{"id":13400433,"url":"https://github.com/sinatra/sinatra","last_synced_at":"2025-09-09T21:05:36.227Z","repository":{"id":481356,"uuid":"106995","full_name":"sinatra/sinatra","owner":"sinatra","description":"Classy web-development dressed in a DSL (official / canonical repo)","archived":false,"fork":false,"pushed_at":"2025-08-02T10:07:30.000Z","size":7738,"stargazers_count":12353,"open_issues_count":40,"forks_count":2072,"subscribers_count":372,"default_branch":"main","last_synced_at":"2025-09-06T01:36:50.221Z","etag":null,"topics":["rack","ruby","sinatra","web-framework"],"latest_commit_sha":null,"homepage":"https://sinatrarb.com","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sinatra.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":"AUTHORS.md","dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2009-01-14T01:27:30.000Z","updated_at":"2025-09-05T05:19:27.000Z","dependencies_parsed_at":"2023-07-05T15:03:26.510Z","dependency_job_id":"0cbf1bf2-fcba-4a3d-9cbb-7c77433cd992","html_url":"https://github.com/sinatra/sinatra","commit_stats":{"total_commits":3683,"total_committers":529,"mean_commits":6.96219281663516,"dds":0.7366277491175672,"last_synced_commit":"7b50a1bbb5324838908dfaa00ec53ad322673a29"},"previous_names":[],"tags_count":156,"template":false,"template_full_name":null,"purl":"pkg:github/sinatra/sinatra","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sinatra","download_url":"https://codeload.github.com/sinatra/sinatra/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sinatra%2Fsinatra/sbom","scorecard":{"id":825975,"data":{"date":"2025-08-11","repo":{"name":"github.com/sinatra/sinatra","commit":"fa99a21461d4f1f5337b9b9d7a38a1b51c8f4e55"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.3,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":6,"reason":"3 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":3,"reason":"Found 9/26 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":9,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/release.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/test.yml:10","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/sinatra/sinatra/test.yml/main?enable=pin","Info: 0 out of 3 GitHub-owned GitHubAction dependencies pinned","Info: 0 out of 6 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T16:39:14.644Z","repository_id":481356,"created_at":"2025-08-23T16:39:14.644Z","updated_at":"2025-08-23T16:39:14.644Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273874160,"owners_count":25183368,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-06T02:00:13.247Z","response_time":2576,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["rack","ruby","sinatra","web-framework"],"created_at":"2024-07-30T19:00:51.964Z","updated_at":"2025-09-09T21:05:36.182Z","avatar_url":"https://github.com/sinatra.png","language":"Ruby","readme":"# Sinatra\n\n[![Gem Version](https://badge.fury.io/rb/sinatra.svg)](https://badge.fury.io/rb/sinatra)\n[![Testing](https://github.com/sinatra/sinatra/actions/workflows/test.yml/badge.svg)](https://github.com/sinatra/sinatra/actions/workflows/test.yml)\n\nSinatra is a [DSL](https://en.wikipedia.org/wiki/Domain-specific_language) for\nquickly creating web applications in Ruby with minimal effort:\n\n```ruby\n# myapp.rb\nrequire 'sinatra'\n\nget '/' do\n 'Hello world!'\nend\n```\n\nInstall the gems needed:\n\n```shell\ngem install sinatra rackup puma\n```\n\nAnd run with:\n\n```shell\nruby myapp.rb\n```\n\nView at: [http://localhost:4567](http://localhost:4567)\n\nThe code you changed will not take effect until you restart the server.\nPlease restart the server every time you change or use a code reloader\nlike [rerun](https://github.com/alexch/rerun) or\n[rack-unreloader](https://github.com/jeremyevans/rack-unreloader).\n\n## Table of Contents\n\n- [Sinatra](#sinatra)\n - [Table of Contents](#table-of-contents)\n - [Routes](#routes)\n - [Conditions](#conditions)\n - [Return Values](#return-values)\n - [Custom Route Matchers](#custom-route-matchers)\n - [Static Files](#static-files)\n - [Views / Templates](#views--templates)\n - [Literal Templates](#literal-templates)\n - [Available Template Languages](#available-template-languages)\n - [Haml Templates](#haml-templates)\n - [Erb Templates](#erb-templates)\n - [Builder Templates](#builder-templates)\n - [Nokogiri Templates](#nokogiri-templates)\n - [Sass Templates](#sass-templates)\n - [Scss Templates](#scss-templates)\n - [Liquid Templates](#liquid-templates)\n - [Markdown Templates](#markdown-templates)\n - [RDoc Templates](#rdoc-templates)\n - [AsciiDoc Templates](#asciidoc-templates)\n - [Markaby Templates](#markaby-templates)\n - [RABL Templates](#rabl-templates)\n - [Slim Templates](#slim-templates)\n - [Yajl Templates](#yajl-templates)\n - [Accessing Variables in Templates](#accessing-variables-in-templates)\n - [Templates with `yield` and nested layouts](#templates-with-yield-and-nested-layouts)\n - [Inline Templates](#inline-templates)\n - [Named Templates](#named-templates)\n - [Associating File Extensions](#associating-file-extensions)\n - [Adding Your Own Template Engine](#adding-your-own-template-engine)\n - [Using Custom Logic for Template Lookup](#using-custom-logic-for-template-lookup)\n - [Filters](#filters)\n - [Helpers](#helpers)\n - [Using Sessions](#using-sessions)\n - [Session Secret Security](#session-secret-security)\n - [Session Config](#session-config)\n - [Choosing Your Own Session Middleware](#choosing-your-own-session-middleware)\n - [Halting](#halting)\n - [Passing](#passing)\n - [Triggering Another Route](#triggering-another-route)\n - [Setting Body, Status Code, and Headers](#setting-body-status-code-and-headers)\n - [Streaming Responses](#streaming-responses)\n - [Logging](#logging)\n - [Mime Types](#mime-types)\n - [Generating URLs](#generating-urls)\n - [Browser Redirect](#browser-redirect)\n - [Cache Control](#cache-control)\n - [Sending Files](#sending-files)\n - [Accessing the Request Object](#accessing-the-request-object)\n - [Attachments](#attachments)\n - [Dealing with Date and Time](#dealing-with-date-and-time)\n - [Looking Up Template Files](#looking-up-template-files)\n - [Configuration](#configuration)\n - [Configuring attack protection](#configuring-attack-protection)\n - [Available Settings](#available-settings)\n - [Lifecycle Events](#lifecycle-events)\n - [Environments](#environments)\n - [Error Handling](#error-handling)\n - [Not Found](#not-found)\n - [Error](#error)\n - [Rack Middleware](#rack-middleware)\n - [Testing](#testing)\n - [Sinatra::Base - Middleware, Libraries, and Modular Apps](#sinatrabase---middleware-libraries-and-modular-apps)\n - [Modular vs. Classic Style](#modular-vs-classic-style)\n - [Serving a Modular Application](#serving-a-modular-application)\n - [Using a Classic Style Application with a config.ru](#using-a-classic-style-application-with-a-configru)\n - [When to use a config.ru?](#when-to-use-a-configru)\n - [Using Sinatra as Middleware](#using-sinatra-as-middleware)\n - [Dynamic Application Creation](#dynamic-application-creation)\n - [Scopes and Binding](#scopes-and-binding)\n - [Application/Class Scope](#applicationclass-scope)\n - [Request/Instance Scope](#requestinstance-scope)\n - [Delegation Scope](#delegation-scope)\n - [Command Line](#command-line)\n - [Multi-threading](#multi-threading)\n - [Requirement](#requirement)\n - [The Bleeding Edge](#the-bleeding-edge)\n - [With Bundler](#with-bundler)\n - [Versioning](#versioning)\n - [Further Reading](#further-reading)\n\n## Routes\n\nIn Sinatra, a route is an HTTP method paired with a URL-matching pattern.\nEach route is associated with a block:\n\n```ruby\nget '/' do\n .. show something ..\nend\n\npost '/' do\n .. create something ..\nend\n\nput '/' do\n .. replace something ..\nend\n\npatch '/' do\n .. modify something ..\nend\n\ndelete '/' do\n .. annihilate something ..\nend\n\noptions '/' do\n .. appease something ..\nend\n\nlink '/' do\n .. affiliate something ..\nend\n\nunlink '/' do\n .. separate something ..\nend\n```\n\nRoutes are matched in the order they are defined. The first route that\nmatches the request is invoked.