Browse files

Unvendor Rack and add a workaround for the Ruby 1.9.1 tempfile bug. F…

…ixes issue #432.
  • Loading branch information...
1 parent 6fa2472 commit 681c216a1af1f9ca1aeae3fe2d80512158ceec67 @FooBarWidget FooBarWidget committed Dec 15, 2009
Showing with 41 additions and 5,897 deletions.
  1. +14 −0 NEWS
  2. +0 −1 Rakefile
  3. +1 −0 bin/passenger-install-apache2-module
  4. +1 −0 bin/passenger-install-nginx-module
  5. +4 −4 lib/phusion_passenger/rack/application_spawner.rb
  6. +2 −5 lib/phusion_passenger/rack/request_handler.rb
  7. +19 −3 {vendor/rack-1.0.0-git/lib/rack → lib/phusion_passenger/utils}/rewindable_input.rb
  8. +0 −13 vendor/README
  9. +0 −1 vendor/README_FOR_PACKAGERS
  10. +0 −18 vendor/rack-1.0.0-git/COPYING
  11. +0 −18 vendor/rack-1.0.0-git/KNOWN-ISSUES
  12. +0 −353 vendor/rack-1.0.0-git/README
  13. +0 −164 vendor/rack-1.0.0-git/Rakefile
  14. +0 −90 vendor/rack-1.0.0-git/lib/rack.rb
  15. +0 −22 vendor/rack-1.0.0-git/lib/rack/adapter/camping.rb
  16. +0 −37 vendor/rack-1.0.0-git/lib/rack/auth/abstract/handler.rb
  17. +0 −37 vendor/rack-1.0.0-git/lib/rack/auth/abstract/request.rb
  18. +0 −58 vendor/rack-1.0.0-git/lib/rack/auth/basic.rb
  19. +0 −124 vendor/rack-1.0.0-git/lib/rack/auth/digest/md5.rb
  20. +0 −51 vendor/rack-1.0.0-git/lib/rack/auth/digest/nonce.rb
  21. +0 −55 vendor/rack-1.0.0-git/lib/rack/auth/digest/params.rb
  22. +0 −40 vendor/rack-1.0.0-git/lib/rack/auth/digest/request.rb
  23. +0 −487 vendor/rack-1.0.0-git/lib/rack/auth/openid.rb
  24. +0 −63 vendor/rack-1.0.0-git/lib/rack/builder.rb
  25. +0 −41 vendor/rack-1.0.0-git/lib/rack/cascade.rb
  26. +0 −49 vendor/rack-1.0.0-git/lib/rack/chunked.rb
  27. +0 −52 vendor/rack-1.0.0-git/lib/rack/commonlogger.rb
  28. +0 −47 vendor/rack-1.0.0-git/lib/rack/conditionalget.rb
  29. +0 −29 vendor/rack-1.0.0-git/lib/rack/content_length.rb
  30. +0 −23 vendor/rack-1.0.0-git/lib/rack/content_type.rb
  31. +0 −96 vendor/rack-1.0.0-git/lib/rack/deflater.rb
  32. +0 −153 vendor/rack-1.0.0-git/lib/rack/directory.rb
  33. +0 −88 vendor/rack-1.0.0-git/lib/rack/file.rb
  34. +0 −69 vendor/rack-1.0.0-git/lib/rack/handler.rb
  35. +0 −61 vendor/rack-1.0.0-git/lib/rack/handler/cgi.rb
  36. +0 −8 vendor/rack-1.0.0-git/lib/rack/handler/evented_mongrel.rb
  37. +0 −88 vendor/rack-1.0.0-git/lib/rack/handler/fastcgi.rb
  38. +0 −55 vendor/rack-1.0.0-git/lib/rack/handler/lsws.rb
  39. +0 −84 vendor/rack-1.0.0-git/lib/rack/handler/mongrel.rb
  40. +0 −59 vendor/rack-1.0.0-git/lib/rack/handler/scgi.rb
  41. +0 −8 vendor/rack-1.0.0-git/lib/rack/handler/swiftiplied_mongrel.rb
  42. +0 −18 vendor/rack-1.0.0-git/lib/rack/handler/thin.rb
  43. +0 −67 vendor/rack-1.0.0-git/lib/rack/handler/webrick.rb
  44. +0 −19 vendor/rack-1.0.0-git/lib/rack/head.rb
  45. +0 −537 vendor/rack-1.0.0-git/lib/rack/lint.rb
  46. +0 −65 vendor/rack-1.0.0-git/lib/rack/lobster.rb
  47. +0 −16 vendor/rack-1.0.0-git/lib/rack/lock.rb
  48. +0 −27 vendor/rack-1.0.0-git/lib/rack/methodoverride.rb
  49. +0 −204 vendor/rack-1.0.0-git/lib/rack/mime.rb
  50. +0 −184 vendor/rack-1.0.0-git/lib/rack/mock.rb
  51. +0 −57 vendor/rack-1.0.0-git/lib/rack/recursive.rb
  52. +0 −106 vendor/rack-1.0.0-git/lib/rack/reloader.rb
  53. +0 −248 vendor/rack-1.0.0-git/lib/rack/request.rb
  54. +0 −183 vendor/rack-1.0.0-git/lib/rack/response.rb
  55. +0 −142 vendor/rack-1.0.0-git/lib/rack/session/abstract/id.rb
  56. +0 −91 vendor/rack-1.0.0-git/lib/rack/session/cookie.rb
  57. +0 −109 vendor/rack-1.0.0-git/lib/rack/session/memcache.rb
  58. +0 −100 vendor/rack-1.0.0-git/lib/rack/session/pool.rb
  59. +0 −349 vendor/rack-1.0.0-git/lib/rack/showexceptions.rb
  60. +0 −106 vendor/rack-1.0.0-git/lib/rack/showstatus.rb
  61. +0 −38 vendor/rack-1.0.0-git/lib/rack/static.rb
  62. +0 −55 vendor/rack-1.0.0-git/lib/rack/urlmap.rb
  63. +0 −522 vendor/rack-1.0.0-git/lib/rack/utils.rb
View
14 NEWS
@@ -20,6 +20,20 @@ Release 2.2.8
This fixes issue #427.
* Fixed compilation problems on Linux running on the Renesas SH4 CPU.
Patch contributed by iwamatsu: issue #428.
+ * The Rack library has been unvendored.
+ The original reason for vendoring was to work around broken Rails
+ applications that explicitly specify Rack as a gem dependency. We've
+ found a better workaround that does not require vendoring Rack.
+ Issue #432.
+ * Fixed compatibility with Ruby 1.9.1 patchlevel >= 152
+ Ruby 1.9.1 patchlevel >= 152 has a bug in its tempfile library. If you've
+ seen an error message along the lines of
+
+ *** Exception IOError in Passenger RequestHandler (closed stream)
+
+ then this is a Ruby bug at work. This bug has been fixed in Ruby 1.9.2,
+ but Ruby 1.9.1 still contains this bug. We've added a workaround so that
+ the bug is not triggered with this Ruby version. Issue #432.
Release 2.2.7
View
1 Rakefile
@@ -699,7 +699,6 @@ spec = Gem::Specification.new do |s|
'benchmark/*.{cpp,rb}',
'misc/*',
'misc/*/*',
- 'vendor/**/*',
'test/*.{rb,cpp,example}',
'test/support/*.{cpp,h,rb}',
'test/oxt/*.cpp',
View
1 bin/passenger-install-apache2-module
@@ -48,6 +48,7 @@ class Installer < PhusionPassenger::AbstractInstaller
Dependencies::Ruby_OpenSSL,
Dependencies::RubyGems,
Dependencies::Rake,
+ Dependencies::Rack,
Dependencies::Apache2,
Dependencies::Apache2_DevHeaders
]
View
1 bin/passenger-install-nginx-module
@@ -45,6 +45,7 @@ class Installer < PhusionPassenger::AbstractInstaller
Dependencies::Ruby_OpenSSL,
Dependencies::RubyGems,
Dependencies::Rake,
+ Dependencies::Rack,
Dependencies::OpenSSL_Dev,
Dependencies::Zlib_Dev
]
View
8 lib/phusion_passenger/rack/application_spawner.rb
@@ -21,10 +21,6 @@
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
-rack_dir = File.expand_path(File.dirname(__FILE__) + "/../../../vendor/rack-1.0.0-git/lib")
-$LOAD_PATH.unshift(rack_dir) if !$LOAD_PATH.include?(rack_dir)
-require 'rack'
-
require 'socket'
require 'phusion_passenger/application'
require 'phusion_passenger/events'
@@ -137,6 +133,10 @@ def set_passed_environment_variables(encoded_environment_variables)
end
def load_rack_app
+ # Load Rack inside the spawned child process so that the spawn manager
+ # itself doesn't preload Rack. This is necessary because some broken
+ # Rails apps explicitly specify a Rack version as dependency.
