| Age | Commit message (Collapse) | Author |
|---|
|
webrick: use IO.copy_stream for multipart response
Use the new Proc response body feature to generate a multipart
range response dynamically. We use a flat array to minimize
object overhead as much as possible; as many ranges may fit
into an HTTP request header.
* lib/webrick/httpservlet/filehandler.rb (multipart_body): new method
(make_partial_content): use multipart_body
------------------------------------------------------------------------
r62960 | normal | 2018-03-28 17:06:23 +0900 (水, 28 3 2018) | 13 lines
webrick/httprequest: limit request headers size
We use the same 112 KB limit started (AFAIK) by Mongrel, Thin,
and Puma to prevent malicious users from using up all the memory
with a single request. This also limits the damage done by
excessive ranges in multipart Range: requests.
Due to the way we rely on IO#gets and the desire to keep
the code simple, the actual maximum header may be 4093 bytes
larger than 112 KB, but we're splitting hairs at that point.
* lib/webrick/httprequest.rb: define MAX_HEADER_LENGTH
(read_header): raise when headers exceed max length
------------------------------------------------------------------------
r62961 | normal | 2018-03-28 17:06:28 +0900 (水, 28 3 2018) | 9 lines
webrick/httpservlet/cgihandler: reduce memory use
WEBrick::HTTPRequest#body can be passed a block to process the
body in chunks. Use this feature to avoid building a giant
string in memory.
* lib/webrick/httpservlet/cgihandler.rb (do_GET):
avoid reading entire request body into memory
(do_POST is aliased to do_GET, so it handles bodies)
------------------------------------------------------------------------
r62962 | normal | 2018-03-28 17:06:34 +0900 (水, 28 3 2018) | 7 lines
webrick/httprequest: raise correct exception
"BadRequest" alone does not resolve correctly, it is in the
HTTPStatus namespace.
* lib/webrick/httprequest.rb (read_chunked): use correct exception
* test/webrick/test_httpserver.rb (test_eof_in_chunk): new test
------------------------------------------------------------------------
r62963 | normal | 2018-03-28 17:06:39 +0900 (水, 28 3 2018) | 9 lines
webrick/httprequest: use InputBufferSize for chunked requests
While WEBrick::HTTPRequest#body provides a Proc interface
for streaming large request bodies, clients must not force
the server to use an excessively large chunk size.
* lib/webrick/httprequest.rb (read_chunk_size): limit each
read and block.call to :InputBufferSize in config.
* test/webrick/test_httpserver.rb (test_big_chunks): new test
------------------------------------------------------------------------
r62964 | normal | 2018-03-28 17:06:44 +0900 (水, 28 3 2018) | 9 lines
webrick: add test for Digest auth-int
No changes to the actual code, this is a new test for
a feature for which no tests existed. I don't understand
the Digest authentication code well at all, but this is
necessary for the subsequent change.
* test/webrick/test_httpauth.rb (test_digest_auth_int): new test
(credentials_for_request): support bodies with POST
------------------------------------------------------------------------
r62965 | normal | 2018-03-28 17:06:49 +0900 (水, 28 3 2018) | 18 lines
webrick/httpauth/digestauth: stream req.body
WARNING! WARNING! WARNING! LIKELY BROKEN CHANGE
Pass a proc to WEBrick::HTTPRequest#body to avoid reading a
potentially large request body into memory during
authentication.
WARNING! this will break apps completely which want to do
something with the body besides calculating the MD5 digest
of it.
Also, keep in mind that probably nobody uses "auth-int".
Servers such as Apache, lighttpd, nginx don't seem to
support it; nor does curl when using POST/PUT bodies;
and we didn't have tests for it until now...
