diff options
| author | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2005-01-10 06:29:58 +0000 |
|---|---|---|
| committer | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2005-01-10 06:29:58 +0000 |
| commit | a9a02401a849958b5d654cf60d4cda927c7e33b4 (patch) | |
| tree | 77b4df3270c46d4eca271d09181e303b3da464d5 /lib/webrick | |
| parent | c744d6f62dcb536e58ded4a79eec1987880bc23c (diff) | |
* lib/webrick/cgi.rb (WEBrick::CGI::Socket#request_line): should
escape SCRIPT_NAME and PATH_INFO before being parsed as a URI.
* lib/webrick/httputils.rb (WEBrick::HTTPUtils#escape_path): add
new method to escape URI path component.
* lib/webrick/ssl.rb (WEBrick::Config::SSL): the default value
of :SSLEnable is false.
* test/webrick/{test_cgi.rb,webrick.cgi}: new file.
* test/webrick/utils.rb: require "webrick/https.h".
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7758 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/webrick')
| -rw-r--r-- | lib/webrick/cgi.rb | 1 | ||||
| -rw-r--r-- | lib/webrick/httputils.rb | 15 | ||||
| -rw-r--r-- | lib/webrick/ssl.rb | 2 |
3 files changed, 12 insertions, 6 deletions
diff --git a/lib/webrick/cgi.rb b/lib/webrick/cgi.rb index 1282bdcd93..6878da5749 100644 --- a/lib/webrick/cgi.rb +++ b/lib/webrick/cgi.rb @@ -147,6 +147,7 @@ module WEBrick if path_info = @env["PATH_INFO"] url << path_info end + url = WEBrick::HTTPUtils.escape_path(url) if query_string = @env["QUERY_STRING"] unless query_string.empty? url << "?" << query_string diff --git a/lib/webrick/httputils.rb b/lib/webrick/httputils.rb index e45d8e0499..e0855222f1 100644 --- a/lib/webrick/httputils.rb +++ b/lib/webrick/httputils.rb @@ -352,15 +352,18 @@ module WEBrick unwise = '{}|\\^[]`' nonascii = (0x80..0xff).collect{|c| c.chr }.join + module_function + def _make_regex(str) /([#{Regexp.escape(str)}])/n end + def _make_regex!(str) /([^#{Regexp.escape(str)}])/n end def _escape(str, regex) str.gsub(regex){ "%%%02X" % $1[0] } end def _unescape(str, regex) str.gsub(regex){ $1.hex.chr } end - module_function :_make_regex, :_escape, :_unescape UNESCAPED = _make_regex(control+space+delims+unwise+nonascii) UNESCAPED_FORM = _make_regex(reserved+control+delims+unwise+nonascii) NONASCII = _make_regex(nonascii) ESCAPED = /%([0-9a-fA-F]{2})/ + UNESCAPED_PCHAR = _make_regex!(unreserved+":@&=+$,") def escape(str) _escape(str, UNESCAPED) @@ -380,12 +383,14 @@ module WEBrick _unescape(str.gsub(/\+/, " "), ESCAPED) end + def escape_path(str) + str.split("/").collect{|i| + _escape(i, UNESCAPED_PCHAR) + }.join("/") + end + def escape8bit(str) _escape(str, NONASCII) end - - module_function :escape, :unescape, :escape_form, :unescape_form, - :escape8bit - end end diff --git a/lib/webrick/ssl.rb b/lib/webrick/ssl.rb index 4562ba4948..03bfdf4aa0 100644 --- a/lib/webrick/ssl.rb +++ b/lib/webrick/ssl.rb @@ -14,7 +14,7 @@ module WEBrick osslv = ::OpenSSL::OPENSSL_VERSION.split[1] SSL = { :ServerSoftware => "#{svrsoft} OpenSSL/#{osslv}", - :SSLEnable => true, + :SSLEnable => false, :SSLCertificate => nil, :SSLPrivateKey => nil, :SSLClientCA => nil, |