summaryrefslogtreecommitdiff
path: root/SPEC.rdoc
diff options
context:
space:
mode:
Diffstat (limited to 'SPEC.rdoc')
-rw-r--r--SPEC.rdoc266
1 files changed, 0 insertions, 266 deletions
diff --git a/SPEC.rdoc b/SPEC.rdoc
deleted file mode 100644
index 356cf569..00000000
--- a/SPEC.rdoc
+++ /dev/null
@@ -1,266 +0,0 @@
-This specification aims to formalize the Rack protocol. You
-can (and should) use Rack::Lint to enforce it.
-When you develop middleware, be sure to add a Lint before and
-after to catch all mistakes.
-= Rack applications
-A Rack application is a Ruby object (not a class) that
-responds to +call+.
-It takes exactly one argument, the *environment*
-and returns an Array of exactly three values:
-The *status*,
-the *headers*,
-and the *body*.
-== The Environment
-The environment must be an unfrozen instance of Hash that includes
-CGI-like headers. The application is free to modify the
-environment.
-The environment is required to include these variables
-(adopted from PEP333), except when they'd be empty, but see
-below.
-<tt>REQUEST_METHOD</tt>:: The HTTP request method, such as
- "GET" or "POST". This cannot ever
- be an empty string, and so is
- always required.
-<tt>SCRIPT_NAME</tt>:: The initial portion of the request
- URL's "path" that corresponds to the
- application object, so that the
- application knows its virtual
- "location". This may be an empty
- string, if the application corresponds
- to the "root" of the server.
-<tt>PATH_INFO</tt>:: The remainder of the request URL's
- "path", designating the virtual
- "location" of the request's target
- within the application. This may be an
- empty string, if the request URL targets
- the application root and does not have a
- trailing slash. This value may be
- percent-encoded when originating from
- a URL.
-<tt>QUERY_STRING</tt>:: The portion of the request URL that
- follows the <tt>?</tt>, if any. May be
- empty, but is always required!
-<tt>SERVER_NAME</tt>, <tt>SERVER_PORT</tt>::
- When combined with <tt>SCRIPT_NAME</tt> and
- <tt>PATH_INFO</tt>, these variables can be
- used to complete the URL. Note, however,
- that <tt>HTTP_HOST</tt>, if present,
- should be used in preference to
- <tt>SERVER_NAME</tt> for reconstructing
- the request URL.
- <tt>SERVER_NAME</tt> and <tt>SERVER_PORT</tt>
- can never be empty strings, and so
- are always required.
-<tt>HTTP_</tt> Variables:: Variables corresponding to the
- client-supplied HTTP request
- headers (i.e., variables whose
- names begin with <tt>HTTP_</tt>). The
- presence or absence of these
- variables should correspond with
- the presence or absence of the
- appropriate HTTP header in the
- request. See
- {RFC3875 section 4.1.18}[https://tools.ietf.org/html/rfc3875#section-4.1.18]
- for specific behavior.
-In addition to this, the Rack environment must include these
-Rack-specific variables:
-<tt>rack.version</tt>:: The Array representing this version of Rack
- See Rack::VERSION, that corresponds to
- the version of this SPEC.
-<tt>rack.url_scheme</tt>:: +http+ or +https+, depending on the
- request URL.
-<tt>rack.input</tt>:: See below, the input stream.
-<tt>rack.errors</tt>:: See below, the error stream.
-<tt>rack.multithread</tt>:: true if the application object may be
- simultaneously invoked by another thread
- in the same process, false otherwise.
-<tt>rack.multiprocess</tt>:: true if an equivalent application object
- may be simultaneously invoked by another
- process, false otherwise.
-<tt>rack.run_once</tt>:: true if the server expects
- (but does not guarantee!) that the
- application will only be invoked this one
- time during the life of its containing
- process. Normally, this will only be true
- for a server based on CGI
- (or something similar).
-<tt>rack.hijack?</tt>:: present and true if the server supports
- connection hijacking. See below, hijacking.
-<tt>rack.hijack</tt>:: an object responding to #call that must be
- called at least once before using
- rack.hijack_io.
- It is recommended #call return rack.hijack_io
- as well as setting it in env if necessary.
-<tt>rack.hijack_io</tt>:: if rack.hijack? is true, and rack.hijack
- has received #call, this will contain
- an object resembling an IO. See hijacking.
