lib/rack/utils.rb in rack-1.6.0.beta vs lib/rack/utils.rb in rack-1.6.0.beta2

@@ -59,16 +59,22 @@
 
     DEFAULT_SEP = /[&;] */n
 
     class << self
       attr_accessor :key_space_limit
+      attr_accessor :multipart_part_limit
     end
 
     # The default number of bytes to allow parameter keys to take up.
     # This helps prevent a rogue client from flooding a Request.
     self.key_space_limit = 65536
 
+    # The maximum number of parts a request can contain. Accepting to many part
+    # can lead to the server running out of file handles.
+    # Set to `0` for no limit.
+    self.multipart_part_limit = (ENV['RACK_MULTIPART_LIMIT'] || 128).to_i
+
     # Stolen from Mongrel, with some small modifications:
     # Parses a query string by breaking it up at the '&'
     # and ';' characters.  You can also use this to parse
     # cookies by changing the characters used in the second
     # parameter (which defaults to '&;').
@@ -416,11 +422,11 @@
     module_function :byte_ranges
 
     # Constant time string comparison.
     #
     # NOTE: the values compared should be of fixed length, such as strings
-    # that have aready been processed by HMAC.  This should not be used
+    # that have already been processed by HMAC. This should not be used
     # on variable length plaintext strings because it could leak length info
     # via timing attacks.
     def secure_compare(a, b)
       return false unless bytesize(a) == bytesize(b)
 
@@ -565,13 +571,13 @@
       end
     end
 
     # Every standard HTTP code mapped to the appropriate message.
     # Generated with:
-    # ruby -ropen-uri -rnokogiri -e "Nokogiri::XML(open(
-    #   'http://www.iana.org/assignments/http-status-codes/http-status-codes.xml')).css('record').each{|r|
-    #   name = r.css('description').text; puts %Q[#{r.css('value').text} => '#{name}',] unless name == 'Unassigned' }"
+    # curl -s https://www.iana.org/assignments/http-status-codes/http-status-codes-1.csv | \
+    #   ruby -ne 'm = /^(\d{3}),(?!Unassigned|\(Unused\))([^,]+)/.match($_) and \
+    #             puts "#{m[1]} => \x27#{m[2].strip}\x27,"'
     HTTP_STATUS_CODES = {
       100 => 'Continue',
       101 => 'Switching Protocols',
       102 => 'Processing',
       200 => 'OK',
@@ -588,11 +594,10 @@
       301 => 'Moved Permanently',
       302 => 'Found',
       303 => 'See Other',
       304 => 'Not Modified',
       305 => 'Use Proxy',
-      306 => 'Reserved',
       307 => 'Temporary Redirect',
       308 => 'Permanent Redirect',
       400 => 'Bad Request',
       401 => 'Unauthorized',
       402 => 'Payment Required',
@@ -604,16 +609,15 @@
       408 => 'Request Timeout',
       409 => 'Conflict',
       410 => 'Gone',
       411 => 'Length Required',
       412 => 'Precondition Failed',
-      413 => 'Request Entity Too Large',
-      414 => 'Request-URI Too Long',
+      413 => 'Payload Too Large',
+      414 => 'URI Too Long',
       415 => 'Unsupported Media Type',
-      416 => 'Requested Range Not Satisfiable',
+      416 => 'Range Not Satisfiable',
       417 => 'Expectation Failed',
-      418 => 'I\'m a teapot',
       422 => 'Unprocessable Entity',
       423 => 'Locked',
       424 => 'Failed Dependency',
       426 => 'Upgrade Required',
       428 => 'Precondition Required',
@@ -623,10 +627,10 @@
       501 => 'Not Implemented',
       502 => 'Bad Gateway',
       503 => 'Service Unavailable',
       504 => 'Gateway Timeout',
       505 => 'HTTP Version Not Supported',
-      506 => 'Variant Also Negotiates (Experimental)',
+      506 => 'Variant Also Negotiates',
       507 => 'Insufficient Storage',
       508 => 'Loop Detected',
       510 => 'Not Extended',
       511 => 'Network Authentication Required'
     }