Hello community,
here is the log from the commit of package perl-Mojolicious for openSUSE:Factory checked in at 2017-02-10 09:49:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-Mojolicious (Old)
and /work/SRC/openSUSE:Factory/.perl-Mojolicious.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-Mojolicious"
Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-Mojolicious/perl-Mojolicious.changes 2017-02-03 18:54:14.324152500 +0100
+++ /work/SRC/openSUSE:Factory/.perl-Mojolicious.new/perl-Mojolicious.changes 2017-02-10 09:50:13.403673770 +0100
@@ -1,0 +2,15 @@
+Mon Jan 30 06:06:15 UTC 2017 - coolo@suse.com
+
+- updated to 7.23
+ see /usr/share/doc/packages/perl-Mojolicious/Changes
+
+ 7.23 2017-01-29
+ - Added max_request_size attribute to Mojolicious.
+ - Added max_response_size attribute to Mojo::UserAgent.
+ - Added to_unsafe_string method to Mojo::URL.
+ - Added -S option to get command.
+ - Fixed a data corruption problem in Mojo::IOLoop::Stream, caused by a
+ dependency of IO::Socket::SSL on the internal representation of strings,
+ which differs from IO::Socket::IP. (coolo, sri)
+
+-------------------------------------------------------------------
Old:
----
Mojolicious-7.22.tar.gz
New:
----
Mojolicious-7.23.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-Mojolicious.spec ++++++
--- /var/tmp/diff_new_pack.K8RIAp/_old 2017-02-10 09:50:14.375536357 +0100
+++ /var/tmp/diff_new_pack.K8RIAp/_new 2017-02-10 09:50:14.379535792 +0100
@@ -17,7 +17,7 @@
Name: perl-Mojolicious
-Version: 7.22
+Version: 7.23
Release: 0
%define cpan_name Mojolicious
Summary: Real-time web framework
++++++ Mojolicious-7.22.tar.gz -> Mojolicious-7.23.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/Changes new/Mojolicious-7.23/Changes
--- old/Mojolicious-7.22/Changes 2017-01-25 21:17:33.000000000 +0100
+++ new/Mojolicious-7.23/Changes 2017-01-29 22:33:08.000000000 +0100
@@ -1,4 +1,13 @@
+7.23 2017-01-29
+ - Added max_request_size attribute to Mojolicious.
+ - Added max_response_size attribute to Mojo::UserAgent.
+ - Added to_unsafe_string method to Mojo::URL.
+ - Added -S option to get command.
+ - Fixed a data corruption problem in Mojo::IOLoop::Stream, caused by a
+ dependency of IO::Socket::SSL on the internal representation of strings,
+ which differs from IO::Socket::IP. (coolo, sri)
+
7.22 2017-01-25
- Added ports method to Mojo::Server::Daemon.
- Added remove_tree method to Mojo::File.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/META.json new/Mojolicious-7.23/META.json
--- old/Mojolicious-7.22/META.json 2017-01-26 00:09:02.000000000 +0100
+++ new/Mojolicious-7.23/META.json 2017-01-29 22:42:04.000000000 +0100
@@ -58,6 +58,6 @@
},
"x_IRC" : "irc://irc.perl.org/#mojo"
},
- "version" : "7.22",
+ "version" : "7.23",
"x_serialization_backend" : "JSON::PP version 2.27400"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/META.yml new/Mojolicious-7.23/META.yml
--- old/Mojolicious-7.22/META.yml 2017-01-26 00:09:02.000000000 +0100
+++ new/Mojolicious-7.23/META.yml 2017-01-29 22:42:04.000000000 +0100
@@ -31,5 +31,5 @@
homepage: http://mojolicious.org
license: http://www.opensource.org/licenses/artistic-license-2.0
repository: https://github.com/kraih/mojo.git
-version: '7.22'
+version: '7.23'
x_serialization_backend: 'CPAN::Meta::YAML version 0.018'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojo/IOLoop/Stream.pm new/Mojolicious-7.23/lib/Mojo/IOLoop/Stream.pm
--- old/Mojolicious-7.22/lib/Mojo/IOLoop/Stream.pm 2016-08-27 04:52:25.000000000 +0200
+++ new/Mojolicious-7.23/lib/Mojo/IOLoop/Stream.pm 2017-01-29 22:33:08.000000000 +0100
@@ -77,6 +77,8 @@
sub write {
my ($self, $chunk, $cb) = @_;
+ # IO::Socket::SSL will corrupt data with the wrong internal representation
+ utf8::downgrade $chunk;
$self->{buffer} .= $chunk;
if ($cb) { $self->once(drain => $cb) }
