1berry/ruby - ruby - Gitea : Git Mirror

Author	SHA1	Message	Date
Yusuke Endoh	0e75b2f2e6	[ruby/cgi] Prevent CRLF injection Throw a RuntimeError if the HTTP response header contains CR or LF to prevent HTTP response splitting. https://hackerone.com/reports/1204695 https://github.com/ruby/cgi/commit/64c5045c0a	2022-11-22 02:00:11 +00:00
Jeremy Evans	ffd0820ab3	Deprecate taint/trust and related methods, and make the methods no-ops This removes the related tests, and puts the related specs behind version guards. This affects all code in lib, including some libraries that may want to support older versions of Ruby.	2019-11-18 01:00:25 +02:00
Nobuyoshi Nakada	45454bdb8b	Prefer Regexp#=~ to Regexp#match when the RHS may be nil	2019-08-19 16:39:42 +09:00
Semyon Pupkov	4173258fd0	change call CGI methods from :: to . Closes: https://github.com/ruby/ruby/pull/1749	2019-08-04 09:19:30 +09:00
kazu	c01a5ee85e	Use delete_prefix instead of `sub(/\Afixed-pattern/, '')` git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66189 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2018-12-04 08:22:10 +00:00
marcandre	e859e668d2	lib/*: Prefer require_relative over require. [#15206] [Fix GH-1976] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65505 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2018-11-02 17:52:33 +00:00
kazu	e03ea9c596	Use printf instead of puts and sprintf [ci skip] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61174 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2017-12-12 15:01:04 +00:00
shyouhei	f2a91397fd	Add uplevel keyword to Kernel#warn and use it If uplevel keyword is given, the warning message is prepended with caller file and line information and the string "warning: ". The use of the uplevel keyword makes Kernel#warn format output similar to how rb_warn formats output. This patch modifies net/ftp and net/imap to use Kernel#warn instead of $stderr.puts or $stderr.printf, since they are used for printing warnings. This makes lib/cgi/core and tempfile use $stderr.puts instead of warn for debug logging, since they are used for debug printing and not for warning. This does not modify bundler, rubygems, or rdoc, as those are maintained outside of ruby and probably wish to remain backwards compatible with older ruby versions. rb_warn_m code is originally from nobu, but I've changed it so that it only includes the path and lineno from uplevel (not the method), and also prepends the string "warning: ", to make it more similar to rb_warn. From: Jeremy Evans code@jeremyevans.net Signed-off-by: Urabe Shyouhei shyouhei@ruby-lang.org git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2017-12-12 11:56:25 +00:00
kazu	42fbe19fa8	Fix cgi/core code example missing comma ref https://github.com/rurema/doctree/pull/448 [ci skip] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59469 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2017-08-02 15:10:38 +00:00
nobu	97849e1178	share `@@accept_charset` * lib/cgi/{core,util}.rb: include CGI::Util not only extending, to share `@@accept_charset` class variable, so that it is always accessible. [ruby-core:80986] [Bug #13539] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58576 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2017-05-06 01:33:04 +00:00
kazu	fbd5cda6aa	{lib,test}/cgi: Specify frozen_string_literal: true. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57652 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2017-02-18 05:52:16 +00:00
naruse	3e92b635fb	Add frozen_string_literal: false for all files When you change this to true, you may need to add more tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2015-12-16 05:07:31 +00:00
hsbt	448c87008e	* lib/cgi/core.rb: remove unused variables. * lib/erb.rb: ditto. * lib/mkmf.rb: ditto. * lib/net/http/response.rb: ditto. * lib/optparse/version.rb: ditto. * lib/prime.rb: ditto. * lib/racc/parser.rb: ditto. * lib/rexml/document.rb: ditto. * lib/rexml/dtd/dtd.rb: ditto. * lib/rexml/element.rb: ditto. * lib/rexml/functions.rb: ditto. * lib/rexml/parsers/xpathparser.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46973 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2014-07-27 11:04:28 +00:00
xibbar	5c99f241a0	* lib/cgi/core.rb: Provide a mechanism to specify the max_multipart_length of multipart data. [Feature #8370] patch by Leif Eriksen <leif.eriksen.au@gmail.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46392 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2014-06-10 04:29:49 +00:00
akr	9b612d382d	* test/lib/minitest/unit.rb: Use Tempfile#close! instead of Tempfile#unlink to close file descriptors. * test/openssl/test_config.rb: Ditto. * test/ruby/test_io.rb: Ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46189 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2014-05-27 15:49:13 +00:00
akr	c968f908e1	* lib/cgi/core.rb: Use Tempfile#close(true) instead of Tempfile#unlink to close file descriptors. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46181 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2014-05-27 14:51:08 +00:00
