The response array must always be non-frozen. (#1927)

rack · Jul 9, 2022 · 1206f3b · 1206f3b
1 parent 39776bd
commit 1206f3b
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -10,6 +10,7 @@ All notable changes to this project will be documented in this file. For info on
 
 ### SPEC Changes
 
+- Response array must now be non-frozen.
 - Response `status` must now be an integer greater than or equal to 100.
 - Response `headers` must now be an unfrozen hash.
 - Response header keys can no longer include uppercase characters.
@@ -55,6 +56,7 @@ All notable changes to this project will be documented in this file. For info on
 - The `x-forwarded-proto` header is now considered before the `x-forwarded-scheme` header for determining the forwarded protocol. `Rack::Request.x_forwarded_proto_priority` accessor has been added for configuring the priority of which header to check.  ([#1809](https://github.com/rack/rack/issues/1809), [@jeremyevans])
 - `Rack::Request.forwarded_authority` (and methods that call it, such as `host`) now returns the last authority in the forwarded header, instead of the first, as earlier forwarded authorities can be forged by clients. This restores the Rack 2.1 behavior. ([#1829](https://github.com/rack/rack/issues/1809), [@jeremyevans])
 - Use lower case cookie attributes when creating cookies, and fold cookie attributes to lower case when reading cookies (specifically impacting `secure` and `httponly` attributes). ([#1849](https://github.com/rack/rack/pull/1849), [@ioquatix])
+- The response array must now be mutable (non-frozen) so middleware can modify it without allocating a new Array,therefore reducing object allocations. ([#1887](https://github.com/rack/rack/pull/1887), [#1927](https://github.com/rack/rack/pull/1927), [@amatsuda], [@ioquatix])
 
 ### Fixed
 
@@ -776,3 +778,4 @@ Items below this line are from the previously maintained HISTORY.md and NEWS.md
 
 [@ioquatix]: https://github.com/ioquatix "Samuel Williams"
 [@jeremyevans]: https://github.com/jeremyevans "Jeremy Evans"
+[@amatsuda]: https://github.com/amatsuda "Akira Matsuda"
diff --git a/SPEC.rdoc b/SPEC.rdoc
@@ -9,7 +9,7 @@ after to catch all mistakes.
 A Rack application is a Ruby object (not a class) that
 responds to +call+.
 It takes exactly one argument, the *environment*
-and returns an Array of exactly three values:
+and returns a non-frozen Array of exactly three values:
 The *status*,
 the *headers*,
 and the *body*.

diff --git a/lib/rack/lint.rb b/lib/rack/lint.rb
@@ -56,9 +56,10 @@ def response
         @env[RACK_INPUT] = InputWrapper.new(@env[RACK_INPUT])
         @env[RACK_ERRORS] = ErrorWrapper.new(@env[RACK_ERRORS])
 
-        ## and returns an Array of exactly three values:
+        ## and returns a non-frozen Array of exactly three values:
         @response = @app.call(@env)
         raise LintError, "response is not an Array, but #{@response.class}" unless @response.kind_of? Array
+        raise LintError, "response is frozen" if @response.frozen?
         raise LintError, "response array has #{@response.size} elements instead of 3" unless @response.size == 3
 
         @status, @headers, @body = @response