webmcp
changeset 16:944642a3e488
New set_cookie functions; Added inline documentation; Make set_allowed_json_request_slots work in interactive shell
author | jbe/bsw |
---|---|
date | Thu Mar 25 17:37:03 2010 +0100 (2010-03-25) |
parents | 6441487fa12f |
children | 5ab8a36ffe19 |
files | doc/autodoc-header.htmlpart framework/cgi-bin/webmcp.lua framework/env/request/get_absolute_baseurl.lua framework/env/request/set_allowed_json_request_slots.lua framework/env/request/set_cookie.lua libraries/rocketcgi/rocketcgi.lua |
line diff
1.1 --- a/doc/autodoc-header.htmlpart Sat Feb 20 21:01:57 2010 +0100 1.2 +++ b/doc/autodoc-header.htmlpart Thu Mar 25 17:37:03 2010 +0100 1.3 @@ -55,10 +55,10 @@ 1.4 color: #505050; 1.5 } 1.6 </style> 1.7 - <title>WebMCP 1.0.8 Documentation</title> 1.8 + <title>WebMCP 1.0.9 Documentation</title> 1.9 </head> 1.10 <body> 1.11 - <h1>WebMCP 1.0.8 Documentation</h1> 1.12 + <h1>WebMCP 1.0.9 Documentation</h1> 1.13 <p> 1.14 WebMCP is a completely new web development framework, and has not been extensively tested yet. The API might change at any time, but in future releases there will be a list of all changes, which break downward compatibility. 1.15 </p>
2.1 --- a/framework/cgi-bin/webmcp.lua Sat Feb 20 21:01:57 2010 +0100 2.2 +++ b/framework/cgi-bin/webmcp.lua Thu Mar 25 17:37:03 2010 +0100 2.3 @@ -1,6 +1,6 @@ 2.4 #!/usr/bin/env lua 2.5 2.6 -_WEBMCP_VERSION = "1.0.8" 2.7 +_WEBMCP_VERSION = "1.0.9" 2.8 2.9 -- include "../lib/" in search path for libraries 2.10 do
3.1 --- a/framework/env/request/get_absolute_baseurl.lua Sat Feb 20 21:01:57 2010 +0100 3.2 +++ b/framework/env/request/get_absolute_baseurl.lua Thu Mar 25 17:37:03 2010 +0100 3.3 @@ -1,3 +1,11 @@ 3.4 +--[[-- 3.5 +baseurl = 3.6 +request.get_absolute_baseurl() 3.7 + 3.8 +This function returns the absolute base URL of the application, as set by request.set_absolute_baseurl(...). 3.9 + 3.10 +--]]-- 3.11 + 3.12 function request.get_absolute_baseurl() 3.13 if request._absolute_baseurl then 3.14 return request._absolute_baseurl
4.1 --- a/framework/env/request/set_allowed_json_request_slots.lua Sat Feb 20 21:01:57 2010 +0100 4.2 +++ b/framework/env/request/set_allowed_json_request_slots.lua Thu Mar 25 17:37:03 2010 +0100 4.3 @@ -8,16 +8,18 @@ 4.4 --]]-- 4.5 4.6 function request.set_allowed_json_request_slots(slot_idents) 4.7 - local hash = {} 4.8 - for idx, slot_ident in ipairs(slot_idents) do 4.9 - hash[slot_ident] = true 4.10 - end 4.11 - if cgi.params["_webmcp_json_slots[]"] then 4.12 - for idx, slot_ident in ipairs(cgi.params["_webmcp_json_slots[]"]) do 4.13 - if not hash[slot_ident] then 4.14 - error('Requesting slot "' .. slot_ident .. '" is forbidden.') 4.15 + if cgi then -- do nothing, when being in interactive mode 4.16 + local hash = {} 4.17 + for idx, slot_ident in ipairs(slot_idents) do 4.18 + hash[slot_ident] = true 4.19 + end 4.20 + if cgi.params["_webmcp_json_slots[]"] then 4.21 + for idx, slot_ident in ipairs(cgi.params["_webmcp_json_slots[]"]) do 4.22 + if not hash[slot_ident] then 4.23 + error('Requesting slot "' .. slot_ident .. '" is forbidden.') 4.24 + end 4.25 end 4.26 end 4.27 + request._json_requests_allowed = true 4.28 end 4.29 - request._json_requests_allowed = true 4.30 end
5.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 5.2 +++ b/framework/env/request/set_cookie.lua Thu Mar 25 17:37:03 2010 +0100 5.3 @@ -0,0 +1,43 @@ 5.4 +--[[-- 5.5 +request.set_cookie{ 5.6 + name = name, -- name of cookie 5.7 + value = value, -- value of cookie 5.8 + domain = domain, -- optional domain domain where cookie is transmitted 5.9 + path = path, -- optional path where cookie is transmitted, defaults to application base 5.10 + secure = secure -- optional boolean, indicating if cookie should only be transmitted over HTTPS 5.11 +} 5.12 + 5.13 +This function is similar to rocketwiki.set_cookie{...}, except that it automatically sets the path to the application base. It also sets secure=true, if the secure option is unset and the application base URL starts with "https://". 5.14 + 5.15 +--]]-- 5.16 + 5.17 +function request.set_cookie(args) 5.18 + local path = args.path 5.19 + if not path then 5.20 + path = string.match( 5.21 + request.get_absolute_baseurl(), 5.22 + "://[^/]*(.*)" 5.23 + ) 5.24 + if path == nil or path == "" then 5.25 + path = "/" 5.26 + end 5.27 + end 5.28 + local secure = args.secure 5.29 + if secure == nil then 5.30 + if string.find( 5.31 + string.lower(request.get_absolute_baseurl()), 5.32 + "^https://" 5.33 + ) then 5.34 + secure = true 5.35 + else 5.36 + secure = false 5.37 + end 5.38 + end 5.39 + cgi.set_cookie{ 5.40 + name = args.name, 5.41 + value = args.value, 5.42 + domain = args.domain, 5.43 + path = path, 5.44 + secure = secure 5.45 + } 5.46 +end