elsif (!length $self->{buffer}) { return $self }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojo/Message/Request.pm new/Mojolicious-7.23/lib/Mojo/Message/Request.pm
--- old/Mojolicious-7.22/lib/Mojo/Message/Request.pm 2016-07-19 02:38:18.000000000 +0200
+++ new/Mojolicious-7.23/lib/Mojo/Message/Request.pm 2017-01-29 22:33:08.000000000 +0100
@@ -410,8 +410,8 @@
than just the last one, you can use L"every_param">. Note that this method
caches all data, so it should not be called before the entire request body has
been received. Parts of the request body need to be loaded into memory to parse
-C<POST> parameters, so you have to make sure it is not excessively large,
-there's a 16MB limit by default.
+C<POST> parameters, so you have to make sure it is not excessively large.
+There's a 16MB limit for requests by default.
=head2 params
@@ -422,8 +422,8 @@
usually a LMojo::Parameters object. Note that this method caches all data, so
it should not be called before the entire request body has been received. Parts
of the request body need to be loaded into memory to parse C<POST> parameters,
-so you have to make sure it is not excessively large, there's a 16MB limit by
-default.
+so you have to make sure it is not excessively large. There's a 16MB limit for
+requests by default.
# Get parameter names and values
my $hash = $req->params->to_hash;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojo/Message/Response.pm new/Mojolicious-7.23/lib/Mojo/Message/Response.pm
--- old/Mojolicious-7.22/lib/Mojo/Message/Response.pm 2016-12-21 13:15:18.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojo/Message/Response.pm 2017-01-29 22:33:08.000000000 +0100
@@ -6,6 +6,7 @@
use Mojo::Util 'deprecated';
has [qw(code message)];
+has max_message_size => sub { $ENV{MOJO_MAX_MESSAGE_SIZE} // 2147483648 };
# Umarked codes are from RFC 7231
my %MESSAGES = (
@@ -212,6 +213,15 @@
HTTP response status code.
+=head2 max_message_size
+
+ my $size = $res->max_message_size;
+ $res = $res->max_message_size(1024);
+
+Maximum message size in bytes, defaults to the value of the
+C environment variable or C<2147483648> (2GB). Setting
+the value to C<0> will allow messages of indefinite size.
+
=head2 message
my $msg = $res->message;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojo/Message.pm new/Mojolicious-7.23/lib/Mojo/Message.pm
--- old/Mojolicious-7.22/lib/Mojo/Message.pm 2016-12-21 00:46:14.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojo/Message.pm 2017-01-29 22:33:08.000000000 +0100
@@ -389,10 +389,7 @@
Maximum message size in bytes, defaults to the value of the
C environment variable or C<16777216> (16MB). Setting
-the value to C<0> will allow messages of indefinite size. Note that increasing
-this value can also drastically increase memory usage, should you for example,
-attempt to parse an excessively large message body with the L"body_params">,
-L"dom"> or L"json"> methods.
+the value to C<0> will allow messages of indefinite size.
=head2 version
@@ -423,7 +420,8 @@
that this method caches all data, so it should not be called before the entire
message body has been received. Parts of the message body need to be loaded
into memory to parse C<POST> parameters, so you have to make sure it is not
-excessively large, there's a 16MB limit by default.
+excessively large. There's a 16MB limit for requests and a 2GB limit for
+responses by default.
# Get POST parameter names and values
my $hash = $msg->body_params->to_hash;
@@ -481,8 +479,8 @@
right away, which then returns a LMojo::Collection object. Note that this
method caches all data, so it should not be called before the entire message
body has been received. The whole message body needs to be loaded into memory
-to parse it, so you have to make sure it is not excessively large, there's a
-16MB limit by default.