\n\nRoutes with trailing slashes are different from the ones without:\n\n```ruby\nget '/foo' do\n # Does not match \"GET /foo/\"\nend\n```\n\nRoute patterns may include named parameters, accessible via the\n`params` hash:\n\n```ruby\nget '/hello/:name' do\n # matches \"GET /hello/foo\" and \"GET /hello/bar\"\n # params['name'] is 'foo' or 'bar'\n \"Hello #{params['name']}!\"\nend\n```\n\nYou can also access named parameters via block parameters:\n\n```ruby\nget '/hello/:name' do |n|\n # matches \"GET /hello/foo\" and \"GET /hello/bar\"\n # params['name'] is 'foo' or 'bar'\n # n stores params['name']\n \"Hello #{n}!\"\nend\n```\n\nRoute patterns may also include splat (or wildcard) parameters, accessible\nvia the `params['splat']` array:\n\n```ruby\nget '/say/*/to/*' do\n # matches /say/hello/to/world\n params['splat'] # =\u003e [\"hello\", \"world\"]\nend\n\nget '/download/*.*' do\n # matches /download/path/to/file.xml\n params['splat'] # =\u003e [\"path/to/file\", \"xml\"]\nend\n```\n\nOr with block parameters:\n\n```ruby\nget '/download/*.*' do |path, ext|\n [path, ext] # =\u003e [\"path/to/file\", \"xml\"]\nend\n```\n\nRoute matching with Regular Expressions:\n\n```ruby\nget /\\/hello\\/([\\w]+)/ do\n \"Hello, #{params['captures'].first}!\"\nend\n```\n\nOr with a block parameter:\n\n```ruby\nget %r{/hello/([\\w]+)} do |c|\n # Matches \"GET /meta/hello/world\", \"GET /hello/world/1234\" etc.\n \"Hello, #{c}!\"\nend\n```\n\nRoute patterns may have optional parameters:\n\n```ruby\nget '/posts/:format?' do\n # matches \"GET /posts/\" and any extension \"GET /posts/json\", \"GET /posts/xml\" etc\nend\n```\n\nRoutes may also utilize query parameters:\n\n```ruby\nget '/posts' do\n # matches \"GET /posts?title=foo\u0026author=bar\"\n title = params['title']\n author = params['author']\n # uses title and author variables; query is optional to the /posts route\nend\n```\n\nBy the way, unless you disable the path traversal attack protection (see\n[below](#configuring-attack-protection)), the request path might be modified before\nmatching against your routes.\n\nYou may customize the [Mustermann](https://github.com/sinatra/mustermann#readme)\noptions used for a given route by passing in a `:mustermann_opts` hash:\n\n```ruby\nget '\\A/posts\\z', :mustermann_opts =\u003e { :type =\u003e :regexp, :check_anchors =\u003e false } do\n # matches /posts exactly, with explicit anchoring\n \"If you match an anchored pattern clap your hands!\"\nend\n```\n\nIt looks like a [condition](#conditions), but it isn't one! These options will\nbe merged into the global `:mustermann_opts` hash described\n[below](#available-settings).\n\n## Conditions\n\nRoutes may include a variety of matching conditions, such as the user agent:\n\n```ruby\nget '/foo', :agent =\u003e /Songbird (\\d\\.\\d)[\\d\\/]*?/ do\n \"You're using Songbird version #{params['agent'][0]}\"\nend\n\nget '/foo' do\n # Matches non-songbird browsers\nend\n```\n\nOther available conditions are `host_name` and `provides`:\n\n```ruby\nget '/', :host_name =\u003e /^admin\\./ do\n \"Admin Area, Access denied!\"\nend\n\nget '/', :provides =\u003e 'html' do\n haml :index\nend\n\nget '/', :provides =\u003e ['rss', 'atom', 'xml'] do\n builder :feed\nend\n```\n`provides` searches the request's Accept header.\n\nYou can easily define your own conditions:\n\n```ruby\nset(:probability) { |value| condition { rand \u003c= value } }\n\nget '/win_a_car', :probability =\u003e 0.1 do\n \"You won!\"\nend\n\nget '/win_a_car' do\n \"Sorry, you lost.\"\nend\n```\n\nFor a condition that takes multiple values use a splat:\n\n```ruby\nset(:auth) do |*roles| # \u003c- notice the splat here\n condition do\n unless logged_in? \u0026\u0026 roles.any? {|role| current_user.in_role? role }\n redirect \"/login/\", 303\n end\n end\nend\n\nget \"/my/account/\", :auth =\u003e [:user, :admin] do\n \"Your Account Details\"\nend\n\nget \"/only/admin/\", :auth =\u003e :admin do\n \"Only admins are allowed here!\"\nend\n```\n\n## Return Values\n\nThe return value of a route block determines at least the response body\npassed on to the HTTP client or at least the next middleware in the\nRack stack. Most commonly, this is a string, as in the above examples.\nBut other values are also accepted.\n\nYou can return an object that would either be a valid Rack response, Rack\nbody object or HTTP status code:\n\n* An Array with three elements: `[status (Integer), headers (Hash), response\n body (responds to #each)]`\n* An Array with two elements: `[status (Integer), response body (responds to\n #each)]`\n* An object that responds to `#each` and passes nothing but strings to\n the given block\n* A Integer representing the status code\n\nThat way we can, for instance, easily implement a streaming example:\n\n```ruby\nclass Stream\n def each\n 100.times { |i| yield \"#{i}\\n\" }\n end\nend\n\nget('/') { Stream.new }\n```\n\nYou can also use the `stream` helper method ([described below](#streaming-responses)) to reduce\nboilerplate and embed the streaming logic in the route.\n\n## Custom Route Matchers\n\nAs shown above, Sinatra ships with built-in support for using String\npatterns and regular expressions as route matches. However, it does not\nstop there. You can easily define your own matchers:\n\n```ruby\nclass AllButPattern\n def initialize(except)\n @except = except\n end\n\n def to_pattern(options)\n return self\n end\n\n def params(route)\n return {} unless @except === route\n end\nend\n\ndef all_but(pattern)\n AllButPattern.new(pattern)\nend\n\nget all_but(\"/index\") do\n # ...\nend\n```\n\nNote that the above example might be over-engineered, as it can also be\nexpressed as:\n\n```ruby\nget /.*/ do\n pass if request.path_info == \"/index\"\n # ...\nend\n```\n\n## Static Files\n\nStatic files are served from the `./public` directory. You can specify\na different location by setting the `:public_folder` option:\n\n```ruby\nset :public_folder, __dir__ + '/static'\n```\n\nNote that the public directory name is not included in the URL. A file\n`./public/css/style.css` is made available as\n`http://example.com/css/style.css`.\n\nUse the `:static_cache_control` setting (see [below](#cache-control)) to add\n`Cache-Control` header info.\n\nBy default, Sinatra serves static files from the `public/` folder without running middleware or filters. To add custom headers (e.g, for CORS or caching), use the `:static_headers` setting:\n\n```ruby\n set :static_headers, {\n 'access-control-allow-origin' =\u003e '*',\n 'x-static-asset' =\u003e 'served-by-sinatra'\n }\n```\n\n## Views / Templates\n\nEach template language is exposed via its own rendering method. These\nmethods simply return a string:\n\n```ruby\nget '/' do\n erb :index\nend\n```\n\nThis renders `views/index.erb`.\n\nInstead of a template name, you can also just pass in the template content\ndirectly:\n\n```ruby\nget '/' do\n code = \"\u003c%= Time.now %\u003e\"\n erb code\nend\n```\n\nTemplates take a second argument, the options hash:\n\n```ruby\nget '/' do\n erb :index, :layout =\u003e :post\nend\n```\n\nThis will render `views/index.erb` embedded in the\n`views/post.erb` (default is `views/layout.erb`, if it exists).\n\nAny options not understood by Sinatra will be passed on to the template\nengine:\n\n```ruby\nget '/' do\n haml :index, :format =\u003e :html5\nend\n```\n\nYou can also set options per template language in general:\n\n```ruby\nset :haml, :format =\u003e :html5\n\nget '/' do\n haml :index\nend\n```\n\nOptions passed to the render method override options set via `set`.\n\nAvailable Options:\n\n\u003cdl\u003e\n \u003cdt\u003elocals\u003c/dt\u003e\n \u003cdd\u003e\n List of locals passed to the document. Handy with partials.\n Example: \u003ctt\u003eerb \"\u003c%= foo %\u003e\", :locals =\u003e {:foo =\u003e \"bar\"}\u003c/tt\u003e\n \u003c/dd\u003e\n\n \u003cdt\u003edefault_encoding\u003c/dt\u003e\n \u003cdd\u003e\n String encoding to use if uncertain. Defaults to\n \u003ctt\u003esettings.default_encoding\u003c/tt\u003e.\n \u003c/dd\u003e\n\n \u003cdt\u003eviews\u003c/dt\u003e\n \u003cdd\u003e\n Views folder to load templates from. Defaults to \u003ctt\u003esettings.views\u003c/tt\u003e.\n \u003c/dd\u003e\n\n \u003cdt\u003elayout\u003c/dt\u003e\n \u003cdd\u003e\n Whether to use a layout (\u003ctt\u003etrue\u003c/tt\u003e or \u003ctt\u003efalse\u003c/tt\u003e). If it's a\n Symbol, specifies what template to use. Example:\n \u003ctt\u003eerb :index, :layout =\u003e !request.xhr?