remove multi-name support from a few methods

mojolicious · Feb 23, 2015 · 2a758b2 · 2a758b2
1 parent 5ec1a93
commit 2a758b2
Show file tree

Hide file tree

Showing 11 changed files with 32 additions and 78 deletions.
diff --git a/Changes b/Changes
@@ -1,6 +1,13 @@
 
 6.0  2015-02-24
   - Code name "Clinking Beer Mugs", this is a major release.
+  - Removed multi-name support from cookie, param and signed_cookie methods in
+    Mojolicious::Controller.
+  - Removed multi-name support from param method in
+    Mojolicious::Validator::Validation.
+  - Removed multi-name support from param method in Mojo::Parameters.
+  - Removed multi-name support from cookie and upload methods in
+    Mojo::Message.
   - Removed deprecated object-oriented Mojo::Loader API.
   - Removed deprecated accept_interval, lock and unlock attributes from
     Mojo::IOLoop.

diff --git a/lib/Mojo/Message.pm b/lib/Mojo/Message.pm
@@ -238,9 +238,6 @@ sub _build {
 sub _cache {
   my ($self, $method, $all, $name) = @_;
 
-  # Multiple names
-  return map { $self->$method($_) } @$name if ref $name eq 'ARRAY';
-
   # Cache objects by name
   $method .= 's';
   unless ($self->{$method}) {
@@ -456,8 +453,7 @@ Render start-line.
 
 =head2 cookie
 
-  my $cookie      = $msg->cookie('foo');
-  my ($foo, $bar) = $msg->cookie(['foo', 'bar']);
+  my $cookie = $msg->cookie('foo');
 
 Access message cookies, usually L<Mojo::Cookie::Request> or
 L<Mojo::Cookie::Response> objects. If there are multiple cookies sharing the
@@ -637,8 +633,7 @@ Render whole message.
 
 =head2 upload
 
-  my $upload      = $msg->upload('foo');
-  my ($foo, $bar) = $msg->upload(['foo', 'bar']);
+  my $upload = $msg->upload('foo');
 
 Access C<multipart/form-data> file uploads, usually L<Mojo::Upload> objects.
 If there are multiple uploads sharing the same name, and you want to access

diff --git a/lib/Mojo/Parameters.pm b/lib/Mojo/Parameters.pm
@@ -66,9 +66,6 @@ sub new { @_ > 1 ? shift->SUPER::new->parse(@_) : shift->SUPER::new }
 sub param {
   my ($self, $name) = (shift, shift);
 
-  # Multiple names
-  return map { $self->param($_) } @$name if ref $name eq 'ARRAY';
-
   # List names
   return sort keys %{$self->to_hash} unless defined $name;
 
@@ -301,12 +298,11 @@ necessary.
 
 =head2 param
 
-  my @names       = $params->param;
-  my $value       = $params->param('foo');
-  my ($foo, $bar) = $params->param(['foo', 'bar']);
-  $params         = $params->param(foo => 'ba&r');
-  $params         = $params->param(foo => qw(ba&r baz));
-  $params         = $params->param(foo => ['ba;r', 'baz']);
+  my @names = $params->param;
+  my $value = $params->param('foo');
+  $params   = $params->param(foo => 'ba&r');
+  $params   = $params->param(foo => qw(ba&r baz));
+  $params   = $params->param(foo => ['ba;r', 'baz']);
 
 Access parameter values. If there are multiple values sharing the same name,
 and you want to access more than just the last one, you can use

diff --git a/lib/Mojolicious/Controller.pm b/lib/Mojolicious/Controller.pm
@@ -41,9 +41,6 @@ sub continue { $_[0]->app->routes->continue($_[0]) }
 sub cookie {
   my ($self, $name) = (shift, shift);
 
-  # Multiple names
-  return map { $self->cookie($_) } @$name if ref $name eq 'ARRAY';
-
   # Response cookie
   if (@_) {
 
@@ -150,9 +147,6 @@ sub on {
 sub param {
   my ($self, $name) = (shift, shift);
 
-  # Multiple names
-  return map { $self->param($_) } @$name if ref $name eq 'ARRAY';
-
   # List names
   my $captures = $self->stash->{'mojo.captures'} ||= {};
   unless (defined $name) {
@@ -304,9 +298,6 @@ sub session {
 sub signed_cookie {
   my ($self, $name, $value, $options) = @_;
 
-  # Multiple names
-  return map { $self->signed_cookie($_) } @$name if ref $name eq 'ARRAY';
-
   # Request cookie
   return $self->every_signed_cookie($name)->[-1] unless defined $value;
 
@@ -485,10 +476,9 @@ L<Mojolicious::Routes/"continue">.
 
