diff options
author | James Tucker <raggi@google.com> | 2013-01-06 15:44:52 -0800 |
---|---|---|
committer | James Tucker <raggi@google.com> | 2013-01-06 15:44:52 -0800 |
commit | 7ced182693b0b2aa4df2b1cc47b9dbcd33342c3d (patch) | |
tree | fca7ab7a5074c5b19b9d4b03afcc649cb3bc3624 | |
parent | 555797cd3c31c6d74d72ab363faeecb91bed8b00 (diff) | |
download | rack-7ced182693b0b2aa4df2b1cc47b9dbcd33342c3d.tar.gz |
Update README based on the one from master
-rw-r--r-- | README | 210 |
1 files changed, 181 insertions, 29 deletions
@@ -1,4 +1,4 @@ -= Rack, a modular Ruby webserver interface += Rack, a modular Ruby webserver interface {<img src="https://secure.travis-ci.org/rack/rack.png" alt="Build Status" />}[http://travis-ci.org/rack/rack] {<img src="https://gemnasium.com/rack/rack.png" alt="Dependency Status" />}[https://gemnasium.com/rack/rack] Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in @@ -9,16 +9,6 @@ middleware) into a single method call. The exact details of this are described in the Rack specification, which all Rack applications should conform to. -== Specification changes in this release - -With Rack 1.1, the Rack specification (found in SPEC) changed in the -following backward-incompatible ways. - -* Rack::VERSION has been pushed to [1,1]. -* rack.logger is now specified. -* The SPEC now allows subclasses of the required types. -* rack.input has to be opened in binary mode. - == Supported web servers The included *handlers* connect all kinds of web servers to Rack: @@ -37,8 +27,11 @@ These web servers include Rack handlers in their distributions: * Fuzed * Glassfish v3 * Phusion Passenger (which is mod_rack for Apache and for nginx) +* Puma * Rainbows! * Unicorn +* unixrack +* uWSGI * Zbatery Any valid Rack app will run the same on all these handlers, without @@ -46,9 +39,6 @@ changing anything. == Supported web frameworks -The included *adapters* connect Rack with existing Ruby web frameworks: -* Camping - These frameworks include Rack adapters in their distributions: * Camping * Coset @@ -132,7 +122,7 @@ By default, the lobster is found at http://localhost:9292. == Installing with RubyGems -A Gem of Rack is available at gemcutter.org. You can install it with: +A Gem of Rack is available at rubygems.org. You can install it with: gem install rack @@ -157,7 +147,6 @@ installation and test-spec. To run the test suite completely, you need: - * camping * fcgi * memcache-client * mongrel @@ -278,7 +267,7 @@ run on port 11211) and memcache-client installed. * Make sure WEBrick respects the :Host option * Many Ruby 1.9 fixes. -* January 3rd, 2009: Ninth public release 1.1.0. +* January 3rd, 2010: Ninth public release 1.1.0. * Moved Auth::OpenID to rack-contrib. * SPEC change that relaxes Lint slightly to allow subclasses of the required types @@ -313,25 +302,184 @@ run on port 11211) and memcache-client installed. * Enforce binary encoding in RewindableInput * Set correct external_encoding for handlers that don't use RewindableInput +* June 13th, 2010: Tenth public release 1.2.0. + * Removed Camping adapter: Camping 2.0 supports Rack as-is + * Removed parsing of quoted values + * Add Request.trace? and Request.options? + * Add mime-type for .webm and .htc + * Fix HTTP_X_FORWARDED_FOR + * Various multipart fixes + * Switch test suite to bacon + +* June 15th, 2010: Eleventh public release 1.2.1. + * Make CGI handler rewindable + * Rename spec/ to test/ to not conflict with SPEC on lesser + operating systems + * March 13th, 2011: Twelfth public release 1.2.2/1.1.2. * Security fix in Rack::Auth::Digest::MD5: when authenticator returned nil, permission was granted on empty password. +* May 22nd, 2011: Thirteenth public release 1.3.0 + * Various performance optimizations + * Various multipart fixes + * Various multipart refactors + * Infinite loop fix for multipart + * Test coverage for Rack::Server returns + * Allow files with '..', but not path components that are '..' + * rackup accepts handler-specific options on the command line + * Request#params no longer merges POST into GET (but returns the same) + * Use URI.encode_www_form_component instead. Use core methods for escaping. + * Allow multi-line comments in the config file + * Bug L#94 reported by Nikolai Lugovoi, query parameter unescaping. + * Rack::Response now deletes Content-Length when appropriate + * Rack::Deflater now supports streaming + * Improved Rack::Handler loading and searching + * Support for the PATCH verb + * env['rack.session.options'] now contains session options + * Cookies respect renew + * Session middleware uses SecureRandom.hex + +* May 22nd, 2011: Fourteenth public