\u003c/tt\u003e\n \u003c/dd\u003e\n\n \u003cdt\u003econtent_type\u003c/dt\u003e\n \u003cdd\u003e\n Content-Type the template produces. Default depends on template language.\n \u003c/dd\u003e\n\n \u003cdt\u003escope\u003c/dt\u003e\n \u003cdd\u003e\n Scope to render template under. Defaults to the application\n instance. If you change this, instance variables and helper methods\n will not be available.\n \u003c/dd\u003e\n\n \u003cdt\u003elayout_engine\u003c/dt\u003e\n \u003cdd\u003e\n Template engine to use for rendering the layout. Useful for\n languages that do not support layouts otherwise. Defaults to the\n engine used for the template. Example: \u003ctt\u003eset :rdoc, :layout_engine\n =\u003e :erb\u003c/tt\u003e\n \u003c/dd\u003e\n\n \u003cdt\u003elayout_options\u003c/dt\u003e\n \u003cdd\u003e\n Special options only used for rendering the layout. Example:\n \u003ctt\u003eset :rdoc, :layout_options =\u003e { :views =\u003e 'views/layouts' }\u003c/tt\u003e\n \u003c/dd\u003e\n\u003c/dl\u003e\n\nTemplates are assumed to be located directly under the `./views`\ndirectory. To use a different views directory:\n\n```ruby\nset :views, settings.root + '/templates'\n```\n\n\nOne important thing to remember is that you always have to reference\ntemplates with symbols, even if they're in a subdirectory (in this case,\nuse: `:'subdir/template'` or `'subdir/template'.to_sym`). You must use a\nsymbol because otherwise rendering methods will render any strings\npassed to them directly.\n\n### Literal Templates\n\n```ruby\nget '/' do\n haml '%div.title Hello World'\nend\n```\n\nRenders the template string. You can optionally specify `:path` and\n`:line` for a clearer backtrace if there is a filesystem path or line\nassociated with that string:\n\n```ruby\nget '/' do\n haml '%div.title Hello World', :path =\u003e 'examples/file.haml', :line =\u003e 3\nend\n```\n\n### Available Template Languages\n\nSome languages have multiple implementations. To specify what implementation\nto use (and to be thread-safe), you should simply require it first:\n\n```ruby\nrequire 'rdiscount'\nget('/') { markdown :index }\n```\n\n#### Haml Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"http://haml.info/\" title=\"haml\"\u003ehaml\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.haml\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003ehaml :index, :format =\u003e :html5\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n#### Erb Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\n \u003ca href=\"https://github.com/jeremyevans/erubi\" title=\"erubi\"\u003eerubi\u003c/a\u003e\n or erb (included in Ruby)\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extensions\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.erb\u003c/tt\u003e, \u003ctt\u003e.rhtml\u003c/tt\u003e or \u003ctt\u003e.erubi\u003c/tt\u003e (Erubi only)\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003eerb :index\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n#### Builder Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\n \u003ca href=\"https://github.com/jimweirich/builder\" title=\"builder\"\u003ebuilder\u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.builder\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003ebuilder { |xml| xml.em \"hi\" }\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\nIt also takes a block for inline templates (see [example](#inline-templates)).\n\n#### Nokogiri Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"http://www.nokogiri.org/\" title=\"nokogiri\"\u003enokogiri\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.nokogiri\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003enokogiri { |xml| xml.em \"hi\" }\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\nIt also takes a block for inline templates (see [example](#inline-templates)).\n\n#### Sass Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://github.com/ntkme/sass-embedded-host-ruby\" title=\"sass-embedded\"\u003esass-embedded\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.sass\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003esass :stylesheet, :style =\u003e :expanded\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n#### Scss Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://github.com/ntkme/sass-embedded-host-ruby\" title=\"sass-embedded\"\u003esass-embedded\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.scss\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003escss :stylesheet, :style =\u003e :expanded\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n#### Liquid Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://shopify.github.io/liquid/\" title=\"liquid\"\u003eliquid\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.liquid\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003eliquid :index, :locals =\u003e { :key =\u003e 'value' }\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\nSince you cannot call Ruby methods (except for `yield`) from a Liquid\ntemplate, you almost always want to pass locals to it.\n\n#### Markdown Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\n Anyone of:\n \u003ca href=\"https://github.com/davidfstr/rdiscount\" title=\"RDiscount\"\u003eRDiscount\u003c/a\u003e,\n \u003ca href=\"https://github.com/vmg/redcarpet\" title=\"RedCarpet\"\u003eRedCarpet\u003c/a\u003e,\n \u003ca href=\"https://kramdown.gettalong.org/\" title=\"kramdown\"\u003ekramdown\u003c/a\u003e,\n \u003ca href=\"https://github.com/gjtorikian/commonmarker\" title=\"commonmarker\"\u003ecommonmarker\u003c/a\u003e\n \u003ca href=\"https://github.com/alphabetum/pandoc-ruby\" title=\"pandoc\"\u003epandoc\u003c/a\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extensions\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.markdown\u003c/tt\u003e, \u003ctt\u003e.mkd\u003c/tt\u003e and \u003ctt\u003e.md\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003emarkdown :index, :layout_engine =\u003e :erb\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\nIt is not possible to call methods from Markdown, nor to pass locals to it.\nYou therefore will usually use it in combination with another rendering\nengine:\n\n```ruby\nerb :overview, :locals =\u003e { :text =\u003e markdown(:introduction) }\n```\n\nNote that you may also call the `markdown` method from within other\ntemplates:\n\n```ruby\n%h1 Hello From Haml!\n%p= markdown(:greetings)\n```\n\nSince you cannot call Ruby from Markdown, you cannot use layouts written in\nMarkdown. However, it is possible to use another rendering engine for the\ntemplate than for the layout by passing the `:layout_engine` option.\n\n#### RDoc Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"http://rdoc.sourceforge.net/\" title=\"RDoc\"\u003eRDoc\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.rdoc\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003erdoc :README, :layout_engine =\u003e :erb\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\nIt is not possible to call methods from RDoc, nor to pass locals to it. You\ntherefore will usually use it in combination with another rendering engine:\n\n```ruby\nerb :overview, :locals =\u003e { :text =\u003e rdoc(:introduction) }\n```\n\nNote that you may also call the `rdoc` method from within other templates:\n\n```ruby\n%h1 Hello From Haml!\n%p= rdoc(:greetings)\n```\n\nSince you cannot call Ruby from RDoc, you cannot use layouts written in\nRDoc. However, it is possible to use another rendering engine for the\ntemplate than for the layout by passing the `:layout_engine` option.\n\n#### AsciiDoc Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"http://asciidoctor.org/\" title=\"Asciidoctor\"\u003eAsciidoctor\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.asciidoc\u003c/tt\u003e, \u003ctt\u003e.adoc\u003c/tt\u003e and \u003ctt\u003e.ad\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003easciidoc :README, :layout_engine =\u003e :erb\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\nSince you cannot call Ruby methods directly from an AsciiDoc template, you\nalmost always want to pass locals to it.\n\n#### Markaby Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://markaby.github.io/\" title=\"Markaby\"\u003eMarkaby\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.mab\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003emarkaby { h1 \"Welcome!