+to parse it, so you have to make sure it is not excessively large. There's a
+16MB limit for requests and a 2GB limit for responses by default.
# Perform "find" right away
say $msg->dom('h1, h2, h3')->map('text')->join("\n");
@@ -604,7 +602,8 @@
Note that this method caches all data, so it should not be called before the
entire message body has been received. The whole message body needs to be
loaded into memory to parse it, so you have to make sure it is not excessively
-large, there's a 16MB limit by default.
+large. There's a 16MB limit for requests and a 2GB limit for responses by
+default.
# Extract JSON values
say $msg->json->{foo}{bar}[23];
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojo/URL.pm new/Mojolicious-7.23/lib/Mojo/URL.pm
--- old/Mojolicious-7.22/lib/Mojo/URL.pm 2017-01-11 18:23:42.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojo/URL.pm 2017-01-29 22:33:08.000000000 +0100
@@ -63,9 +63,9 @@
$self->path($5) if defined $5;
$self->query($7) if defined $7;
$self->fragment(_decode(url_unescape $9)) if defined $9;
- if (defined(my $authority = $4)) {
- $self->userinfo(_decode(url_unescape $1)) if $authority =~ s/^([^\@]+)\@//;
- $self->host_port($authority);
+ if (defined(my $auth = $4)) {
+ $self->userinfo(_decode(url_unescape $1)) if $auth =~ s/^([^\@]+)\@//;
+ $self->host_port($auth);
}
return $self;
@@ -148,31 +148,38 @@
return $abs;
}
-sub to_string {
- my $self = shift;
+sub to_string { shift->_string(0) }
+sub to_unsafe_string { shift->_string(1) }
+
+sub username { (shift->userinfo // '') =~ /^([^:]+)/ ? $1 : undef }
+
+sub _decode { decode('UTF-8', $_[0]) // $_[0] }
+
+sub _encode { url_escape encode('UTF-8', $_[0]), $_[1] }
+
+sub _string {
+ my ($self, $unsafe) = @_;
# Scheme
my $url = '';
if (my $proto = $self->protocol) { $url .= "$proto:" }
- # Authority (without userinfo)
- my $authority = $self->host_port;
- $url .= "//$authority" if defined $authority;
+ # Authority
+ my $auth = $self->host_port;
+ if ($unsafe && defined(my $info = $self->userinfo)) {
+ $auth = _encode($info, '^A-Za-z0-9\-._~!$&\'()*+,;=:') . '@' . $auth;
+ }
+ $url .= "//$auth" if defined $auth;
# Path and query
my $path = $self->path_query;
- $url .= !$authority || !length $path || $path =~ m!^[/?]! ? $path : "/$path";
+ $url .= !$auth || !length $path || $path =~ m!^[/?]! ? $path : "/$path";
# Fragment
return $url unless defined(my $fragment = $self->fragment);
- return $url . '#' . url_escape encode('UTF-8', $fragment),
- '^A-Za-z0-9\-._~!$&\'()*+,;=:@/?';
+ return $url . '#' . _encode($fragment, '^A-Za-z0-9\-._~!$&\'()*+,;=:@/?');
}
-sub username { (shift->userinfo // '') =~ /^([^:]+)/ ? $1 : undef }
-
-sub _decode { decode('UTF-8', $_[0]) // $_[0] }
-
1;
=encoding utf8
@@ -477,6 +484,15 @@
# "http://mojolicious.org"
Mojo::URL->new('http://daniel:s3cret@mojolicious.org')->to_string;
+=head2 to_unsafe_string
+
+ my $str = $url->to_unsafe_string;
+
+Same as L"to_string">, but includes L"userinfo">.
