From 0b1a87f73cca3da23b65f3dfb19daeac436ab2ee Mon Sep 17 00:00:00 2001
From: schneems <richard.schneeman@gmail.com>
Date: Mon, 18 Aug 2014 11:20:06 -0500
Subject: Refactor out Dir.glob from ActionDispatch::Static

Dir.glob can be a security concern. The original use was to provide logic of fallback files. Example a request to `/` should render the file from `/public/index.html`. We can replace the dir glob with the specific logic it represents. The glob {,index,index.html} will look for the current path, then in the directory of the path with index file and then in the directory of the path with index.html. This PR replaces the glob logic by manually checking each potential match. Best case scenario this results in one less file API request, worst case, this has one more file API request.

Related to #16464

Update: added a test for when a file of a given name (`public/bar.html` and a directory `public/bar` both exist in the same root directory. Changed logic to accommodate this scenario.
---
 actionpack/test/fixtures/public/bar/index.html | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 actionpack/test/fixtures/public/bar/index.html

(limited to 'actionpack/test/fixtures/public/bar/index.html')

diff --git a/actionpack/test/fixtures/public/bar/index.html b/actionpack/test/fixtures/public/bar/index.html
new file mode 100644
index 0000000000..d5bb8f898d
--- /dev/null
+++ b/actionpack/test/fixtures/public/bar/index.html
@@ -0,0 +1 @@
+/bar/index.html
\ No newline at end of file
-- 
cgit v1.2.3