Hanami::Action#unsafe_file_send the root was set to blank string to Hanami::Action::Rack::File, because we want to allow any file in the file system to be reachable. Starting from 2.1, Rack::File now tries to expand the given root. ::File.expand_path("") returns the current directory, usually the root of a project. But because we want to reach files outside of the project, we must set an explicit highest file system node in the hierarchy, so we pick UNIX root. Please note that this doesn't loose the security of this method, which is already unsafe, hence the name.

  • Rack body chunks, are expected to be String and not anymore objects that can be serialized to string. I had to change the specs where there was a Symbol passed to the body (e.g. self.body = format, where format is a symbol).

  • Cookies expiration is now set with Time#httpdate.

@jodosha jodosha added this to the v1.3.3 milestone Jan 14, 2020
@jodosha jodosha self-assigned this Jan 14, 2020
@jodosha jodosha merged commit 525d16e into master Jan 14, 2020
8 of 10 checks passed
8 of 10 checks passed
continuous-integration/travis-ci/pr The Travis CI build failed
Details
continuous-integration/travis-ci/push The Travis CI build failed
Details
ci/circleci: jruby-9.1 Your tests passed on CircleCI!
Details
ci/circleci: jruby-9.2 Your tests passed on CircleCI!
Details
ci/circleci: ruby-2.3 Your tests passed on CircleCI!
Details
ci/circleci: ruby-2.4 Your tests passed on CircleCI!
Details
ci/circleci: ruby-2.5 Your tests passed on CircleCI!
Details
ci/circleci: ruby-2.6 Your tests passed on CircleCI!
Details
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
@jodosha jodosha deleted the rack-210 branch Jan 14, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.