\" }\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\nIt also takes a block for inline templates (see [example](#inline-templates)).\n\n#### RABL Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://github.com/nesquena/rabl\" title=\"Rabl\"\u003eRabl\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.rabl\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003erabl :index\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n#### Slim Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://slim-template.github.io/\" title=\"Slim Lang\"\u003eSlim Lang\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.slim\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003eslim :index\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n#### Yajl Templates\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd\u003eDependency\u003c/td\u003e\n \u003ctd\u003e\u003ca href=\"https://github.com/brianmario/yajl-ruby\" title=\"yajl-ruby\"\u003eyajl-ruby\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eFile Extension\u003c/td\u003e\n \u003ctd\u003e\u003ctt\u003e.yajl\u003c/tt\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd\u003eExample\u003c/td\u003e\n \u003ctd\u003e\n \u003ctt\u003e\n yajl :index,\n :locals =\u003e { :key =\u003e 'qux' },\n :callback =\u003e 'present',\n :variable =\u003e 'resource'\n \u003c/tt\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n\nThe template source is evaluated as a Ruby string, and the\nresulting json variable is converted using `#to_json`:\n\n```ruby\njson = { :foo =\u003e 'bar' }\njson[:baz] = key\n```\n\nThe `:callback` and `:variable` options can be used to decorate the rendered\nobject:\n\n```javascript\nvar resource = {\"foo\":\"bar\",\"baz\":\"qux\"};\npresent(resource);\n```\n\n### Accessing Variables in Templates\n\nTemplates are evaluated within the same context as route handlers. Instance\nvariables set in route handlers are directly accessible by templates:\n\n```ruby\nget '/:id' do\n @foo = Foo.find(params['id'])\n haml '%h1= @foo.name'\nend\n```\n\nOr, specify an explicit Hash of local variables:\n\n```ruby\nget '/:id' do\n foo = Foo.find(params['id'])\n haml '%h1= bar.name', :locals =\u003e { :bar =\u003e foo }\nend\n```\n\nThis is typically used when rendering templates as partials from within\nother templates.\n\n### Templates with `yield` and nested layouts\n\nA layout is usually just a template that calls `yield`.\nSuch a template can be used either through the `:template` option as\ndescribed above, or it can be rendered with a block as follows:\n\n```ruby\nerb :post, :layout =\u003e false do\n erb :index\nend\n```\n\nThis code is mostly equivalent to `erb :index, :layout =\u003e :post`.\n\nPassing blocks to rendering methods is most useful for creating nested\nlayouts:\n\n```ruby\nerb :main_layout, :layout =\u003e false do\n erb :admin_layout do\n erb :user\n end\nend\n```\n\nThis can also be done in fewer lines of code with:\n\n```ruby\nerb :admin_layout, :layout =\u003e :main_layout do\n erb :user\nend\n```\n\nCurrently, the following rendering methods accept a block: `erb`, `haml`,\n`liquid`, `slim `. Also, the general `render` method accepts a block.\n\n### Inline Templates\n\nTemplates may be defined at the end of the source file:\n\n```ruby\nrequire 'sinatra'\n\nget '/' do\n haml :index\nend\n\n__END__\n\n@@ layout\n%html\n != yield\n\n@@ index\n%div.title Hello world.\n```\n\nNOTE: Inline templates defined in the source file that requires Sinatra are\nautomatically loaded. Call `enable :inline_templates` explicitly if you\nhave inline templates in other source files.\n\n### Named Templates\n\nTemplates may also be defined using the top-level `template` method:\n\n```ruby\ntemplate :layout do\n \"%html\\n =yield\\n\"\nend\n\ntemplate :index do\n '%div.title Hello World!'\nend\n\nget '/' do\n haml :index\nend\n```\n\nIf a template named \"layout\" exists, it will be used each time a template\nis rendered. You can individually disable layouts by passing\n`:layout =\u003e false` or disable them by default via\n`set :haml, :layout =\u003e false`:\n\n```ruby\nget '/' do\n haml :index, :layout =\u003e !request.xhr?\nend\n```\n\n### Associating File Extensions\n\nTo associate a file extension with a template engine, use\n`Tilt.register`. For instance, if you like to use the file extension\n`tt` for Haml templates, you can do the following:\n\n```ruby\nTilt.register Tilt[:haml], :tt\n```\n\n### Adding Your Own Template Engine\n\nFirst, register your engine with Tilt, then create a rendering method:\n\n```ruby\nTilt.register MyAwesomeTemplateEngine, :myat\n\nhelpers do\n def myat(*args) render(:myat, *args) end\nend\n\nget '/' do\n myat :index\nend\n```\n\nRenders `./views/index.myat`. Learn more about\n[Tilt](https://github.com/rtomayko/tilt#readme).\n\n### Using Custom Logic for Template Lookup\n\nTo implement your own template lookup mechanism you can write your\nown `#find_template` method:\n\n```ruby\nconfigure do\n set :views, [ './views/a', './views/b' ]\nend\n\ndef find_template(views, name, engine, \u0026block)\n Array(views).each do |v|\n super(v, name, engine, \u0026block)\n end\nend\n```\n\n## Filters\n\nBefore filters are evaluated before each request within the same context\nas the routes will be and can modify the request and response. Instance\nvariables set in filters are accessible by routes and templates:\n\n```ruby\nbefore do\n @note = 'Hi!'\n request.path_info = '/foo/bar/baz'\nend\n\nget '/foo/*' do\n @note #=\u003e 'Hi!'\n params['splat'] #=\u003e 'bar/baz'\nend\n```\n\nAfter filters are evaluated after each request within the same context\nas the routes will be and can also modify the request and response.\nInstance variables set in before filters and routes are accessible by\nafter filters:\n\n```ruby\nafter do\n puts response.status\nend\n```\n\nNote: Unless you use the `body` method rather than just returning a\nString from the routes, the body will not yet be available in the after\nfilter, since it is generated later on.\n\nFilters optionally take a pattern, causing them to be evaluated only if the\nrequest path matches that pattern:\n\n```ruby\nbefore '/protected/*' do\n authenticate!\nend\n\nafter '/create/:slug' do |slug|\n session[:last_slug] = slug\nend\n```\n\nLike routes, filters also take conditions:\n\n```ruby\nbefore :agent =\u003e /Songbird/ do\n # ...\nend\n\nafter '/blog/*', :host_name =\u003e 'example.com' do\n # ...\nend\n```\n\n## Helpers\n\nUse the top-level `helpers` method to define helper methods for use in\nroute handlers and templates:\n\n```ruby\nhelpers do\n def bar(name)\n \"#{name}bar\"\n end\nend\n\nget '/:name' do\n bar(params['name'])\nend\n```\n\nAlternatively, helper methods can be separately defined in a module:\n\n```ruby\nmodule FooUtils\n def foo(name) \"#{name}foo\" end\nend\n\nmodule BarUtils\n def bar(name) \"#{name}bar\" end\nend\n\nhelpers FooUtils, BarUtils\n```\n\nThe effect is the same as including the modules in the application class.\n\n### Using Sessions\n\nA session is used to keep state during requests. If activated, you have one\nsession hash per user session:\n\n```ruby\nenable :sessions\n\nget '/' do\n \"value = \" \u003c\u003c session[:value].inspect\nend\n\nget '/:value' do\n session['value'] = params['value']\nend\n```\n\n#### Session Secret Security\n\nTo improve security, the session data in the cookie is signed with a session\nsecret using `HMAC-SHA1`. This session secret should optimally be a\ncryptographically secure random value of an appropriate length which for\n`HMAC-SHA1` is greater than or equal to 64 bytes (512 bits, 128 hex\ncharacters). You would be advised not to use a secret that is less than 32\nbytes of randomness (256 bits, 64 hex characters). It is therefore **very\nimportant** that you don't just make the secret up, but instead use a secure\nrandom number generator to create it. Humans are extremely bad at generating\nrandom values.\n\nBy default, a 32 byte secure random session secret is generated for you by\nSinatra, but it will change with every restart of your application. If you\nhave multiple instances of your application, and you let Sinatra generate the\nkey, each instance would then have a different session key which is probably\nnot what you want.