diff options
author | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2004-12-09 07:22:45 +0000 |
---|---|---|
committer | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2004-12-09 07:22:45 +0000 |
commit | 3f06be1b9d5904514811bdbf53742d7ec528bf8f (patch) | |
tree | ee67d0a5194ec1d40e5b3dfb48f108d5893cb331 /lib | |
parent | e326946b35c0e1eb022e381206c2df292d9c2761 (diff) | |
download | ruby-3f06be1b9d5904514811bdbf53742d7ec528bf8f.tar.gz |
* lib/webrick/cgi.rb (WEBrick::CGI#setup_header): avoid
SecurityError. [ruby-dev:24970]
* lib/webrick/httpserver.rb (WEBrick::HTTPServer#run): should wait
for reading request till data arrive. [ruby-talk:121068]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7523 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib')
-rw-r--r-- | lib/webrick/cgi.rb | 19 | ||||
-rw-r--r-- | lib/webrick/httpserver.rb | 7 |
2 files changed, 16 insertions, 10 deletions
diff --git a/lib/webrick/cgi.rb b/lib/webrick/cgi.rb index 5c38e42fc4..1282bdcd93 100644 --- a/lib/webrick/cgi.rb +++ b/lib/webrick/cgi.rb @@ -158,20 +158,19 @@ module WEBrick end def setup_header - add_header("CONTENT_TYPE", "Content-Type") - add_header("CONTENT_LENGTH", "Content-length") - @env.each_key{|name| - if /^HTTP_(.*)/ =~ name - add_header(name, $1.gsub(/_/, "-")) + @env.each{|key, value| + case key + when "CONTENT_TYPE", "CONTENT_LENGTH" + add_header(key.gsub(/_/, "-"), value) + when /^HTTP_(.*)/ + add_header($1.gsub(/_/, "-"), value) end } end - def add_header(envname, hdrname) - if value = @env[envname] - unless value.empty? - @header_part << hdrname << ": " << value << CRLF - end + def add_header(hdrname, value) + unless value.empty? + @header_part << hdrname << ": " << value << CRLF end end diff --git a/lib/webrick/httpserver.rb b/lib/webrick/httpserver.rb index 13574e7de0..bdd9c7a620 100644 --- a/lib/webrick/httpserver.rb +++ b/lib/webrick/httpserver.rb @@ -46,6 +46,13 @@ module WEBrick req = HTTPRequest.new(@config) server = self begin + timeout = @config[:RequestTimeout] + while timeout > 0 + break if IO.select([sock], nil, nil, 0.5) + timeout = 0 if @status != :Running + timeout -= 0.5 + end + raise HTTPStatus::EOFError if timeout <= 0 req.parse(sock) res.request_method = req.request_method res.request_uri = req.request_uri |