Contents

# :stopdoc:

# Stolen from ruby core's uri/common.rb @32618ba to fix DoS issues in 1.9.2
#
# https://github.com/ruby/ruby/blob/32618ba7438a2247042bba9b5d85b5d49070f5e5/lib/uri/common.rb
#
# Issue:
# http://redmine.ruby-lang.org/issues/5149
#
# Relevant Fixes:
# https://github.com/ruby/ruby/commit/b5f91deee04aa6ccbe07c23c8222b937c22a799b
# https://github.com/ruby/ruby/commit/93177c1e5c3906abf14472ae0b905d8b5c72ce1b
#
# This should probably be removed once there is a Ruby 1.9.2 patch level that
# includes this fix.

require 'uri/common'

module URI
  def self.decode_www_form(str, enc=Encoding::UTF_8)
    return [] if str.empty?
    unless /\A#{WFKV_}=#{WFKV_}(?:[;&]#{WFKV_}=#{WFKV_})*\z/o =~ str
      raise ArgumentError, "invalid data of application/x-www-form-urlencoded (#{str})"
    end
    ary = []
    $&.scan(/([^=;&]+)=([^;&]*)/) do
      ary << [decode_www_form_component($1, enc), decode_www_form_component($2, enc)]
    end
    ary
  end

  def self.decode_www_form_component(str, enc=Encoding::UTF_8)
    if TBLDECWWWCOMP_.empty?
      tbl = {}
      256.times do |i|
        h, l = i>>4, i&15
        tbl['%%%X%X' % [h, l]] = i.chr
        tbl['%%%x%X' % [h, l]] = i.chr
        tbl['%%%X%x' % [h, l]] = i.chr
        tbl['%%%x%x' % [h, l]] = i.chr
      end
      tbl['+'] = ' '
      begin
        TBLDECWWWCOMP_.replace(tbl)
        TBLDECWWWCOMP_.freeze
      rescue
      end
    end
    raise ArgumentError, "invalid %-encoding (#{str})" unless /\A[^%]*(?:%\h\h[^%]*)*\z/ =~ str
    str.gsub(/\+|%\h\h/, TBLDECWWWCOMP_).force_encoding(enc)
  end

  remove_const :WFKV_
  WFKV_ = '(?:[^%#=;&]*(?:%\h\h[^%#=;&]*)*)' # :nodoc:
end

Version data entries

127 entries across 106 versions & 14 rubygems

Version	Path
classiccms-0.7.5	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
classiccms-0.7.4	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
classiccms-0.7.3	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
candlepin-api-0.4.0	bundle/ruby/1.9.1/gems/rack-1.3.5/lib/rack/backports/uri/common_192.rb
candlepin-api-0.4.0	bundle/ruby/1.8/gems/rack-1.3.5/lib/rack/backports/uri/common_192.rb
candlepin-api-0.4.0	bundle/ruby/gems/rack-1.3.5/lib/rack/backports/uri/common_192.rb
classiccms-0.7.2	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
classiccms-0.7.1	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
classiccms-0.7.0	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
sunrise-cms-0.5.0.rc1	vendor/bundle/ruby/1.9.1/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
challah-0.9.0	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
classiccms-0.6.9	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
jquery_regex-0.0.3	vendor/bundle/gems/jquery_regex-0.0.1/vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
jquery_regex-0.0.3	vendor/bundle/gems/jquery_regex-0.0.3/vendor/bundle/gems/jquery_regex-0.0.2/vendor/bundle/gems/jquery_regex-0.0.1/vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
jquery_regex-0.0.3	vendor/bundle/gems/jquery_regex-0.0.2/vendor/bundle/gems/jquery_regex-0.0.1/vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
jquery_regex-0.0.3	vendor/bundle/gems/jquery_regex-0.0.2/vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
jquery_regex-0.0.3	vendor/bundle/gems/jquery_regex-0.0.3/vendor/bundle/gems/jquery_regex-0.0.1/vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
jquery_regex-0.0.3	vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
jquery_regex-0.0.3	vendor/bundle/gems/jquery_regex-0.0.3/vendor/bundle/gems/jquery_regex-0.0.2/vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb
jquery_regex-0.0.3	vendor/bundle/gems/jquery_regex-0.0.3/vendor/bundle/gems/rack-1.4.1/lib/rack/backports/uri/common_192.rb