Added tests to make sure URI fragment is stripped off of PATH_INFO an…

…d QUERY_STRING

This is not (yet) clearly documented in the PSGI spec, but the CGI
spec (RFC 3875) and existing web server stack including Apache
mod_cgi, mod_perl and nginx+fastcgi implementation shows that URI
fragment sent in an error from clients should not be included in the
PATH_INFO or QUERY_STRING, but should be in REQUEST_URI.

See also: https://github.com/miyagawa/Plack/issues/213

t/01simple.t

@@ -98,3 +98,52 @@ EOT
 %env = ();
 is(parse_http_request($req, \%env), -1, 'partially url-encoded');
 is_deeply(\%env, {});
+
+# dumb HTTP client: https://github.com/miyagawa/Plack/issues/213
+$req = <<"EOT";
+GET /a/b#c HTTP/1.0\r
+\r
+EOT
+%env = ();
+is(parse_http_request($req, \%env), length($req), 'URI fragment');
+is_deeply(\%env, {
+    SCRIPT_NAME => '',
+    PATH_INFO   => '/a/b',
+    REQUEST_METHOD => 'GET',
+    REQUEST_URI    => '/a/b#c',
+    QUERY_STRING   => '',
+    SCRIPT_NAME     => '',
+    SERVER_PROTOCOL => 'HTTP/1.0',
+});
+
+$req = <<"EOT";
+GET /a/b%23c HTTP/1.0\r
+\r
+EOT
+%env = ();
+is(parse_http_request($req, \%env), length($req), '%23 -> #');
+is_deeply(\%env, {
+    SCRIPT_NAME => '',
+    PATH_INFO   => '/a/b#c',
+    REQUEST_METHOD => 'GET',
+    REQUEST_URI    => '/a/b%23c',
+    QUERY_STRING   => '',
+    SCRIPT_NAME     => '',
+    SERVER_PROTOCOL => 'HTTP/1.0',
+});
+
+$req = <<"EOT";
+GET /a/b?c=d#e HTTP/1.0\r
+\r
+EOT
+%env = ();
+is(parse_http_request($req, \%env), length($req), 'URI fragment after query string');
+is_deeply(\%env, {
+    SCRIPT_NAME => '',
+    PATH_INFO   => '/a/b',
+    REQUEST_METHOD => 'GET',
+    REQUEST_URI    => '/a/b?c=d#e',
+    QUERY_STRING   => 'c=d',
+    SCRIPT_NAME     => '',
+    SERVER_PROTOCOL => 'HTTP/1.0',
+});