\n\nFor better security and usability it's\n[recommended](https://12factor.net/config) that you generate a secure random\nsecret and store it in an environment variable on each host running your\napplication so that all of your application instances will share the same\nsecret. You should periodically rotate this session secret to a new value.\nHere are some examples of how you might create a 64-byte secret and set it:\n\n**Session Secret Generation**\n\n```text\n$ ruby -e \"require 'securerandom'; puts SecureRandom.hex(64)\"\n99ae8af...snip...ec0f262ac\n```\n\n**Session Secret Environment Variable**\n\nSet a `SESSION_SECRET` environment variable for Sinatra to the value you\ngenerated. Make this value persistent across reboots of your host. Since the\nmethod for doing this will vary across systems this is for illustrative\npurposes only:\n\n```bash\n# echo \"export SESSION_SECRET=99ae8af...snip...ec0f262ac\" \u003e\u003e ~/.bashrc\n```\n\n**Session Secret App Config**\n\nSet up your app config to fail-safe to a secure random secret\nif the `SESSION_SECRET` environment variable is not available:\n\n```ruby\nrequire 'securerandom'\nset :session_secret, ENV.fetch('SESSION_SECRET') { SecureRandom.hex(64) }\n```\n\n#### Session Config\n\nIf you want to configure it further, you may also store a hash with options\nin the `sessions` setting:\n\n```ruby\nset :sessions, :domain =\u003e 'foo.com'\n```\n\nTo share your session across other apps on subdomains of foo.com, prefix the\ndomain with a *.* like this instead:\n\n```ruby\nset :sessions, :domain =\u003e '.foo.com'\n```\n\n#### Choosing Your Own Session Middleware\n\nNote that `enable :sessions` actually stores all data in a cookie. This\nmight not always be what you want (storing lots of data will increase your\ntraffic, for instance). You can use any Rack session middleware in order to\ndo so, one of the following methods can be used:\n\n```ruby\nenable :sessions\nset :session_store, Rack::Session::Pool\n```\n\nOr to set up sessions with a hash of options:\n\n```ruby\nset :sessions, :expire_after =\u003e 2592000\nset :session_store, Rack::Session::Pool\n```\n\nAnother option is to **not** call `enable :sessions`, but instead pull in\nyour middleware of choice as you would any other middleware.\n\nIt is important to note that when using this method, session based\nprotection **will not be enabled by default**.\n\nThe Rack middleware to do that will also need to be added:\n\n```ruby\nuse Rack::Session::Pool, :expire_after =\u003e 2592000\nuse Rack::Protection::RemoteToken\nuse Rack::Protection::SessionHijacking\n```\n\nSee '[Configuring attack protection](#configuring-attack-protection)' for more information.\n\n### Halting\n\nTo immediately stop a request within a filter or route use:\n\n```ruby\nhalt\n```\n\nYou can also specify the status when halting:\n\n```ruby\nhalt 410\n```\n\nOr the body:\n\n```ruby\nhalt 'this will be the body'\n```\n\nOr both:\n\n```ruby\nhalt 401, 'go away!'\n```\n\nWith headers:\n\n```ruby\nhalt 402, {'Content-Type' =\u003e 'text/plain'}, 'revenge'\n```\n\nIt is of course possible to combine a template with `halt`:\n\n```ruby\nhalt erb(:error)\n```\n\n### Passing\n\nA route can punt processing to the next matching route using `pass`:\n\n```ruby\nget '/guess/:who' do\n pass unless params['who'] == 'Frank'\n 'You got me!'\nend\n\nget '/guess/*' do\n 'You missed!'\nend\n```\n\nThe route block is immediately exited and control continues with the next\nmatching route. If no matching route is found, a 404 is returned.\n\n### Triggering Another Route\n\nSometimes `pass` is not what you want, instead, you would like to get the\nresult of calling another route. Simply use `call` to achieve this:\n\n```ruby\nget '/foo' do\n status, headers, body = call env.merge(\"PATH_INFO\" =\u003e '/bar')\n [status, headers, body.map(\u0026:upcase)]\nend\n\nget '/bar' do\n \"bar\"\nend\n```\n\nNote that in the example above, you would ease testing and increase\nperformance by simply moving `\"bar\"` into a helper used by both `/foo` and\n`/bar`.\n\nIf you want the request to be sent to the same application instance rather\nthan a duplicate, use `call!` instead of `call`.\n\nCheck out the Rack specification if you want to learn more about `call`.\n\n### Setting Body, Status Code, and Headers\n\nIt is possible and recommended to set the status code and response body with\nthe return value of the route block. However, in some scenarios, you might\nwant to set the body at an arbitrary point in the execution flow. You can do\nso with the `body` helper method. If you do so, you can use that method from\nthereon to access the body:\n\n```ruby\nget '/foo' do\n body \"bar\"\nend\n\nafter do\n puts body\nend\n```\n\nIt is also possible to pass a block to `body`, which will be executed by the\nRack handler (this can be used to implement streaming, [see \"Return Values\"](#return-values)).\n\nSimilar to the body, you can also set the status code and headers:\n\n```ruby\nget '/foo' do\n status 418\n headers \\\n \"Allow\" =\u003e \"BREW, POST, GET, PROPFIND, WHEN\",\n \"Refresh\" =\u003e \"Refresh: 20; https://ietf.org/rfc/rfc2324.txt\"\n body \"I'm a teapot!\"\nend\n```\n\nLike `body`, `headers` and `status` with no arguments can be used to access\ntheir current values.\n\n### Streaming Responses\n\nSometimes you want to start sending out data while still generating parts of\nthe response body. In extreme examples, you want to keep sending data until\nthe client closes the connection. You can use the `stream` helper to avoid\ncreating your own wrapper:\n\n```ruby\nget '/' do\n stream do |out|\n out \u003c\u003c \"It's gonna be legen -\\n\"\n sleep 0.5\n out \u003c\u003c \" (wait for it) \\n\"\n sleep 1\n out \u003c\u003c \"- dary!\\n\"\n end\nend\n```\n\nThis allows you to implement streaming APIs,\n[Server Sent Events](https://w3c.github.io/eventsource/), and can be used as\nthe basis for [WebSockets](https://en.wikipedia.org/wiki/WebSocket). It can\nalso be used to increase throughput if some but not all content depends on a\nslow resource.\n\nNote that the streaming behavior, especially the number of concurrent\nrequests, highly depends on the webserver used to serve the application.\nSome servers might not even support streaming at all. If the server does not\nsupport streaming, the body will be sent all at once after the block passed\nto `stream` finishes executing. Streaming does not work at all with Shotgun.\n\nIf the optional parameter is set to `keep_open`, it will not call `close` on\nthe stream object, allowing you to close it at any later point in the\nexecution flow.\n\nYou can have a look at the [chat example](https://github.com/sinatra/sinatra/blob/main/examples/chat.rb)\n\nIt's also possible for the client to close the connection when trying to\nwrite to the socket. Because of this, it's recommended to check\n`out.closed?` before trying to write.\n\n### Logging\n\nIn the request scope, the `logger` helper exposes a `Logger` instance:\n\n```ruby\nget '/' do\n logger.info \"loading data\"\n # ...\nend\n```\n\nThis logger will automatically take your Rack handler's logging settings into\naccount. If logging is disabled, this method will return a dummy object, so\nyou do not have to worry about it in your routes and filters.\n\nNote that logging is only enabled for `Sinatra::Application` by default, so\nif you inherit from `Sinatra::Base`, you probably want to enable it yourself:\n\n```ruby\nclass MyApp \u003c Sinatra::Base\n configure :production, :development do\n enable :logging\n end\nend\n```\n\nTo avoid any logging middleware to be set up, set the `logging` option to\n`nil`. However, keep in mind that `logger` will in that case return `nil`. A\ncommon use case is when you want to set your own logger. Sinatra will use\nwhatever it will find in `env['rack.logger']`.\n\n### Mime Types\n\nWhen using `send_file` or static files you may have mime types Sinatra\ndoesn't understand. Use `mime_type` to register them by file extension:\n\n```ruby\nconfigure do\n mime_type :foo, 'text/foo'\nend\n```\n\nYou can also use it with the `content_type` helper:\n\n```ruby\nget '/' do\n content_type :foo\n \"foo foo foo\"\nend\n```\n\n### Generating URLs\n\nFor generating URLs you should use the `url` helper method, for instance, in\nHaml:\n\n```ruby\n%a{:href =\u003e url('/foo')} foo\n```\n\nIt takes reverse proxies and Rack routers into account - if present.