release 1.2.3 + * Pulled in relevant bug fixes from 1.3 + * Fixed 1.8.6 support + +* July 13, 2011: Fifteenth public release 1.3.1 + * Fix 1.9.1 support + * Fix JRuby support + * Properly handle $KCODE in Rack::Utils.escape + * Make method_missing/respond_to behavior consistent for Rack::Lock, + Rack::Auth::Digest::Request and Rack::Multipart::UploadedFile + * Reenable passing rack.session to session middleware + * Rack::CommonLogger handles streaming responses correctly + * Rack::MockResponse calls close on the body object + * Fix a DOS vector from MRI stdlib backport + +* July 16, 2011: Sixteenth public release 1.3.2 + * Fix for Rails and rack-test, Rack::Utils#escape calls to_s + +* Not Yet Released: Seventeenth public release 1.3.3 + * Fix bug with broken query parameters in Rack::ShowExceptions + * Rack::Request#cookies no longer swallows exceptions on broken input + * Prevents XSS attacks enabled by bug in Ruby 1.8's regexp engine + * Rack::ConditionalGet handles broken If-Modified-Since helpers + +* September 16, 2011: Eighteenth public release 1.2.4 + * Fix a bug with MRI regex engine to prevent XSS by malformed unicode + +* October 1, 2011: Nineteenth public release 1.3.4 + * Backport security fix from 1.9.3, also fixes some roundtrip issues in URI + * Small documentation update + * Fix an issue where BodyProxy could cause an infinite recursion + * Add some supporting files for travis-ci + +* October 17, 2011: Twentieth public release 1.3.5 + * Fix annoying warnings caused by the backport in 1.3.4 + * December 28th, 2011: Twenty first public release: 1.1.3. * Security fix. http://www.ocert.org/advisories/ocert-2011-003.html Further information here: http://jruby.org/2011/12/27/jruby-1-6-5-1 +* December 28th, 2011: Twenty fourth public release 1.4.0 + * Ruby 1.8.6 support has officially been dropped. Not all tests pass. + * Raise sane error messages for broken config.ru + * Allow combining run and map in a config.ru + * Rack::ContentType will not set Content-Type for responses without a body + * Status code 205 does not send a response body + * Rack::Response::Helpers will not rely on instance variables + * Rack::Utils.build_query no longer outputs '=' for nil query values + * Various mime types added + * Rack::MockRequest now supports HEAD + * Rack::Directory now supports files that contain RFC3986 reserved chars + * Rack::File now only supports GET and HEAD requests + * Rack::Server#start now passes the block to Rack::Handler::<h>#run + * Rack::Static now supports an index option + * Added the Teapot status code + * rackup now defaults to Thin instead of Mongrel (if installed) + * Support added for HTTP_X_FORWARDED_SCHEME + * Numerous bug fixes, including many fixes for new and alternate rubies + +* January 22nd, 2012: Twenty fifth public release 1.4.1 + * Alter the keyspace limit calculations to reduce issues with nested params + * Add a workaround for multipart parsing where files contain unescaped "%" + * Added Rack::Response::Helpers#method_not_allowed? (code 405) + * Rack::File now returns 404 for illegal directory traversals + * Rack::File now returns 405 for illegal methods (non HEAD/GET) + * Rack::Cascade now catches 405 by default, as well as 404 + * Cookies missing '--' no longer cause an exception to be raised + * Various style changes and documentation spelling errors + * Rack::BodyProxy always ensures to execute its block + * Additional test coverage around cookies and secrets + * Rack::Session::Cookie can now be supplied either secret or old_secret + * Tests are no longer dependent on set order + * Rack::Static no longer defaults to serving index files + * Rack.release was fixed + +* January 6th, 2013: Twenty sixth public release 1.1.4 + * Add warnings when users do not provide a session secret + +* January 6th, 2013: Twenty seventh public release 1.2.6 + * Add warnings when users do not provide a session secret + * Fix parsing performance for unquoted filenames + +* January 6th, 2013: Twenty eighth public release 1.3.7 + * Add warnings when users do not provide a session secret + * Fix parsing performance for unquoted filenames + * Updated URI backports + * Fix URI backport version matching, and silence constant warnings + * Correct parameter parsing with empty values + * Correct rackup '-I' flag, to allow multiple uses + * Correct rackup pidfile handling + * Report rackup line numbers correctly + * Fix request loops caused by non-stale nonces with time limits + * Fix reloader on Windows + * Prevent infinite recursions from Response#to_ary + * Various middleware better conforms to the body close specification + * Updated language