* lib/webrick/httpauth/digestauth.rb (_authenticate): stream req.body
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@62970 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
When you change this to true, you may need to add more tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
From: John Bachir <j@jjb.cc>
* bootstraptest/test_io.rb (assert_finish):
normalize rescue for Timeout::Error
* lib/net/ftp.rb (Net#read_timeout): ditto for doc
* lib/resolv.rb (Resolv::ResolvTimeout): ditto for subclass
* lib/webrick/httprequest.rb (_read_data): ditto for rescue
* sample/timeout.rb (p timeout): ditto for call
* test/drb/drbtest.rb (test_06_timeout): ditto
* test/ruby/test_readpartial.rb (test_open_pipe): ditto
* test/thread/test_queue.rb (test_queue_thread_raise): ditto
* thread.c (rb_thread_s_handle_interrupt): ditto for doc
[ruby-core:65481] [misc #10339]
TimeoutError is a legacy constant, Timeout::Error is the canonical constant.
This patch normalizes all code and comments to reference Timeout::Error.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@47838 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
by @udzura [fix GH-466]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44023 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40829 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/webrick/cgi.rb: ditto.
* lib/webrick/config.rb: ditto.
* lib/webrick/cookie.rb: ditto.
* lib/webrick/httpauth/authenticator.rb: ditto.
* lib/webrick/httpauth/basicauth.rb: ditto.
* lib/webrick/httpauth/digestauth.rb: ditto.
* lib/webrick/httpproxy.rb: ditto.
* lib/webrick/httprequest.rb: ditto.
* lib/webrick/httpresponse.rb: ditto.
* lib/webrick/https.rb: ditto.
* lib/webrick/httpserver.rb: ditto.
* lib/webrick/httpservlet/cgihandler.rb: ditto.
* lib/webrick/httpservlet/filehandler.rb: ditto.
* lib/webrick/httpservlet/prochandler.rb: ditto.
* lib/webrick/httputils.rb: ditto.
* lib/webrick/httpversion.rb: ditto.
* lib/webrick/log.rb: ditto.
* lib/webrick/server.rb: ditto.
* lib/webrick/ssl.rb: ditto.
* lib/webrick/utils.rb: ditto.
* lib/webrick/version.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38945 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Allow HTTP/0.9 request which doesn't has any header or body.
patched by Felix Jodoin. [ruby-core:38040] [Bug #5022]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32593 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
header failed when the request is from 2 or more Apache reverse
proxies. It's said that all X-Forwarded-* headers will contain more
than one (comma-separated) value if the original request already
contained one of these headers. Since we could use these values as
Host header, we choose the initial(first) value. See #4922.
* test/webrick/test_httprequest.rb (test_forwarded): Test it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32222 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31499 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
length to 2083. This is from Internet Explorer's max uri
length. http://support.microsoft.com/kb/208427 [ruby-core:32924]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29617 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
method for generating HTTP/1.1 100 continue response if the client
expects it, otherwise does nothing. Patch by Brian Candler.
ref #855.
* test/webrick/test_httprequest.rb: test added.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29218 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
rollup leading slashes. [ruby-core:31657]
patched by Jamison Wilde
NOTE: //authority/path is valid relative URI both RFC2396 and
RFC3986. So when give a relative URI-like string to URI lib,
users must care leading slashes.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28945 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/webrick/httpstatus.rb : ditto.
* lib/webrick/httprequest.rb : ditto.
* lib/webrick/httputils.rb : ditto.
* test/webrick/test_cgi.rb (TestWEBrickCGI::test_bad_): Test for it.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26267 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
use possessive match for path retrieval to avoid huge recursion
for insanely long path.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20244 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
use #bytesize instead of #size. a patch submitted from
raspberry lemon in [ruby-core:18571].
* lib/webrick/httpauth/digestauth.rb, lib/webrick/httpproxy.rb,
lib/webrick/httprequest.rb, lib/webrick/httpservlet/cgi_runner.rb,
lib/webrick/httpservlet/abstract.rb, lib/webrick/httpresponse.rb,
lib/webrick/httpservlet/cgihandler.rb, lib/webrick/utils.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/rdoc/generator/html.rb: ditto.
* lib/rdoc/options.rb: Fix shadowed variable warning.
* lib/webrick/httprequest.rb: Fix redefined method warning.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@15904 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
WEBrick::HTTPRequest#{host,port,request_uri} is derived having
regards to X-Forwarded-Proto and X-Forwarded-Host.
