From 8ee3267d26b4f87a9797573caa3dafb28e6945ee Mon Sep 17 00:00:00 2001
From: gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sun, 18 May 2008 13:33:24 +0000
Subject: * lib/webrick/httpservlet/filehandler.rb: should normalize path  
 name in path_info to prevent script disclosure vulnerability on   DOSISH
 filesystems. (fix: CVE-2008-1891)   Note: NTFS/FAT filesystem should not be
 published by the platforms   other than Windows. Pathname interpretation
 (including short   filename) is less than perfect.

* lib/webrick/httpservlet/abstract.rb
  (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
  should escape the value of Location: header.

* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
  command line arguments.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 test/webrick/utils.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'test/webrick/utils.rb')

diff --git a/test/webrick/utils.rb b/test/webrick/utils.rb
index dace41a8f3..39cadcff54 100644
--- a/test/webrick/utils.rb
+++ b/test/webrick/utils.rb
@@ -1,3 +1,10 @@
+begin
+  loadpath = $:.dup
+  $:.replace($: | [File.expand_path("../ruby", File.dirname(__FILE__))])
+  require 'envutil'
+ensure
+  $:.replace(loadpath)
+end
 require "webrick"
 begin
   require "webrick/https"
@@ -12,6 +19,11 @@ module TestWEBrick
     return self
   end
 
+  RubyBin = "\"#{EnvUtil.rubybin}\""
+  RubyBin << " \"-I#{File.expand_path("../..", File.dirname(__FILE__))}/lib\""
+  RubyBin << " \"-I#{File.dirname(EnvUtil.rubybin)}/.ext/common\""
+  RubyBin << " \"-I#{File.dirname(EnvUtil.rubybin)}/.ext/#{RUBY_PLATFORM}\""
+
   module_function
 
   def start_server(klass, config={}, &block)
-- 
cgit v1.2.3