diff options
| author | Andrew White <andyw@pixeltrix.co.uk> | 2012-02-17 14:06:38 +0000 |
|---|---|---|
| committer | Andrew White <andyw@pixeltrix.co.uk> | 2012-02-17 14:08:13 +0000 |
| commit | 86d3bc37b8f302e8dbe5ad1095ea2723fc87f8c0 (patch) | |
| tree | 5c1ed8c4b4f46ba7ef601d8a16cf8151762949cf /actionpack/test/dispatch | |
| parent | 1a0bc2ab7fbade57a24e3daa3512e4167641410d (diff) | |
| download | rails-86d3bc37b8f302e8dbe5ad1095ea2723fc87f8c0.tar.gz rails-86d3bc37b8f302e8dbe5ad1095ea2723fc87f8c0.tar.bz2 rails-86d3bc37b8f302e8dbe5ad1095ea2723fc87f8c0.zip | |
Fix ActionDispatch::Static to serve files with unencoded PCHAR
RFC 3986[1] allows sub-delim characters in path segments unencoded,
however Rack::File requires them to be encoded so we use URI's
unescape method to leave them alone and then escape them again.
Also since the path gets passed to Dir[] we need to escape any glob
characters in the path.
[1]: http://www.ietf.org/rfc/rfc3986.txt
Diffstat (limited to 'actionpack/test/dispatch')
| -rw-r--r-- | actionpack/test/dispatch/static_test.rb | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/static_test.rb b/actionpack/test/dispatch/static_test.rb index 9f3cbd19ef..ec69d50d26 100644 --- a/actionpack/test/dispatch/static_test.rb +++ b/actionpack/test/dispatch/static_test.rb @@ -30,6 +30,34 @@ module StaticTests assert_html "/foo/index.html", get("/foo") end + def test_serves_static_file_with_encoded_pchar + assert_html "/foo/foo!bar.html", get("/foo/foo%21bar.html") + assert_html "/foo/foo$bar.html", get("/foo/foo%24bar.html") + assert_html "/foo/foo&bar.html", get("/foo/foo%26bar.html") + assert_html "/foo/foo'bar.html", get("/foo/foo%27bar.html") + assert_html "/foo/foo(bar).html", get("/foo/foo%28bar%29.html") + assert_html "/foo/foo*bar.html", get("/foo/foo%2Abar.html") + assert_html "/foo/foo+bar.html", get("/foo/foo%2Bbar.html") + assert_html "/foo/foo,bar.html", get("/foo/foo%2Cbar.html") + assert_html "/foo/foo;bar.html", get("/foo/foo%3Bbar.html") + assert_html "/foo/foo:bar.html", get("/foo/foo%3Abar.html") + assert_html "/foo/foo@bar.html", get("/foo/foo%40bar.html") + end + + def test_serves_static_file_with_unencoded_pchar + assert_html "/foo/foo!bar.html", get("/foo/foo!bar.html") + assert_html "/foo/foo$bar.html", get("/foo/foo$bar.html") + assert_html "/foo/foo&bar.html", get("/foo/foo&bar.html") + assert_html "/foo/foo'bar.html", get("/foo/foo'bar.html") + assert_html "/foo/foo(bar).html", get("/foo/foo(bar).html") + assert_html "/foo/foo*bar.html", get("/foo/foo*bar.html") + assert_html "/foo/foo+bar.html", get("/foo/foo+bar.html") + assert_html "/foo/foo,bar.html", get("/foo/foo,bar.html") + assert_html "/foo/foo;bar.html", get("/foo/foo;bar.html") + assert_html "/foo/foo:bar.html", get("/foo/foo:bar.html") + assert_html "/foo/foo@bar.html", get("/foo/foo@bar.html") + end + private def assert_html(body, response) |