shell bypass 403
UnknownSec Shell
:
/
proc
/
self
/
root
/
opt
/
cpanel
/
ea-ruby27
/
root
/
usr
/
share
/
gems
/
doc
/
rack-2.2.10
/
rdoc
/
Rack
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
File.html
<!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>class Rack::File - rack-2.2.10 Documentation</title> <script type="text/javascript"> var rdoc_rel_prefix = "../"; var index_rel_prefix = "../"; </script> <script src="../js/navigation.js" defer></script> <script src="../js/search.js" defer></script> <script src="../js/search_index.js" defer></script> <script src="../js/searcher.js" defer></script> <script src="../js/darkfish.js" defer></script> <link href="../css/fonts.css" rel="stylesheet"> <link href="../css/rdoc.css" rel="stylesheet"> <body id="top" role="document" class="class"> <nav role="navigation"> <div id="project-navigation"> <div id="home-section" role="region" title="Quick navigation" class="nav-section"> <h2> <a href="../index.html" rel="home">Home</a> </h2> <div id="table-of-contents-navigation"> <a href="../table_of_contents.html#pages">Pages</a> <a href="../table_of_contents.html#classes">Classes</a> <a href="../table_of_contents.html#methods">Methods</a> </div> </div> <div id="search-section" role="search" class="project-section initially-hidden"> <form action="#" method="get" accept-charset="utf-8"> <div id="search-field-wrapper"> <input id="search-field" role="combobox" aria-label="Search" aria-autocomplete="list" aria-controls="search-results" type="text" name="search" placeholder="Search" spellcheck="false" title="Type to search, Up and Down to navigate, Enter to load"> </div> <ul id="search-results" aria-label="Search Results" aria-busy="false" aria-expanded="false" aria-atomic="false" class="initially-hidden"></ul> </form> </div> </div> <div id="class-metadata"> <div id="parent-class-section" class="nav-section"> <h3>Parent</h3> <p class="link">Object </div> <!-- Method Quickref --> <div id="method-list-section" class="nav-section"> <h3>Methods</h3> <ul class="link-list" role="directory"> <li class="calls-super" ><a href="#method-c-method_added">::method_added</a> <li ><a href="#method-c-new">::new</a> <li ><a href="#method-i-call">#call</a> <li ><a href="#method-i-fail">#fail</a> <li ><a href="#method-i-filesize">#filesize</a> <li ><a href="#method-i-get">#get</a> <li ><a href="#method-i-mime_type">#mime_type</a> <li ><a href="#method-i-serving">#serving</a> </ul> </div> </div> </nav> <main role="main" aria-labelledby="class-Rack::File"> <h1 id="class-Rack::File" class="class"> class Rack::File </h1> <section class="description"> <p><a href="Files.html"><code>Rack::Files</code></a> serves files below the <code>root</code> directory given, according to the path info of the <a href="../Rack.html"><code>Rack</code></a> request. e.g. when <a href="Files.html#method-c-new"><code>Rack::Files.new</code></a>(“/etc”) is used, you can access 'passwd' file as <a href="http://localhost:9292/passwd">localhost:9292/passwd</a></p> <p>Handlers can detect if bodies are a <a href="Files.html"><code>Rack::Files</code></a>, and use mechanisms like sendfile on the <code>path</code>.</p> </section> <section id="5Buntitled-5D" class="documentation-section"> <section class="constants-list"> <header> <h3>Constants</h3> </header> <dl> <dt id="ALLOWED_VERBS">ALLOWED_VERBS <dd> <dt id="ALLOW_HEADER">ALLOW_HEADER <dd> <dt id="MULTIPART_BOUNDARY">MULTIPART_BOUNDARY <dd> </dl> </section> <section class="attribute-method-details" class="method-section"> <header> <h3>Attributes</h3> </header> <div id="attribute-i-root" class="method-detail"> <div class="method-heading attribute-method-heading"> <span class="method-name">root</span><span class="attribute-access-type">[R]</span> </div> <div class="method-description"> </div> </div> </section> <section id="public-class-5Buntitled-5D-method-details" class="method-section"> <header> <h3>Public Class Methods</h3> </header> <div id="method-c-method_added" class="method-detail "> <div class="method-heading"> <span class="method-name">method_added</span><span class="method-args">(name)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <p>@todo remove in 3.0</p> <div class="method-calls-super"> Calls superclass method </div> <div class="method-source-code" id="method_added-source"> <pre><span class="ruby-comment"># File lib/rack/files.rb, line 20</span> <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier ruby-title">method_added</span>(<span class="ruby-identifier">name</span>) <span class="ruby-keyword">if</span> <span class="ruby-identifier">name</span> <span class="ruby-operator">==</span> <span class="ruby-value">:response_body</span> <span class="ruby-identifier">raise</span> <span class="ruby-node">"#{self.class}\#response_body is no longer supported."