akr	4fd53e476e	* ext/socket/lib/socket.rb: Don't test $! in "ensure" clause because it may be set before the body. Reported by ko1 and mrkn. [ruby-core:59088] [Bug #9247] * lib/cgi/core.rb: Ditto. * lib/drb/ssl.rb: Ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44184 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2013-12-13 16:11:12 +00:00
xibbar	75cbab7fe1	* lib/cgi/core.rb: Constant parameter is faster and economy than string parameter. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40787 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2013-05-16 10:14:45 +00:00
xibbar	f75da76ffc	* lib/cgi/{core,html}.rb : Update define tagmaker because to delete eval. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40237 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2013-04-11 08:04:27 +00:00
hsbt	0cfc4866d4	code cleanup by @vipulnsward [GH fixes #267 ] * lib/cgi/core.rb: change each to each_value * ext/bigdecimal/lib/bigdecimal/{jacobian,math}.rb: remove unused variables from bigdecimal lib git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39992 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2013-03-29 00:42:32 +00:00
zzak	ed7d776317	* lib/cgi/core.rb: Documentation for CGI#header alias Based on a patch by Marcus Stollsteimer [ruby-core:49585] [Bug #7405] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37811 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-11-22 17:42:06 +00:00
marcandre	6f64d9eb56	* lib/cgi/core.rb: Use symbols instead of strings for {const_,instance_variable_}{get,set}. [#7161] * lib/drb/drb.rb: ditto. * lib/ipaddr.rb: ditto. * lib/irb/workspace.rb: ditto. * lib/monitor.rb: ditto. * lib/rss/maker/base.rb: ditto. * lib/rss/rss.rb: ditto. * lib/xmlrpc/parser.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37688 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-11-16 16:55:29 +00:00
xibbar	8549059d76	* lib/cgi/core.rb: alias CGI#http_header to CGI#header . [Bug #7286] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37535 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-11-07 06:36:49 +00:00
naruse	0ba4526d06	* lib/cgi/core.rb: check if Tempfile is defined before use it. * lib/cgi/core.rb: remove tempfiles only if tempfiles exist git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37473 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-11-05 02:34:17 +00:00
xibbar	1362d81a22	Mon Nov 5 09:55:05 2012 Takeyuki FUJIOKA <xibbar@ruby-lang.org> * lib/cgi/core.rb: remove tempfile more early. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37471 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-11-05 00:57:45 +00:00
xibbar	6837f3dc54	Sun Nov 4 20:41:28 2012 Takeyuki FUJIOKA <xibbar@ruby-lang.org> * lib/cgi.rb, lib/cgi/*/rb: rename CGI#header to CGI#http_header, add and update HTML5 tag generater. [Bug #7110] Patch provided by Marcus Stollsteimer, thank you ! git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37466 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-11-04 11:48:05 +00:00
xibbar	aeca965681	* lib/cgi/html5.rb: Add html5 tag maker. * lib/cgi/core.rb: ditto. [Feature #6637] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@37077 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-10-04 02:20:55 +00:00
naruse	b3a4461df2	Suppress warnings. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36694 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-08-14 06:52:41 +00:00
xibbar	9c746e35ad	Wed Jul 4 08:45:41 2012 Takeyuki FUJIOKA <xibbar@ruby-lang.org> * lib/cgi/core.rb: fix bug: When query parameter is 'id=123&id', cgi['id'] => '123' is correct. First parameter is valid. [Feature #6621] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36304 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-07-04 04:42:32 +00:00
xibbar	b25f743057	Wed Jul 4 08:11:15 2012 Takeyuki FUJIOKA <xibbar@ruby-lang.org> * lib/cgi/core.rb,html.rb: fix typo.[Bug #6632] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36296 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2012-07-03 23:19:26 +00:00
xibbar	673448c27d	Tue Oct 18 02:24:19 2011 Takeyuki FUJIOKA <xibbar@ruby-lang.org> * lib/cgi/core.rb (QueryExtension#read_multiparat): replace 'stdinput' from '$stdin' because using fast cgi. [Bug #5451] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33472 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2011-10-17 17:33:57 +00:00
xibbar	7fd78fad3e	* lib/cgi/core.rb: fix multipart form parsing bug. [Bug #3866 ] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32469 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2011-07-09 05:32:19 +00:00
drbrain	b8f3f2d62e	* lib/cgi/util.rb: Improve documentation. Patch by Kuba Fietkiewicz. [Ruby 1.9 - Bug #4775] * lib/cgi/core.rb: ditto git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31882 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2011-06-01 00:42:06 +00:00