+ require 'rack'
rackup_code = ::File.read("config.ru")
eval("Rack::Builder.new {( #{rackup_code}\n )}.to_app", TOPLEVEL_BINDING, "config.ru")
end
View
7 lib/phusion_passenger/rack/request_handler.rb
@@ -22,11 +22,8 @@
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
-rack_dir = File.expand_path(File.dirname(__FILE__) + "/../../../vendor/rack-1.0.0-git/lib")
-$LOAD_PATH.unshift(rack_dir) if !$LOAD_PATH.include?(rack_dir)
-require 'rack/rewindable_input'
-
require 'phusion_passenger/abstract_request_handler'
+require 'phusion_passenger/utils/rewindable_input'
module PhusionPassenger
module Rack
@@ -64,7 +61,7 @@ def initialize(owner_pipe, app, options = {})
protected
# Overrided method.
def process_request(env, input, output)
- rewindable_input = ::Rack::RewindableInput.new(input)
+ rewindable_input = Utils::RewindableInput.new(input)
begin
env[RACK_VERSION] = RACK_VERSION_VALUE
env[RACK_INPUT] = rewindable_input
View
22 ...ck-1.0.0-git/lib/rack/rewindable_input.rb → ...usion_passenger/utils/rewindable_input.rb
@@ -1,6 +1,10 @@
+# Modified version of Rack::RewindableInput with Ruby 1.9 fix.
+
require 'tempfile'
-module Rack
+module PhusionPassenger
+module Utils
+
# Class which can make any IO object rewindable, including non-rewindable ones. It does
# this by buffering the data into a tempfile, which is rewindable.
#
@@ -74,7 +78,7 @@ def make_rewindable
@rewindable_io.chmod(0000)
@rewindable_io.set_encoding(Encoding::BINARY) if @rewindable_io.respond_to?(:set_encoding)
@rewindable_io.binmode
- if filesystem_has_posix_semantics?
+ if filesystem_has_posix_semantics? && !tempfile_unlink_contains_bug?
@rewindable_io.unlink
@unlinked = true
end
@@ -96,5 +100,17 @@ def make_rewindable
def filesystem_has_posix_semantics?
RUBY_PLATFORM !~ /(mswin|mingw|cygwin|java)/
end
+
+ def tempfile_unlink_contains_bug?
+ # The tempfile library as included in Ruby 1.9.1-p152 and later
+ # contains a bug: unlinking an open Tempfile object also closes
+ # it, which breaks our expected POSIX semantics. This problem
+ # has been fixed in Ruby 1.9.2, but the Ruby team chose not to
+ # include the bug fix in later versions of the 1.9.1 series.
+ ruby_engine = defined?(RUBY_ENGINE) ? RUBY_ENGINE : "ruby"
+ ruby_engine == "ruby" && RUBY_VERSION == "1.9.1" && RUBY_PATCHLEVEL >= 152
+ end
end
-end
+
+end # module Utils
+end # module PhusionPassenger
View
13 vendor/README
@@ -1,13 +0,0 @@
-You might be wondering why the Rack library is vendored, and why we don't
-just depend on the Rack gem. The reason for this is because there are broken
-applications out there that have a hard dependency on rack == 0.4.0 (the
-latest version of Rack is 1.0.0 at the time of writing). If Passenger
-depends on the Rack gem, then the application will crash with a gem version
-conflict error upon executing 'gem "rack", "=0.4.0"'.
-
-To fix this conflict, we vendor Rack. When we load our vendored Rack library,
-it won't be registered as a gem, so no RubyGems version conflict exception
-will be raised. This vendored version is commit 884770528a3, slightly older
-than the 1.0.0 release.
-
-Rack is mostly backwards-compatible so there shouldn't be any problems.
View
1 vendor/README_FOR_PACKAGERS
@@ -1 +0,0 @@
-Rack is vendored for a reason, don't try to remove it. See README.
View
18 vendor/rack-1.0.0-git/COPYING
@@ -1,18 +0,0 @@
-Copyright (c) 2007, 2008, 2009 Christian Neukirchen <purl.org/net/chneukirchen>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to
-deal in the Software without restriction, including without limitation the
-rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-sell copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
-THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
View
18 vendor/rack-1.0.0-git/KNOWN-ISSUES
@@ -1,18 +0,0 @@
-= Known issues with Rack and Web servers
-
-* Lighttpd sets wrong SCRIPT_NAME and PATH_INFO if you mount your
- FastCGI app at "/". This can be fixed by using this middleware:
-
- class LighttpdScriptNameFix
- def initialize(app)
- @app = app
- end
-
- def call(env)
- env["PATH_INFO"] = env["SCRIPT_NAME"].to_s + env["PATH_INFO"].to_s
- env["SCRIPT_NAME"] = ""
- @app.call(env)
- end
- end
-
- Of course, use this only when your app runs at "/".
View
353 vendor/rack-1.0.0-git/README
@@ -1,353 +0,0 @@
-= Rack, a modular Ruby webserver interface
-
-Rack provides a minimal, modular and adaptable interface for developing
-web applications in Ruby. By wrapping HTTP requests and responses in
-the simplest way possible, it unifies and distills the API for web
-servers, web frameworks, and software in between (the so-called
-middleware) into a single method call.
-
-The exact details of this are described in the Rack specification,
-which all Rack applications should conform to.
-
-== Specification changes in this release
-
-With Rack 1.0, the Rack specification (found in SPEC) changed in the
-following backward-incompatible ways. This was done to properly
-support Ruby 1.9 and to deprecate some problematic techniques:
-
-* Rack::VERSION has been pushed to [1,0].
-* Header values must be Strings now, split on "\n".
-* rack.input must be rewindable and support reading into a buffer,
- wrap with Rack::RewindableInput if it isn't.
-* Content-Length can be missing, in this case chunked transfer
- encoding is used.
-* Bodies can now additionally respond to #to_path with a filename to
- be served.
-* String bodies are deprecated and will not work with Ruby 1.9, use an
- Array with a single String instead.
-* rack.session is now specified.
-
-== Supported web servers
-
-The included *handlers* connect all kinds of web servers to Rack:
-* Mongrel
-* EventedMongrel
-* SwiftipliedMongrel
-* WEBrick
-* FCGI
-* CGI
-* SCGI
-* LiteSpeed
-* Thin
-
-These web servers include Rack handlers in their distributions:
-* Ebb
-* Fuzed
-* Phusion Passenger (which is mod_rack for Apache and for nginx)
-* Unicorn
-
-Any valid Rack app will run the same on all these handlers, without
-changing anything.
-
-== Supported web frameworks
-
-The included *adapters* connect Rack with existing Ruby web frameworks:
-* Camping
-
-These frameworks include Rack adapters in their distributions:
-* Camping
-* Coset
-* Halcyon
-* Mack
-* Maveric
-* Merb
-* Racktools::SimpleApplication
-* Ramaze
-* Ruby on Rails
-* Rum
-* Sinatra
-* Sin
-* Vintage
-* Waves
-* Wee
-
-Current links to these projects can be found at
-http://wiki.ramaze.net/Home#other-frameworks
-
-== Available middleware
-
-Between the server and the framework, Rack can be customized to your
-applications needs using middleware, for example:
-* Rack::URLMap, to route to multiple applications inside the same process.
-* Rack::CommonLogger, for creating Apache-style logfiles.
-* Rack::ShowException, for catching unhandled exceptions and
- presenting them in a nice and helpful way with clickable backtrace.
-* Rack::File, for serving static files.
-* ...many others!
-
-All these components use the same interface, which is described in
-detail in the Rack specification. These optional components can be
-used in any way you wish.
-
-== Convenience
-
-If you want to develop outside of existing frameworks, implement your
-own ones, or develop middleware, Rack provides many helpers to create
-Rack applications quickly and without doing the same web stuff all
-over:
-* Rack::Request, which also provides query string parsing and
- multipart handling.
-* Rack::Response, for convenient generation of HTTP replies and
- cookie handling.
-* Rack::MockRequest and Rack::MockResponse for efficient and quick
- testing of Rack application without real HTTP round-trips.
-
-== rack-contrib
-
-The plethora of useful middleware created the need for a project that
-collects fresh Rack middleware. rack-contrib includes a variety of
-add-on components for Rack and it is easy to contribute new modules.
-
-* http://github.com/rack/rack-contrib
-
-== rackup
-
-rackup is a useful tool for running Rack applications, which uses the
-Rack::Builder DSL to configure middleware and build up applications
-easily.
-
-rackup automatically figures out the environment it is run in, and
-runs your application as FastCGI, CGI, or standalone with Mongrel or
-WEBrick---all from the same configuration.
-
-== Quick start
-
-Try the lobster!
-
-Either with the embedded WEBrick starter:
-
- ruby -Ilib lib/rack/lobster.rb
-
-Or with rackup:
-
- bin/rackup -Ilib example/lobster.ru
-
-By default, the lobster is found at http://localhost:9292.
-
-== Installing with RubyGems
-
-A Gem of Rack is available. You can install it with:
-
- gem install rack
-
-I also provide a local mirror of the gems (and development snapshots)
-at my site:
-
- gem install rack --source http://chneukirchen.org/releases/gems/
-
-== Running the tests
-
-Testing Rack requires the test/spec testing framework:
-
- gem install test-spec
-
-There are two rake-based test tasks:
-
- rake test tests all the fast tests (no Handlers or Adapters)
- rake fulltest runs all the tests
-
-The fast testsuite has no dependencies outside of the core Ruby
-installation and test-spec.
-
-To run the test suite completely, you need:
-
- * camping
- * fcgi
- * memcache-client
- * mongrel
- * ruby-openid
- * thin
-
-The full set of tests test FCGI access with lighttpd (on port
-9203) so you will need lighttpd installed as well as the FCGI
-libraries and the fcgi gem:
-
-Download and install lighttpd:
-
- http://www.lighttpd.net/download
-
-Installing the FCGI libraries:
-
- curl -O http://www.fastcgi.com/dist/fcgi-2.4.0.tar.gz
- tar xzvf fcgi-2.4.0.tar.gz
- cd fcgi-2.4.0
- ./configure --prefix=/usr/local
- make
- sudo make install
- cd ..