+
+ # "http://daniel:s3cret@mojolicious.org"
+ Mojo::URL->new('http://daniel:s3cret@mojolicious.org')->to_unsafe_string;
+
=head2 username
my $username = $url->username;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojo/UserAgent.pm new/Mojolicious-7.23/lib/Mojo/UserAgent.pm
--- old/Mojolicious-7.22/lib/Mojo/UserAgent.pm 2017-01-15 17:02:28.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojo/UserAgent.pm 2017-01-29 22:33:08.000000000 +0100
@@ -17,7 +17,7 @@
has cert => sub { $ENV{MOJO_CERT_FILE} };
has connect_timeout => sub { $ENV{MOJO_CONNECT_TIMEOUT} || 10 };
has cookie_jar => sub { Mojo::UserAgent::CookieJar->new };
-has 'local_address';
+has [qw(local_address max_response_size)];
has inactivity_timeout => sub { $ENV{MOJO_INACTIVITY_TIMEOUT} // 20 };
has ioloop => sub { Mojo::IOLoop->new };
has key => sub { $ENV{MOJO_KEY_FILE} };
@@ -298,6 +298,8 @@
}
$_->prepare($tx) for $self->proxy, $self->cookie_jar;
+ my $max = $self->max_response_size;
+ $tx->res->max_message_size($max) if defined $max;
# Connect and add request timeout if necessary
my $id = $self->emit(start => $tx)->_connection($loop, $tx, $cb);
@@ -573,6 +575,18 @@
defaults to the value of the C environment variable or
C<0>.
+=head2 max_response_size
+
+ my $max = $ua->max_response_size;
+ $ua = $ua->max_response_size(16777216);
+
+Maximum response size in bytes, defaults to the value of
+LMojo::Message::Response/"max_message_size". Setting the value to C<0> will
+allow responses of indefinite size. Note that increasing this value can also
+drastically increase memory usage, should you for example attempt to parse an
+excessively large response body with the methods LMojo::Message/"dom" or
+LMojo::Message/"json".
+
=head2 proxy
my $proxy = $ua->proxy;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojolicious/Command/get.pm new/Mojolicious-7.23/lib/Mojolicious/Command/get.pm
--- old/Mojolicious-7.22/lib/Mojolicious/Command/get.pm 2017-01-19 11:30:58.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojolicious/Command/get.pm 2017-01-29 22:33:08.000000000 +0100
@@ -15,14 +15,16 @@
sub run {
my ($self, @args) = @_;
+ my $ua = Mojo::UserAgent->new(ioloop => Mojo::IOLoop->singleton);
getopt \@args,
'C|charset=s' => \my $charset,
'c|content=s' => \(my $content = ''),
'H|header=s' => \my @headers,
- 'i|inactivity-timeout=i' => \my $inactivity,
+ 'i|inactivity-timeout=i' => sub { $ua->inactivity_timeout($_[1]) },
'M|method=s' => \(my $method = 'GET'),
- 'o|connect-timeout=i' => \my $connect,
+ 'o|connect-timeout=i' => sub { $ua->connect_timeout($_[1]) },
'r|redirect' => \my $redirect,
+ 'S|response-size=i' => sub { $ua->max_response_size($_[1]) },
'v|verbose' => \my $verbose;
@args = map { decode 'UTF-8', $_ } @args;
@@ -33,13 +35,9 @@
my %headers = map { /^\s*([^:]+)\s*:\s*(.*+)$/ ? ($1, $2) : () } @headers;
# Detect proxy for absolute URLs
- my $ua = Mojo::UserAgent->new(ioloop => Mojo::IOLoop->singleton);
$url !~ m!^/! ? $ua->proxy->detect : $ua->server->app($self->app);
$ua->max_redirects(10) if $redirect;
- $ua->inactivity_timeout($inactivity) if defined $inactivity;
- $ua->connect_timeout($connect) if $connect;
-
my $buffer = '';
$ua->on(
start => sub {
@@ -65,16 +63,14 @@
$verbose = 1 if $method eq 'HEAD';
STDOUT->autoflush(1);
my $tx = $ua->start($ua->build_tx($method, $url, \%headers, $content));
- my $err = $tx->error;
- warn qq{Problem loading URL "@{[$tx->req->url]}": $err->{message}\n}
- if $err && !$err->{code};
+ my $res = $tx->result;
# JSON Pointer
return unless defined $selector;
return _json($buffer, $selector) if !length $selector || $selector =~ m!^/!;
# Selector
- $charset //= $tx->res->content->charset || $tx->res->default_charset;
+ $charset //= $res->content->charset || $res->default_charset;