</span> <span class="ruby-keyword">end</span> <span class="ruby-keyword">super</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-c-new" class="method-detail "> <div class="method-heading"> <span class="method-name">new</span><span class="method-args">(root, headers = {}, default_mime = 'text/plain')</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="new-source"> <pre><span class="ruby-comment"># File lib/rack/files.rb, line 29</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">initialize</span>(<span class="ruby-identifier">root</span>, <span class="ruby-identifier">headers</span> = {}, <span class="ruby-identifier">default_mime</span> = <span class="ruby-string">'text/plain'</span>) <span class="ruby-ivar">@root</span> = (<span class="ruby-operator">::</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">expand_path</span>(<span class="ruby-identifier">root</span>) <span class="ruby-keyword">if</span> <span class="ruby-identifier">root</span>) <span class="ruby-ivar">@headers</span> = <span class="ruby-identifier">headers</span> <span class="ruby-ivar">@default_mime</span> = <span class="ruby-identifier">default_mime</span> <span class="ruby-ivar">@head</span> = <span class="ruby-constant">Rack</span><span class="ruby-operator">::</span><span class="ruby-constant">Head</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">lambda</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">env</span><span class="ruby-operator">|</span> <span class="ruby-identifier">get</span> <span class="ruby-identifier">env</span> }) <span class="ruby-keyword">end</span></pre> </div> </div> </div> </section> <section id="public-instance-5Buntitled-5D-method-details" class="method-section"> <header> <h3>Public Instance Methods</h3> </header> <div id="method-i-call" class="method-detail "> <div class="method-heading"> <span class="method-name">call</span><span class="method-args">(env)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="call-source"> <pre><span class="ruby-comment"># File lib/rack/files.rb, line 36</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">call</span>(<span class="ruby-identifier">env</span>) <span class="ruby-comment"># HEAD requests drop the response body, including 4xx error messages.</span> <span class="ruby-ivar">@head</span>.<span class="ruby-identifier">call</span> <span class="ruby-identifier">env</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-get" class="method-detail "> <div class="method-heading"> <span class="method-name">get</span><span class="method-args">(env)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="get-source"> <pre><span class="ruby-comment"># File lib/rack/files.rb, line 41</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">get</span>(<span class="ruby-identifier">env</span>) <span class="ruby-identifier">request</span> = <span class="ruby-constant">Rack</span><span class="ruby-operator">::</span><span class="ruby-constant">Request</span>.<span class="ruby-identifier">new</span> <span class="ruby-identifier">env</span> <span class="ruby-keyword">unless</span> <span class="ruby-constant">ALLOWED_VERBS</span>.<span class="ruby-identifier">include?</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">request_method</span> <span class="ruby-keyword">return</span> <span class="ruby-identifier">fail</span>(<span class="ruby-value">405</span>, <span class="ruby-string">"Method Not Allowed"</span>, { <span class="ruby-string">'Allow'</span> <span class="ruby-operator">=></span> <span class="ruby-constant">ALLOW_HEADER</span> }) <span class="ruby-keyword">end</span> <span class="ruby-identifier">path_info</span> = <span class="ruby-constant">Utils</span>.