-
-Installing the Ruby fcgi gem:
-
- gem install fcgi
-
-Furthermore, to test Memcache sessions, you need memcached (will be
-run on port 11211) and memcache-client installed.
-
-== History
-
-* March 3rd, 2007: First public release 0.1.
-
-* May 16th, 2007: Second public release 0.2.
- * HTTP Basic authentication.
- * Cookie Sessions.
- * Static file handler.
- * Improved Rack::Request.
- * Improved Rack::Response.
- * Added Rack::ShowStatus, for better default error messages.
- * Bug fixes in the Camping adapter.
- * Removed Rails adapter, was too alpha.
-
-* February 26th, 2008: Third public release 0.3.
- * LiteSpeed handler, by Adrian Madrid.
- * SCGI handler, by Jeremy Evans.
- * Pool sessions, by blink.
- * OpenID authentication, by blink.
- * :Port and :File options for opening FastCGI sockets, by blink.
- * Last-Modified HTTP header for Rack::File, by blink.
- * Rack::Builder#use now accepts blocks, by Corey Jewett.
- (See example/protectedlobster.ru)
- * HTTP status 201 can contain a Content-Type and a body now.
- * Many bugfixes, especially related to Cookie handling.
-
-* August 21st, 2008: Fourth public release 0.4.
- * New middleware, Rack::Deflater, by Christoffer Sawicki.
- * OpenID authentication now needs ruby-openid 2.
- * New Memcache sessions, by blink.
- * Explicit EventedMongrel handler, by Joshua Peek <josh@joshpeek.com>
- * Rack::Reloader is not loaded in rackup development mode.
- * rackup can daemonize with -D.
- * Many bugfixes, especially for pool sessions, URLMap, thread safety
- and tempfile handling.
- * Improved tests.
- * Rack moved to Git.
-
-* January 6th, 2009: Fifth public release 0.9.
- * Rack is now managed by the Rack Core Team.
- * Rack::Lint is stricter and follows the HTTP RFCs more closely.
- * Added ConditionalGet middleware.
- * Added ContentLength middleware.
- * Added Deflater middleware.
- * Added Head middleware.
- * Added MethodOverride middleware.
- * Rack::Mime now provides popular MIME-types and their extension.
- * Mongrel Header now streams.
- * Added Thin handler.
- * Official support for swiftiplied Mongrel.
- * Secure cookies.
- * Made HeaderHash case-preserving.
- * Many bugfixes and small improvements.
-
-* January 9th, 2009: Sixth public release 0.9.1.
- * Fix directory traversal exploits in Rack::File and Rack::Directory.
-
-* April 25th, 2009: Seventh public release 1.0.0.
- * SPEC change: Rack::VERSION has been pushed to [1,0].
- * SPEC change: header values must be Strings now, split on "\n".
- * SPEC change: Content-Length can be missing, in this case chunked transfer
- encoding is used.
- * SPEC change: rack.input must be rewindable and support reading into
- a buffer, wrap with Rack::RewindableInput if it isn't.
- * SPEC change: rack.session is now specified.
- * SPEC change: Bodies can now additionally respond to #to_path with
- a filename to be served.
- * NOTE: String bodies break in 1.9, use an Array consisting of a
- single String instead.
- * New middleware Rack::Lock.
- * New middleware Rack::ContentType.
- * Rack::Reloader has been rewritten.
- * Major update to Rack::Auth::OpenID.
- * Support for nested parameter parsing in Rack::Response.
- * Support for redirects in Rack::Response.
- * HttpOnly cookie support in Rack::Response.
- * The Rakefile has been rewritten.
- * Many bugfixes and small improvements.
-
-== Contact
-
-Please mail bugs, suggestions and patches to
-<mailto:rack-devel@googlegroups.com>.
-
-Mailing list archives are available at
-<http://groups.google.com/group/rack-devel>.
-
-There is a bug tracker at <http://rack.lighthouseapp.com/>.
-
-Git repository (send Git patches to the mailing list):
-* http://github.com/rack/rack
-* http://git.vuxu.org/cgi-bin/gitweb.cgi?p=rack.git
-
-You are also welcome to join the #rack channel on irc.freenode.net.
-
-== Thanks
-
-The Rack Core Team, consisting of
-
-* Christian Neukirchen (chneukirchen)
-* James Tucker (raggi)
-* Josh Peek (josh)
-* Michael Fellinger (manveru)
-* Ryan Tomayko (rtomayko)
-* Scytrin dai Kinthra (scytrin)
-
-would like to thank:
-
-* Adrian Madrid, for the LiteSpeed handler.
-* Christoffer Sawicki, for the first Rails adapter and Rack::Deflater.
-* Tim Fletcher, for the HTTP authentication code.
-* Luc Heinrich for the Cookie sessions, the static file handler and bugfixes.
-* Armin Ronacher, for the logo and racktools.
-* Aredridel, Ben Alpert, Dan Kubb, Daniel Roethlisberger, Matt Todd,
- Tom Robinson, Phil Hagelberg, and S. Brent Faulkner for bug fixing
- and other improvements.
-* Brian Candler, for Rack::ContentType.
-* Graham Batty, for improved handler loading.
-* Stephen Bannasch, for bug reports and documentation.
-* Gary Wright, for proposing a better Rack::Response interface.
-* Jonathan Buch, for improvements regarding Rack::Response.
-* Armin Röhrl, for tracking down bugs in the Cookie generator.
-* Alexander Kellett for testing the Gem and reviewing the announcement.
-* Marcus Rückert, for help with configuring and debugging lighttpd.
-* The WSGI team for the well-done and documented work they've done and
- Rack builds up on.
-* All bug reporters and patch contributers not mentioned above.
-
-== Copyright
-
-Copyright (C) 2007, 2008, 2009 Christian Neukirchen <http://purl.org/net/chneukirchen>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to
-deal in the Software without restriction, including without limitation the
-rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-sell copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
-THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-== Links
-
-Rack:: <http://rack.rubyforge.org/>
-Rack's Rubyforge project:: <http://rubyforge.org/projects/rack>
-Official Rack repositories:: <http://github.com/rack>
-rack-devel mailing list:: <http://groups.google.com/group/rack-devel>
-
-Christian Neukirchen:: <http://chneukirchen.org/>
-
View
164 vendor/rack-1.0.0-git/Rakefile
@@ -1,164 +0,0 @@
-# Rakefile for Rack. -*-ruby-*-
-require 'rake/rdoctask'
-require 'rake/testtask'
-
-
-desc "Run all the tests"
-task :default => [:test]
-
-
-desc "Make an archive as .tar.gz"
-task :dist => [:chmod, :changelog, :rdoc, "SPEC", "rack.gemspec"] do
- FileUtils.touch("RDOX")
- sh "git archive --format=tar --prefix=#{release}/ HEAD^{tree} >#{release}.tar"
- sh "pax -waf #{release}.tar -s ':^:#{release}/:' RDOX SPEC ChangeLog doc rack.gemspec"
- sh "gzip -f -9 #{release}.tar"
-end
-
-desc "Make an official release"
-task :officialrelease do
- puts "Official build for #{release}..."
- sh "rm -rf stage"
- sh "git clone --shared . stage"
- sh "cd stage && rake officialrelease_really"
- sh "mv stage/#{release}.tar.gz stage/#{release}.gem ."
-end
-
-task :officialrelease_really => [:fulltest, "RDOX", "SPEC", :dist, :gem] do
- sh "sha1sum #{release}.tar.gz #{release}.gem"
-end
-
-
-def version
- abort "You need to pass VERSION=... to build packages." unless ENV["VERSION"]
- ENV["VERSION"]
-end
-
-def release
- "rack-#{version}"
-end
-
-def manifest
- `git ls-files`.split("\n")
-end
-
-
-desc "Make binaries executable"
-task :chmod do
- Dir["bin/*"].each { |binary| File.chmod(0775, binary) }
- Dir["test/cgi/test*"].each { |binary| File.chmod(0775, binary) }
-end
-
-desc "Generate a ChangeLog"
-task :changelog do
- File.open("ChangeLog", "w") { |out|
- `git log -z`.split("\0").map { |chunk|
- author = chunk[/Author: (.*)/, 1].strip
- date = chunk[/Date: (.*)/, 1].strip
- desc, detail = $'.strip.split("\n", 2)
- detail ||= ""
- detail = detail.gsub(/.*darcs-hash:.*/, '')
- detail.rstrip!
- out.puts "#{date} #{author}"
- out.puts " * #{desc.strip}"
- out.puts detail unless detail.empty?
- out.puts
- }
- }
-end
-
-
-desc "Generate RDox"
-task "RDOX" do
- sh "specrb -Ilib:test -a --rdox >RDOX"
-end
-
-desc "Generate Rack Specification"
-task "SPEC" do
- File.open("SPEC", "wb") { |file|
- IO.foreach("lib/rack/lint.rb") { |line|
- if line =~ /## (.*)/
- file.puts $1
- end
- }
- }
-end
-
-desc "Run all the fast tests"
-task :test do
- sh "specrb -Ilib:test -w #{ENV['TEST'] || '-a'} #{ENV['TESTOPTS'] || '-t "^(?!Rack::Handler|Rack::Adapter|Rack::Session::Memcache|Rack::Auth::OpenID)"'}"
-end
-
-desc "Run all the tests"
-task :fulltest => [:chmod] do
- sh "specrb -Ilib:test -w #{ENV['TEST'] || '-a'} #{ENV['TESTOPTS']}"
-end
-
-begin
- require 'rubygems'
-rescue LoadError
- # Too bad.
