Server IP : 66.29.132.122 / Your IP : 18.225.234.108 Web Server : LiteSpeed System : Linux business142.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64 User : admazpex ( 531) PHP Version : 7.2.34 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /proc/self/root/proc/self/root/proc/thread-self/root/proc/thread-self/root/proc/self/root/proc/thread-self/root/proc/self/root/proc/self/root/opt/alt/ruby23/lib64/ruby/gems/2.3.0/gems/rack-1.6.4/lib/rack/multipart/ |
Upload File : |
require 'rack/utils' module Rack module Multipart class MultipartPartLimitError < Errno::EMFILE; end class Parser BUFSIZE = 16384 DUMMY = Struct.new(:parse).new def self.create(env) return DUMMY unless env['CONTENT_TYPE'] =~ MULTIPART io = env['rack.input'] io.rewind content_length = env['CONTENT_LENGTH'] content_length = content_length.to_i if content_length tempfile = env['rack.multipart.tempfile_factory'] || lambda { |filename, content_type| Tempfile.new(["RackMultipart", ::File.extname(filename)]) } bufsize = env['rack.multipart.buffer_size'] || BUFSIZE new($1, io, content_length, env, tempfile, bufsize) end def initialize(boundary, io, content_length, env, tempfile, bufsize) @buf = "" if @buf.respond_to? :force_encoding @buf.force_encoding Encoding::ASCII_8BIT end @params = Utils::KeySpaceConstrainedParams.new @boundary = "--#{boundary}" @io = io @content_length = content_length @boundary_size = Utils.bytesize(@boundary) + EOL.size @env = env @tempfile = tempfile @bufsize = bufsize if @content_length @content_length -= @boundary_size end @rx = /(?:#{EOL})?#{Regexp.quote(@boundary)}(#{EOL}|--)/n @full_boundary = @boundary + EOL end def parse fast_forward_to_first_boundary opened_files = 0 loop do head, filename, content_type, name, body = get_current_head_and_filename_and_content_type_and_name_and_body if Utils.multipart_part_limit > 0 opened_files += 1 if filename raise MultipartPartLimitError, 'Maximum file multiparts in content reached' if opened_files >= Utils.multipart_part_limit end # Save the rest. if i = @buf.index(rx) body << @buf.slice!(0, i) @buf.slice!(0, @boundary_size+2) @content_length = -1 if $1 == "--" end get_data(filename, body, content_type, name, head) do |data| tag_multipart_encoding(filename, content_type, name, data) Utils.normalize_params(@params, name, data) end # break if we're at the end of a buffer, but not if it is the end of a field break if (@buf.empty? && $1 != EOL) || @content_length == -1 end @io.rewind @params.to_params_hash end private def full_boundary; @full_boundary; end def rx; @rx; end def fast_forward_to_first_boundary loop do content = @io.read(@bufsize) raise EOFError, "bad content body" unless content @buf << content while @buf.gsub!(/\A([^\n]*\n)/, '') read_buffer = $1 return if read_buffer == full_boundary end raise EOFError, "bad content body" if Utils.bytesize(@buf) >= @bufsize end end def get_current_head_and_filename_and_content_type_and_name_and_body head = nil body = '' if body.respond_to? :force_encoding body.force_encoding Encoding::ASCII_8BIT end filename = content_type = name = nil until head && @buf =~ rx if !head && i = @buf.index(EOL+EOL) head = @buf.slice!(0, i+2) # First \r\n @buf.slice!(0, 2) # Second \r\n content_type = head[MULTIPART_CONTENT_TYPE, 1] name = head[MULTIPART_CONTENT_DISPOSITION, 1] || head[MULTIPART_CONTENT_ID, 1] filename = get_filename(head) if name.nil? || name.empty? && filename name = filename end if filename (@env['rack.tempfiles'] ||= []) << body = @tempfile.call(filename, content_type) body.binmode if body.respond_to?(:binmode) end next end # Save the read body part. if head && (@boundary_size+4 < @buf.size) body << @buf.slice!(0, @buf.size - (@boundary_size+4)) end content = @io.read(@content_length && @bufsize >= @content_length ? @content_length : @bufsize) raise EOFError, "bad content body" if content.nil? || content.empty? @buf << content @content_length -= content.size if @content_length end [head, filename, content_type, name, body] end def get_filename(head) filename = nil case head when RFC2183 filename = Hash[head.scan(DISPPARM)]['filename'] filename = $1 if filename and filename =~ /^"(.*)"$/ when BROKEN_QUOTED, BROKEN_UNQUOTED filename = $1 end return unless filename if filename.scan(/%.?.?/).all? { |s| s =~ /%[0-9a-fA-F]{2}/ } filename = Utils.unescape(filename) end scrub_filename filename if filename !~ /\\[^\\"]/ filename = filename.gsub(/\\(.)/, '\1') end filename end if "<3".respond_to? :valid_encoding? def scrub_filename(filename) unless filename.valid_encoding? # FIXME: this force_encoding is for Ruby 2.0 and 1.9 support. # We can remove it after they are dropped filename.force_encoding(Encoding::ASCII_8BIT) filename.encode!(:invalid => :replace, :undef => :replace) end end CHARSET = "charset" TEXT_PLAIN = "text/plain" def tag_multipart_encoding(filename, content_type, name, body) name.force_encoding Encoding::UTF_8 return if filename encoding = Encoding::UTF_8 if content_type list = content_type.split(';') type_subtype = list.first type_subtype.strip! if TEXT_PLAIN == type_subtype rest = list.drop 1 rest.each do |param| k,v = param.split('=', 2) k.strip! v.strip! encoding = Encoding.find v if k == CHARSET end end end name.force_encoding encoding body.force_encoding encoding end else def scrub_filename(filename) end def tag_multipart_encoding(filename, content_type, name, body) end end def get_data(filename, body, content_type, name, head) data = body if filename == "" # filename is blank which means no file has been selected return elsif filename body.rewind if body.respond_to?(:rewind) # Take the basename of the upload's original filename. # This handles the full Windows paths given by Internet Explorer # (and perhaps other broken user agents) without affecting # those which give the lone filename. filename = filename.split(/[\/\\]/).last data = {:filename => filename, :type => content_type, :name => name, :tempfile => body, :head => head} elsif !filename && content_type && body.is_a?(IO) body.rewind # Generic multipart cases, not coming from a form data = {:type => content_type, :name => name, :tempfile => body, :head => head} end yield data end end end end