<span class="ruby-identifier">unescape_path</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">path_info</span> <span class="ruby-keyword">return</span> <span class="ruby-identifier">fail</span>(<span class="ruby-value">400</span>, <span class="ruby-string">"Bad Request"</span>) <span class="ruby-keyword">unless</span> <span class="ruby-constant">Utils</span>.<span class="ruby-identifier">valid_path?</span>(<span class="ruby-identifier">path_info</span>) <span class="ruby-identifier">clean_path_info</span> = <span class="ruby-constant">Utils</span>.<span class="ruby-identifier">clean_path_info</span>(<span class="ruby-identifier">path_info</span>) <span class="ruby-identifier">path</span> = <span class="ruby-operator">::</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">join</span>(<span class="ruby-ivar">@root</span>, <span class="ruby-identifier">clean_path_info</span>) <span class="ruby-identifier">available</span> = <span class="ruby-keyword">begin</span> <span class="ruby-operator">::</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">file?</span>(<span class="ruby-identifier">path</span>) <span class="ruby-operator">&&</span> <span class="ruby-operator">::</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">readable?</span>(<span class="ruby-identifier">path</span>) <span class="ruby-keyword">rescue</span> <span class="ruby-constant">SystemCallError</span> <span class="ruby-comment"># Not sure in what conditions this exception can occur, but this</span> <span class="ruby-comment"># is a safe way to handle such an error.</span> <span class="ruby-comment"># :nocov:</span> <span class="ruby-keyword">false</span> <span class="ruby-comment"># :nocov:</span> <span class="ruby-keyword">end</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">available</span> <span class="ruby-identifier">serving</span>(<span class="ruby-identifier">request</span>, <span class="ruby-identifier">path</span>) <span class="ruby-keyword">else</span> <span class="ruby-identifier">fail</span>(<span class="ruby-value">404</span>, <span class="ruby-node">"File not found: #{path_info}"</span>) <span class="ruby-keyword">end</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-serving" class="method-detail "> <div class="method-heading"> <span class="method-name">serving</span><span class="method-args">(request, path)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="serving-source"> <pre><span class="ruby-comment"># File lib/rack/files.rb, line 70</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">serving</span>(<span class="ruby-identifier">request</span>, <span class="ruby-identifier">path</span>) <span class="ruby-keyword">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">options?</span> <span class="ruby-keyword">return</span> [<span class="ruby-value">200</span>, { <span class="ruby-string">'Allow'</span> <span class="ruby-operator">=></span> <span class="ruby-constant">ALLOW_HEADER</span>, <span class="ruby-constant">CONTENT_LENGTH</span> <span class="ruby-operator">=></span> <span class="ruby-string">'0'</span> }, []] <span class="ruby-keyword">end</span> <span class="ruby-identifier">last_modified</span> = <span class="ruby-operator">::</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">mtime</span>(<span class="ruby-identifier">path</span>).<span class="ruby-identifier">httpdate</span> <span class="ruby-keyword">return</span> [<span class="ruby-value">304</span>, {}, []] <span class="ruby-keyword">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">get_header</span>(<span class="ruby-string">'HTTP_IF_MODIFIED_SINCE'</span>) <span class="ruby-operator">==</span> <span class="ruby-identifier">last_modified</span> <span class="ruby-identifier">headers</span> = { <span class="ruby-string">"Last-Modified"</span> <span class="ruby-operator">=></span> <span class="ruby-identifier">last_modified</span> } <span class="ruby-identifier">mime_type</span> = <span class="ruby-identifier">mime_type</span> <span class="ruby-identifier">path</span>, <span class="ruby-ivar">@default_mime</span> <span class="ruby-identifier">headers</span>[<span class="ruby-constant">CONTENT_TYPE</span>] = <span class="ruby-identifier">mime_type</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">mime_type</span> <span class="ruby-comment"># Set custom headers</span> <span class="ruby-identifier">headers</span>.