aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
diff options
context:
space:
mode:
authorJeremy Kemper <jeremy@bitsweat.net>2007-05-19 21:34:36 +0000
committerJeremy Kemper <jeremy@bitsweat.net>2007-05-19 21:34:36 +0000
commit055ff9f41844a90080ec12f2e632ff755f67f097 (patch)
tree7bd77e9d4545b627380ca699725c0cb849b28236 /actionpack
parentf52021ddd2f1a1f38ec9c6ee8d58ee92cbe7e5e8 (diff)
downloadrails-055ff9f41844a90080ec12f2e632ff755f67f097.tar.gz
rails-055ff9f41844a90080ec12f2e632ff755f67f097.tar.bz2
rails-055ff9f41844a90080ec12f2e632ff755f67f097.zip
Fix incorrent content type lookup in request parsing. Closes #8407.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6786 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack')
-rwxr-xr-xactionpack/lib/action_controller/request.rb62
-rwxr-xr-xactionpack/test/controller/cgi_test.rb18
2 files changed, 52 insertions, 28 deletions
diff --git a/actionpack/lib/action_controller/request.rb b/actionpack/lib/action_controller/request.rb
index 345832d43a..0dfc4a91d0 100755
--- a/actionpack/lib/action_controller/request.rb
+++ b/actionpack/lib/action_controller/request.rb
@@ -63,32 +63,14 @@ module ActionController
@content_length ||= env['CONTENT_LENGTH'].to_i
end
- def content_type_with_parameters
- @content_type_with_parameters ||= env['CONTENT_TYPE'].to_s
- end
-
- # Determine whether the body of a HTTP call is URL-encoded (default)
- # or matches one of the registered param_parsers.
+ # The MIME type of the HTTP request, such as Mime::XML.
#
# For backward compatibility, the post format is extracted from the
# X-Post-Data-Format HTTP header if present.
def content_type
@content_type ||=
- begin
- # Receive header sans any charset information.
- content_type = content_type_with_parameters.sub(/\s*\;.*$/, '').strip.downcase
-
- if x_post_format = @env['HTTP_X_POST_DATA_FORMAT']
- case x_post_format.to_s.downcase
- when 'yaml'
- content_type = Mime::YAML.to_s
- when 'xml'
- content_type = Mime::XML.to_s
- end
- end
-
- Mime::Type.lookup(content_type)
- end
+ content_type_from_legacy_post_data_format_header ||
+ Mime::Type.lookup(content_type_without_parameters)
end
# Returns the accepted MIME type for the request
@@ -308,13 +290,39 @@ module ActionController
def reset_session #:nodoc:
end
+ protected
+ # The raw content type string. Use when you need parameters such as
+ # charset or boundary which aren't included in the content_type MIME type.
+ def content_type_with_parameters
+ env['CONTENT_TYPE'].to_s
+ end
+
+ # The raw content type string with its parameters stripped off.
+ def content_type_without_parameters
+ @content_type_without_parameters ||= self.class.extract_content_type_without_parameters(content_type_with_parameters)
+ end
+
+ private
+ def content_type_from_legacy_post_data_format_header
+ if x_post_format = @env['HTTP_X_POST_DATA_FORMAT']
+ case x_post_format.to_s.downcase
+ when 'yaml'; Mime::YAML
+ when 'xml'; Mime::XML
+ end
+ end
+ end
+
class << self
- def parse_formatted_request_parameters(body, content_type, content_length, env = {})
+ def extract_content_type_without_parameters(content_type_with_parameters)
+ $1.strip.downcase if content_type_with_parameters =~ /^([^,\;]*)/
+ end
+
+ def parse_formatted_request_parameters(body, content_type_with_parameters, content_length, env = {})
content_length = content_length.to_i
return {} if content_length.zero?