for the body close specification + * Additional notes regarding ECMA escape compatibility issues + * Fix the parsing of multiple ranges in range headers + +* January 6th, 2013: Twenty ninth public release 1.4.2 + * Add warnings when users do not provide a session secret + * Fix parsing performance for unquoted filenames + * Updated URI backports + * Fix URI backport version matching, and silence constant warnings + * Correct parameter parsing with empty values + * Correct rackup '-I' flag, to allow multiple uses + * Correct rackup pidfile handling + * Report rackup line numbers correctly + * Fix request loops caused by non-stale nonces with time limits + * Fix reloader on Windows + * Prevent infinite recursions from Response#to_ary + * Various middleware better conforms to the body close specification + * Updated language for the body close specification + * Additional notes regarding ECMA escape compatibility issues + * Fix the parsing of multiple ranges in range headers + * Prevent errors from empty parameter keys + * Added PATCH verb to Rack::Request + * Various documentation updates + * Fix session merge semantics (fixes rack-test) + * Rack::Static :index can now handle multiple directories + * All tests now utilize Rack::Lint (special thanks to Lars Gierth) + * Rack::File cache_control parameter is now deprecated, and removed by 1.5 + * Correct Rack::Directory script name escaping + * Rack::Static supports header rules for sophisticated configurations + * Multipart parsing now works without a Content-Length header + * New logos courtesy of Zachary Scott! + * Rack::BodyProxy now explicitly defines #each, useful for C extensions + * Cookies that are not URI escaped no longer cause exceptions + == Contact Please post bugs, suggestions and patches to -the bug tracker at <http://rack.lighthouseapp.com/>. +the bug tracker at <http://github.com/rack/rack/issues>. Mailing list archives are available at <http://groups.google.com/group/rack-devel>. Git repository (send Git patches to the mailing list): * http://github.com/rack/rack -* http://git.vuxu.org/cgi-bin/gitweb.cgi?p=rack.git +* http://git.vuxu.org/cgi-bin/gitweb.cgi?p=rack-github.git You are also welcome to join the #rack channel on irc.freenode.net. @@ -345,6 +493,8 @@ The Rack Core Team, consisting of * Michael Fellinger (manveru) * Ryan Tomayko (rtomayko) * Scytrin dai Kinthra (scytrin) +* Aaron Patterson (tenderlove) +* Konstantin Haase (rkh) would like to thank: @@ -353,12 +503,14 @@ would like to thank: * Tim Fletcher, for the HTTP authentication code. * Luc Heinrich for the Cookie sessions, the static file handler and bugfixes. * Armin Ronacher, for the logo and racktools. -* Aredridel, Ben Alpert, Dan Kubb, Daniel Roethlisberger, Matt Todd, - Tom Robinson, Phil Hagelberg, S. Brent Faulkner, Bosko Milekic, - Daniel Rodríguez Troitiño, Genki Takiuchi, Geoffrey Grosenbach, - Julien Sanchez, Kamal Fariz Mahyuddin, Masayoshi Takahashi, Patrick - Aljordm, Mig, and Kazuhiro Nishiyama for bug fixing and other - improvements. +* Alex Beregszaszi, Alexander Kahn, Anil Wadghule, Aredridel, Ben + Alpert, Dan Kubb, Daniel Roethlisberger, Matt Todd, Tom Robinson, + Phil Hagelberg, S. Brent Faulkner, Bosko Milekic, Daniel Rodríguez + Troitiño, Genki Takiuchi, Geoffrey Grosenbach, Julien Sanchez, Kamal + Fariz Mahyuddin, Masayoshi Takahashi, Patrick Aljordm, Mig, Kazuhiro + Nishiyama, Jon Bardin, Konstantin Haase, Larry Siden, Matias + Korhonen, Sam Ruby, Simon Chiang, Tim Connor, Timur Batyrshin, and + Zach Brock for bug fixing and other improvements. * Eric Wong, Hongli Lai, Jeremy Kemper for their continuous support and API improvements. * Yehuda Katz and Carl Lerche for refactoring rackup. @@ -372,7 +524,7 @@ would like to thank: * Marcus Rückert, for help with configuring and debugging lighttpd. * The WSGI team for the well-done and documented work they've done and Rack builds up on. -* All bug reporters and patch contributers not mentioned above. +* All bug reporters and patch contributors not mentioned above. == Copyright @@ -397,11 +549,11 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. == Links -Rack:: <http://rack.rubyforge.org/> -Rack's Rubyforge project:: <http://rubyforge.org/projects/rack> +Rack:: <http://rack.github.com/> Official Rack repositories:: <http://github.com/rack> -Rack Lighthouse Bug Tracking:: <http://rack.lighthouseapp.com/> +Rack Bug Tracking:: <http://github.com/rack/rack/issues> rack-devel mailing list:: <http://groups.google.com/group/rack-devel> +Rack's Rubyforge project:: <http://rubyforge.org/projects/rack> Christian Neukirchen:: <http://chneukirchen.org/> |