<span class="ruby-identifier">merge!</span>(<span class="ruby-ivar">@headers</span>) <span class="ruby-keyword">if</span> <span class="ruby-ivar">@headers</span> <span class="ruby-identifier">status</span> = <span class="ruby-value">200</span> <span class="ruby-identifier">size</span> = <span class="ruby-identifier">filesize</span> <span class="ruby-identifier">path</span> <span class="ruby-identifier">ranges</span> = <span class="ruby-constant">Rack</span><span class="ruby-operator">::</span><span class="ruby-constant">Utils</span>.<span class="ruby-identifier">get_byte_ranges</span>(<span class="ruby-identifier">request</span>.<span class="ruby-identifier">get_header</span>(<span class="ruby-string">'HTTP_RANGE'</span>), <span class="ruby-identifier">size</span>) <span class="ruby-keyword">if</span> <span class="ruby-identifier">ranges</span>.<span class="ruby-identifier">nil?</span> <span class="ruby-comment"># No ranges:</span> <span class="ruby-identifier">ranges</span> = [<span class="ruby-value">0</span><span class="ruby-operator">..</span><span class="ruby-identifier">size</span> <span class="ruby-operator">-</span> <span class="ruby-value">1</span>] <span class="ruby-keyword">elsif</span> <span class="ruby-identifier">ranges</span>.<span class="ruby-identifier">empty?</span> <span class="ruby-comment"># Unsatisfiable. Return error, and file size:</span> <span class="ruby-identifier">response</span> = <span class="ruby-identifier">fail</span>(<span class="ruby-value">416</span>, <span class="ruby-string">"Byte range unsatisfiable"</span>) <span class="ruby-identifier">response</span>[<span class="ruby-value">1</span>][<span class="ruby-string">"Content-Range"</span>] = <span class="ruby-node">"bytes */#{size}"</span> <span class="ruby-keyword">return</span> <span class="ruby-identifier">response</span> <span class="ruby-keyword">elsif</span> <span class="ruby-identifier">ranges</span>.<span class="ruby-identifier">size</span> <span class="ruby-operator">>=</span> <span class="ruby-value">1</span> <span class="ruby-comment"># Partial content</span> <span class="ruby-identifier">partial_content</span> = <span class="ruby-keyword">true</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">ranges</span>.<span class="ruby-identifier">size</span> <span class="ruby-operator">==</span> <span class="ruby-value">1</span> <span class="ruby-identifier">range</span> = <span class="ruby-identifier">ranges</span>[<span class="ruby-value">0</span>] <span class="ruby-identifier">headers</span>[<span class="ruby-string">"Content-Range"</span>] = <span class="ruby-node">"bytes #{range.begin}-#{range.end}/#{size}"</span> <span class="ruby-keyword">else</span> <span class="ruby-identifier">headers</span>[<span class="ruby-constant">CONTENT_TYPE</span>] = <span class="ruby-node">"multipart/byteranges; boundary=#{MULTIPART_BOUNDARY}"</span> <span class="ruby-keyword">end</span> <span class="ruby-identifier">status</span> = <span class="ruby-value">206</span> <span class="ruby-identifier">body</span> = <span class="ruby-constant">BaseIterator</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">path</span>, <span class="ruby-identifier">ranges</span>, <span class="ruby-value">mime_type:</span> <span class="ruby-identifier">mime_type</span>, <span class="ruby-value">size:</span> <span class="ruby-identifier">size</span>) <span class="ruby-identifier">size</span> = <span class="ruby-identifier">body</span>.<span class="ruby-identifier">bytesize</span> <span class="ruby-keyword">end</span> <span class="ruby-identifier">headers</span>[<span class="ruby-constant">CONTENT_LENGTH</span>] = <span class="ruby-identifier">size</span>.<span class="ruby-identifier">to_s</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">head?</span> <span class="ruby-identifier">body</span> = [] <span class="ruby-keyword">elsif</span> <span class="ruby-operator">!