-Additional environment specifications have approved to
-standardized middleware APIs. None of these are required to
-be implemented by the server.
-<tt>rack.session</tt>:: A hash like interface for storing
- request session data.
- The store must implement:
- store(key, value) (aliased as []=);
- fetch(key, default = nil) (aliased as []);
- delete(key);
- clear;
- to_hash (returning unfrozen Hash instance);
-<tt>rack.logger</tt>:: A common object interface for logging messages.
- The object must implement:
- info(message, &block)
- debug(message, &block)
- warn(message, &block)
- error(message, &block)
- fatal(message, &block)
-<tt>rack.multipart.buffer_size</tt>:: An Integer hint to the multipart parser as to what chunk size to use for reads and writes.
-<tt>rack.multipart.tempfile_factory</tt>:: An object responding to #call with two arguments, the filename and content_type given for the multipart form field, and returning an IO-like object that responds to #<< and optionally #rewind. This factory will be used to instantiate the tempfile for each multipart form file upload field, rather than the default class of Tempfile.
-The server or the application can store their own data in the
-environment, too. The keys must contain at least one dot,
-and should be prefixed uniquely. The prefix <tt>rack.</tt>
-is reserved for use with the Rack core distribution and other
-accepted specifications and must not be used otherwise.
-The environment must not contain the keys
-<tt>HTTP_CONTENT_TYPE</tt> or <tt>HTTP_CONTENT_LENGTH</tt>
-(use the versions without <tt>HTTP_</tt>).
-The CGI keys (named without a period) must have String values.
-If the string values for CGI keys contain non-ASCII characters,
-they should use ASCII-8BIT encoding.
-There are the following restrictions:
-* <tt>rack.version</tt> must be an array of Integers.
-* <tt>rack.url_scheme</tt> must either be +http+ or +https+.
-* There must be a valid input stream in <tt>rack.input</tt>.
-* There must be a valid error stream in <tt>rack.errors</tt>.
-* There may be a valid hijack stream in <tt>rack.hijack_io</tt>
-* The <tt>REQUEST_METHOD</tt> must be a valid token.
-* The <tt>SCRIPT_NAME</tt>, if non-empty, must start with <tt>/</tt>
-* The <tt>PATH_INFO</tt>, if non-empty, must start with <tt>/</tt>
-* The <tt>CONTENT_LENGTH</tt>, if given, must consist of digits only.
-* One of <tt>SCRIPT_NAME</tt> or <tt>PATH_INFO</tt> must be
- set. <tt>PATH_INFO</tt> should be <tt>/</tt> if
- <tt>SCRIPT_NAME</tt> is empty.
- <tt>SCRIPT_NAME</tt> never should be <tt>/</tt>, but instead be empty.
-=== The Input Stream
-The input stream is an IO-like object which contains the raw HTTP
-POST data.
-When applicable, its external encoding must be "ASCII-8BIT" and it
-must be opened in binary mode, for Ruby 1.9 compatibility.
-The input stream must respond to +gets+, +each+, +read+ and +rewind+.
-* +gets+ must be called without arguments and return a string,
- or +nil+ on EOF.
-* +read+ behaves like IO#read.
- Its signature is <tt>read([length, [buffer]])</tt>.
- If given, +length+ must be a non-negative Integer (>= 0) or +nil+,
- and +buffer+ must be a String and may not be nil.
- If +length+ is given and not nil, then this method reads at most
- +length+ bytes from the input stream.
- If +length+ is not given or nil, then this method reads
- all data until EOF.
- When EOF is reached, this method returns nil if +length+ is given
- and not nil, or "" if +length+ is not given or is nil.
- If +buffer+ is given, then the read data will be placed
- into +buffer+ instead of a newly created String object.
-* +each+ must be called without arguments and only yield Strings.
-* +rewind+ must be called without arguments. It rewinds the input
- stream back to the beginning. It must not raise Errno::ESPIPE:
- that is, it may not be a pipe or a socket. Therefore, handler
- developers must buffer the input data into some rewindable object
- if the underlying input stream is not rewindable.
-* +close+ must never be called on the input stream.
-=== The Error Stream
-The error stream must respond to +puts+, +write+ and +flush+.
-* +puts+ must be called with a single argument that responds to +to_s+.
-* +write+ must be called with a single argument that is a String.
-* +flush+ must be called without arguments and must be called
- in order to make the error appear for sure.
-* +close+ must never be called on the error stream.
