lib/puma/const.rb in piesync-puma-3.12.6.1 vs lib/puma/const.rb in piesync-puma-5.4.0.1

@@ -98,12 +98,13 @@
   # While Puma does try to emulate the CGI/1.2 protocol, it does not use the REMOTE_IDENT,
   # REMOTE_USER, or REMOTE_HOST parameters since those are either a security problem or
   # too taxing on performance.
   module Const
 
-    PUMA_VERSION = VERSION = "3.12.6.1".freeze
-    CODE_NAME = "Llamas in Pajamas".freeze
+    PUMA_VERSION = VERSION = "5.4.0.1".freeze
+    CODE_NAME = "Super Flight".freeze
+
     PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze
 
     FAST_TRACK_KA_TIMEOUT = 0.2
 
     # The default number of seconds for another request within a persistent
@@ -127,32 +128,29 @@
 
     # The original URI requested by the client.
     REQUEST_URI= 'REQUEST_URI'.freeze
     REQUEST_PATH = 'REQUEST_PATH'.freeze
     QUERY_STRING = 'QUERY_STRING'.freeze
+    CONTENT_LENGTH = "CONTENT_LENGTH".freeze
 
     PATH_INFO = 'PATH_INFO'.freeze
 
     PUMA_TMP_BASE = "puma".freeze
 
-    # Indicate that we couldn't parse the request
-    ERROR_400_RESPONSE = "HTTP/1.1 400 Bad Request\r\n\r\n".freeze
+    ERROR_RESPONSE = {
+      # Indicate that we couldn't parse the request
+      400 => "HTTP/1.1 400 Bad Request\r\n\r\n".freeze,
+      # The standard empty 404 response for bad requests.  Use Error4040Handler for custom stuff.
+      404 => "HTTP/1.1 404 Not Found\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\nNOT FOUND".freeze,
+      # The standard empty 408 response for requests that timed out.
+      408 => "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\n".freeze,
+      # Indicate that there was an internal error, obviously.
+      500 => "HTTP/1.1 500 Internal Server Error\r\n\r\n".freeze,
+      # A common header for indicating the server is too busy.  Not used yet.
+      503 => "HTTP/1.1 503 Service Unavailable\r\n\r\nBUSY".freeze
+    }
 
-    # The standard empty 404 response for bad requests.  Use Error4040Handler for custom stuff.
-    ERROR_404_RESPONSE = "HTTP/1.1 404 Not Found\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\nNOT FOUND".freeze
-
-    # The standard empty 408 response for requests that timed out.
-    ERROR_408_RESPONSE = "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\n".freeze
-
-    CONTENT_LENGTH = "CONTENT_LENGTH".freeze
-
-    # Indicate that there was an internal error, obviously.
-    ERROR_500_RESPONSE = "HTTP/1.1 500 Internal Server Error\r\n\r\n".freeze
-
-    # A common header for indicating the server is too busy.  Not used yet.
-    ERROR_503_RESPONSE = "HTTP/1.1 503 Service Unavailable\r\n\r\nBUSY".freeze
-
     # The basic max request size we'll try to read.
     CHUNK_SIZE = 16 * 1024
 
     # This is the maximum header that is allowed before a client is booted.  The parser detects
     # this, but we'd also like to do this as well.
@@ -165,19 +163,21 @@
     HEAD = "HEAD".freeze
     # ETag is based on the apache standard of hex mtime-size-inode (inode is 0 on win32)
     LINE_END = "\r\n".freeze
     REMOTE_ADDR = "REMOTE_ADDR".freeze
     HTTP_X_FORWARDED_FOR = "HTTP_X_FORWARDED_FOR".freeze
+    HTTP_X_FORWARDED_SSL = "HTTP_X_FORWARDED_SSL".freeze
+    HTTP_X_FORWARDED_SCHEME = "HTTP_X_FORWARDED_SCHEME".freeze
+    HTTP_X_FORWARDED_PROTO = "HTTP_X_FORWARDED_PROTO".freeze
 
     SERVER_NAME = "SERVER_NAME".freeze
     SERVER_PORT = "SERVER_PORT".freeze
     HTTP_HOST = "HTTP_HOST".freeze
     PORT_80 = "80".freeze
     PORT_443 = "443".freeze
     LOCALHOST = "localhost".freeze
     LOCALHOST_IP = "127.0.0.1".freeze
-    LOCALHOST_ADDR = "127.0.0.1:0".freeze
 
     SERVER_PROTOCOL = "SERVER_PROTOCOL".freeze
     HTTP_11 = "HTTP/1.1".freeze
 
     SERVER_SOFTWARE = "SERVER_SOFTWARE".freeze
@@ -226,14 +226,26 @@
     CHUNKED = "chunked".freeze
 
     COLON = ": ".freeze
 
     NEWLINE = "\n".freeze
-    HTTP_INJECTION_REGEX = /[\r\n]/.freeze
 
     HIJACK_P = "rack.hijack?".freeze
     HIJACK = "rack.hijack".freeze
     HIJACK_IO = "rack.hijack_io".freeze
 
     EARLY_HINTS = "rack.early_hints".freeze
+
+    # Minimum interval to checks worker health
+    WORKER_CHECK_INTERVAL = 5
+
+    # Illegal character in the key or value of response header
+    DQUOTE = "\"".freeze
+    HTTP_HEADER_DELIMITER = Regexp.escape("(),/:;<=>?@[]{}\\").freeze
+    ILLEGAL_HEADER_KEY_REGEX = /[\x00-\x20#{DQUOTE}#{HTTP_HEADER_DELIMITER}]/.freeze
+    # header values can contain HTAB?
+    ILLEGAL_HEADER_VALUE_REGEX = /[\x00-\x08\x0A-\x1F]/.freeze
+
+    # Banned keys of response header
+    BANNED_HEADER_KEY = /\A(rack\.|status\z)/.freeze
   end
 end