* lib/webrick/httprequest.rb
(WEBrick::HTTPRequest#server_name?): new method.
(WEBrick::HTTPRequest#remote_ip?): new method.
(WEBrick::HTTPRequest#ssl?): new method.
* string.c (rb_enc_cr_str_buf_cat): fix self appending.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14968 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
header fields shold be read with maximum length. [ruby-talk:231745]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14260 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
come earlier than String.
* lib/soap/mapping/rubytypeFactory.rb (RubytypeFactory::obj2soap):
ditto.
* lib/set.rb (TC_Set::test_s_new): strings are no longer
Enumerable
* lib/soap/property.rb (Property::load): ditto.
* lib/webrick/httputils.rb (WEBrick::HTTPUtils::parse_header): ditto.
* lib/soap/mimemessage.rb (MIMEMessage::Headers::parse): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@11259 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
for the value of IPv6 address in the Host: header field.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10646 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
:InputBufferSize and :OutputBufferSize.
* lib/webrick/utils.rb (WEBrick::Utils.timeout): add new timeout
method. this implementation is expected to be compatible with
timeout.rb and faster than timeout.rb.
* lib/webrick/httprequest.rb (WEBrick::HTTPRequest#_read_data):
Timeout.timeout is replaced by WEBrick::Utils.timeout.
* lib/webrick/httprequest.rb: WEBrick::HTTPRequest::BUFSIZE is
replaced by config[:InputBufferSize].
* lib/webrick/httpresposne.rb: WEBrick::HTTPResponse::BUFSIZE is
replaced by config[:OutputBufferSize].
* lib/webrick/server.rb: get rid of unnecessary require.
* test/webrick/test_utils.rb: test for WEBrick::Utils.timeout.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10167 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
refer the value of QUERY_STRING. [ruby-list:41186]
* lib/webrick/httprequest.rb (WEBrick::HTTPRequest#query_string=):
add new method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@9328 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
should check if path_info is not nil. [webrickja:126]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7100 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
initial value of accpet-* should be array.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7054 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
add WEBrick::Config::FileHandler[:AcceptableLanguages].
* lib/webrick/httpservlet/filehandler.rb
(WEBrick::HTTPServlet::FileHandler#set_filename): search files
having suffix of language-name which Accept-Language header field
includes if :AcceptableLanguages options is present.
* lib/webrick/httpservlet/filehandler.rb
(WEBrick::HTTPServlet::FileHandler#get_servlet): new method to
search servlet correspond to the suffix of filename.
* lib/webrick/httprequest.rb: add attributes access methods: accept,
accept_charset, accept_encoding, accept_language, content_length
and content_type.
* lib/webrick/httpresponse.rb: add attribute access methods:
content_length, content_length=, content_type and content_type=.
* lib/webrick/httputils.rb (WEBrick::HTTPUtils.mime_types):
use the second suffix to detect media type. (the first suffix
may be a language name.)
* lib/webrick/httputils.rb (WEBrick::HTTPUtils.parse_qvalues):
add method to parse Accept header field. it returns an Array of
values sorted by the qvalues.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7033 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/webrick/cgi.rb (CGI#start): NPH scripts return status line
instead of Status: header field.
* lib/webrick/cgi.rb (CGI::Socket): refine some coditions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5229 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
HTTP_CONTENT_TYPE and HTTP_CONTENT_LENGTH.
* lib/webrick/https.rb (HTTPRequest#parse): should check presence
of cert() method to detect SSLSocket.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@5221 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4537 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
instead of config[:Port] or req.request_uri.port.
* lib/webrick/httprequest.rb (HTTPRequest#meta_vars): ditto.
* lib/webrick/httpservlet/filehandler.rb (FileHandler#dir_list): ditto.
* lib/webrick/config.rb: :Listen option never be used.
* lib/webrick/server.rb (GenericServer#initialize): don't use :Listen
option and add warning message.
* lib/webrick/log.rb (BasicLog#<<): shortcut of log(INFO, ...).
* lib/webrick/httpserver.rb (HTTPServer#accesslog): use << for logging.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4528 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
