ruby-changes:15393
From: naruse <ko1@a...>
Date: Sun, 11 Apr 2010 07:05:20 +0900 (JST)
Subject: [ruby-changes:15393] Ruby:r27285 (trunk): * lib/uri/common.rb (decode_www_form_component): validate.
naruse 2010-04-11 07:05:02 +0900 (Sun, 11 Apr 2010) New Revision: 27285 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=27285 Log: * lib/uri/common.rb (decode_www_form_component): validate. [ruby-dev:40938] * lib/uri/common.rb (decode_www_form): allow empty string. * lib/uri/common.rb: fix nodoc for constant. [ruby-dev:40949] Modified files: trunk/ChangeLog trunk/lib/uri/common.rb trunk/test/uri/test_common.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 27284) +++ ChangeLog (revision 27285) @@ -1,3 +1,12 @@ +Sun Apr 11 07:01:41 2010 NARUSE, Yui <naruse@r...> + + * lib/uri/common.rb (decode_www_form_component): validate. + [ruby-dev:40938] + + * lib/uri/common.rb (decode_www_form): allow empty string. + + * lib/uri/common.rb: fix nodoc for constant. [ruby-dev:40949] + Sat Apr 10 21:26:22 2010 NARUSE, Yui <naruse@r...> * lib/rdoc/markup/preprocess.rb (RDoc::Markup::PreProcess#handle): Index: lib/uri/common.rb =================================================================== --- lib/uri/common.rb (revision 27284) +++ lib/uri/common.rb (revision 27285) @@ -716,15 +716,10 @@ DEFAULT_PARSER.make_regexp(schemes) end - # :nodoc: - TBLENCWWWCOMP_ = {} - - # :nodoc: - TBLDECWWWCOMP_ = {} - - # :nodoc: + TBLENCWWWCOMP_ = {} # :nodoc: + TBLDECWWWCOMP_ = {} # :nodoc: HTML5ASCIIINCOMPAT = [Encoding::UTF_7, Encoding::UTF_16BE, Encoding::UTF_16LE, - Encoding::UTF_32BE, Encoding::UTF_32LE] + Encoding::UTF_32BE, Encoding::UTF_32LE] # :nodoc: # Encode given +str+ to URL-encoded form data. # @@ -770,6 +765,7 @@ TBLDECWWWCOMP_['+'] = ' ' TBLDECWWWCOMP_.freeze end + raise ArgumentError, "invalid %-encoding (#{str})" unless /\A(?:%\h\h|[^%]+)*\z/ =~ str str.gsub(/\+|%\h\h/, TBLDECWWWCOMP_).force_encoding(enc) end @@ -796,7 +792,7 @@ if str str << '&' else - str = ''.force_encoding(Encoding::US_ASCII) + str = nil.to_s end str << encode_www_form_component(k) str << '=' @@ -805,8 +801,7 @@ str end - # :nodoc: - WFKV_ = '(?:%\h\h|[^%#=;&])' + WFKV_ = '(?:%\h\h|[^%#=;&]+)' # :nodoc: # Decode URL-encoded form data from given +str+. # @@ -829,6 +824,7 @@ # # See URI.decode_www_form_component, URI.encode_www_form def self.decode_www_form(str, enc=Encoding::UTF_8) + return [] if str.empty? unless /\A#{WFKV_}*=#{WFKV_}*(?:[;&]#{WFKV_}*=#{WFKV_}*)*\z/o =~ str raise ArgumentError, "invalid data of application/x-www-form-urlencoded (#{str})" end Index: test/uri/test_common.rb =================================================================== --- test/uri/test_common.rb (revision 27284) +++ test/uri/test_common.rb (revision 27285) @@ -69,6 +69,7 @@ "AZ%5B%5C%5D%5E_%60az%7B%7C%7D%7E")) assert_equal("\xA1\xA2".force_encoding(Encoding::EUC_JP), URI.decode_www_form_component("%A1%A2", "EUC-JP")) + assert_raise(ArgumentError){URI.decode_www_form_component("%")} end def test_encode_www_form @@ -88,6 +89,7 @@ assert_equal([%w[a 1], ["\u3042", "\u6F22"]], URI.decode_www_form("a=1;%E3%81%82=%E6%BC%A2")) assert_equal([%w[?a 1], %w[a 2]], URI.decode_www_form("?a=1&a=2")) + assert_equal([], URI.decode_www_form("")) assert_raise(ArgumentError){URI.decode_www_form("%=1")} assert_raise(ArgumentError){URI.decode_www_form("a=%")} assert_raise(ArgumentError){URI.decode_www_form("a=1&%=2")} -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/