\n\nThis method is also aliased to `to` (see [below](#browser-redirect) for an example).\n\n### Browser Redirect\n\nYou can trigger a browser redirect with the `redirect` helper method:\n\n```ruby\nget '/foo' do\n redirect to('/bar')\nend\n```\n\nAny additional parameters are handled like arguments passed to `halt`:\n\n```ruby\nredirect to('/bar'), 303\nredirect 'http://www.google.com/', 'wrong place, buddy'\n```\n\nYou can also easily redirect back to the page the user came from with\n`redirect back`:\n\n```ruby\nget '/foo' do\n \"\u003ca href='/bar'\u003edo something\u003c/a\u003e\"\nend\n\nget '/bar' do\n do_something\n redirect back\nend\n```\n\nTo pass arguments with a redirect, either add them to the query:\n\n```ruby\nredirect to('/bar?sum=42')\n```\n\nOr use a session:\n\n```ruby\nenable :sessions\n\nget '/foo' do\n session[:secret] = 'foo'\n redirect to('/bar')\nend\n\nget '/bar' do\n session[:secret]\nend\n```\n\n### Cache Control\n\nSetting your headers correctly is the foundation for proper HTTP caching.\n\nYou can easily set the Cache-Control header like this:\n\n```ruby\nget '/' do\n cache_control :public\n \"cache it!\"\nend\n```\n\nPro tip: Set up caching in a before filter:\n\n```ruby\nbefore do\n cache_control :public, :must_revalidate, :max_age =\u003e 60\nend\n```\n\nIf you are using the `expires` helper to set the corresponding header,\n`Cache-Control` will be set automatically for you:\n\n```ruby\nbefore do\n expires 500, :public, :must_revalidate\nend\n```\n\nTo properly use caches, you should consider using `etag` or `last_modified`.\nIt is recommended to call those helpers *before* doing any heavy lifting, as\nthey will immediately flush a response if the client already has the current\nversion in its cache:\n\n```ruby\nget \"/article/:id\" do\n @article = Article.find params['id']\n last_modified @article.updated_at\n etag @article.sha1\n erb :article\nend\n```\n\nIt is also possible to use a\n[weak ETag](https://en.wikipedia.org/wiki/HTTP_ETag#Strong_and_weak_validation):\n\n```ruby\netag @article.sha1, :weak\n```\n\nThese helpers will not do any caching for you, but rather feed the necessary\ninformation to your cache. If you are looking for a quick\nreverse-proxy caching solution, try\n[rack-cache](https://github.com/rtomayko/rack-cache#readme):\n\n```ruby\nrequire \"rack/cache\"\nrequire \"sinatra\"\n\nuse Rack::Cache\n\nget '/' do\n cache_control :public, :max_age =\u003e 36000\n sleep 5\n \"hello\"\nend\n```\n\nUse the `:static_cache_control` setting (see [below](#cache-control)) to add\n`Cache-Control` header info to static files.\n\nAccording to RFC 2616, your application should behave differently if the\nIf-Match or If-None-Match header is set to `*`, depending on whether the\nresource requested is already in existence. Sinatra assumes resources for\nsafe (like get) and idempotent (like put) requests are already in existence,\nwhereas other resources (for instance post requests) are treated as new\nresources. You can change this behavior by passing in a `:new_resource`\noption:\n\n```ruby\nget '/create' do\n etag '', :new_resource =\u003e true\n Article.create\n erb :new_article\nend\n```\n\nIf you still want to use a weak ETag, pass in a `:kind` option:\n\n```ruby\netag '', :new_resource =\u003e true, :kind =\u003e :weak\n```\n\n### Sending Files\n\nTo return the contents of a file as the response, you can use the `send_file`\nhelper method:\n\n```ruby\nget '/' do\n send_file 'foo.png'\nend\n```\n\nIt also takes options:\n\n```ruby\nsend_file 'foo.png', :type =\u003e :jpg\n```\n\nThe options are:\n\n\u003cdl\u003e\n \u003cdt\u003efilename\u003c/dt\u003e\n \u003cdd\u003eFile name to be used in the response,\n defaults to the real file name.\u003c/dd\u003e\n \u003cdt\u003elast_modified\u003c/dt\u003e\n \u003cdd\u003eValue for Last-Modified header, defaults to the file's mtime.\u003c/dd\u003e\n\n \u003cdt\u003etype\u003c/dt\u003e\n \u003cdd\u003eValue for Content-Type header, guessed from the file extension if\n missing.\u003c/dd\u003e\n\n \u003cdt\u003edisposition\u003c/dt\u003e\n \u003cdd\u003e\n Value for Content-Disposition header, possible values: \u003ctt\u003enil\u003c/tt\u003e\n (default), \u003ctt\u003e:attachment\u003c/tt\u003e and \u003ctt\u003e:inline\u003c/tt\u003e\n \u003c/dd\u003e\n\n \u003cdt\u003elength\u003c/dt\u003e\n \u003cdd\u003eValue for Content-Length header, defaults to file size.\u003c/dd\u003e\n\n \u003cdt\u003estatus\u003c/dt\u003e\n \u003cdd\u003e\n Status code to be sent. Useful when sending a static file as an error\n page. If supported by the Rack handler, other means than streaming\n from the Ruby process will be used. If you use this helper method,\n Sinatra will automatically handle range requests.\n \u003c/dd\u003e\n\u003c/dl\u003e\n\n### Accessing the Request Object\n\nThe incoming request object can be accessed from request level (filter,\nroutes, error handlers) through the `request` method:\n\n```ruby\n# app running on http://example.com/example\nget '/foo' do\n t = %w[text/css text/html application/javascript]\n request.accept # ['text/html', '*/*']\n request.accept? 'text/xml' # true\n request.preferred_type(t) # 'text/html'\n request.body # request body sent by the client (see below)\n request.scheme # \"http\"\n request.script_name # \"/example\"\n request.path_info # \"/foo\"\n request.port # 80\n request.request_method # \"GET\"\n request.query_string # \"\"\n request.content_length # length of request.body\n request.media_type # media type of request.body\n request.host # \"example.com\"\n request.get? # true (similar methods for other verbs)\n request.form_data? # false\n request[\"some_param\"] # value of some_param parameter. [] is a shortcut to the params hash.\n request.referrer # the referrer of the client or '/'\n request.user_agent # user agent (used by :agent condition)\n request.cookies # hash of browser cookies\n request.xhr? # is this an ajax request?\n request.url # \"http://example.com/example/foo\"\n request.path # \"/example/foo\"\n request.ip # client IP address\n request.secure? # false (would be true over ssl)\n request.forwarded? # true (if running behind a reverse proxy)\n request.env # raw env hash handed in by Rack\nend\n```\n\nSome options, like `script_name` or `path_info`, can also be written:\n\n```ruby\nbefore { request.path_info = \"/\" }\n\nget \"/\" do\n \"all requests end up here\"\nend\n```\n\nThe `request.body` is an IO or StringIO object:\n\n```ruby\npost \"/api\" do\n request.body.rewind # in case someone already read it\n data = JSON.parse request.body.read\n \"Hello #{data['name']}!\"\nend\n```\n\n### Attachments\n\nYou can use the `attachment` helper to tell the browser the response should\nbe stored on disk rather than displayed in the browser:\n\n```ruby\nget '/' do\n attachment\n \"store it!\"\nend\n```\n\nYou can also pass it a file name:\n\n```ruby\nget '/' do\n attachment \"info.txt\"\n \"store it!\"\nend\n```\n\n### Dealing with Date and Time\n\nSinatra offers a `time_for` helper method that generates a Time object from\nthe given value. It is also able to convert `DateTime`, `Date` and similar\nclasses:\n\n```ruby\nget '/' do\n pass if Time.now \u003e time_for('Dec 23, 2016')\n \"still time\"\nend\n```\n\nThis method is used internally by `expires`, `last_modified` and akin. You\ncan therefore easily extend the behavior of those methods by overriding\n`time_for` in your application:\n\n```ruby\nhelpers do\n def time_for(value)\n case value\n when :yesterday then Time.now - 24*60*60\n when :tomorrow then Time.now + 24*60*60\n else super\n end\n end\nend\n\nget '/' do\n last_modified :yesterday\n expires :tomorrow\n \"hello\"\nend\n```\n\n### Looking Up Template Files\n\nThe `find_template` helper is used to find template files for rendering:\n\n```ruby\nfind_template settings.views, 'foo', Tilt[:haml] do |file|\n puts \"could be #{file}\"\nend\n```\n\nThis is not really useful. But it is useful that you can actually override\nthis method to hook in your own lookup mechanism. For instance, if you want\nto be able to use more than one view directory:\n\n```ruby\nset :views, ['views', 'templates']\n\nhelpers do\n def find_template(views, name, engine, \u0026block)\n Array(views).each { |v| super(v, name, engine, \u0026block) }\n end\nend\n```\n\nAnother example would be using different directories for different engines:\n\n```ruby\nset :views, :haml =\u003e 'templates', :default =\u003e 'views'\n\nhelpers do\n def find_template(views, name, engine, \u0026block)\n _, folder = views.detect { |k,v| engine == Tilt[k] }\n folder ||= views[:default]\n super(folder, name, engine, \u0026block)\n end\nend\n```\n\nYou can also easily wrap this up in an extension and share it with others!