-else
- task "rack.gemspec" do
- spec = Gem::Specification.new do |s|
- s.name = "rack"
- s.version = version
- s.platform = Gem::Platform::RUBY
- s.summary = "a modular Ruby webserver interface"
-
- s.description = <<-EOF
-Rack provides minimal, modular and adaptable interface for developing
-web applications in Ruby. By wrapping HTTP requests and responses in
-the simplest way possible, it unifies and distills the API for web
-servers, web frameworks, and software in between (the so-called
-middleware) into a single method call.
-
-Also see http://rack.rubyforge.org.
- EOF
-
- s.files = manifest + %w(SPEC RDOX rack.gemspec)
- s.bindir = 'bin'
- s.executables << 'rackup'
- s.require_path = 'lib'
- s.has_rdoc = true
- s.extra_rdoc_files = ['README', 'SPEC', 'RDOX', 'KNOWN-ISSUES']
- s.test_files = Dir['test/{test,spec}_*.rb']
-
- s.author = 'Christian Neukirchen'
- s.email = 'chneukirchen@gmail.com'
- s.homepage = 'http://rack.rubyforge.org'
- s.rubyforge_project = 'rack'
-
- s.add_development_dependency 'test-spec'
-
- s.add_development_dependency 'camping'
- s.add_development_dependency 'fcgi'
- s.add_development_dependency 'memcache-client'
- s.add_development_dependency 'mongrel'
- s.add_development_dependency 'ruby-openid', '~> 2.0.0'
- s.add_development_dependency 'thin'
- end
-
- File.open("rack.gemspec", "w") { |f| f << spec.to_ruby }
- end
-
- task :gem => ["rack.gemspec", "SPEC"] do
- FileUtils.touch("RDOX")
- sh "gem build rack.gemspec"
- end
-end
-
-desc "Generate RDoc documentation"
-task :rdoc do
- sh(*%w{rdoc --line-numbers --main README
- --title 'Rack\ Documentation' --charset utf-8 -U -o doc} +
- %w{README KNOWN-ISSUES SPEC RDOX} +
- Dir["lib/**/*.rb"])
-end
-
-task :pushsite => [:rdoc] do
- sh "cd site && git gc"
- sh "rsync -avz doc/ chneukirchen@rack.rubyforge.org:/var/www/gforge-projects/rack/doc/"
- sh "rsync -avz site/ chneukirchen@rack.rubyforge.org:/var/www/gforge-projects/rack/"
- sh "cd site && git push"
-end
View
90 vendor/rack-1.0.0-git/lib/rack.rb
@@ -1,90 +0,0 @@
-# Copyright (C) 2007, 2008, 2009 Christian Neukirchen <purl.org/net/chneukirchen>
-#
-# Rack is freely distributable under the terms of an MIT-style license.
-# See COPYING or http://www.opensource.org/licenses/mit-license.php.
-
-path = File.expand_path(File.dirname(__FILE__))
-$:.unshift(path) unless $:.include?(path)
-
-
-# The Rack main module, serving as a namespace for all core Rack
-# modules and classes.
-#
-# All modules meant for use in your application are <tt>autoload</tt>ed here,
-# so it should be enough just to <tt>require rack.rb</tt> in your code.
-
-module Rack
- # The Rack protocol version number implemented.
- VERSION = [1,0]
-
- # Return the Rack protocol version as a dotted string.
- def self.version
- VERSION.join(".")
- end
-
- # Return the Rack release as a dotted string.
- def self.release
- "1.0"
- end
-
- autoload :Builder, "rack/builder"
- autoload :Cascade, "rack/cascade"
- autoload :Chunked, "rack/chunked"
- autoload :CommonLogger, "rack/commonlogger"
- autoload :ConditionalGet, "rack/conditionalget"
- autoload :ContentLength, "rack/content_length"
- autoload :ContentType, "rack/content_type"
- autoload :File, "rack/file"
- autoload :Deflater, "rack/deflater"
- autoload :Directory, "rack/directory"
- autoload :ForwardRequest, "rack/recursive"
- autoload :Handler, "rack/handler"
- autoload :Head, "rack/head"
- autoload :Lint, "rack/lint"
- autoload :Lock, "rack/lock"
- autoload :MethodOverride, "rack/methodoverride"
- autoload :Mime, "rack/mime"
- autoload :Recursive, "rack/recursive"
- autoload :Reloader, "rack/reloader"
- autoload :ShowExceptions, "rack/showexceptions"
- autoload :ShowStatus, "rack/showstatus"
- autoload :Static, "rack/static"
- autoload :URLMap, "rack/urlmap"
- autoload :Utils, "rack/utils"
-
- autoload :MockRequest, "rack/mock"
- autoload :MockResponse, "rack/mock"
-
- autoload :Request, "rack/request"
- autoload :Response, "rack/response"
-
- module Auth
- autoload :Basic, "rack/auth/basic"
- autoload :AbstractRequest, "rack/auth/abstract/request"
- autoload :AbstractHandler, "rack/auth/abstract/handler"
- autoload :OpenID, "rack/auth/openid"
- module Digest
- autoload :MD5, "rack/auth/digest/md5"
- autoload :Nonce, "rack/auth/digest/nonce"
- autoload :Params, "rack/auth/digest/params"
- autoload :Request, "rack/auth/digest/request"
- end
- end
-
- module Session
- autoload :Cookie, "rack/session/cookie"
- autoload :Pool, "rack/session/pool"
- autoload :Memcache, "rack/session/memcache"
- end
-
- # *Adapters* connect Rack with third party web frameworks.
- #
- # Rack includes an adapter for Camping, see README for other
- # frameworks supporting Rack in their code bases.
- #
- # Refer to the submodules for framework-specific calling details.
-
- module Adapter
- autoload :Camping, "rack/adapter/camping"
- end
-end
View
22 vendor/rack-1.0.0-git/lib/rack/adapter/camping.rb
@@ -1,22 +0,0 @@
-module Rack
- module Adapter
- class Camping
- def initialize(app)
- @app = app
- end
-
- def call(env)
- env["PATH_INFO"] ||= ""
- env["SCRIPT_NAME"] ||= ""
- controller = @app.run(env['rack.input'], env)
- h = controller.headers
- h.each_pair do |k,v|
- if v.kind_of? URI
- h[k] = v.to_s
- end
- end
- [controller.status, controller.headers, [controller.body.to_s]]
- end
- end
- end
-end
View
37 vendor/rack-1.0.0-git/lib/rack/auth/abstract/handler.rb
@@ -1,37 +0,0 @@
-module Rack
- module Auth
- # Rack::Auth::AbstractHandler implements common authentication functionality.
- #
- # +realm+ should be set for all handlers.
-
- class AbstractHandler
-
- attr_accessor :realm
-
- def initialize(app, realm=nil, &authenticator)
- @app, @realm, @authenticator = app, realm, authenticator
- end
-
-
- private
-
- def unauthorized(www_authenticate = challenge)
- return [ 401,
- { 'Content-Type' => 'text/plain',
- 'Content-Length' => '0',
- 'WWW-Authenticate' => www_authenticate.to_s },
- []
- ]
- end
-
- def bad_request
- return [ 400,
- { 'Content-Type' => 'text/plain',
- 'Content-Length' => '0' },
- []
- ]
- end
-
- end
- end
-end
View
37 vendor/rack-1.0.0-git/lib/rack/auth/abstract/request.rb
@@ -1,37 +0,0 @@
-module Rack
- module Auth
- class AbstractRequest
-
- def initialize(env)
- @env = env
- end
-
- def provided?
- !authorization_key.nil?
- end
-
- def parts
- @parts ||= @env[authorization_key].split(' ', 2)
- end
-
- def scheme
- @scheme ||= parts.first.downcase.to_sym
- end
-
- def params
- @params ||= parts.last
- end
-
-
- private
-
- AUTHORIZATION_KEYS = ['HTTP_AUTHORIZATION', 'X-HTTP_AUTHORIZATION', 'X_HTTP_AUTHORIZATION']
-
- def authorization_key
- @authorization_key ||= AUTHORIZATION_KEYS.detect { |key| @env.has_key?(key) }
- end
-
- end
-
- end
-end
View
58 vendor/rack-1.0.0-git/lib/rack/auth/basic.rb
@@ -1,58 +0,0 @@
-require 'rack/auth/abstract/handler'
-require 'rack/auth/abstract/request'
-
-module Rack
- module Auth
- # Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
- #
- # Initialize with the Rack application that you want protecting,
- # and a block that checks if a username and password pair are valid.
- #
- # See also: <tt>example/protectedlobster.rb</tt>
-
- class Basic < AbstractHandler
-
- def call(env)
- auth = Basic::Request.new(env)
-
- return unauthorized unless auth.provided?
-
- return bad_request unless auth.basic?
-
- if valid?(auth)
- env['REMOTE_USER'] = auth.username
-
- return @app.call(env)
- end
-
- unauthorized
- end
-
-
- private
-
- def challenge
- 'Basic realm="%s"' % realm
- end
-
- def valid?(auth)
- @authenticator.call(*auth.credentials)
- end
-
- class Request < Auth::AbstractRequest
- def basic?