drbrain	34276148c4	* lib/cgi/util.rb: Improve documentation. Patch by Clinton Nixon. [Ruby 1.9 - Bug #4733] * lib/cgi/core.rb: ditto * lib/cgi/cookie.rb: ditto git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31634 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2011-05-18 21:07:13 +00:00
drbrain	e60f744e9a	* lib/cgi.rb: Add toplevel documentation to class CGI * lib/cgi/session.rb: Add overview documentation to CGI::Cookie * lib/cgi/html.rb: Don't add CGI::TagMaker documentation to CGI. Patch by David Copeland. [Ruby 1.9 - Bug #4704] * lib/cgi/core.rb: Clean up CGI documentation. Patch by David Copeland. [Ruby 1.9 - Bug #4704] * lib/cgi/cookie.rb: Clean up CGI::Cookie documentation. Patch by David Copeland. [Ruby 1.9 - Bug #4704] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@31595 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2011-05-16 21:21:35 +00:00
nobu	6874c8d686	* lib/cgi.rb (CGI::NEEDS_BINMODE): check if O_BINARY value instead of fragile check by platform name. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27581 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2010-05-01 23:54:39 +00:00
xibbar	2b222b9b17	* lib/cgi/{core, util}.rb (RFC822_DAYS, RFC822_MONTHS): move the constant because used only util.rb. [Bug #2704] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27415 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2010-04-20 03:39:34 +00:00
nobu	c9dd4823d9	* lib: fixed typo. a patch by Sho Hashimoto in [ruby-dev:40716]. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@26986 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2010-03-20 03:30:59 +00:00
ryan	ca7b32630c	Rolled out last change git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@25794 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2009-11-16 04:02:20 +00:00
ryan	36ed53ff93	Minor cleanup to improve hash use git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@25792 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2009-11-16 03:01:59 +00:00
xibbar	64486dfd8e	* lib/cgi/core.rb (read_from_cmdline): this code is better. [ruby-core:25991] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@25734 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2009-11-12 14:19:53 +00:00
xibbar	ae8ad5ae27	* lib/cgi/core.rb: fix command-line option of non-interactive terminal. [ruby-core:23016] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@25216 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2009-10-03 16:15:23 +00:00
matz	706f910300	* lib/cgi/core.rb (CGI::HTTP_STATUS): typo fixed. a patch from Nobuhiro IMAI. [ruby-dev:38538] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@23560 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2009-05-24 20:34:21 +00:00
mame	50cea7a5c9	* lib/cgi/core.rb (read_multipart): When path is not defined, define local_path as a method always returning nil instead of aliasing. This is because StringIO#path no longer exists. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@23196 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2009-04-16 15:58:23 +00:00
nobu	287a34ae0d	* {ext,lib,test}/*/.rb: removed trailing spaces. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@22784 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2009-03-06 03:56:38 +00:00
xibbar	9dce4d52ca	* lib/cgi/core.rb (CGI.parse): generate only key on params hash if request have only key uri parameters. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@21739 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2009-01-22 08:25:44 +00:00
xibbar	52d481d8de	* lib/cgi/session.rb: fix bug for ignore session_id option. report from [ruby-core:18635], [Bug #572] * lib/cgi/core.rb: use Encoding#find when encoding set. * test/cgi/test_cgi_session.rb: test for session_id specified. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20861 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2008-12-18 12:20:13 +00:00
xibbar	86560b12ee	* lib/cgi/core.rb (read_multipart): change field value as String from StringIO of Tempfile when multipart parse without file field. add files method that can uploaded files. [ruby-dev:36547] * test/cgi/test_cgi_multipart.rb: fix the test for core.rb. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19906 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2008-10-24 07:25:53 +00:00
xibbar	225d2af65a	* lib/cgi/core.rb (read_multipart): file's encoding is ascii-8bit from file field of multipart form. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19858 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2008-10-20 12:29:29 +00:00
xibbar	ddf88ea80b	* lib/cgi/core.rb (CGI::QueryExtension::initialize_query): fix the condition. * test/cgi/test_cgi_core.rb: bug fix encoding. thaks to TAKANO Mitsuhiro <takano32 at jus.or.jp> . * test/cgi/test_cgi_multipart.rb: temporary comment in. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19702 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2008-10-06 07:53:58 +00:00

1 2

58 Commits