\n\nNote that `find_template` does not check if the file really exists but\nrather calls the given block for all possible paths. This is not a\nperformance issue, since `render` will use `break` as soon as a file is\nfound. Also, template locations (and content) will be cached if you are not\nrunning in development mode. You should keep that in mind if you write a\nreally crazy method.\n\n## Configuration\n\nRun once, at startup, in any environment:\n\n```ruby\nconfigure do\n # setting one option\n set :option, 'value'\n\n # setting multiple options\n set :a =\u003e 1, :b =\u003e 2\n\n # same as `set :option, true`\n enable :option\n\n # same as `set :option, false`\n disable :option\n\n # you can also have dynamic settings with blocks\n set(:css_dir) { File.join(views, 'css') }\nend\n```\n\nRun only when the environment (`APP_ENV` environment variable) is set to\n`:production`:\n\n```ruby\nconfigure :production do\n ...\nend\n```\n\nRun when the environment is set to either `:production` or `:test`:\n\n```ruby\nconfigure :production, :test do\n ...\nend\n```\n\nYou can access those options via `settings`:\n\n```ruby\nconfigure do\n set :foo, 'bar'\nend\n\nget '/' do\n settings.foo? # =\u003e true\n settings.foo # =\u003e 'bar'\n ...\nend\n```\n\n### Configuring attack protection\n\nSinatra is using\n[Rack::Protection](https://github.com/sinatra/sinatra/tree/main/rack-protection#readme) to\ndefend your application against common, opportunistic attacks. You can\neasily disable this behavior (which will open up your application to tons\nof common vulnerabilities):\n\n```ruby\ndisable :protection\n```\n\nTo skip a single defense layer, set `protection` to an options hash:\n\n```ruby\nset :protection, :except =\u003e :path_traversal\n```\nYou can also hand in an array in order to disable a list of protections:\n\n```ruby\nset :protection, :except =\u003e [:path_traversal, :remote_token]\n```\n\nBy default, Sinatra will only set up session based protection if `:sessions`\nhave been enabled. See '[Using Sessions](#using-sessions)'. Sometimes you may want to set up\nsessions \"outside\" of the Sinatra app, such as in the config.ru or with a\nseparate `Rack::Builder` instance. In that case, you can still set up session\nbased protection by passing the `:session` option:\n\n```ruby\nset :protection, :session =\u003e true\n```\n\n### Available Settings\n\n\u003cdl\u003e\n \u003cdt\u003eabsolute_redirects\u003c/dt\u003e\n \u003cdd\u003e\n If disabled, Sinatra will allow relative redirects, however, Sinatra\n will no longer conform with RFC 2616 (HTTP 1.1), which only allows\n absolute redirects.\n \u003c/dd\u003e\n \u003cdd\u003e\n Enable if your app is running behind a reverse proxy that has not been\n set up properly. Note that the \u003ctt\u003eurl\u003c/tt\u003e helper will still produce\n absolute URLs, unless you pass in \u003ctt\u003efalse\u003c/tt\u003e as the second\n parameter.\n \u003c/dd\u003e\n \u003cdd\u003eDisabled by default.\u003c/dd\u003e\n\n \u003cdt\u003eadd_charset\u003c/dt\u003e\n \u003cdd\u003e\n Mime types the \u003ctt\u003econtent_type\u003c/tt\u003e helper will automatically add the\n charset info to. You should add to it rather than overriding this\n option: \u003ctt\u003esettings.add_charset \u003c\u003c \"application/foobar\"\u003c/tt\u003e\n \u003c/dd\u003e\n\n \u003cdt\u003eapp_file\u003c/dt\u003e\n \u003cdd\u003e\n Path to the main application file, used to detect project root, views\n and public folder and inline templates.\n \u003c/dd\u003e\n\n \u003cdt\u003ebind\u003c/dt\u003e\n \u003cdd\u003e\n IP address to bind to (default: \u003ctt\u003e0.0.0.0\u003c/tt\u003e \u003cem\u003eor\u003c/em\u003e\n \u003ctt\u003elocalhost\u003c/tt\u003e if your `environment` is set to development). Only\n used for built-in server.\n \u003c/dd\u003e\n\n \u003cdt\u003edefault_content_type\u003c/dt\u003e\n \u003cdd\u003e\n Content-Type to assume if unknown (defaults to \u003ctt\u003e\"text/html\"\u003c/tt\u003e). Set\n to \u003ctt\u003enil\u003c/tt\u003e to not set a default Content-Type on every response; when\n configured so, you must set the Content-Type manually when emitting content\n or the user-agent will have to sniff it (or, if \u003ctt\u003enosniff\u003c/tt\u003e is enabled\n in Rack::Protection::XSSHeader, assume \u003ctt\u003eapplication/octet-stream\u003c/tt\u003e).\n \u003c/dd\u003e\n\n \u003cdt\u003edefault_encoding\u003c/dt\u003e\n \u003cdd\u003eEncoding to assume if unknown (defaults to \u003ctt\u003e\"utf-8\"\u003c/tt\u003e).\u003c/dd\u003e\n\n \u003cdt\u003edump_errors\u003c/dt\u003e\n \u003cdd\u003eDisplay errors in the log. Enabled by default unless environment is \"test\".\u003c/dd\u003e\n\n \u003cdt\u003eenvironment\u003c/dt\u003e\n \u003cdd\u003e\n Current environment. Defaults to \u003ctt\u003eENV['APP_ENV']\u003c/tt\u003e, or\n \u003ctt\u003e\"development\"\u003c/tt\u003e if not available.\n \u003c/dd\u003e\n\n \u003cdt\u003ehost_authorization\u003c/dt\u003e\n \u003cdd\u003e\n \u003cp\u003e\n You can pass a hash of options to \u003ctt\u003ehost_authorization\u003c/tt\u003e,\n to be used by the \u003ctt\u003eRack::Protection::HostAuthorization\u003c/tt\u003e middleware.\n \u003c/p\u003e\n \u003cp\u003e\n The middleware can block requests with unrecognized hostnames, to prevent DNS rebinding\n and other host header attacks. It checks the \u003ctt\u003eHost\u003c/tt\u003e, \u003ctt\u003eX-Forwarded-Host\u003c/tt\u003e\n and \u003ctt\u003eForwarded\u003c/tt\u003e headers.\n \u003c/p\u003e\n \u003cp\u003e\n Useful options are:\n \u003cul\u003e\n \u003cli\u003e\u003ctt\u003epermitted_hosts\u003c/tt\u003e – an array of hostnames (and \u003ctt\u003eIPAddr\u003c/tt\u003e objects) your app recognizes\n \u003cul\u003e\n \u003cli\u003ein the \u003ctt\u003edevelopment\u003c/tt\u003e environment, it is set to \u003ctt\u003e.localhost\u003c/tt\u003e, \u003ctt\u003e.test\u003c/tt\u003e and any IPv4/IPv6 address\u003c/li\u003e\n \u003cli\u003eif empty, any hostname is permitted (the default for any other environment)\u003c/li\u003e\n \u003c/ul\u003e\n \u003c/li\u003e\n \u003cli\u003e\u003ctt\u003estatus\u003c/tt\u003e – the HTTP status code used in the response when a request is blocked (defaults to \u003ctt\u003e403\u003c/tt\u003e)\u003c/li\u003e\n \u003cli\u003e\u003ctt\u003emessage\u003c/tt\u003e – the body used in the response when a request is blocked (defaults to \u003ctt\u003eHost not permitted\u003c/tt\u003e)\u003c/li\u003e\n \u003cli\u003e\u003ctt\u003eallow_if\u003c/tt\u003e – supply a \u003ctt\u003eProc\u003c/tt\u003e to use custom allow/deny logic, the proc is passed the request environment\u003c/li\u003e\n \u003c/ul\u003e\n \u003c/p\u003e\n \u003c/dd\u003e\n\n \u003cdt\u003elogging\u003c/dt\u003e\n \u003cdd\u003eUse the logger.\u003c/dd\u003e\n\n \u003cdt\u003elock\u003c/dt\u003e\n \u003cdd\u003e\n Places a lock around every request, only running processing on request\n per Ruby process concurrently.\n \u003c/dd\u003e\n \u003cdd\u003eEnabled if your app is not thread-safe. Disabled by default.\u003c/dd\u003e\n\n \u003cdt\u003emethod_override\u003c/dt\u003e\n \u003cdd\u003e\n Use \u003ctt\u003e_method\u003c/tt\u003e magic to allow put/delete forms in browsers that\n don't support it.\n \u003c/dd\u003e\n\n \u003cdt\u003emustermann_opts\u003c/dt\u003e\n \u003cdd\u003e\n A default hash of options to pass to Mustermann.new when compiling routing\n paths.\n \u003c/dd\u003e\n\n \u003cdt\u003eport\u003c/dt\u003e\n \u003cdd\u003ePort to listen on. Only used for built-in server.