-=== Hijacking
-==== Request (before status)
-If rack.hijack? is true then rack.hijack must respond to #call.
-rack.hijack must return the io that will also be assigned (or is
-already present, in rack.hijack_io.
-rack.hijack_io must respond to:
-<tt>read, write, read_nonblock, write_nonblock, flush, close,
-close_read, close_write, closed?</tt>
-The semantics of these IO methods must be a best effort match to
-those of a normal ruby IO or Socket object, using standard
-arguments and raising standard exceptions. Servers are encouraged
-to simply pass on real IO objects, although it is recognized that
-this approach is not directly compatible with SPDY and HTTP 2.0.
-IO provided in rack.hijack_io should preference the
-IO::WaitReadable and IO::WaitWritable APIs wherever supported.
-There is a deliberate lack of full specification around
-rack.hijack_io, as semantics will change from server to server.
-Users are encouraged to utilize this API with a knowledge of their
-server choice, and servers may extend the functionality of
-hijack_io to provide additional features to users. The purpose of
-rack.hijack is for Rack to "get out of the way", as such, Rack only
-provides the minimum of specification and support.
-If rack.hijack? is false, then rack.hijack should not be set.
-If rack.hijack? is false, then rack.hijack_io should not be set.
-==== Response (after headers)
-It is also possible to hijack a response after the status and headers
-have been sent.
-In order to do this, an application may set the special header
-<tt>rack.hijack</tt> to an object that responds to <tt>call</tt>
-accepting an argument that conforms to the <tt>rack.hijack_io</tt>
-protocol.
-After the headers have been sent, and this hijack callback has been
-called, the application is now responsible for the remaining lifecycle
-of the IO. The application is also responsible for maintaining HTTP
-semantics. Of specific note, in almost all cases in the current SPEC,
-applications will have wanted to specify the header Connection:close in
-HTTP/1.1, and not Connection:keep-alive, as there is no protocol for
-returning hijacked sockets to the web server. For that purpose, use the
-body streaming API instead (progressively yielding strings via each).
-Servers must ignore the <tt>body</tt> part of the response tuple when
-the <tt>rack.hijack</tt> response API is in use.
-The special response header <tt>rack.hijack</tt> must only be set
-if the request env has <tt>rack.hijack?</tt> <tt>true</tt>.
-==== Conventions
-* Middleware should not use hijack unless it is handling the whole
- response.
-* Middleware may wrap the IO object for the response pattern.
-* Middleware should not wrap the IO object for the request pattern. The
- request pattern is intended to provide the hijacker with "raw tcp".
-== The Response
-=== The Status
-This is an HTTP status. When parsed as integer (+to_i+), it must be
-greater than or equal to 100.
-=== The Headers
-The header must respond to +each+, and yield values of key and value.
-The header keys must be Strings.
-Special headers starting "rack." are for communicating with the
-server, and must not be sent back to the client.
-The header must not contain a +Status+ key.
-The header must conform to RFC7230 token specification, i.e. cannot
-contain non-printable ASCII, DQUOTE or "(),/:;<=>?@[\]{}".
-The values of the header must be Strings,
-consisting of lines (for multiple header values, e.g. multiple
-<tt>Set-Cookie</tt> values) separated by "\\n".
-The lines must not contain characters below 037.
-=== The Content-Type
-There must not be a <tt>Content-Type</tt>, when the +Status+ is 1xx,
-204 or 304.
-=== The Content-Length
-There must not be a <tt>Content-Length</tt> header when the
-+Status+ is 1xx, 204 or 304.
-=== The Body
-The Body must respond to +each+
-and must only yield String values.
-The Body itself should not be an instance of String, as this will
-break in Ruby 1.9.
-If the Body responds to +close+, it will be called after iteration. If
-the body is replaced by a middleware after action, the original body
-must be closed first, if it responds to close.
-If the Body responds to +to_path+, it must return a String
-identifying the location of a file whose contents are identical
-to that produced by calling +each+; this may be used by the
-server as an alternative, possibly more efficient way to
-transport the response.
-The Body commonly is an Array of Strings, the application
-instance itself, or a File-like object.
-== Thanks
-Some parts of this specification are adopted from PEP333: Python
-Web Server Gateway Interface
-v1.0 (http://www.python.org/dev/peps/pep-0333/). I'd like to thank
-everyone involved in that effort.
View Lorry Controller Status