 =head2 cookie
 
-  my $value       = $c->cookie('foo');
-  my ($foo, $bar) = $c->cookie(['foo', 'bar']);
-  $c              = $c->cookie(foo => 'bar');
-  $c              = $c->cookie(foo => 'bar', {path => '/'});
+  my $value = $c->cookie('foo');
+  $c        = $c->cookie(foo => 'bar');
+  $c        = $c->cookie(foo => 'bar', {path => '/'});
 
 Access request cookie values and create new response cookies. If there are
 multiple values sharing the same name, and you want to access more than just
@@ -599,12 +589,11 @@ status.
 
 =head2 param
 
-  my @names       = $c->param;
-  my $value       = $c->param('foo');
-  my ($foo, $bar) = $c->param(['foo', 'bar']);
-  $c              = $c->param(foo => 'ba;r');
-  $c              = $c->param(foo => qw(ba;r baz));
-  $c              = $c->param(foo => ['ba;r', 'baz']);
+  my @names = $c->param;
+  my $value = $c->param('foo');
+  $c        = $c->param(foo => 'ba;r');
+  $c        = $c->param(foo => qw(ba;r baz));
+  $c        = $c->param(foo => ['ba;r', 'baz']);
 
 Access route placeholder values that are not reserved stash values, file
 uploads as well as C<GET> and C<POST> parameters extracted from the query
@@ -876,10 +865,9 @@ cookies, to prevent tampering. Note that cookies usually have a C<4096> byte
 
 =head2 signed_cookie
 
-  my $value       = $c->signed_cookie('foo');
-  my ($foo, $bar) = $c->signed_cookie(['foo', 'bar']);
-  $c              = $c->signed_cookie(foo => 'bar');
-  $c              = $c->signed_cookie(foo => 'bar', {path => '/'});
+  my $value = $c->signed_cookie('foo');
+  $c        = $c->signed_cookie(foo => 'bar');
+  $c        = $c->signed_cookie(foo => 'bar', {path => '/'});
 
 Access signed request cookie values and create new signed response cookies. If
 there are multiple values sharing the same name, and you want to access more

diff --git a/lib/Mojolicious/Validator/Validation.pm b/lib/Mojolicious/Validator/Validation.pm
@@ -77,13 +77,7 @@ sub optional {
 
 sub param {
   my ($self, $name) = @_;
-
-  # Multiple names
-  return map { $self->param($_) } @$name if ref $name eq 'ARRAY';
-
-  # List names
   return sort keys %{$self->output} unless defined $name;
-
   return $self->every_param($name)->[-1];
 }
 
@@ -225,9 +219,8 @@ Change validation L</"topic">.
 
 =head2 param
 
-  my @names       = $validation->param;
-  my $value       = $validation->param('foo');
-  my ($foo, $bar) = $validation->param(['foo', 'bar']);
+  my @names = $validation->param;
+  my $value = $validation->param('foo');
 
 Access validated parameters. If there are multiple values sharing the same
 name, and you want to access more than just the last one, you can use

diff --git a/t/mojo/parameters.t b/t/mojo/parameters.t
@@ -43,8 +43,6 @@ $params
 is_deeply $params->param('foo'), 'b;ar', 'right structure';
 is_deeply $params->every_param('foo'), ['b;ar'], 'right structure';
 is_deeply $params->every_param('a'), [4, 5], 'right structure';
-is_deeply [$params->param(['a'])], [5], 'right structure';
-is_deeply [$params->param([qw(a foo)])], [5, 'b;ar'], 'right structure';
 $params->param(foo => 'bar');
 is_deeply [$params->param('foo')], ['bar'], 'right structure';
 is_deeply $params->param(foo => qw(baz yada))->every_param('foo'),

diff --git a/t/mojo/request.t b/t/mojo/request.t
@@ -1613,8 +1613,6 @@ is_deeply [map { $_->value } @{$req2->every_cookie('foo')}],
   [qw(bar baz yada)], 'right values';
 is_deeply [map { $_->value } @{$req2->every_cookie('bar')}], ['foo'],
   'right values';
-is_deeply [map { $_->value } $req2->cookie([qw(foo bar)])], [qw(yada foo)],
-  'right values';
 