</span><span class="ruby-identifier">partial_content</span> <span class="ruby-identifier">body</span> = <span class="ruby-constant">Iterator</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">path</span>, <span class="ruby-identifier">ranges</span>, <span class="ruby-value">mime_type:</span> <span class="ruby-identifier">mime_type</span>, <span class="ruby-value">size:</span> <span class="ruby-identifier">size</span>) <span class="ruby-keyword">end</span> [<span class="ruby-identifier">status</span>, <span class="ruby-identifier">headers</span>, <span class="ruby-identifier">body</span>] <span class="ruby-keyword">end</span></pre> </div> </div> </div> </section> <section id="private-instance-5Buntitled-5D-method-details" class="method-section"> <header> <h3>Private Instance Methods</h3> </header> <div id="method-i-fail" class="method-detail "> <div class="method-heading"> <span class="method-name">fail</span><span class="method-args">(status, body, headers = {})</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="fail-source"> <pre><span class="ruby-comment"># File lib/rack/files.rb, line 192</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">fail</span>(<span class="ruby-identifier">status</span>, <span class="ruby-identifier">body</span>, <span class="ruby-identifier">headers</span> = {}) <span class="ruby-identifier">body</span> <span class="ruby-operator">+=</span> <span class="ruby-string">"\n"</span> [ <span class="ruby-identifier">status</span>, { <span class="ruby-constant">CONTENT_TYPE</span> <span class="ruby-operator">=></span> <span class="ruby-string">"text/plain"</span>, <span class="ruby-constant">CONTENT_LENGTH</span> <span class="ruby-operator">=></span> <span class="ruby-identifier">body</span>.<span class="ruby-identifier">size</span>.<span class="ruby-identifier">to_s</span>, <span class="ruby-string">"X-Cascade"</span> <span class="ruby-operator">=></span> <span class="ruby-string">"pass"</span> }.<span class="ruby-identifier">merge!</span>(<span class="ruby-identifier">headers</span>), [<span class="ruby-identifier">body</span>] ] <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-filesize" class="method-detail "> <div class="method-heading"> <span class="method-name">filesize</span><span class="method-args">(path)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <div class="method-source-code" id="filesize-source"> <pre><span class="ruby-comment"># File lib/rack/files.rb, line 211</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">filesize</span>(<span class="ruby-identifier">path</span>) <span class="ruby-comment"># We check via File::size? whether this file provides size info</span> <span class="ruby-comment"># via stat (e.g. /proc files often don't), otherwise we have to</span> <span class="ruby-comment"># figure it out by reading the whole file into memory.</span> <span class="ruby-operator">::</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">size?</span>(<span class="ruby-identifier">path</span>) <span class="ruby-operator">||</span> <span class="ruby-operator">::</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">read</span>(<span class="ruby-identifier">path</span>).<span class="ruby-identifier">bytesize</span> <span class="ruby-keyword">end</span></pre> </div> </div> </div> <div id="method-i-mime_type" class="method-detail "> <div class="method-heading"> <span class="method-name">mime_type</span><span class="method-args">(path, default_mime)</span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> <p>The MIME type for the contents of the file located at @path</p> <div class="method-source-code" id="mime_type-source"> <pre><span class="ruby-comment"># File lib/rack/files.rb, line 207</span> <span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">mime_type</span>(<span class="ruby-identifier">path</span>, <span class="ruby-identifier">default_mime</span>) <span class="ruby-constant">Mime</span>.<span class="ruby-identifier">mime_type</span>(<span class="ruby-operator">::</span><span class="ruby-constant">File</span>.<span class="ruby-identifier">extname</span>(<span class="ruby-identifier">path</span>), <span class="ruby-identifier">default_mime</span>) <span class="ruby-keyword">end</span></pre> </div> </div> </div> </section> </section> </main> <footer id="validator-badges" role="contentinfo"> <p><a href="https://validator.w3.org/check/referer">Validate</a> <p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.2.1.1. <p>Based on <a href="http://deveiate.org/projects/Darkfish-RDoc/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>. </footer>
© 2025 UnknownSec