- :basic == scheme
- end
-
- def credentials
- @credentials ||= params.unpack("m*").first.split(/:/, 2)
- end
-
- def username
- credentials.first
- end
- end
-
- end
- end
-end
View
124 vendor/rack-1.0.0-git/lib/rack/auth/digest/md5.rb
@@ -1,124 +0,0 @@
-require 'rack/auth/abstract/handler'
-require 'rack/auth/digest/request'
-require 'rack/auth/digest/params'
-require 'rack/auth/digest/nonce'
-require 'digest/md5'
-
-module Rack
- module Auth
- module Digest
- # Rack::Auth::Digest::MD5 implements the MD5 algorithm version of
- # HTTP Digest Authentication, as per RFC 2617.
- #
- # Initialize with the [Rack] application that you want protecting,
- # and a block that looks up a plaintext password for a given username.
- #
- # +opaque+ needs to be set to a constant base64/hexadecimal string.
- #
- class MD5 < AbstractHandler
-
- attr_accessor :opaque
-
- attr_writer :passwords_hashed
-
- def initialize(*args)
- super
- @passwords_hashed = nil
- end
-
- def passwords_hashed?
- !!@passwords_hashed
- end
-
- def call(env)
- auth = Request.new(env)
-
- unless auth.provided?
- return unauthorized
- end
-
- if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
- return bad_request
- end
-
- if valid?(auth)
- if auth.nonce.stale?
- return unauthorized(challenge(:stale => true))
- else
- env['REMOTE_USER'] = auth.username
-
- return @app.call(env)
- end
- end
-
- unauthorized
- end
-
-
- private
-
- QOP = 'auth'.freeze
-
- def params(hash = {})
- Params.new do |params|
- params['realm'] = realm
- params['nonce'] = Nonce.new.to_s
- params['opaque'] = H(opaque)
- params['qop'] = QOP
-
- hash.each { |k, v| params[k] = v }
- end
- end
-
- def challenge(hash = {})
- "Digest #{params(hash)}"
- end
-
- def valid?(auth)
- valid_opaque?(auth) && valid_nonce?(auth) && valid_digest?(auth)
- end
-
- def valid_qop?(auth)
- QOP == auth.qop
- end
-
- def valid_opaque?(auth)
- H(opaque) == auth.opaque
- end
-
- def valid_nonce?(auth)
- auth.nonce.valid?
- end
-
- def valid_digest?(auth)
- digest(auth, @authenticator.call(auth.username)) == auth.response
- end
-
- def md5(data)
- ::Digest::MD5.hexdigest(data)
- end
-
- alias :H :md5
-
- def KD(secret, data)
- H([secret, data] * ':')
- end
-
- def A1(auth, password)
- [ auth.username, auth.realm, password ] * ':'
- end
-
- def A2(auth)
- [ auth.method, auth.uri ] * ':'
- end
-
- def digest(auth, password)
- password_hash = passwords_hashed? ? password : H(A1(auth, password))
-
- KD(password_hash, [ auth.nonce, auth.nc, auth.cnonce, QOP, H(A2(auth)) ] * ':')
- end
-
- end
- end
- end
-end
View
51 vendor/rack-1.0.0-git/lib/rack/auth/digest/nonce.rb
@@ -1,51 +0,0 @@
-require 'digest/md5'
-
-module Rack
- module Auth
- module Digest
- # Rack::Auth::Digest::Nonce is the default nonce generator for the
- # Rack::Auth::Digest::MD5 authentication handler.
- #
- # +private_key+ needs to set to a constant string.
- #
- # +time_limit+ can be optionally set to an integer (number of seconds),
- # to limit the validity of the generated nonces.
-
- class Nonce
-
- class << self
- attr_accessor :private_key, :time_limit
- end
-
- def self.parse(string)
- new(*string.unpack("m*").first.split(' ', 2))
- end
-
- def initialize(timestamp = Time.now, given_digest = nil)
- @timestamp, @given_digest = timestamp.to_i, given_digest
- end
-
- def to_s
- [([ @timestamp, digest ] * ' ')].pack("m*").strip
- end
-
- def digest
- ::Digest::MD5.hexdigest([ @timestamp, self.class.private_key ] * ':')
- end
-
- def valid?
- digest == @given_digest
- end
-
- def stale?
- !self.class.time_limit.nil? && (@timestamp - Time.now.to_i) < self.class.time_limit
- end
-
- def fresh?
- !stale?
- end
-
- end
- end
- end
-end
View
55 vendor/rack-1.0.0-git/lib/rack/auth/digest/params.rb
@@ -1,55 +0,0 @@
-module Rack
- module Auth
- module Digest
- class Params < Hash
-
- def self.parse(str)
- split_header_value(str).inject(new) do |header, param|
- k, v = param.split('=', 2)
- header[k] = dequote(v)
- header
- end
- end
-
- def self.dequote(str) # From WEBrick::HTTPUtils
- ret = (/\A"(.*)"\Z/ =~ str) ? $1 : str.dup
- ret.gsub!(/\\(.)/, "\\1")
- ret
- end
-
- def self.split_header_value(str)
- str.scan( /(\w+\=(?:"[^\"]+"|[^,]+))/n ).collect{ |v| v[0] }
- end
-
- def initialize
- super
-
- yield self if block_given?
- end
-
- def [](k)
- super k.to_s
- end
-
- def []=(k, v)
- super k.to_s, v.to_s
- end
-
- UNQUOTED = ['qop', 'nc', 'stale']
-
- def to_s
- inject([]) do |parts, (k, v)|
- parts << "#{k}=" + (UNQUOTED.include?(k) ? v.to_s : quote(v))
- parts
- end.join(', ')
- end
-
- def quote(str) # From WEBrick::HTTPUtils
- '"' << str.gsub(/[\\\"]/o, "\\\1") << '"'
- end
-
- end
- end
- end
-end
-
View
40 vendor/rack-1.0.0-git/lib/rack/auth/digest/request.rb
@@ -1,40 +0,0 @@
-require 'rack/auth/abstract/request'
-require 'rack/auth/digest/params'
-require 'rack/auth/digest/nonce'
-
-module Rack
- module Auth
- module Digest
- class Request < Auth::AbstractRequest
-
- def method
- @env['rack.methodoverride.original_method'] || @env['REQUEST_METHOD']
- end
-
- def digest?
- :digest == scheme
- end
-
- def correct_uri?
- (@env['SCRIPT_NAME'].to_s + @env['PATH_INFO'].to_s) == uri
- end
-
- def nonce
- @nonce ||= Nonce.parse(params['nonce'])
- end
-
- def params
- @params ||= Params.parse(parts.last)
- end
-
- def method_missing(sym)
- if params.has_key? key = sym.to_s
- return params[key]
- end
- super
- end
-
- end
- end
- end
-end
View
487 vendor/rack-1.0.0-git/lib/rack/auth/openid.rb
@@ -1,487 +0,0 @@
-# AUTHOR: Scytrin dai Kinthra <scytrin@gmail.com>; blink#ruby-lang@irc.freenode.net
-
-gem 'ruby-openid', '~> 2' if defined? Gem
-require 'rack/request'
-require 'rack/utils'
-require 'rack/auth/abstract/handler'
-
-require 'uri'
-require 'openid'
-require 'openid/extension'
-require 'openid/store/memory'
-
-module Rack
- class Request
- def openid_request
- @env['rack.auth.openid.request']
- end
-
- def openid_response
- @env['rack.auth.openid.response']
- end
- end
-
- module Auth
-
- # Rack::Auth::OpenID provides a simple method for setting up an OpenID
- # Consumer. It requires the ruby-openid library from janrain to operate,
- # as well as a rack method of session management.
- #
- # The ruby-openid home page is at http://openidenabled.com/ruby-openid/.
- #
- # The OpenID specifications can be found at
- # http://openid.net/specs/openid-authentication-1_1.html
- # and
- # http://openid.net/specs/openid-authentication-2_0.html. Documentation
- # for published OpenID extensions and related topics can be found at
- # http://openid.net/developers/specs/.
- #
- # It is recommended to read through the OpenID spec, as well as
- # ruby-openid's documentation, to understand what exactly goes on. However
- # a setup as simple as the presented examples is enough to provide
- # Consumer functionality.
- #
- # This library strongly intends to utilize the OpenID 2.0 features of the
- # ruby-openid library, which provides OpenID 1.0 compatiblity.
- #
- # NOTE: Due to the amount of data that this library stores in the
- # session, Rack::Session::Cookie may fault.
- #
- # == Examples
- #
- # simple_oid = OpenID.new('http://mysite.com/')
- #
- # return_oid = OpenID.new('http://mysite.com/', {
- # :return_to => 'http://mysite.com/openid'
- # })
- #
- # complex_oid = OpenID.new('http://mysite.com/',
- # :immediate => true,
- # :extensions => {
- # ::OpenID::SReg => [['email'],['nickname']]
- # }
- # )
- #
- # = Advanced
- #
- # Most of the functionality of this library is encapsulated such that
- # expansion and overriding functions isn't difficult nor tricky.
- # Alternately, to avoid opening up singleton objects or subclassing, a
- # wrapper rack middleware can be composed to act upon Auth::OpenID's
- # responses. See #check and #finish for locations of pertinent data.
- #
- # == Responses
- #
- # To change the responses that Auth::OpenID returns, override the methods
- # #redirect, #bad_request, #unauthorized, #access_denied, and
- # #foreign_server_failure.
