summaryrefslogtreecommitdiff
path: root/lib/cgi
Commit message (Collapse)AuthorAgeFilesLines
* [ruby/cgi] blade is hosted under ruby-lang.org nowHiroshi SHIBATA2023-01-231-1/+1
| | | | https://github.com/ruby/cgi/commit/826ba3140c
* [ruby/cgi] Loosen the domain regex to accept '.'Xenor Chang2022-11-281-1/+1
| | | | | | | | | | | (https://github.com/ruby/cgi/pull/29) * Loosen the domain regex to accept '.' Co-authored-by: Nobuyoshi Nakada <nobu@ruby-lang.org> https://github.com/ruby/cgi/commit/5e09d632f3 Co-authored-by: Hiroshi SHIBATA <hsbt@ruby-lang.org>
* [ruby/cgi] Relax domain label restrictionsNobuyoshi Nakada2022-11-221-1/+1
| | | | https://github.com/ruby/cgi/commit/b46d41c363
* [ruby/cgi] Prevent CRLF injectionYusuke Endoh2022-11-221-17/+28
| | | | | | | | | Throw a RuntimeError if the HTTP response header contains CR or LF to prevent HTTP response splitting. https://hackerone.com/reports/1204695 https://github.com/ruby/cgi/commit/64c5045c0a
* [ruby/cgi] Check cookie name/path/domain charactersNobuyoshi Nakada2022-11-221-8/+36
| | | | | | https://hackerone.com/reports/1204977 https://github.com/ruby/cgi/commit/30107a4797
* [ruby/cgi] Implement `CGI.url_encode` and `CGI.url_decode`Jean Boussier2022-08-161-8/+41
| | | | | | | | [Feature #18822] Ruby is somewhat missing an RFC 3986 compliant escape method. https://github.com/ruby/cgi/commit/c2729c7f33
* [ruby/cgi] jruby supportPavel Rosický2022-06-061-4/+15
| | | | https://github.com/ruby/cgi/commit/93326fb622
* [ruby/cgi] Extract CGI::Session#new_store_fileNobuyoshi Nakada2021-12-152-29/+45
| | | | https://github.com/ruby/cgi/commit/b3e2ff9164
* [ruby/cgi] Exclude unused files from built packageNobuyoshi Nakada2021-11-271-2/+1
| | | | https://github.com/ruby/cgi/commit/e840b6c368
* [ruby/cgi] Set extconf.rb to extensionsNobuyoshi Nakada2021-11-271-0/+1
| | | | | | Fix https://github.com/ruby/cgi/pull/11 https://github.com/ruby/cgi/commit/60d8f5e7d9
* [ruby/cgi] When parsing cookies, only decode the valuesNobuyoshi Nakada2021-11-241-1/+0
| | | | https://github.com/ruby/cgi/commit/052eb3a828
* [ruby/cgi] Use Time#strftimeNobuyoshi Nakada2021-09-031-10/+1
| | | | https://github.com/ruby/cgi/commit/caf1d0755d
* [ruby/cgi] gemspec: Explicitly empty executables listOlle Jonsson2021-04-221-1/+1
| | | | | | The gem exposes no executables https://github.com/ruby/cgi/commit/cd7106ad97
* [ruby/cgi] handle invalid encodingpavel2021-04-221-3/+8
| | | | https://github.com/ruby/cgi/commit/2b1c2e21a4
* Update the license for the default gems to dual licensesHiroshi SHIBATA2020-08-181-1/+1
|
* [ruby/cgi] Drop to Ruby 2.4Hiroshi SHIBATA2020-08-031-0/+1
| | | | https://github.com/ruby/cgi/commit/8a86536e94
* Extract version number from the sourceNobuyoshi Nakada2020-07-302-9/+9
| | | | | | | | | | | "requiring version.rb" strategy has some issues. - cannot work when cross-compiling - often introduces wrong namespace - must know the superclasses - costs at each runtime than at build-time etc.