6.1 --- a/libraries/rocketcgi/rocketcgi.lua Sat Feb 20 21:01:57 2010 +0100 6.2 +++ b/libraries/rocketcgi/rocketcgi.lua Thu Mar 25 17:37:03 2010 +0100 6.3 @@ -32,6 +32,16 @@ 6.4 6.5 data_sent = false 6.6 6.7 +--[[-- 6.8 +rocketcgi.add_header( 6.9 + string_part1, -- string 6.10 + string_part2, -- optional second part of string to be concatted 6.11 + ... 6.12 +) 6.13 + 6.14 +Sends a header line to the browser. Multiple arguments are concatted to form a single string. 6.15 + 6.16 +--]]-- 6.17 function add_header(...) 6.18 if data_sent then 6.19 error("Can not add header after data has been sent.", 2) 6.20 @@ -39,7 +49,18 @@ 6.21 io.stdout:write(...) 6.22 io.stdout:write("\r\n") 6.23 end 6.24 +--//-- 6.25 6.26 +--[[-- 6.27 +rocketcgi.send_data( 6.28 + string_part1, -- string 6.29 + string_part2, -- optional second part of string to be concatted 6.30 + ... 6.31 +) 6.32 + 6.33 +Sends document data to the browser. Multiple arguments are concatted to form a single string. 6.34 + 6.35 +--]]-- 6.36 function send_data(...) 6.37 if not data_sent then 6.38 io.stdout:write("\r\n") 6.39 @@ -47,19 +68,84 @@ 6.40 end 6.41 io.stdout:write(...) 6.42 end 6.43 +--//-- 6.44 6.45 +--[[-- 6.46 +rocketcgi.set_status( 6.47 + status -- Status code and description, e.g. "404 Not Found" 6.48 +) 6.49 + 6.50 +Sends a header line to the browser, indicating a given HTTP status. 6.51 + 6.52 +--]]-- 6.53 function set_status(status) 6.54 add_header("Status: ", status) 6.55 end 6.56 +--//-- 6.57 6.58 +--[[-- 6.59 +rocketcgi.redirect( 6.60 + status -- Absolute URL to redirect the browser to 6.61 +) 6.62 + 6.63 +Redirects the browser to the given absolute URL, using a 303 Redirect. 6.64 + 6.65 +--]]-- 6.66 function redirect(location) 6.67 set_status("303 See Other") 6.68 add_header("Location: ", location) 6.69 end 6.70 +--//-- 6.71 6.72 +--[[-- 6.73 +rocketcgi.set_status( 6.74 + status -- Status code and description, e.g. "404 Not Found" 6.75 +) 6.76 + 6.77 +Sends a header line specifying the content-type to the browser. 6.78 + 6.79 +--]]-- 6.80 function set_content_type(content_type) 6.81 add_header("Content-Type: ", content_type) 6.82 end 6.83 +--//-- 6.84 + 6.85 +--[[-- 6.86 +rocketcgi.set_cookie{ 6.87 + name = name, -- name of cookie 6.88 + value = value, -- value of cookie 6.89 + domain = domain, -- domain where cookie is transmitted 6.90 + path = path, -- path where cookie is transmitted 6.91 + secure = secure -- boolean, indicating if cookie should only be transmitted over HTTPS 6.92 +} 6.93 + 6.94 +Sends a header line setting a cookie. NOTE: Currently only session cookies are supported. 6.95 + 6.96 +--]]-- 6.97 +function set_cookie(args) 6.98 + assert(string.find(args.name, "^[0-9A-Za-z%%._~-]+$"), "Illegal cookie name") 6.99 + assert(string.find(args.value, "^[0-9A-Za-z%%._~-]+$"), "Illegal cookie value") 6.100 + local parts = {"Set-Cookie: " .. args.name .. "=" .. args.value} 6.101 + if args.domain then 6.102 + assert( 6.103 + string.find(args.path, "^[0-9A-Za-z%%/._~-]+$"), 6.104 + "Illegal cookie domain" 6.105 + ) 6.106 + parts[#parts+1] = "domain=" .. args.domain 6.107 + end 6.108 + if args.path then 6.109 + assert( 6.110 + string.find(args.path, "^[0-9A-Za-z%%/._~-]+$"), 6.111 + "Illegal cookie path" 6.112 + ) 6.113 + parts[#parts+1] = "path=" .. args.path 6.114 + end 6.115 + if args.secure then 6.116 + parts[#parts+1] = "secure" 6.117 + end 6.118 + add_header(table.concat(parts, "; ")) 6.119 +end 6.120 +--//-- 6.121 6.122 method = os.getenv("REQUEST_METHOD") or false 6.123 query = os.getenv("QUERY_STRING") or false