_select($buffer, $selector, $charset, @args);
}
@@ -163,6 +159,8 @@
-o, --connect-timeout <seconds> Connect timeout, defaults to the value
of MOJO_CONNECT_TIMEOUT or 10
-r, --redirect Follow up to 10 redirects
+ -S, --response-size <size> Maximum response size in bytes,
+ defaults to 2147483648 (2GB)
-v, --verbose Print request and response headers to
STDERR
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojolicious/Controller.pm new/Mojolicious-7.23/lib/Mojolicious/Controller.pm
--- old/Mojolicious-7.22/lib/Mojolicious/Controller.pm 2017-01-10 11:31:44.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojolicious/Controller.pm 2017-01-29 22:33:08.000000000 +0100
@@ -583,8 +583,8 @@
message body, in that order. If there are multiple values sharing the same
name, and you want to access more than just the last one, you can use
L"every_param">. Parts of the request body need to be loaded into memory to
-parse C<POST> parameters, so you have to make sure it is not excessively large,
-there's a 16MB limit by default.
+parse C<POST> parameters, so you have to make sure it is not excessively large.
+There's a 16MB limit for requests by default.
# Get first value
my $first = $c->every_param('foo')->[0];
@@ -931,7 +931,7 @@
the query string and C or
C message body. Parts of the request body need to be loaded
into memory to parse C<POST> parameters, so you have to make sure it is not
-excessively large, there's a 16MB limit by default.
+excessively large. There's a 16MB limit for requests by default.
# Validate GET/POST parameter
my $validation = $c->validation;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojolicious/Guides/Cookbook.pod new/Mojolicious-7.23/lib/Mojolicious/Guides/Cookbook.pod
--- old/Mojolicious-7.22/lib/Mojolicious/Guides/Cookbook.pod 2017-01-19 11:22:13.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojolicious/Guides/Cookbook.pod 2017-01-29 22:33:08.000000000 +0100
@@ -1119,13 +1119,12 @@
my $tx = $ua->get('https://www.github.com/kraih/mojo/tarball/master');
$tx->res->content->asset->move_to('mojo.tar.gz');
-To protect you from excessively large files there is also a limit of 16MB by
+To protect you from excessively large files there is also a limit of 2GB by
default, which you can tweak with the attribute
-LMojo::Message/"max_message_size" or C environment
-variable.
+LMojo::UserAgent/"max_response_size".
- # Increase limit to 1GB
- $ENV{MOJO_MAX_MESSAGE_SIZE} = 1073741824;
+ # Increase limit to 10GB
+ $ua->max_response_size(10737418240);
=head2 Large file upload
@@ -1148,13 +1147,12 @@
use Mojo::UserAgent;
+ # Accept responses of indefinite size
+ my $ua = Mojo::UserAgent->new(max_response_size => 0);
+
# Build a normal transaction
- my $ua = Mojo::UserAgent->new;
my $tx = $ua->build_tx(GET => 'http://example.com');
- # Accept response of indefinite size
- $tx->res->max_message_size(0);
-
# Replace "read" events to disable default content parser
$tx->res->content->unsubscribe('read')->on(read => sub {
my ($content, $bytes) = @_;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojolicious/Guides/FAQ.pod new/Mojolicious-7.23/lib/Mojolicious/Guides/FAQ.pod
--- old/Mojolicious-7.22/lib/Mojolicious/Guides/FAQ.pod 2016-09-08 20:22:50.000000000 +0200
+++ new/Mojolicious-7.23/lib/Mojolicious/Guides/FAQ.pod 2017-01-29 22:33:08.000000000 +0100
@@ -189,9 +189,10 @@
To protect your applications from excessively large requests and responses, our
HTTP parser has a cap after which it will automatically stop accepting new
-data, and in most cases force the connection to be closed. The limit is 16MB by
-default, you can use the attribute LMojo::Message/"max_message_size" or
-C environment variable to change this value.
