Omitting filters fix for lowercase methods requests (#647)

kemalcr · Sep 15, 2022 · c8f857d · c8f857d
1 parent 93521b7
commit c8f857d
Show file tree

Hide file tree

Showing 5 changed files with 45 additions and 8 deletions.
diff --git a/spec/filters_spec.cr b/spec/filters_spec.cr
@@ -0,0 +1,37 @@
+require "./spec_helper"
+
+describe "Kemal::FilterHandler" do
+  it "handles with upcased 'POST'" do
+    filter_handler = Kemal::FilterHandler.new
+    filter_handler._add_route_filter("POST", "*", :before) do |env|
+      env.set "sensitive", "1"
+    end
+    Kemal.config.add_filter_handler(filter_handler)
+
+    post "/sensitive_post" do |env|
+      env.get "sensitive"
+    end
+
+    request = HTTP::Request.new("POST", "/sensitive_post")
+    client_response = call_request_on_app(request)
+    client_response.status_code.should eq(200)
+    client_response.body.should eq("1")
+  end
+
+  it "handles with downcased 'post'" do
+    filter_handler = Kemal::FilterHandler.new
+    filter_handler._add_route_filter("POST", "*", :before) do |env|
+      env.set "sensitive", "1"
+    end
+    Kemal.config.add_filter_handler(filter_handler)
+
+    post "/sensitive_post" do
+      "sensitive"
+    end
+
+    request = HTTP::Request.new("post", "/sensitive_post")
+    client_response = call_request_on_app(request)
+    client_response.status_code.should eq(200)
+    client_response.body.should eq("")
+  end
+end
diff --git a/spec/spec_helper.cr b/spec/spec_helper.cr
@@ -85,6 +85,7 @@ end
 
 Spec.after_each do
   Kemal.config.clear
+  Kemal::FilterHandler::INSTANCE.tree = Radix::Tree(Array(Kemal::FilterHandler::FilterBlock)).new
   Kemal::RouteHandler::INSTANCE.routes = Radix::Tree(Route).new
   Kemal::RouteHandler::INSTANCE.cached_routes = Hash(String, Radix::Result(Route)).new
   Kemal::WebSocketHandler::INSTANCE.routes = Radix::Tree(WebSocket).new

diff --git a/src/kemal/filter_handler.cr b/src/kemal/filter_handler.cr
@@ -3,6 +3,7 @@ module Kemal
   class FilterHandler
     include HTTP::Handler
     INSTANCE = new
+    property tree
 
     # This middleware is lazily instantiated and added to the handlers as soon as a call to `after_X` or `before_X` is made.
     def initialize

diff --git a/src/kemal/handler.cr b/src/kemal/handler.cr
@@ -11,19 +11,17 @@ module Kemal
 
     macro only(paths, method = "GET")
       class_name = {{@type.name}}
-      method_downcase = {{method.downcase}}
-      class_name_method = "#{class_name}/#{method_downcase}"
+      class_name_method = "#{class_name}/#{{{method}}}"
       ({{paths}}).each do |path|
-        @@only_routes_tree.add class_name_method + path, '/' + method_downcase + path
+        @@only_routes_tree.add class_name_method + path, '/' + {{method}} + path
       end
     end
 
     macro exclude(paths, method = "GET")
       class_name = {{@type.name}}
-      method_downcase = {{method.downcase}}
-      class_name_method = "#{class_name}/#{method_downcase}"
+      class_name_method = "#{class_name}/#{{{method}}}"
       ({{paths}}).each do |path|
-        @@exclude_routes_tree.add class_name_method + path, '/' + method_downcase + path
+        @@exclude_routes_tree.add class_name_method + path, '/' + {{method}} + path
       end
     end
 
@@ -74,7 +72,7 @@ module Kemal
     end
 
     private def radix_path(method : String, path : String)
-      "#{self.class}/#{method.downcase}#{path}"
+      "#{self.class}/#{method}#{path}"
     end
   end
 end
diff --git a/src/kemal/route_handler.cr b/src/kemal/route_handler.cr
@@ -57,7 +57,7 @@ module Kemal
     end
 
     private def radix_path(method, path)
-      '/' + method.downcase + path
+      '/' + method + path
     end
 
     private def add_to_radix_tree(method, path, route)