- #
- # Additionally #confirm_post_params is used when the URI would exceed
- # length limits on a GET request when doing the initial verification
- # request.
- #
- # == Processing
- #
- # To change methods of processing completed transactions, override the
- # methods #success, #setup_needed, #cancel, and #failure. Please ensure
- # the returned object is a rack compatible response.
- #
- # The first argument is an OpenID::Response, the second is a
- # Rack::Request of the current request, the last is the hash used in
- # ruby-openid handling, which can be found manually at
- # env['rack.session'][:openid].
- #
- # This is useful if you wanted to expand the processing done, such as
- # setting up user accounts.
- #
- # oid_app = Rack::Auth::OpenID.new realm, :return_to => return_to
- # def oid_app.success oid, request, session
- # user = Models::User[oid.identity_url]
- # user ||= Models::User.create_from_openid oid
- # request['rack.session'][:user] = user.id
- # redirect MyApp.site_home
- # end
- #
- # site_map['/openid'] = oid_app
- # map = Rack::URLMap.new site_map
- # ...
-
- class OpenID
- # Raised if an incompatible session is being used.
- class NoSession < RuntimeError; end
- # Raised if an extension not matching specifications is provided.
- class BadExtension < RuntimeError; end
- # Possible statuses returned from consumer responses. See definitions
- # in the ruby-openid library.
- ValidStatus = [
- ::OpenID::Consumer::SUCCESS,
- ::OpenID::Consumer::FAILURE,
- ::OpenID::Consumer::CANCEL,
- ::OpenID::Consumer::SETUP_NEEDED
- ]
-
- # The first argument is the realm, identifying the site they are trusting
- # with their identity. This is required, also treated as the trust_root
- # in OpenID 1.x exchanges.
- #
- # The lits of acceptable options include :return_to, :session_key,
- # :openid_param, :store, :immediate, :extensions.
- #
- # <tt>:return_to</tt> defines the url to return to after the client
- # authenticates with the openid service provider. This url should point
- # to where Rack::Auth::OpenID is mounted. If unprovided, the url of
- # the current request is used.
- #
- # <tt>:session_key</tt> defines the key to the session hash in the env.
- # The default is 'rack.session'.
- #
- # <tt>:openid_param</tt> defines at what key in the request parameters to
- # find the identifier to resolve. As per the 2.0 spec, the default is
- # 'openid_identifier'.
- #
- # <tt>:store</tt> defined what OpenID Store to use for persistant
- # information. By default a Store::Memory is used.
- #
- # <tt>:immediate</tt> as true will make initial requests to be of an
- # immediate type. This is false by default. See OpenID specification
- # documentation.
- #
- # <tt>:extensions</tt> should be a hash of openid extension
- # implementations. The key should be the extension module, the value
- # should be an array of arguments for extension::Request.new().
- # The hash is iterated over and passed to #add_extension for processing.
- # Please see #add_extension for further documentation.
-
- def initialize(realm, options={})
- realm = URI(realm)
- raise ArgumentError, "Invalid realm: #{realm}" \
- unless realm.absolute? \
- and realm.fragment.nil? \
- and realm.scheme =~ /^https?$/ \
- and realm.host =~ /^(\*\.)?#{URI::REGEXP::PATTERN::URIC_NO_SLASH}+/
- realm.path = '/' if realm.path.empty?
- @realm = realm.to_s
-
- if ruri = options[:return_to]
- ruri = URI(ruri)
- raise ArgumentError, "Invalid return_to: #{ruri}" \
- unless ruri.absolute? \
- and ruri.scheme =~ /^https?$/ \
- and ruri.fragment.nil?
- raise ArgumentError, "return_to #{ruri} not within realm #{realm}" \
- unless self.within_realm?(ruri)
- @return_to = ruri.to_s
- end
-
- @session_key = options[:session_key] || 'rack.session'
- @openid_param = options[:openid_param] || 'openid_identifier'
- @store = options[:store] || ::OpenID::Store::Memory.new
- @immediate = !!options[:immediate]
-
- @extensions = {}
- if extensions = options[:extensions]
- extensions.each do |ext, args|
- add_extension(ext, *args)
- end
- end
-
- # Undocumented, semi-experimental
- @anonymous = !!options[:anonymous]
- end
-
- attr_reader :realm, :return_to, :session_key, :openid_param, :store,
- :immediate, :extensions
-
- # Sets up and uses session data at <tt>:openid</tt> within the session.
- # Errors in this setup will raise a NoSession exception.
- #
- # If the parameter 'openid.mode' is set, which implies a followup from
- # the openid server, processing is passed to #finish and the result is
- # returned. However, if there is no appropriate openid information in the
- # session, a 400 error is returned.
- #
- # If the parameter specified by <tt>options[:openid_param]</tt> is
- # present, processing is passed to #check and the result is returned.
- #
- # If neither of these conditions are met, #bad_request is called.
-
- def call(env)
- env['rack.auth.openid'] = self
- env_session = env[@session_key]
- unless env_session and env_session.is_a?(Hash)
- raise NoSession, 'No compatible session.'
- end
- # let us work in our own namespace...
- session = (env_session[:openid] ||= {})
- unless session and session.is_a?(Hash)
- raise NoSession, 'Incompatible openid session.'
- end
-
- request = Rack::Request.new(env)
- consumer = ::OpenID::Consumer.new(session, @store)
-
- if mode = request.GET['openid.mode']
- finish(consumer, session, request)
- elsif request.GET[@openid_param]
- check(consumer, session, request)
- else
- bad_request
- end
- end
-
- # As the first part of OpenID consumer action, #check retrieves the data
- # required for completion.
- #
- # If all parameters fit within the max length of a URI, a 303 redirect
- # will be returned. Otherwise #confirm_post_params will be called.
- #
- # Any messages from OpenID's request are logged to env['rack.errors']
- #
- # <tt>env['rack.auth.openid.request']</tt> is the openid checkid request
- # instance.
- #
- # <tt>session[:openid_param]</tt> is set to the openid identifier
- # provided by the user.
- #
- # <tt>session[:return_to]</tt> is set to the return_to uri given to the
- # identity provider.
-
- def check(consumer, session, req)
- oid = consumer.begin(req.GET[@openid_param], @anonymous)
- req.env['rack.auth.openid.request'] = oid
- req.env['rack.errors'].puts(oid.message)
- p oid if $DEBUG
-
- ## Extension support
- extensions.each do |ext,args|
- oid.add_extension(ext::Request.new(*args))
- end
-
- session[:openid_param] = req.GET[openid_param]
- return_to_uri = return_to ? return_to : req.url
- session[:return_to] = return_to_uri
- immediate = session.key?(:setup_needed) ? false : immediate
-
- if oid.send_redirect?(realm, return_to_uri, immediate)
- redirect(oid.redirect_url(realm, return_to_uri, immediate))
- else
- confirm_post_params(oid, realm, return_to_uri, immediate)
- end
- rescue ::OpenID::DiscoveryFailure => e
- # thrown from inside OpenID::Consumer#begin by yadis stuff
- req.env['rack.errors'].puts( [e.message, *e.backtrace]*"\n" )
- return foreign_server_failure
- end
-
- # This is the final portion of authentication.
- # If successful, a redirect to the realm is be returned.
- # Data gathered from extensions are stored in session[:openid] with the
- # extension's namespace uri as the key.
- #
- # Any messages from OpenID's response are logged to env['rack.errors']
- #
- # <tt>env['rack.auth.openid.response']</tt> will contain the openid
- # response.
-
- def finish(consumer, session, req)
- oid = consumer.complete(req.GET, req.url)
- req.env['rack.auth.openid.response'] = oid
- req.env['rack.errors'].puts(oid.message)
- p oid if $DEBUG
-
- if ValidStatus.include?(oid.status)
- __send__(oid.status, oid, req, session)
- else
- invalid_status(oid, req, session)
- end
- end
-
- # The first argument should be the main extension module.
- # The extension module should contain the constants:
- # * class Request, should have OpenID::Extension as an ancestor
- # * class Response, should have OpenID::Extension as an ancestor
- # * string NS_URI, which defining the namespace of the extension
- #
- # All trailing arguments will be passed to extension::Request.new in
- # #check.
- # The openid response will be passed to
- # extension::Response#from_success_response, oid#get_extension_args will
- # be called on the result to attain the gathered data.
- #
- # This method returns the key at which the response data will be found in
- # the session, which is the namespace uri by default.
-
- def add_extension(ext, *args)
- raise BadExtension unless valid_extension?(ext)
- extensions[ext] = args
- return ext::NS_URI
- end
-
- # Checks the validitity, in the context of usage, of a submitted
- # extension.
-
- def valid_extension?(ext)
- if not %w[NS_URI Request Response].all?{|c| ext.const_defined?(c) }
- raise ArgumentError, 'Extension is missing constants.'
- elsif not ext::Response.respond_to?(:from_success_response)
- raise ArgumentError, 'Response is missing required method.'
- end
- return true
- rescue
- return false
- end
-
- # Checks the provided uri to ensure it'd be considered within the realm.
- # is currently not compatible with wildcard realms.
-
- def within_realm? uri
- uri = URI.parse(uri.to_s)
- realm = URI.parse(self.realm)
- return false unless uri.absolute?
- return false unless uri.path[0, realm.path.size] == realm.path
- return false unless uri.host == realm.host or realm.host[/^\*\./]
- # for wildcard support, is awkward with URI limitations
- realm_match = Regexp.escape(realm.host).
