summaryrefslogtreecommitdiff
path: root/lib/webrick/httpservlet/cgi_runner.rb
AgeCommit message (Collapse)Author
2017-12-22webrick/httpservelet/cgi_runner: avoid IO#reopen on pathnamenormal
IO#reopen seems to behave strangely on Win32 based on the logs posted by Greg for [Bug #14420]. Lets try to fix the issue by using File.open explicitly (but not Kernel#open). * lib/webrick/httpservelet/cgi_runner: use File.open explicitly [Bug #14220] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61409 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-12-22webrick/httpservlet/cgi_runner.rb: remove unnecessary opennormal
IO#reopen already takes string path names as well as IO objects (but not "| command" strings) This makes further auditing for inadvertant code execution easier. There's no actual bugfix or behavior change here, as no external data is passed to cgi_runner.rb. * lib/webrick/httpservlet/cgi_runner.rb: remove Kernel#open call [Misc #14216] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61398 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-16Add frozen_string_literal: false for all filesnaruse
When you change this to true, you may need to add more tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-11-08* lib/*.rb: Remove unused variable warnings.marcandre
Patch by Run Paint [ruby-core:30991] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29726 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-11-08* lib/webrick/httpproxy.rb (WEBrick::HTTPProxyServer#do_CONNECT):matz
use #bytesize instead of #size. a patch submitted from raspberry lemon in [ruby-core:18571]. * lib/webrick/httpauth/digestauth.rb, lib/webrick/httpproxy.rb, lib/webrick/httprequest.rb, lib/webrick/httpservlet/cgi_runner.rb, lib/webrick/httpservlet/abstract.rb, lib/webrick/httpresponse.rb, lib/webrick/httpservlet/cgihandler.rb, lib/webrick/utils.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-05-18* lib/webrick/httpservlet/filehandler.rb: should normalize pathgotoyuzo
name in path_info to prevent script disclosure vulnerability on DOSISH filesystems. (fix: CVE-2008-1891) Note: NTFS/FAT filesystem should not be published by the platforms other than Windows. Pathname interpretation (including short filename) is less than perfect. * lib/webrick/httpservlet/abstract.rb (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri): should escape the value of Location: header. * lib/webrick/httpservlet/cgi_runner.rb: accept interpreter command line arguments. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2003-07-23* lib/webrick: imported.gotoyuzo
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-21 03:07:42 +0000