+data, and in most cases force the connection to be closed. The limit is 16MB for
+requests, and 2GB for responses by default. You can use the attributes
+L and LMojo::UserAgent/"max_response_size" to
+change these values.
=head2 What does the error "Maximum start-line size exceeded" mean?
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojolicious/Guides/Tutorial.pod new/Mojolicious-7.23/lib/Mojolicious/Guides/Tutorial.pod
--- old/Mojolicious-7.22/lib/Mojolicious/Guides/Tutorial.pod 2016-09-01 21:57:29.000000000 +0200
+++ new/Mojolicious-7.23/lib/Mojolicious/Guides/Tutorial.pod 2017-01-29 22:33:08.000000000 +0100
@@ -834,11 +834,10 @@
To protect you from excessively large files there is also a limit of 16MB by
default, which you can tweak with the attribute
-LMojo::Message/"max_message_size" or C environment
-variable.
+L.
# Increase limit to 1GB
- $ENV{MOJO_MAX_MESSAGE_SIZE} = 1073741824;
+ app->max_request_size(1073741824);
=head2 User agent
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojolicious/Lite.pm new/Mojolicious-7.23/lib/Mojolicious/Lite.pm
--- old/Mojolicious-7.22/lib/Mojolicious/Lite.pm 2017-01-09 18:47:43.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojolicious/Lite.pm 2017-01-29 22:33:08.000000000 +0100
@@ -21,8 +21,7 @@
push @{"${caller}::ISA"}, 'Mojo';
# Generate moniker based on filename
- my $moniker = path($ENV{MOJO_EXE})->basename;
- $moniker =~ s/\.(?:pl|pm|t)$//i;
+ my $moniker = path($ENV{MOJO_EXE})->basename('.pl', '.pm', '.t');
my $app = shift->new(moniker => $moniker);
# Initialize routes without namespaces
@@ -34,8 +33,7 @@
for my $name (qw(any get options patch post put websocket)) {
monkey_patch $caller, $name, sub { $routes->$name(@_) };
}
- monkey_patch $caller, $_, sub {$app}
- for qw(new app);
+ monkey_patch($caller, $_, sub {$app}) for qw(new app);
monkey_patch $caller, del => sub { $routes->delete(@_) };
monkey_patch $caller, group => sub (&) {
(my $old, $root) = ($root, $routes);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/lib/Mojolicious.pm new/Mojolicious-7.23/lib/Mojolicious.pm
--- old/Mojolicious-7.22/lib/Mojolicious.pm 2017-01-22 15:29:08.000000000 +0100
+++ new/Mojolicious-7.23/lib/Mojolicious.pm 2017-01-29 22:33:08.000000000 +0100
@@ -37,6 +37,7 @@
# Reduced log output outside of development mode
return $mode eq 'development' ? $log : $log->level('info');
};
+has 'max_request_size';
has mode => sub { $ENV{MOJO_MODE} || $ENV{PLACK_ENV} || 'development' };
has moniker => sub { Mojo::Util::decamelize ref shift };
has plugins => sub { Mojolicious::Plugins->new };
@@ -57,7 +58,7 @@
has validator => sub { Mojolicious::Validator->new };
our $CODENAME = 'Doughnut';
-our $VERSION = '7.22';
+our $VERSION = '7.23';
sub AUTOLOAD {
my $self = shift;
@@ -92,8 +93,12 @@
sub build_tx {
my $self = shift;
- my $tx = Mojo::Transaction::HTTP->new;
+
+ my $tx = Mojo::Transaction::HTTP->new;
+ my $max = $self->max_request_size;
+ $tx->req->max_message_size($max) if defined $max;
$self->plugins->emit_hook(after_build_tx => $tx, $self);
+
return $tx;
}
@@ -412,6 +417,18 @@
# Log debug message
$app->log->debug('It works');
+=head2 max_request_size
+
+ my $max = $app->max_request_size;
+ $app = $app->max_request_size(16777216);
+
+Maximum request size in bytes, defaults to the value of
+LMojo::Message/"max_message_size". Setting the value to C<0> will allow
+requests of indefinite size. Note that increasing this value can also
+drastically increase memory usage, should you for example attempt to parse an
+excessively large request body with the methods LMojo::Message/"dom" or
+LMojo::Message/"json".