- sub(/^\*\./,"^#{URI::REGEXP::PATTERN::URIC_NO_SLASH}+.")+'$'
- return false unless uri.host.match(realm_match)
- return true
- end
-
- alias_method :include?, :within_realm?
-
- protected
-
- # Returns an html form page for posting to an Identity Provider if the
- # GET request would exceed the upper URI length limit.
-
- def confirm_post_params(oid, realm, return_to, immediate)
- response = Rack::Response.new '<html>'+
- '<head><title>Confirm...</title></head>'+
- '<body>'+oid.form_markup(realm, return_to, immediate)+'</body>'+
- '</html>'
- response.finish
- end
-
- # Returns a 303 redirect with the destination of that provided by the
- # argument.
-
- def redirect(uri)
- [ 303, {'Content-Type'=>'text/plain', 'Content-Length'=>'0',
- 'Location' => uri},
- [] ]
- end
-
- # Returns an empty 400 response.
-
- def bad_request
- [ 400, {'Content-Type'=>'text/plain', 'Content-Length'=>'0'},
- [''] ]
- end
-
- # Returns a basic unauthorized 401 response.
-
- def unauthorized
- [ 401, {'Content-Type' => 'text/plain', 'Content-Length' => '13'},
- ['Unauthorized.'] ]
- end
-
- # Returns a basic access denied 403 response.
-
- def access_denied
- [ 403, {'Content-Type' => 'text/plain', 'Content-Length' => '14'},
- ['Access denied.'] ]
- end
-
- # Returns a 503 response to be used if communication with the remote
- # OpenID server fails.
-
- def foreign_server_failure
- [ 503, {'Content-Type'=>'text/plain', 'Content-Length' => '23'},
- ['Foreign server failure.'] ]
- end
-
- private
-
- # Called to complete processing on a successful transaction.
- # Within the openid session, :openid_identity and :openid_identifier are
- # set to the user friendly and the standard representation of the
- # validated identity. All other data in the openid session is cleared.
-
- def success(oid, request, session)
- session.clear
- session[:openid_identity] = oid.display_identifier
- session[:openid_identifier] = oid.identity_url
- extensions.keys.each do |ext|
- label = ext.name[/[^:]+$/].downcase
- response = ext::Response.from_success_response(oid)
- session[label] = response.data
- end
- redirect(realm)
- end
-
- # Called if the Identity Provider indicates further setup by the user is
- # required.
- # The identifier is retrived from the openid session at :openid_param.
- # And :setup_needed is set to true to prevent looping.
-
- def setup_needed(oid, request, session)
- identifier = session[:openid_param]
- session[:setup_needed] = true
- redirect(req.script_name + '?' + openid_param + '=' + identifier)
- end
-
- # Called if the user indicates they wish to cancel identification.
- # Data within openid session is cleared.
-
- def cancel(oid, request, session)
- session.clear
- access_denied
- end
-
- # Called if the Identity Provider indicates the user is unable to confirm
- # their identity. Data within the openid session is left alone, in case
- # of swarm auth attacks.
-
- def failure(oid, request, session)
- unauthorized
- end
-
- # To be called if there is no method for handling the OpenID response
- # status.
-
- def invalid_status(oid, request, session)
- msg = 'Invalid status returned by the OpenID authorization reponse.'
- [ 500,
- {'Content-Type'=>'text/plain','Content-Length'=>msg.length.to_s},
- [msg] ]
- end
- end
-
- # A class developed out of the request to use OpenID as an authentication
- # middleware. The request will be sent to the OpenID instance unless the
- # block evaluates to true. For example in rackup, you can use it as such:
- #
- # use Rack::Session::Pool
- # use Rack::Auth::OpenIDAuth, realm, openid_options do |env|
- # env['rack.session'][:authkey] == a_string
- # end
- # run RackApp
- #
- # Or simply:
- #
- # app = Rack::Auth::OpenIDAuth.new app, realm, openid_options, &auth
-
- class OpenIDAuth < Rack::Auth::AbstractHandler
- attr_reader :oid
- def initialize(app, realm, options={}, &auth)
- @oid = OpenID.new(realm, options)
- super(app, &auth)
- end
-
- def call(env)
- to = @authenticator.call(env) ? @app : @oid
- to.call(env)
- end
- end
- end
-end
View
63 vendor/rack-1.0.0-git/lib/rack/builder.rb
@@ -1,63 +0,0 @@
-module Rack
- # Rack::Builder implements a small DSL to iteratively construct Rack
- # applications.
- #
- # Example:
- #
- # app = Rack::Builder.new {
- # use Rack::CommonLogger
- # use Rack::ShowExceptions
- # map "/lobster" do
- # use Rack::Lint
- # run Rack::Lobster.new
- # end
- # }
- #
- # Or
- #
- # app = Rack::Builder.app do
- # use Rack::CommonLogger
- # lambda { |env| [200, {'Content-Type' => 'text/plain'}, 'OK'] }
- # end
- #
- # +use+ adds a middleware to the stack, +run+ dispatches to an application.
- # You can use +map+ to construct a Rack::URLMap in a convenient way.
-
- class Builder
- def initialize(&block)
- @ins = []
- instance_eval(&block) if block_given?
- end
-
- def self.app(&block)
- self.new(&block).to_app
- end
-
- def use(middleware, *args, &block)
- @ins << lambda { |app| middleware.new(app, *args, &block) }
- end
-
- def run(app)
- @ins << app #lambda { |nothing| app }
- end
-
- def map(path, &block)
- if @ins.last.kind_of? Hash
- @ins.last[path] = self.class.new(&block).to_app
- else
- @ins << {}
- map(path, &block)
- end
- end
-
- def to_app
- @ins[-1] = Rack::URLMap.new(@ins.last) if Hash === @ins.last
- inner_app = @ins.last
- @ins[0...-1].reverse.inject(inner_app) { |a, e| e.call(a) }
- end
-
- def call(env)
- to_app.call(env)
- end
- end
-end
View
41 vendor/rack-1.0.0-git/lib/rack/cascade.rb
@@ -1,41 +0,0 @@
-module Rack
- # Rack::Cascade tries an request on several apps, and returns the
- # first response that is not 404 (or in a list of configurable
- # status codes).
-
- class Cascade
- NotFound = [404, {}, []]
-
- attr_reader :apps
-
- def initialize(apps, catch=404)
- @apps = []; @has_app = {}
- apps.each { |app| add app }
-
- @catch = {}
- [*catch].each { |status| @catch[status] = true }
- end
-
- def call(env)
- result = NotFound
-
- @apps.each do |app|
- result = app.call(env)
- break unless @catch.include?(result[0].to_i)
- end
-
- result
- end
-
- def add app
- @has_app[app] = true
- @apps << app
- end
-
- def include? app
- @has_app.include? app
- end
-
- alias_method :<<, :add
- end
-end
View
49 vendor/rack-1.0.0-git/lib/rack/chunked.rb
@@ -1,49 +0,0 @@
-require 'rack/utils'
-
-module Rack
-
- # Middleware that applies chunked transfer encoding to response bodies
- # when the response does not include a Content-Length header.
- class Chunked
- include Rack::Utils
-
- def initialize(app)
- @app = app
- end
-
- def call(env)
- status, headers, body = @app.call(env)
- headers = HeaderHash.new(headers)
-
- if env['HTTP_VERSION'] == 'HTTP/1.0' ||
- STATUS_WITH_NO_ENTITY_BODY.include?(status) ||
- headers['Content-Length'] ||
- headers['Transfer-Encoding']
- [status, headers.to_hash, body]
- else
- dup.chunk(status, headers, body)
- end
- end
-
- def chunk(status, headers, body)
- @body = body
- headers.delete('Content-Length')
- headers['Transfer-Encoding'] = 'chunked'
- [status, headers.to_hash, self]
- end
-
- def each
- term = "\r\n"
- @body.each do |chunk|
- size = bytesize(chunk)
- next if size == 0
- yield [size.to_s(16), term, chunk, term].join
- end
- yield ["0", term, "", term].join
- end
-
- def close
- @body.close if @body.respond_to?(:close)
- end
- end
-end
View
52 vendor/rack-1.0.0-git/lib/rack/commonlogger.rb
@@ -1,52 +0,0 @@
-module Rack
- # Rack::CommonLogger forwards every request to an +app+ given, and
- # logs a line in the Apache common log format to the +logger+, or
- # rack.errors by default.
- class CommonLogger
- # Common Log Format: http://httpd.apache.org/docs/1.3/logs.html#common
- # lilith.local - - [07/Aug/2006 23:58:02] "GET / HTTP/1.1" 500 -
- # %{%s - %s [%s] "%s %s%s %s" %d %s\n} %
- FORMAT = %{%s - %s [%s] "%s %s%s %s" %d %s %0.4f\n}
-
- def initialize(app, logger=nil)
- @app = app
- @logger = logger
- end
-
- def call(env)
- began_at = Time.now
- status, header, body = @app.call(env)
- log(env, status, header, began_at)
- [status, header, body]
- end
-
- private
-
- def log(env, status, header, began_at)
- now = Time.now
- length = extract_content_length(header)
-
- logger = @logger || env['rack.errors']
- logger.write FORMAT % [
- env['HTTP_X_FORWARDED_FOR'] || env["REMOTE_ADDR"] || "-",
- env["REMOTE_USER"] || "-",
- now.strftime("%d/%b/%Y %H:%M:%S"),
- env["REQUEST_METHOD"],
- env["PATH_INFO"],
- env["QUERY_STRING"].empty? ? "" : "?"+env["QUERY_STRING"],
- env["HTTP_VERSION"],
- status.to_s[0..3],
- length,
- now - began_at ]
- end
-
- def extract_content_length(headers)
- headers.each do |key, value|
- if key.downcase == 'content-length'
- return value.to_s == '0' ? '-' : value
- end
- end
- '-'
- end
- end
-end
View
47 vendor/rack-1.0.0-git/lib/rack/conditionalget.rb
@@ -1,47 +0,0 @@
-require 'rack/utils'
-
-module Rack
-
- # Middleware that enables conditional GET using If-None-Match and
- # If-Modified-Since. The application should set either or both of the
- # Last-Modified or Etag response headers according to RFC 2616. When
- # either of the conditions is met, the response body is set to be zero
- # length and the response status is set to 304 Not Modified.
