diff options
author | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2010-04-10 22:05:02 +0000 |
---|---|---|
committer | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2010-04-10 22:05:02 +0000 |
commit | 9e30f60dbf26d2c628fd8601bc0cc496c8c77db0 (patch) | |
tree | 668924817047bdbda3cd1a5eee4666de5d8bf879 /lib/uri | |
parent | a31507939004778e39af5da92bcd6b295b86c11d (diff) | |
download | ruby-9e30f60dbf26d2c628fd8601bc0cc496c8c77db0.tar.gz |
* lib/uri/common.rb (decode_www_form_component): validate.
[ruby-dev:40938]
* lib/uri/common.rb (decode_www_form): allow empty string.
* lib/uri/common.rb: fix nodoc for constant. [ruby-dev:40949]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@27285 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/uri')
-rw-r--r-- | lib/uri/common.rb | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/lib/uri/common.rb b/lib/uri/common.rb index a20ce0c981..58fd422a5d 100644 --- a/lib/uri/common.rb +++ b/lib/uri/common.rb @@ -716,15 +716,10 @@ module URI DEFAULT_PARSER.make_regexp(schemes) end - # :nodoc: - TBLENCWWWCOMP_ = {} - - # :nodoc: - TBLDECWWWCOMP_ = {} - - # :nodoc: + TBLENCWWWCOMP_ = {} # :nodoc: + TBLDECWWWCOMP_ = {} # :nodoc: HTML5ASCIIINCOMPAT = [Encoding::UTF_7, Encoding::UTF_16BE, Encoding::UTF_16LE, - Encoding::UTF_32BE, Encoding::UTF_32LE] + Encoding::UTF_32BE, Encoding::UTF_32LE] # :nodoc: # Encode given +str+ to URL-encoded form data. # @@ -770,6 +765,7 @@ module URI TBLDECWWWCOMP_['+'] = ' ' TBLDECWWWCOMP_.freeze end + raise ArgumentError, "invalid %-encoding (#{str})" unless /\A(?:%\h\h|[^%]+)*\z/ =~ str str.gsub(/\+|%\h\h/, TBLDECWWWCOMP_).force_encoding(enc) end @@ -796,7 +792,7 @@ module URI if str str << '&' else - str = ''.force_encoding(Encoding::US_ASCII) + str = nil.to_s end str << encode_www_form_component(k) str << '=' @@ -805,8 +801,7 @@ module URI str end - # :nodoc: - WFKV_ = '(?:%\h\h|[^%#=;&])' + WFKV_ = '(?:%\h\h|[^%#=;&]+)' # :nodoc: # Decode URL-encoded form data from given +str+. # @@ -829,6 +824,7 @@ module URI # # See URI.decode_www_form_component, URI.encode_www_form def self.decode_www_form(str, enc=Encoding::UTF_8) + return [] if str.empty? unless /\A#{WFKV_}*=#{WFKV_}*(?:[;&]#{WFKV_}*=#{WFKV_}*)*\z/o =~ str raise ArgumentError, "invalid data of application/x-www-form-urlencoded (#{str})" end |