+
=head2 mode
my $mode = $app->mode;
@@ -1034,6 +1051,8 @@
Steffen Ullrich
+Stephan Kulow
+
Stephane Este-Gracias
Steve Atkins
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/t/mojo/ioloop_tls.t new/Mojolicious-7.23/t/mojo/ioloop_tls.t
--- old/Mojolicious-7.22/t/mojo/ioloop_tls.t 2017-01-15 14:01:00.000000000 +0100
+++ new/Mojolicious-7.23/t/mojo/ioloop_tls.t 2017-01-29 22:33:08.000000000 +0100
@@ -30,15 +30,18 @@
# openssl req -x509 -days 7300 -key bad.key -in bad.csr -out bad.crt
use Mojo::IOLoop;
-# Built-in certificate
+# Built-in certificate (and upgraded string)
my $loop = Mojo::IOLoop->new;
my $delay = $loop->delay;
+my $upgraded
+ = "\x01\x00\x00\x00\x00\x00\xD0\x00\x0A\x00\x0B\x00\x00\x00\x84\x0B";
+utf8::upgrade $upgraded;
my ($server, $client);
my $end = $delay->begin;
my $id = $loop->server(
{address => '127.0.0.1', tls => 1} => sub {
my ($loop, $stream) = @_;
- $stream->write('test' => sub { shift->write('321') });
+ $stream->write($upgraded => sub { shift->write('321') });
$stream->on(close => $end);
$stream->on(read => sub { $server .= pop });
}
@@ -55,8 +58,8 @@
}
);
$delay->wait;
-is $server, 'tset123', 'right content';
-is $client, 'test321', 'right content';
+is $server, 'tset123', 'right content';
+is $client, "${upgraded}321", 'right content';
# Valid client certificate
$delay = Mojo::IOLoop->delay;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/t/mojo/request.t new/Mojolicious-7.23/t/mojo/request.t
--- old/Mojolicious-7.22/t/mojo/request.t 2017-01-11 18:25:50.000000000 +0100
+++ new/Mojolicious-7.23/t/mojo/request.t 2017-01-29 22:33:08.000000000 +0100
@@ -10,8 +10,12 @@
use Mojo::URL;
use Mojo::Util 'encode';
-# Parse HTTP 1.1 message with huge "Cookie" header exceeding all limits
+# Defaults
my $req = Mojo::Message::Request->new;
+is $req->max_message_size, 16777216, 'right default';
+
+# Parse HTTP 1.1 message with huge "Cookie" header exceeding all limits
+$req = Mojo::Message::Request->new;
my $finished;
$req->max_message_size($req->headers->max_line_size);
my $huge = 'a=b; ' x $req->max_message_size;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/t/mojo/response.t new/Mojolicious-7.23/t/mojo/response.t
--- old/Mojolicious-7.22/t/mojo/response.t 2016-12-21 00:12:31.000000000 +0100
+++ new/Mojolicious-7.23/t/mojo/response.t 2017-01-29 22:33:08.000000000 +0100
@@ -9,8 +9,12 @@
use Mojo::Message::Response;
use Mojo::Util 'encode';
-# Common status codes
+# Defaults
my $res = Mojo::Message::Response->new;
+is $res->max_message_size, 2147483648, 'right default';
+
+# Common status codes
+$res = Mojo::Message::Response->new;
is $res->code(100)->default_message, 'Continue', 'right message';
is $res->code(101)->default_message, 'Switching Protocols', 'right message';
is $res->code(102)->default_message, 'Processing', 'right message';
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/t/mojo/url.t new/Mojolicious-7.23/t/mojo/url.t
--- old/Mojolicious-7.22/t/mojo/url.t 2017-01-11 18:24:52.000000000 +0100
+++ new/Mojolicious-7.23/t/mojo/url.t 2017-01-29 22:33:08.000000000 +0100
@@ -42,6 +42,9 @@
is $url->host, 'localhost', 'right host';