- #
- # Applications that defer response body generation until the body's each
- # message is received will avoid response body generation completely when
- # a conditional GET matches.
- #
- # Adapted from Michael Klishin's Merb implementation:
- # http://github.com/wycats/merb-core/tree/master/lib/merb-core/rack/middleware/conditional_get.rb
- class ConditionalGet
- def initialize(app)
- @app = app
- end
-
- def call(env)
- return @app.call(env) unless %w[GET HEAD].include?(env['REQUEST_METHOD'])
-
- status, headers, body = @app.call(env)
- headers = Utils::HeaderHash.new(headers)
- if etag_matches?(env, headers) || modified_since?(env, headers)
- status = 304
- headers.delete('Content-Type')
- headers.delete('Content-Length')
- body = []
- end
- [status, headers, body]
- end
-
- private
- def etag_matches?(env, headers)
- etag = headers['Etag'] and etag == env['HTTP_IF_NONE_MATCH']
- end
-
- def modified_since?(env, headers)
- last_modified = headers['Last-Modified'] and
- last_modified == env['HTTP_IF_MODIFIED_SINCE']
- end
- end
-
-end
View
29 vendor/rack-1.0.0-git/lib/rack/content_length.rb
@@ -1,29 +0,0 @@
-require 'rack/utils'
-
-module Rack
- # Sets the Content-Length header on responses with fixed-length bodies.
- class ContentLength
- include Rack::Utils
-
- def initialize(app)
- @app = app
- end
-
- def call(env)
- status, headers, body = @app.call(env)
- headers = HeaderHash.new(headers)
-
- if !STATUS_WITH_NO_ENTITY_BODY.include?(status) &&
- !headers['Content-Length'] &&
- !headers['Transfer-Encoding'] &&
- (body.respond_to?(:to_ary) || body.respond_to?(:to_str))
-
- body = [body] if body.respond_to?(:to_str) # rack 0.4 compat
- length = body.to_ary.inject(0) { |len, part| len + bytesize(part) }
- headers['Content-Length'] = length.to_s
- end
-
- [status, headers, body]
- end
- end
-end
View
23 vendor/rack-1.0.0-git/lib/rack/content_type.rb
@@ -1,23 +0,0 @@
-require 'rack/utils'
-
-module Rack
-
- # Sets the Content-Type header on responses which don't have one.
- #
- # Builder Usage:
- # use Rack::ContentType, "text/plain"
- #
- # When no content type argument is provided, "text/html" is assumed.
- class ContentType
- def initialize(app, content_type = "text/html")
- @app, @content_type = app, content_type
- end
-
- def call(env)
- status, headers, body = @app.call(env)
- headers = Utils::HeaderHash.new(headers)
- headers['Content-Type'] ||= @content_type
- [status, headers.to_hash, body]
- end
- end
-end
View
96 vendor/rack-1.0.0-git/lib/rack/deflater.rb
@@ -1,96 +0,0 @@
-require "zlib"
-require "stringio"
-require "time" # for Time.httpdate
-require 'rack/utils'
-
-module Rack
- class Deflater
- def initialize(app)
- @app = app
- end
-
- def call(env)
- status, headers, body = @app.call(env)
- headers = Utils::HeaderHash.new(headers)
-
- # Skip compressing empty entity body responses and responses with
- # no-transform set.
- if Utils::STATUS_WITH_NO_ENTITY_BODY.include?(status) ||
- headers['Cache-Control'].to_s =~ /\bno-transform\b/
- return [status, headers, body]
- end
-
- request = Request.new(env)
-
- encoding = Utils.select_best_encoding(%w(gzip deflate identity),
- request.accept_encoding)
-
- # Set the Vary HTTP header.
- vary = headers["Vary"].to_s.split(",").map { |v| v.strip }
- unless vary.include?("*") || vary.include?("Accept-Encoding")
- headers["Vary"] = vary.push("Accept-Encoding").join(",")
- end
-
- case encoding
- when "gzip"
- headers['Content-Encoding'] = "gzip"
- headers.delete('Content-Length')
- mtime = headers.key?("Last-Modified") ?
- Time.httpdate(headers["Last-Modified"]) : Time.now
- [status, headers, GzipStream.new(body, mtime)]
- when "deflate"
- headers['Content-Encoding'] = "deflate"
- headers.delete('Content-Length')
- [status, headers, DeflateStream.new(body)]
- when "identity"
- [status, headers, body]
- when nil
- message = "An acceptable encoding for the requested resource #{request.fullpath} could not be found."
- [406, {"Content-Type" => "text/plain", "Content-Length" => message.length.to_s}, [message]]
- end
- end
-
- class GzipStream
- def initialize(body, mtime)
- @body = body
- @mtime = mtime
- end
-
- def each(&block)
- @writer = block
- gzip =::Zlib::GzipWriter.new(self)
- gzip.mtime = @mtime
- @body.each { |part| gzip << part }
- @body.close if @body.respond_to?(:close)
- gzip.close
- @writer = nil
- end
-
- def write(data)
- @writer.call(data)
- end
- end
-
- class DeflateStream
- DEFLATE_ARGS = [
- Zlib::DEFAULT_COMPRESSION,
- # drop the zlib header which causes both Safari and IE to choke
- -Zlib::MAX_WBITS,
- Zlib::DEF_MEM_LEVEL,
- Zlib::DEFAULT_STRATEGY
- ]
-
- def initialize(body)
- @body = body
- end
-
- def each
- deflater = ::Zlib::Deflate.new(*DEFLATE_ARGS)
- @body.each { |part| yield deflater.deflate(part) }
- @body.close if @body.respond_to?(:close)
- yield deflater.finish
- nil
- end
- end
- end
-end
View
153 vendor/rack-1.0.0-git/lib/rack/directory.rb
@@ -1,153 +0,0 @@
-require 'time'
-require 'rack/utils'
-require 'rack/mime'
-
-module Rack
- # Rack::Directory serves entries below the +root+ given, according to the
- # path info of the Rack request. If a directory is found, the file's contents
- # will be presented in an html based index. If a file is found, the env will
- # be passed to the specified +app+.
- #
- # If +app+ is not specified, a Rack::File of the same +root+ will be used.
-
- class Directory
- DIR_FILE = "<tr><td class='name'><a href='%s'>%s</a></td><td class='size'>%s</td><td class='type'>%s</td><td class='mtime'>%s</td></tr>"
- DIR_PAGE = <<-PAGE
-<html><head>
- <title>%s</title>
- <meta http-equiv="content-type" content="text/html; charset=utf-8" />
- <style type='text/css'>
-table { width:100%%; }
-.name { text-align:left; }
-.size, .mtime { text-align:right; }
-.type { width:11em; }
-.mtime { width:15em; }
- </style>
-</head><body>
-<h1>%s</h1>
-<hr />
-<table>
- <tr>
- <th class='name'>Name</th>
- <th class='size'>Size</th>
- <th class='type'>Type</th>
- <th class='mtime'>Last Modified</th>
- </tr>
-%s
-</table>
-<hr />
-</body></html>
- PAGE
-
- attr_reader :files
- attr_accessor :root, :path
-
- def initialize(root, app=nil)
- @root = F.expand_path(root)
- @app = app || Rack::File.new(@root)
- end
-
- def call(env)
- dup._call(env)
- end
-
- F = ::File
-
- def _call(env)
- @env = env
- @script_name = env['SCRIPT_NAME']
- @path_info = Utils.unescape(env['PATH_INFO'])
-
- if forbidden = check_forbidden
- forbidden
- else
- @path = F.join(@root, @path_info)
- list_path
- end
- end
-
- def check_forbidden
- return unless @path_info.include? ".."
-
- body = "Forbidden\n"
- size = Rack::Utils.bytesize(body)
- return [403, {"Content-Type" => "text/plain","Content-Length" => size.to_s}, [body]]
- end
-
- def list_directory
- @files = [['../','Parent Directory','','','']]
- glob = F.join(@path, '*')
-
- Dir[glob].sort.each do |node|
- stat = stat(node)
- next unless stat
- basename = F.basename(node)
- ext = F.extname(node)
-
- url = F.join(@script_name, @path_info, basename)
- size = stat.size
- type = stat.directory? ? 'directory' : Mime.mime_type(ext)
- size = stat.directory? ? '-' : filesize_format(size)
- mtime = stat.mtime.httpdate
- url << '/' if stat.directory?
- basename << '/' if stat.directory?
-
- @files << [ url, basename, size, type, mtime ]
- end
-
- return [ 200, {'