From 4aed1c0f68057a554b27e8451243579b5e79771b Mon Sep 17 00:00:00 2001 From: Samuel Williams Date: Sat, 15 Jan 2022 16:09:32 +1300 Subject: [PATCH 1/2] Test with latest version of psych. --- test/spec_mock.rb | 34 +++++++++++++++---------------- test/testrequest.rb | 4 ++-- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/test/spec_mock.rb b/test/spec_mock.rb index 24fefe2e4..71001d176 100644 --- a/test/spec_mock.rb +++ b/test/spec_mock.rb @@ -47,7 +47,7 @@ it "provide sensible defaults" do res = Rack::MockRequest.new(app).request - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "GET" env["SERVER_NAME"].must_equal "example.org" env["SERVER_PORT"].must_equal "80" @@ -60,23 +60,23 @@ it "allow GET/POST/PUT/DELETE/HEAD" do res = Rack::MockRequest.new(app).get("", input: "foo") - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "GET" res = Rack::MockRequest.new(app).post("", input: "foo") - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "POST" res = Rack::MockRequest.new(app).put("", input: "foo") - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "PUT" res = Rack::MockRequest.new(app).patch("", input: "foo") - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "PATCH" res = Rack::MockRequest.new(app).delete("", input: "foo") - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "DELETE" Rack::MockRequest.env_for("/", method: "HEAD")["REQUEST_METHOD"] @@ -102,11 +102,11 @@ it "allow posting" do res = Rack::MockRequest.new(app).get("", input: "foo") - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["mock.postdata"].must_equal "foo" res = Rack::MockRequest.new(app).post("", input: StringIO.new("foo")) - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["mock.postdata"].must_equal "foo" end @@ -115,7 +115,7 @@ get("https://bla.example.org:9292/meh/foo?bar") res.must_be_kind_of Rack::MockResponse - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "GET" env["SERVER_NAME"].must_equal "bla.example.org" env["SERVER_PORT"].must_equal "9292" @@ -129,7 +129,7 @@ get("https://example.org/foo") res.must_be_kind_of Rack::MockResponse - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "GET" env["SERVER_NAME"].must_equal "example.org" env["SERVER_PORT"].must_equal "443" @@ -144,7 +144,7 @@ get("foo") res.must_be_kind_of Rack::MockResponse - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "GET" env["SERVER_NAME"].must_equal "example.org" env["SERVER_PORT"].must_equal "80" @@ -155,13 +155,13 @@ it "properly convert method name to an uppercase string" do res = Rack::MockRequest.new(app).request(:get) - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "GET" end it "accept params and build query string for GET requests" do res = Rack::MockRequest.new(app).get("/foo?baz=2", params: { foo: { bar: "1" } }) - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "GET" env["QUERY_STRING"].must_include "baz=2" env["QUERY_STRING"].must_include "foo[bar]=1" @@ -171,7 +171,7 @@ it "accept raw input in params for GET requests" do res = Rack::MockRequest.new(app).get("/foo?baz=2", params: "foo[bar]=1") - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "GET" env["QUERY_STRING"].must_include "baz=2" env["QUERY_STRING"].must_include "foo[bar]=1" @@ -181,7 +181,7 @@ it "accept params and build url encoded params for POST requests" do res = Rack::MockRequest.new(app).post("/foo", params: { foo: { bar: "1" } }) - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "POST" env["QUERY_STRING"].must_equal "" env["PATH_INFO"].must_equal "/foo" @@ -191,7 +191,7 @@ it "accept raw input in params for POST requests" do res = Rack::MockRequest.new(app).post("/foo", params: "foo[bar]=1") - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "POST" env["QUERY_STRING"].must_equal "" env["PATH_INFO"].must_equal "/foo" @@ -202,7 +202,7 @@ it "accept params and build multipart encoded params for POST requests" do files = Rack::Multipart::UploadedFile.new(File.join(File.dirname(__FILE__), "multipart", "file1.txt")) res = Rack::MockRequest.new(app).post("/foo", params: { "submit-name" => "Larry", "files" => files }) - env = YAML.load(res.body) + env = YAML.unsafe_load(res.body) env["REQUEST_METHOD"].must_equal "POST" env["QUERY_STRING"].must_equal "" env["PATH_INFO"].must_equal "/foo" diff --git a/test/testrequest.rb b/test/testrequest.rb index aabe7fa6b..481a4e54d 100644 --- a/test/testrequest.rb +++ b/test/testrequest.rb @@ -42,7 +42,7 @@ def GET(path, header = {}) http.request(get) { |response| @status = response.code.to_i begin - @response = YAML.load(response.body) + @response = YAML.unsafe_load(response.body) rescue TypeError, ArgumentError @response = nil end @@ -60,7 +60,7 @@ def POST(path, formdata = {}, header = {}) post.basic_auth user, passwd if user && passwd http.request(post) { |response| @status = response.code.to_i - @response = YAML.load(response.body) + @response = YAML.unsafe_load(response.body) } } end From 62504264cd305533373afe53cc18c6ce098217b8 Mon Sep 17 00:00:00 2001 From: Samuel Williams Date: Sat, 15 Jan 2022 16:09:51 +1300 Subject: [PATCH 2/2] Remove obsolete support for RFC2109 date/time formatting. --- test/spec_utils.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/test/spec_utils.rb b/test/spec_utils.rb index 428abbfd7..6aa0c17e4 100644 --- a/test/spec_utils.rb +++ b/test/spec_utils.rb @@ -481,10 +481,6 @@ def initialize(*) Rack::Utils.rfc2822(Time.at(0).gmtime).must_equal "Thu, 01 Jan 1970 00:00:00 -0000" end - it "return rfc2109 format from rfc2109 helper" do - Rack::Utils.rfc2109(Time.at(0).gmtime).must_equal "Thu, 01-Jan-1970 00:00:00 GMT" - end - it "clean directory traversal" do Rack::Utils.clean_path_info("/cgi/../cgi/test").must_equal "/cgi/test" Rack::Utils.clean_path_info(".").must_be_empty