While gsub!

Is there a *better* way to perform multiple substitutions to a string
than this?

string = '/../../....//........////../../etc/passwd'

while string.gsub!(/\.\.\//,'')
end

it's working as is, but seems odd to me to have an empty loop.. I'm
just playing with the TCPServer class..

#!/usr/bin/ruby
require 'socket'

port = 80
listen = '0.0.0.0'
header = "HTTP/1.1 200/OK\r\nContent-type: text/html\r\n\r\n"

httpd = TCPServer.new(listen, port)
while session = httpd.accept
  request = session.gets
  address = session.addr[3]
  puts "#{address} #{request}"
  askfile = request.scan(/GET (.*) HTTP/).to_s
  while askfile.gsub!(/\.\.\//,'')
  end
  reqfile = '/var/www' + askfile
  reqfile += 'index.html' if reqfile == '/var/www/'
  if File.exists?(reqfile)
    file = File.new(reqfile, 'r')
    output = file.readlines
    file.close
  else
    output = '<html><head><title>Not Found</title></head><body>'
    output += "<h2>Unfortunately, \"#{askfile}\" does not exist on
this server..</h2>"
    output += '<p>perhaps you need more fortune:</p>'
    output += "<hr /><p>#{`/usr/games/fortune`}</p><hr />"
    output += '</body></html>'
  end
  session.print header
  session.print output
  session.close
end

irb(main):001:>> string = '/../../....//........////../../etc/passwd'
=> "/../../....//........////../../etc/passwd"
irb(main):002:0> File.expand_path(string)
=> "/etc/passwd"

marcel

···

On Thu, Jul 19, 2007 at 09:14:59AM +0900, ryemcdonald@gmail.com wrote:

Is there a *better* way to perform multiple substitutions to a string
than this?

string = '/../../....//........////../../etc/passwd'

while string.gsub!(/\.\.\//,'')
end

--
Marcel Molina Jr. <marcel@vernix.org>

that's great! thank you

···

On Jul 18, 5:18 pm, "Marcel Molina Jr." <mar...@vernix.org> wrote:

On Thu, Jul 19, 2007 at 09:14:59AM +0900, ryemcdon...@gmail.com wrote:
> Is there a *better* way to perform multiple substitutions to a string
> than this?

> string = '/../../....//........////../../etc/passwd'

> while string.gsub!(/\.\.\//,'')
> end

irb(main):001:>> string = '/../../....//........////../../etc/passwd'
=> "/../../....//........////../../etc/passwd"
irb(main):002:0> File.expand_path(string)
=> "/etc/passwd"

marcel
--
Marcel Molina Jr. <mar...@vernix.org>