ruby.git/lib/webrick/httpservlet/filehandler.rb, branch ruby_1_9_2 The Ruby Programming Language merge from trunk (r28354) 2010-06-21T16:34:42+00:00 tarui tarui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2010-06-21T16:34:42+00:00 b808fcae8f9af5e4df622674e5692c6c416ac6d4 * lib/webrick/httpservlet/filehandler.rb (prevent_directory_traversal): apply filesystem encoding to path only during calling File.expand_path. [ruby-dev:41423] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@28372 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* lib/webrick/httpservlet/filehandler.rb
	  (prevent_directory_traversal): apply filesystem encoding to path
	  only during calling File.expand_path.  [ruby-dev:41423]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@28372 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpservlet/filehandler.rb (make_partial_content): 2010-01-18T08:16:07+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2010-01-18T08:16:07+00:00 f00951bb25c5a2a1508a7ff6e09a299700030f0a add bytes-unit. [ruby-dev:40030] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26346 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  add bytes-unit.  [ruby-dev:40030]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26346 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpservlet/filehandler.rb: escape filename of index. 2009-12-06T07:04:50+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2009-12-06T07:04:50+00:00 604f01f2b87d9f75464e5705fa94def5aec18b03 [ruby-dev:37768] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  [ruby-dev:37768]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* {ext,lib,test}/**/*.rb: removed trailing spaces. 2009-03-06T03:56:38+00:00 nobu nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2009-03-06T03:56:38+00:00 287a34ae0dfc23e4158f67cb7783d239f202c368 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpproxy.rb (WEBrick::HTTPProxyServer#do_CONNECT): 2008-11-08T09:41:24+00:00 matz matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2008-11-08T09:41:24+00:00 877ac7236a8c509959eddc5add7ba0f10fae4804 use #bytesize instead of #size. a patch submitted from raspberry lemon in [ruby-core:18571]. * lib/webrick/httpauth/digestauth.rb, lib/webrick/httpproxy.rb, lib/webrick/httprequest.rb, lib/webrick/httpservlet/cgi_runner.rb, lib/webrick/httpservlet/abstract.rb, lib/webrick/httpresponse.rb, lib/webrick/httpservlet/cgihandler.rb, lib/webrick/utils.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  use #bytesize instead of #size.  a patch submitted from
  raspberry lemon in  [ruby-core:18571].

* lib/webrick/httpauth/digestauth.rb, lib/webrick/httpproxy.rb,
  lib/webrick/httprequest.rb, lib/webrick/httpservlet/cgi_runner.rb,
  lib/webrick/httpservlet/abstract.rb, lib/webrick/httpresponse.rb,
  lib/webrick/httpservlet/cgihandler.rb, lib/webrick/utils.rb: ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpservlet/filehandler.rb: should normalize path 2008-05-18T13:33:24+00:00 gotoyuzo gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2008-05-18T13:33:24+00:00 8ee3267d26b4f87a9797573caa3dafb28e6945ee name in path_info to prevent script disclosure vulnerability on DOSISH filesystems. (fix: CVE-2008-1891) Note: NTFS/FAT filesystem should not be published by the platforms other than Windows. Pathname interpretation (including short filename) is less than perfect. * lib/webrick/httpservlet/abstract.rb (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri): should escape the value of Location: header. * lib/webrick/httpservlet/cgi_runner.rb: accept interpreter command line arguments. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  name in path_info to prevent script disclosure vulnerability on
  DOSISH filesystems. (fix: CVE-2008-1891)
  Note: NTFS/FAT filesystem should not be published by the platforms
  other than Windows. Pathname interpretation (including short
  filename) is less than perfect.

* lib/webrick/httpservlet/abstract.rb
  (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
  should escape the value of Location: header.

* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
  command line arguments.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpservlet/filehandler.rb: should normalize path 2008-03-03T14:31:30+00:00 gotoyuzo gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2008-03-03T14:31:30+00:00 10a0d4b61dd575be73c2e2b6223f1bf7d34c63ea separators in path_info to prevent directory traversal attacks on DOSISH platforms. reported by Digital Security Research Group [DSECRG-08-026]. * lib/webrick/httpservlet/filehandler.rb: pathnames which have not to be published should be checked case-insensitively. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15676 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  separators in path_info to prevent directory traversal
  attacks on DOSISH platforms.
  reported by Digital Security Research Group [DSECRG-08-026].