* Add workaround for test-bundler failureKazuhiro NISHIYAMA2020-03-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/ruby/actions/runs/500526558?check_suite_focus=true#step:16:127 ``` Failures: 1) Bundler.setup when Bundler is bundled doesn't blow up Failure/Error: expect(err).to be_empty expected `"fatal: not a git repository (or any of the parent directories): .git\nfatal: not a git repository (o...the parent directories): .git\nfatal: not a git repository (or any of the parent directories): .git".empty?` to return true, got false Commands: $ /home/runner/work/actions/actions/snapshot-master/ruby \ -I/home/runner/work/actions/actions/snapshot-master/lib:/home/runner/work/actions/actions/snapshot-master/spec/bundler \ -rsupport/hax -rsupport/artifice/fail \ /home/runner/work/actions/actions/snapshot-master/libexec/bundle install --retry 0 Resolving dependencies... Using bundler 2.1.4 Bundle complete! 1 Gemfile dependency, 1 gem now installed. Use `bundle info [gemname]` to see where a bundled gem is installed. fatal: not a git repository (or any of the parent directories): .git fatal: not a git repository (or any of the parent directories): .git fatal: not a git repository (or any of the parent directories): .git # $? => 0 $ /home/runner/work/actions/actions/snapshot-master/ruby \ -I/home/runner/work/actions/actions/snapshot-master/lib:/home/runner/work/actions/actions/snapshot-master/spec/bundler \ -rsupport/hax -rsupport/artifice/fail \ /home/runner/work/actions/actions/snapshot-master/libexec/bundle exec ruby -e \ require\ \'bundler\'\;\ Bundler.setup fatal: not a git repository (or any of the parent directories): .git fatal: not a git repository (or any of the parent directories): .git fatal: not a git repository (or any of the parent directories): .git # $? => 0 # ./spec/bundler/runtime/setup_spec.rb:1056:in `block (3 levels) in <top (required)>' # ./spec/bundler/spec_helper.rb:111:in `block (3 levels) in <top (required)>' # ./spec/bundler/spec_helper.rb:111:in `block (2 levels) in <top (required)>' # ./spec/bundler/spec_helper.rb:78:in `block (2 levels) in <top (required)>' make: *** [yes-test-bundler] Error 1 ```
* Deprecate taint/trust and related methods, and make the methods no-opsJeremy Evans2019-11-182-3/+2
| | | | | | This removes the related tests, and puts the related specs behind version guards. This affects all code in lib, including some libraries that may want to support older versions of Ruby.
* Promote cgi to default gemsHiroshi SHIBATA2019-11-072-0/+30
|
* Prefer Regexp#=~ to Regexp#match when the RHS may be nilNobuyoshi Nakada2019-08-192-10/+5
|
* Fix typo: duplicated the [skip-ci]ohbarye2019-08-091-1/+1
|
* change call CGI methods from :: to .Semyon Pupkov2019-08-045-30/+30
| | | | Closes: https://github.com/ruby/ruby/pull/1749
* Use delete_prefix instead of `sub(/\Afixed-pattern/, '')`kazu2018-12-041-2/+2
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66189 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/cgi/util.rb: use requirenobu2018-11-031-1/+1
| | | | | | | | * lib/cgi/util.rb: reverted r65505. require_relative does not work for cgi/escape.so, as extension libraries are placed in other directories than ruby libraries. [Bug #15206] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65511 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/*: Prefer require_relative over require.marcandre2018-11-024-8/+8
| | | | | | [#15206] [Fix GH-1976] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Use `&.` instead of modifier ifkazu2018-05-041-4/+4
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63336 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Use printf instead of puts and sprintfkazu2017-12-121-1/+1
| | | | | | [ci skip] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61174 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Add uplevel keyword to Kernel#warn and use itshyouhei2017-12-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If uplevel keyword is given, the warning message is prepended with caller file and line information and the string "warning: ". The use of the uplevel keyword makes Kernel#warn format output similar to how rb_warn formats output. This patch modifies net/ftp and net/imap to use Kernel#warn instead of $stderr.puts or $stderr.printf, since they are used for printing warnings. This makes lib/cgi/core and tempfile use $stderr.puts instead of warn for debug logging, since they are used for debug printing and not for warning. This does not modify bundler, rubygems, or rdoc, as those are maintained outside of ruby and probably wish to remain backwards compatible with older ruby versions. rb_warn_m code is originally from nobu, but I've changed it so that it only includes the path and lineno from uplevel (not the method), and also prepends the string "warning: ", to make it more similar to rb_warn. From: Jeremy Evans code@jeremyevans.net Signed-off-by: Urabe Shyouhei shyouhei@ruby-lang.org git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Fix cgi/core code example missing commakazu2017-08-021-1/+1
| | | | | | | ref https://github.com/rurema/doctree/pull/448 [ci skip] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59469 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* cgi/util.rb: Don't escape tilde in #escapek0kubun2017-05-171-1/+1
| | | | | | | | to make it compatible with ERB::Util.url_encode. ext/cgi/escape/escape.c: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58773 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* share `@@accept_charset`nobu2017-05-062-2/+13
| | | | | | | | * lib/cgi/{core,util}.rb: include CGI::Util not only extending, to share `@@accept_charset` class variable, so that it is always accessible. [ruby-core:80986] [Bug #13539] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58576 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* {lib,test}/cgi: Specify frozen_string_literal: true.kazu2017-02-186-16/+16