is $url->fragment, 'AZaz09-._~!$&\'()*+,;=:@/?', 'right fragment';
is "$url", 'ws://localhost#AZaz09-._~!$&\'()*+,;=:@/?', 'right format';
+is $url->to_unsafe_string,
+ 'ws://AZaz09-._~!$&\'()*+,;=:@localhost#AZaz09-._~!$&\'()*+,;=:@/?',
+ 'right format';
# Parameters
$url = Mojo::URL->new(
@@ -373,6 +376,9 @@
is $url->fragment, '☃', 'right fragment';
is "$url", 'http://xn--n3h.xn--n3h.de/%E2%98%83?%E2%98%83#%E2%98%83',
'right format';
+is $url->to_unsafe_string,
+ 'http://%E2%98%83:%E2%98%83@xn--n3h.xn--n3h.de/%E2%98%83?%E2%98%83#%E2%98%83',
+ 'right format';
# IRI/IDNA
$url = Mojo::URL->new('http://☃.net/♥/?q=♥☃');
@@ -415,6 +421,7 @@
is $url->host, 'foo.com', 'right host';
is $url->fragment, '0', 'right fragment';
is "$url", 'http://foo.com#0', 'right format';
+is $url->to_unsafe_string, 'http://0@foo.com#0', 'right format';
# Empty path elements
$url = Mojo::URL->new('http://example.com/foo//bar/23/');
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/t/mojo/user_agent.t new/Mojolicious-7.23/t/mojo/user_agent.t
--- old/Mojolicious-7.22/t/mojo/user_agent.t 2017-01-15 17:02:28.000000000 +0100
+++ new/Mojolicious-7.23/t/mojo/user_agent.t 2017-01-29 22:33:08.000000000 +0100
@@ -156,7 +156,8 @@
is $tx->res->version, '1.1', 'right version';
is $tx->res->code, 200, 'right status';
ok !$tx->res->headers->connection, 'no "Connection" value';
-is $tx->res->body, 'works!', 'right content';
+is $tx->res->max_message_size, 2147483648, 'right value';
+is $tx->res->body, 'works!', 'right content';
# Again
$tx = $ua->get('/');
@@ -166,12 +167,13 @@
is $tx->res->code, 200, 'right status';
ok !$tx->res->headers->connection, 'no "Connection" value';
is $tx->res->body, 'works!', 'right content';
-$tx = $ua->get('/');
+$tx = $ua->max_response_size(0)->get('/');
ok $tx->success, 'successful';
is $tx->res->version, '1.1', 'right version';
is $tx->res->code, 200, 'right status';
ok !$tx->res->headers->connection, 'no "Connection" value';
-is $tx->res->body, 'works!', 'right content';
+is $tx->res->max_message_size, 0, 'right value';
+is $tx->res->body, 'works!', 'right content';
# Shortcuts for common request methods
is $ua->delete('/method')->res->body, 'DELETE', 'right content';
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Mojolicious-7.22/t/mojolicious/upload_lite_app.t new/Mojolicious-7.23/t/mojolicious/upload_lite_app.t
--- old/Mojolicious-7.22/t/mojolicious/upload_lite_app.t 2016-07-19 02:38:18.000000000 +0200
+++ new/Mojolicious-7.23/t/mojolicious/upload_lite_app.t 2017-01-29 22:33:08.000000000 +0100
@@ -9,6 +9,11 @@
use Mojolicious::Lite;
use Test::Mojo;
+get '/request_size' => sub {
+ my $c = shift;
+ $c->render(text => $c->req->max_message_size);
+};
+
post '/upload' => sub {
my $c = shift;
my $file = $c->param('file');
@@ -28,6 +33,11 @@
my $t = Test::Mojo->new;
+# Request size limit
+$t->get_ok('/request_size')->status_is(200)->content_is(16777216);
+$t->app->max_request_size(0);
+$t->get_ok('/request_size')->status_is(200)->content_is(0);
+
# Asset and filename
my $file = Mojo::Asset::File->new->add_chunk('lalala');
$t->post_ok('/upload' => form =>