diff options
| author | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-09-09 13:50:10 +0000 |
|---|---|---|
| committer | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-09-09 13:50:10 +0000 |
| commit | add060094c498c835c3dfc50ace2ebd8b8bdfbcb (patch) | |
| tree | 1b629eb79febf2e80f469f1f02785058010c4644 | |
| parent | dbe8e9c578f42495872155afd8ea81c74814524f (diff) | |
merge revision(s) 59693,59695: [Backport #13852]
A HTTP Header value must not contain CR or LF.
to_str -> to_s
* lib/net/http/header.rb (set_field): `val` can not have `to_str`.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@59797 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | lib/net/http/header.rb | 32 | ||||
| -rw-r--r-- | test/net/http/test_httpheader.rb | 11 | ||||
| -rw-r--r-- | version.h | 2 |
3 files changed, 42 insertions, 3 deletions
diff --git a/lib/net/http/header.rb b/lib/net/http/header.rb index 5d99e8f070..7eee15e361 100644 --- a/lib/net/http/header.rb +++ b/lib/net/http/header.rb @@ -38,7 +38,7 @@ module Net::HTTPHeader @header.delete key.downcase return val end - @header[key.downcase] = [val] + set_field(key, val) end # [Ruby 1.8.3] @@ -58,12 +58,40 @@ module Net::HTTPHeader # def add_field(key, val) if @header.key?(key.downcase) - @header[key.downcase].push val + append_field_value(@header[key.downcase], val) else + set_field(key, val) + end + end + + private def set_field(key, val) + case val + when Enumerable + ary = [] + append_field_value(ary, val) + @header[key.downcase] = ary + else + val = val.to_s + if /[\r\n]/ =~ val + raise ArgumentError, 'header field value cannnot include CR/LF' + end @header[key.downcase] = [val] end end + private def append_field_value(ary, val) + case val + when Enumerable + val.each{|x| append_field_value(ary, x)} + else + val = val.to_s + if /[\r\n]/ =~ val + raise ArgumentError, 'header field value cannnot include CR/LF' + end + ary.push val + end + end + # [Ruby 1.8.3] # Returns an array of header field strings corresponding to the # case-insensitive +key+. This method allows you to get duplicated diff --git a/test/net/http/test_httpheader.rb b/test/net/http/test_httpheader.rb index 2f3a0f1157..983ed01d1d 100644 --- a/test/net/http/test_httpheader.rb +++ b/test/net/http/test_httpheader.rb @@ -40,6 +40,13 @@ class HTTPHeaderTest < Test::Unit::TestCase @c['aaA'] = 'aaa' @c['AAa'] = 'aaa' assert_equal 2, @c.length + + @c['aaa'] = ['aaa', ['bbb', [3]]] + assert_equal 2, @c.length + assert_equal ['aaa', 'bbb', '3'], @c.get_fields('aaa') + + assert_raise(ArgumentError){ @c['foo'] = "a\nb" } + assert_raise(ArgumentError){ @c['foo'] = ["a\nb"] } end def test_AREF @@ -65,6 +72,10 @@ class HTTPHeaderTest < Test::Unit::TestCase @c.add_field 'My-Header', 'd, d' assert_equal 'a, b, c, d, d', @c['My-Header'] assert_equal ['a', 'b', 'c', 'd, d'], @c.get_fields('My-Header') + assert_raise(ArgumentError){ @c.add_field 'My-Header', "d\nd" } + @c.add_field 'My-Header', ['e', ['f', 7]] + assert_equal 'a, b, c, d, d, e, f, 7', @c['My-Header'] + assert_equal ['a', 'b', 'c', 'd, d', 'e', 'f', '7'], @c.get_fields('My-Header') end def test_get_fields @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.3.5" #define RUBY_RELEASE_DATE "2017-09-09" -#define RUBY_PATCHLEVEL 365 +#define RUBY_PATCHLEVEL 366 #define RUBY_RELEASE_YEAR 2017 #define RUBY_RELEASE_MONTH 9 |