diff options
| author | Andrew White <andyw@pixeltrix.co.uk> | 2012-02-17 13:33:44 +0000 |
|---|---|---|
| committer | Andrew White <andyw@pixeltrix.co.uk> | 2012-02-17 14:07:48 +0000 |
| commit | ceb288b8ce552a248f141bddbd16426641a4fd0d (patch) | |
| tree | b7f3fe70fa7c531e7520fd61cf3e08820d5369f6 /actionpack/test/dispatch | |
| parent | ce51edb73bce5e213568fd5a362fb3557a06aee1 (diff) | |
| download | rails-ceb288b8ce552a248f141bddbd16426641a4fd0d.tar.gz rails-ceb288b8ce552a248f141bddbd16426641a4fd0d.tar.bz2 rails-ceb288b8ce552a248f141bddbd16426641a4fd0d.zip | |
Fix ActionDispatch::Static to serve files with unencoded PCHAR
RFC 3986[1] allows sub-delim characters in path segments unencoded,
however Rack::File requires them to be encoded so we use URI's
unescape method to leave them alone and then escape them again.
Also since the path gets passed to Dir[] we need to escape any glob
characters in the path.
[1]: http://www.ietf.org/rfc/rfc3986.txt
Diffstat (limited to 'actionpack/test/dispatch')
| -rw-r--r-- | actionpack/test/dispatch/static_test.rb | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/actionpack/test/dispatch/static_test.rb b/actionpack/test/dispatch/static_test.rb index d91a857d18..e086d99b19 100644 --- a/actionpack/test/dispatch/static_test.rb +++ b/actionpack/test/dispatch/static_test.rb @@ -35,8 +35,32 @@ module StaticTests assert_html "means hello in Japanese\n", get("/foo/#{Rack::Utils.escape("こんにちは.html")}") end - def test_serves_static_file_with_plus_in_filename - assert_html "foo+bar\n", get('/foo/foo%2Bbar.html') + def test_serves_static_file_with_encoded_pchar + assert_html "/foo/foo!bar.html", get("/foo/foo%21bar.html") + assert_html "/foo/foo$bar.html", get("/foo/foo%24bar.html") + assert_html "/foo/foo&bar.html", get("/foo/foo%26bar.html") + assert_html "/foo/foo'bar.html", get("/foo/foo%27bar.html") + assert_html "/foo/foo(bar).html", get("/foo/foo%28bar%29.html") + assert_html "/foo/foo*bar.html", get("/foo/foo%2Abar.html") + assert_html "/foo/foo+bar.html", get("/foo/foo%2Bbar.html") + assert_html "/foo/foo,bar.html", get("/foo/foo%2Cbar.html") + assert_html "/foo/foo;bar.html", get("/foo/foo%3Bbar.html") + assert_html "/foo/foo:bar.html", get("/foo/foo%3Abar.html") + assert_html "/foo/foo@bar.html", get("/foo/foo%40bar.html") + end + + def test_serves_static_file_with_unencoded_pchar + assert_html "/foo/foo!bar.html", get("/foo/foo!bar.html") + assert_html "/foo/foo$bar.html", get("/foo/foo$bar.html") + assert_html "/foo/foo&bar.html", get("/foo/foo&bar.html") + assert_html "/foo/foo'bar.html", get("/foo/foo'bar.html") + assert_html "/foo/foo(bar).html", get("/foo/foo(bar).html") + assert_html "/foo/foo*bar.html", get("/foo/foo*bar.html") + assert_html "/foo/foo+bar.html", get("/foo/foo+bar.html") + assert_html "/foo/foo,bar.html", get("/foo/foo,bar.html") + assert_html "/foo/foo;bar.html", get("/foo/foo;bar.html") + assert_html "/foo/foo:bar.html", get("/foo/foo:bar.html") + assert_html "/foo/foo@bar.html", get("/foo/foo@bar.html") end private |