- content_type, boundary = extract_multipart_boundary(content_type.to_s)
+ content_type, boundary = extract_multipart_boundary(content_type_with_parameters.to_s)
return {} if content_type.blank?
mime_type = Mime::Type.lookup(content_type)
@@ -343,7 +351,7 @@ module ActionController
rescue Exception => e # YAML, XML or Ruby code block errors
raise
{ "body" => body,
- "content_type" => content_type,
+ "content_type" => content_type_with_parameters,
"content_length" => content_length,
"exception" => "#{e.message} (#{e.class})",
"backtrace" => e.backtrace }
@@ -444,11 +452,11 @@ module ActionController
MULTIPART_BOUNDARY = %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?|n
- def extract_multipart_boundary(content_type)
- if content_type =~ MULTIPART_BOUNDARY
+ def extract_multipart_boundary(content_type_with_parameters)
+ if content_type_with_parameters =~ MULTIPART_BOUNDARY
['multipart/form-data', $1.dup]
else
- content_type
+ extract_content_type_without_parameters(content_type_with_parameters)
end
end
diff --git a/actionpack/test/controller/cgi_test.rb b/actionpack/test/controller/cgi_test.rb
index 1592795010..4c3fbc37c5 100755
--- a/actionpack/test/controller/cgi_test.rb
+++ b/actionpack/test/controller/cgi_test.rb
@@ -1,7 +1,7 @@
require File.dirname(__FILE__) + '/../abstract_unit'
require 'action_controller/cgi_process'
-class CgiRequestTest < Test::Unit::TestCase
+class BaseCgiTest < Test::Unit::TestCase
def setup
@request_hash = {"HTTP_MAX_FORWARDS"=>"10", "SERVER_NAME"=>"glu.ttono.us:8007", "FCGI_ROLE"=>"RESPONDER", "HTTP_X_FORWARDED_HOST"=>"glu.ttono.us", "HTTP_ACCEPT_ENCODING"=>"gzip, deflate", "HTTP_USER_AGENT"=>"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/312.5.1 (KHTML, like Gecko) Safari/312.3.1", "PATH_INFO"=>"", "HTTP_ACCEPT_LANGUAGE"=>"en", "HTTP_HOST"=>"glu.ttono.us:8007", "SERVER_PROTOCOL"=>"HTTP/1.1", "REDIRECT_URI"=>"/dispatch.fcgi", "SCRIPT_NAME"=>"/dispatch.fcgi", "SERVER_ADDR"=>"207.7.108.53", "REMOTE_ADDR"=>"207.7.108.53", "SERVER_SOFTWARE"=>"lighttpd/1.4.5", "HTTP_COOKIE"=>"_session_id=c84ace84796670c052c6ceb2451fb0f2; is_admin=yes", "HTTP_X_FORWARDED_SERVER"=>"glu.ttono.us", "REQUEST_URI"=>"/admin", "DOCUMENT_ROOT"=>"/home/kevinc/sites/typo/public", "SERVER_PORT"=>"8007", "QUERY_STRING"=>"", "REMOTE_PORT"=>"63137", "GATEWAY_INTERFACE"=>"CGI/1.1", "HTTP_X_FORWARDED_FOR"=>"65.88.180.234", "HTTP_ACCEPT"=>"*/*", "SCRIPT_FILENAME"=>"/home/kevinc/sites/typo/public/dispatch.fcgi", "REDIRECT_STATUS"=>"200", "REQUEST_METHOD"=>"GET"}
# cookie as returned by some Nokia phone browsers (no space after semicolon separator)
@@ -10,6 +10,11 @@ class CgiRequestTest < Test::Unit::TestCase
@request = ActionController::CgiRequest.new(@fake_cgi)
end
+ def default_test; end
+end
+
+
+class CgiRequestTest < BaseCgiTest
def test_proxy_request
assert_equal 'glu.ttono.us', @request.host_with_port
end
@@ -52,3 +57,14 @@ class CgiRequestTest < Test::Unit::TestCase
assert_equal ["yes"], alt_cookies["is_admin"]
end
end
+
+
+class CgiRequestParamsParsingTest < BaseCgiTest
+ def test_doesnt_break_when_content_type_has_charset
+ data = 'flamenco=love'
+ @request.env['CONTENT_LENGTH'] = data.length
+ @request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded; charset=utf-8'
+ @request.env['RAW_POST_DATA'] = data
+ assert_equal({"flamenco"=> "love"}, @request.request_parameters)
+ end
+end