ruby-changes:15378

naruse	2010-04-09 20:58:20 +0900 (Fri, 09 Apr 2010)

  New Revision: 27270

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=27270

  Log:
    * lib/uri/common.rb (decode_www_form): don't ignore leading '?'.
      [ruby-dev:40938]
    
    * lib/uri/common.rb (decode_www_form): check whether argument is
      valid application/x-www-form-urlencoded data.

  Modified files:
    trunk/ChangeLog
    trunk/lib/uri/common.rb
    trunk/test/uri/test_common.rb

Index: ChangeLog
===================================================================
--- ChangeLog	(revision 27269)
+++ ChangeLog	(revision 27270)
@@ -1,3 +1,11 @@
+Fri Apr  9 20:54:10 2010  NARUSE, Yui  <naruse@r...>
+
+	* lib/uri/common.rb (decode_www_form): don't ignore leading '?'.
+	  [ruby-dev:40938]
+
+	* lib/uri/common.rb (decode_www_form): check whether argument is
+	  valid application/x-www-form-urlencoded data.
+
 Fri Apr  9 20:29:13 2010  Yusuke Endoh  <mame@t...>
 
 	* dir.c (push_glob): clear up the previous commit (RB_GC_GUARD can
Index: lib/uri/common.rb
===================================================================
--- lib/uri/common.rb	(revision 27269)
+++ lib/uri/common.rb	(revision 27270)
@@ -805,6 +805,9 @@
     str
   end
 
+  # :nodoc:
+  WFKV_ = '(?:%\h\h|[^%#=;&])'
+
   # Decode URL-encoded form data from given +str+.
   #
   # This decodes application/x-www-form-urlencoded data
@@ -826,11 +829,11 @@
   #
   # See URI.decode_www_form_component, URI.encode_www_form
   def self.decode_www_form(str, enc=Encoding::UTF_8)
-    ary = []
-    unless /\A\??(?<query>[^=;&]*=[^;&]*(?:[;&][^=;&]*=[^;&]*)*)\z/ =~ str
+    unless /\A#{WFKV_}*=#{WFKV_}*(?:[;&]#{WFKV_}*=#{WFKV_}*)*\z/o =~ str
       raise ArgumentError, "invalid data of application/x-www-form-urlencoded (#{str})"
     end
-    query.scan(/([^=;&]+)=([^;&]*)/) do
+    ary = []
+    $&.scan(/([^=;&]+)=([^;&]*)/) do
       ary << [decode_www_form_component($1, enc), decode_www_form_component($2, enc)]
     end
     ary
Index: test/uri/test_common.rb
===================================================================
--- test/uri/test_common.rb	(revision 27269)
+++ test/uri/test_common.rb	(revision 27270)
@@ -86,7 +86,13 @@
   def test_decode_www_form
     assert_equal([%w[a 1], %w[a 2]], URI.decode_www_form("a=1&a=2"))
     assert_equal([%w[a 1], ["\u3042", "\u6F22"]],
-                 URI.decode_www_form("a=1&%E3%81%82=%E6%BC%A2"))
+                 URI.decode_www_form("a=1;%E3%81%82=%E6%BC%A2"))
+    assert_equal([%w[?a 1], %w[a 2]], URI.decode_www_form("?a=1&a=2"))
+    assert_raise(ArgumentError){URI.decode_www_form("%=1")}
+    assert_raise(ArgumentError){URI.decode_www_form("a=%")}
+    assert_raise(ArgumentError){URI.decode_www_form("a=1&%=2")}
+    assert_raise(ArgumentError){URI.decode_www_form("a=1&b=%")}
+    assert_raise(ArgumentError){URI.decode_www_form("a&b")}
   end
 end
 

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/