 # Parse full HTTP 1.0 request with cookies and progress callback
 $req     = Mojo::Message::Request->new;

diff --git a/t/mojolicious/charset_lite_app.t b/t/mojolicious/charset_lite_app.t
@@ -46,7 +46,7 @@ get '/привет/мир' => sub { shift->render(json => {foo => $yatta}) };
 get '/params' => sub {
   my $c = shift;
   $c->render(json =>
-      {params => $c->req->url->query->to_hash, yatta => $c->param(['yatta'])});
+      {params => $c->req->url->query->to_hash, yatta => $c->param('yatta')});
 };
 
 my $t = Test::Mojo->new;

diff --git a/t/mojolicious/group_lite_app.t b/t/mojolicious/group_lite_app.t
@@ -467,13 +467,15 @@ __DATA__
 Oops!
 
 @@ multi.html.ep
-% my ($one, $three) = $c->cookie([qw(unsigned1 unsigned2)]);
+% my $one   = $c->cookie('unsigned1');
+% my $three = $c->cookie('unsigned2');
 %= $one // ''
 %= $three // '';
 % my $unsigned1 = $c->every_cookie('unsigned1');
 %= $unsigned1->[0] // ''
 %= $unsigned1->[1] // ''
-% my ($four, $six) = $c->signed_cookie([qw(signed1 signed2)]);
+% my $four = $c->signed_cookie('signed1');
+% my $six  = $c->signed_cookie('signed2');
 %= $four // ''
 %= $six // '';
 % my $signed1 = $c->every_signed_cookie('signed1');

diff --git a/t/mojolicious/lite_app.t b/t/mojolicious/lite_app.t
@@ -113,15 +113,6 @@ get '/query_string' => sub {
   $c->render(text => b($c->req->url->query)->url_unescape);
 };
 
-get '/multi/:bar' => sub {
-  my $c = shift;
-  my ($foo, $bar, $baz) = $c->param([qw(foo bar baz)]);
-  $c->render(
-    data => join('', map { $_ // '' } $foo, $bar, $baz),
-    test => $c->param(['yada'])
-  );
-};
-
 get '/reserved' => sub {
   my $c = shift;
   $c->render(text => $c->param('data') . join(',', $c->param));
@@ -582,19 +573,6 @@ $t->get_ok('/query_string?http://mojolicio.us/perldoc?foo=bar')
   ->status_is(200)->header_is(Server => 'Mojolicious (Perl)')
   ->content_is('http://mojolicio.us/perldoc?foo=bar');
 
-# Normal parameters
-$t->get_ok('/multi/B?foo=A&baz=C')->status_is(200)
-  ->header_is(Server => 'Mojolicious (Perl)')->content_is('ABC');
-
-# Injection attack
-$t->get_ok('/multi/B?foo=A&foo=E&baz=C&yada=D&yada=text&yada=fail')
-  ->status_is(200)->header_is(Server => 'Mojolicious (Perl)')
-  ->content_is('EBC');
-
-# Missing parameter
-$t->get_ok('/multi/B?baz=C')->status_is(200)
-  ->header_is(Server => 'Mojolicious (Perl)')->content_is('BC');
-
 # Reserved stash values
 $t->get_ok('/reserved?data=just-works')->status_is(200)
   ->header_is(Server => 'Mojolicious (Perl)')->content_is('just-worksdata');

diff --git a/t/mojolicious/validation_lite_app.t b/t/mojolicious/validation_lite_app.t
@@ -45,7 +45,6 @@ ok $validation->optional('baz')->is_valid, 'valid';
 is_deeply $validation->output, {foo => 'bar', baz => 'yada'}, 'right result';
 is $validation->param('baz'), 'yada', 'right value';
 is_deeply [$validation->param], [qw(baz foo)], 'right names';
-is_deeply [$validation->param([qw(foo baz)])], [qw(bar yada)], 'right values';
 ok !$validation->has_error, 'no error';
 ok !$validation->optional('does_not_exist')->is_valid, 'not valid';
 is_deeply $validation->output, {foo => 'bar', baz => 'yada'}, 'right result';