* lib/webrick/httpservlet/filehandler.rb: pathnames which have
  not to be published should be checked case-insensitively.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15676 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/json/lib/json/pure/generator.rb, 2008-02-12T06:18:06+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2008-02-12T06:18:06+00:00 40d8d38909fe15a96887f4097d95d7323fc93fb7 ext/json/lib/json/pure/parser.rb, ext/openssl/lib/openssl/x509.rb, ext/win32ole/sample/olegen.rb, lib/date/format.rb, lib/irb/context.rb, lib/irb/workspace.rb, lib/net/http.rb, lib/net/imap.rb, lib/rdoc/generator.rb, lib/rdoc/markup/to_html.rb, lib/rdoc/markup/to_latex.rb, lib/rdoc/parsers/parse_c.rb, lib/rdoc/ri/formatter.rb, lib/rexml/parsers/baseparser.rb, lib/rexml/quickpath.rb, lib/rexml/text.rb, lib/rss/parser.rb, lib/uri/common.rb, lib/uri/generic.rb, lib/webrick/httpresponse.rb, lib/webrick/httpservlet/filehandler.rb, lib/yaml/baseemitter.rb, lib/yaml/encoding.rb: performance tuning arround String#gsub. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15442 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
ext/json/lib/json/pure/parser.rb, ext/openssl/lib/openssl/x509.rb,
ext/win32ole/sample/olegen.rb, lib/date/format.rb, lib/irb/context.rb,
lib/irb/workspace.rb, lib/net/http.rb, lib/net/imap.rb,
lib/rdoc/generator.rb, lib/rdoc/markup/to_html.rb,
lib/rdoc/markup/to_latex.rb, lib/rdoc/parsers/parse_c.rb,
lib/rdoc/ri/formatter.rb, lib/rexml/parsers/baseparser.rb,
lib/rexml/quickpath.rb, lib/rexml/text.rb, lib/rss/parser.rb,
lib/uri/common.rb, lib/uri/generic.rb, lib/webrick/httpresponse.rb,
lib/webrick/httpservlet/filehandler.rb, lib/yaml/baseemitter.rb,
lib/yaml/encoding.rb: performance tuning arround String#gsub.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15442 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* win32/Makefile.sub (OPTFLAGS): I have experienced trouble on y- flag, 2006-01-09T05:27:43+00:00 ocean ocean@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2006-01-09T05:27:43+00:00 65ebb02460fbca9081c0d410ee8334fddc1fa43f (VisualC++6) so use -O2b2xg- if $(MSC_VER) < 1400. [ruby-core:7040] * lib/webrick/httpservlet/filehandler.rb: fixed typo. (Kero van Gelder) [ruby-core:7075] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  (VisualC++6) so use -O2b2xg- if  $(MSC_VER) < 1400. [ruby-core:7040]

* lib/webrick/httpservlet/filehandler.rb: fixed typo. (Kero van Gelder)
  [ruby-core:7075]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/webrick/httpproxy.rb (HTTPProxyServer#intialize), 2005-08-07T20:16:15+00:00 gotoyuzo gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2005-08-07T20:16:15+00:00 b1e29f011dd4c275f7a06c073ff7f100f42732d8 lib/webrick/httpserver.rb (HTTPServer#intialize), lib/webrick/httpservlet/cgihandler.rb (CGIHandler#initialize), lib/webrick/httpservlet/erbhandler.rb (ERBHandler#initialize), lib/webrick/httpservlet/filehandler.rb(DefaultFileHandler#initialize): super (called with no arguments) takes default value of optional arguments. [ruby-dev:26743] * lib/webrick/httputils.rb: add a media-type "text/html" for .xhtml. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8943 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  lib/webrick/httpserver.rb (HTTPServer#intialize),
  lib/webrick/httpservlet/cgihandler.rb (CGIHandler#initialize),
  lib/webrick/httpservlet/erbhandler.rb (ERBHandler#initialize),
  lib/webrick/httpservlet/filehandler.rb(DefaultFileHandler#initialize):
  super (called with no arguments) takes default value of optional
  arguments. [ruby-dev:26743]

* lib/webrick/httputils.rb: add a media-type "text/html" for .xhtml.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8943 b2dd03c8-39d4-4d8f-98ff-823fe69b080e