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57652 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/*: remove closed checksnormal2016-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | Follow r56795. Since Ruby 2.2, calling #close on a closed socket no longer raises exceptions. * lib/cgi/session.rb (update): remove closed? check * lib/net/http.rb (finish, transport_request): ditto * lib/net/imap.rb (disconnect): ditto * lib/net/pop.rb (do_start, do_finish): ditto * lib/net/smtp.rb (do_start, do_finish): ditto * lib/open3.rb (popen_run, pipeline_run): ditto * lib/pstore.rb (transaction): ditto * lib/shell/process-controller.rb (sfork): * lib/tempfile (_close, call, Tempfile.create): ditto * lib/webrick/httpauth/htdigest.rb (flush): ditto * lib/webrick/httpauth/htpasswd.rb (flush): ditto * lib/webrick/server.rb (start_thread, cleanup_shutdown_pipe): ditto git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56865 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/cgi/cookie.rb (parse): don't allow , as a separator. [Bug #12791]naruse2016-09-271-1/+1
| | | | | | * lib/webrick/cookie.rb (parse): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56262 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/cgi/util.rb: added to missing quote.hsbt2016-05-281-1/+1
| | | | | | [fix GH-1363][ci skip] Patch by @dwaller git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55185 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* cgi/util.rb: remove CGI::Util#_unescapenobu2016-04-201-4/+0
| | | | | | | | | | * ext/cgi/escape/escape.c (cgiesc_unescape): define unescape method instead of _unescape, and should pass the optional argument to the super method. * lib/cgi/util.rb (CGI::Util#_unescape): remove intermediate method. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54655 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* cgi/escape: Optimize CGI.unescapenobu2016-02-211-0/+4
| | | | | | | * cgi/escape/escape.c: Optimize CGI.unescape performance by C ext for ASCII-compatible encodings. [Fix GH-1250] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53885 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ASCII-incompatible escapenobu2016-02-061-10/+29
| | | | | | | * lib/cgi/util.rb (escapeHTML, unescapeHTML): consider ASCII-incompatible encodings. [Fix GH-1239] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53754 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* cgi/escape: Optimize CGI.escapeHTMLnobu2015-12-201-0/+5
| | | | | | | * cgi/escape/escape.c: Optimize CGI.escapeHTML for ASCII-compatible encodings. [Fix GH-1164] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53220 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Add frozen_string_literal: false for all filesnaruse2015-12-166-0/+6
| | | | | | When you change this to true, you may need to add more tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* session.rb: SHA512nobu2015-09-031-12/+14
| | | | | | | * lib/cgi/session.rb (create_new_id): use SHA512 instead of MD5. pointed out by SARWAR JAHAN. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51748 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* cookie.rb: revert part of r50496nobu2015-05-151-1/+2
| | | | | | | | * lib/cgi/cookie.rb (CGI::Cookie#secure): revert part of r50496, which is irrelevant to GH-887, as the document states that the argument must be a boolean. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50497 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/cgi/cookie.rb: Implement HttpOnly flag for cookies.xibbar2015-05-141-23/+39
| | | | | | [fix GH-887] Patch by @martinpovolny git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50496 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* cookie.rb: trailing commanobu2015-04-291-5/+5
| | | | | | * lib/cgi/cookie.rb: add trailing comma for further lines. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50401 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/cgi/session/pstore.rb: separated sample code.hsbt2014-08-101-12/+1
| | | | | | * lib/open3.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@47122 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/cgi/core.rb: remove unused variables.hsbt2014-07-271-1/+0
| | | | | | | | | | | | | | | | * lib/erb.rb: ditto. * lib/mkmf.rb: ditto. * lib/net/http/response.rb: ditto. * lib/optparse/version.rb: ditto. * lib/prime.rb: ditto. * lib/racc/parser.rb: ditto. * lib/rexml/document.rb: ditto. * lib/rexml/dtd/dtd.rb: ditto. * lib/rexml/element.rb: ditto. * lib/rexml/functions.rb: ditto. * lib/rexml/parsers/xpathparser.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46973 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/cgi/core.rb: Provide a mechanism to specify thexibbar2014-06-101-9/+31
| | | | | | | max_multipart_length of multipart data. [Feature #8370] patch by Leif Eriksen <leif.eriksen.au@gmail.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46392 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/lib/minitest/unit.rb: Use Tempfile#close! instead ofakr2014-05-271-2/+2
| | | | | | | | | | | | Tempfile#unlink to close file descriptors. * test/openssl/test_config.rb: Ditto. * test/ruby/test_io.rb: Ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46189 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/cgi/core.rb: Use Tempfile#close(true) instead of Tempfile#unlinkakr2014-05-271-2/+2
| | | | | | | | to close file descriptors. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46181 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
View Lorry Controller Status