\u003c/dd\u003e\n\n \u003cdt\u003eprefixed_redirects\u003c/dt\u003e\n \u003cdd\u003e\n Whether or not to insert \u003ctt\u003erequest.script_name\u003c/tt\u003e into redirects\n if no absolute path is given. That way \u003ctt\u003eredirect '/foo'\u003c/tt\u003e would\n behave like \u003ctt\u003eredirect to('/foo')\u003c/tt\u003e. Disabled by default.\n \u003c/dd\u003e\n\n \u003cdt\u003eprotection\u003c/dt\u003e\n \u003cdd\u003e\n Whether or not to enable web attack protections. See protection section\n above.\n \u003c/dd\u003e\n\n \u003cdt\u003epublic_dir\u003c/dt\u003e\n \u003cdd\u003eAlias for \u003ctt\u003epublic_folder\u003c/tt\u003e. See below.\u003c/dd\u003e\n\n \u003cdt\u003epublic_folder\u003c/dt\u003e\n \u003cdd\u003e\n Path to the folder public files are served from. Only used if static\n file serving is enabled (see \u003ctt\u003estatic\u003c/tt\u003e setting below). Inferred\n from \u003ctt\u003eapp_file\u003c/tt\u003e setting if not set.\n \u003c/dd\u003e\n\n \u003cdt\u003equiet\u003c/dt\u003e\n \u003cdd\u003e\n Disables logs generated by Sinatra's start and stop commands.\n \u003ctt\u003efalse\u003c/tt\u003e by default.\n \u003c/dd\u003e\n\n \u003cdt\u003ereload_templates\u003c/dt\u003e\n \u003cdd\u003e\n Whether or not to reload templates between requests. Enabled in\n development mode.\n \u003c/dd\u003e\n\n \u003cdt\u003eroot\u003c/dt\u003e\n \u003cdd\u003e\n Path to project root folder. Inferred from \u003ctt\u003eapp_file\u003c/tt\u003e setting\n if not set.\n \u003c/dd\u003e\n\n \u003cdt\u003eraise_errors\u003c/dt\u003e\n \u003cdd\u003e\n Raise unhandled errors (will stop application). Enabled by default when\n \u003ctt\u003eenvironment\u003c/tt\u003e is set to \u003ctt\u003e\"test\"\u003c/tt\u003e, disabled otherwise.\n \u003c/dd\u003e\n \u003cdd\u003e\n Any explicitly defined error handlers always override this setting. See \n the \"Error\" section below.\n \u003c/dd\u003e\n\n \u003cdt\u003erun\u003c/dt\u003e\n \u003cdd\u003e\n If enabled, Sinatra will handle starting the web server. Do not\n enable if using rackup or other means.\n \u003c/dd\u003e\n\n \u003cdt\u003erunning\u003c/dt\u003e\n \u003cdd\u003eIs the built-in server running now? Do not change this setting!\u003c/dd\u003e\n\n \u003cdt\u003eserver\u003c/dt\u003e\n \u003cdd\u003e\n Server or list of servers to use for built-in server. Order indicates\n priority, default depends on Ruby implementation.\n \u003c/dd\u003e\n\n \u003cdt\u003eserver_settings\u003c/dt\u003e\n \u003cdd\u003e\n You can pass a hash of options to \u003ctt\u003eserver_settings\u003c/tt\u003e,\n such as \u003ctt\u003eHost\u003c/tt\u003e or \u003ctt\u003ePort\u003c/tt\u003e.\n \u003c/dd\u003e\n\n \u003cdt\u003esessions\u003c/dt\u003e\n \u003cdd\u003e\n Enable cookie-based sessions support using\n \u003ctt\u003eRack::Session::Cookie\u003c/tt\u003e. See 'Using Sessions' section for more\n information.\n \u003c/dd\u003e\n\n \u003cdt\u003esession_store\u003c/dt\u003e\n \u003cdd\u003e\n The Rack session middleware used. Defaults to\n \u003ctt\u003eRack::Session::Cookie\u003c/tt\u003e. See 'Using Sessions' section for more\n information.\n \u003c/dd\u003e\n\n \u003cdt\u003eshow_exceptions\u003c/dt\u003e\n \u003cdd\u003e\n Show a stack trace in the browser when an exception happens. Enabled by\n default when \u003ctt\u003eenvironment\u003c/tt\u003e is set to \u003ctt\u003e\"development\"\u003c/tt\u003e,\n disabled otherwise.\n \u003c/dd\u003e\n \u003cdd\u003e\n Can also be set to \u003ctt\u003e:after_handler\u003c/tt\u003e to trigger app-specified\n error handling before showing a stack trace in the browser.\n \u003c/dd\u003e\n\n \u003cdt\u003estatic\u003c/dt\u003e\n \u003cdd\u003eWhether Sinatra should handle serving static files.\u003c/dd\u003e\n \u003cdd\u003eDisable when using a server able to do this on its own.\u003c/dd\u003e\n \u003cdd\u003eDisabling will boost performance.\u003c/dd\u003e\n \u003cdd\u003e\n Enabled by default in classic style, disabled for modular apps.\n \u003c/dd\u003e\n\n \u003cdt\u003estatic_cache_control\u003c/dt\u003e\n \u003cdd\u003e\n When Sinatra is serving static files, set this to add\n \u003ctt\u003eCache-Control\u003c/tt\u003e headers to the responses. Uses the\n \u003ctt\u003ecache_control\u003c/tt\u003e helper. Disabled by default.\n \u003c/dd\u003e\n \u003cdd\u003e\n Use an explicit array when setting multiple values:\n \u003ctt\u003eset :static_cache_control, [:public, :max_age =\u003e 300]\u003c/tt\u003e\n \u003c/dd\u003e\n\n \u003cdt\u003estatic_headers\u003c/dt\u003e\n \u003cdd\u003e\n Allows you to define custom header settings for static file responses.\n \u003c/dd\u003e\n \u003cdd\u003e\n For example: \u003cbr\u003e\n \u003ctt\u003eset :static_headers, {'access-control-allow-origin' =\u003e '*', 'x-static-asset' =\u003e 'served-by-sinatra'}\u003c/tt\u003e\n \u003c/dd\u003e\n\n\n \u003cdt\u003ethreaded\u003c/dt\u003e\n \u003cdd\u003e\n If set to \u003ctt\u003etrue\u003c/tt\u003e, will tell server to use\n \u003ctt\u003eEventMachine.defer\u003c/tt\u003e for processing the request.\n \u003c/dd\u003e\n\n \u003cdt\u003etraps\u003c/dt\u003e\n \u003cdd\u003eWhether Sinatra should handle system signals.\u003c/dd\u003e\n\n \u003cdt\u003eviews\u003c/dt\u003e\n \u003cdd\u003e\n Path to the views folder. Inferred from \u003ctt\u003eapp_file\u003c/tt\u003e setting if\n not set.\n \u003c/dd\u003e\n\n \u003cdt\u003ex_cascade\u003c/dt\u003e\n \u003cdd\u003e\n Whether or not to set the X-Cascade header if no route matches.\n Defaults to \u003ctt\u003etrue\u003c/tt\u003e.\n \u003c/dd\u003e\n\u003c/dl\u003e\n\n## Lifecycle Events\n\nThere are 2 lifecycle events currently exposed by Sinatra. One when the server starts and one when it stops.\n\nThey can be used like this:\n\n```ruby\non_start do\n puts \"===== Booting up =====\"\nend\n\non_stop do\n puts \"===== Shutting down =====\"\nend\n```\n\nNote that these callbacks only work when using Sinatra to start the web server.\n\n## Environments\n\nThere are three predefined `environments`: `\"development\"`,\n`\"production\"` and `\"test\"`. Environments can be set through the\n`APP_ENV` environment variable. The default value is `\"development\"`.\nIn the `\"development\"` environment all templates are reloaded between\nrequests, and special `not_found` and `error` handlers display stack\ntraces in your browser. In the `\"production\"` and `\"test\"` environments,\ntemplates are cached by default.\n\nTo run different environments, set the `APP_ENV` environment variable:\n\n```shell\nAPP_ENV=production ruby my_app.rb\n```\n\nYou can use predefined methods: `development?`, `test?` and `production?` to\ncheck the current environment setting:\n\n```ruby\nget '/' do\n if settings.development?\n \"development!\"\n else\n \"not development!\"\n end\nend\n```\n\n## Error Handling\n\nError handlers run within the same context as routes and before filters,\nwhich means you get all the goodies it has to offer, like `haml`, `erb`,\n`halt`, etc.\n\n### Not Found\n\nWhen a `Sinatra::NotFound` exception is raised, or the response's status\ncode is 404, the `not_found` handler is invoked:\n\n```ruby\nnot_found do\n 'This is nowhere to be found.'\nend\n```\n\n### Error\n\nThe `error` handler is invoked any time an exception is raised from a route\nblock or a filter. But note in development it will only run if you set the\nshow exceptions option to `:after_handler`:\n\n```ruby\nset :show_exceptions, :after_handler\n```\n\nA catch-all error handler can be defined with `error` and a block:\n\n```ruby\nerror do\n 'Sorry there was a nasty error'\nend\n```\n\nThe exception object can be obtained from the `sinatra.error` Rack variable:\n\n```ruby\nerror do\n 'Sorry there was a nasty error - ' + env['sinatra.error'].message\nend\n```\n\nPass an error class as an argument to create handlers for custom errors:\n\n```ruby\nerror MyCustomError do\n 'So what happened was...' + env['sinatra.error'].message\nend\n```\n\nThen, if this happens:\n\n```ruby\nget '/' do\n raise MyCustomError, 'something bad'\nend\n```\n\nYou get this:\n\n```\nSo what happened was... something bad\n```\n\nAlternatively, you can install an error handler for a status code:\n\n```ruby\nerror 403 do\n 'Access forbidden'\nend\n\nget '/secret' do\n 403\nend\n```\n\nOr a range:\n\n```ruby\nerror 400..510 do\n 'Boom'\nend\n```\n\nSinatra installs special `not_found` and `error` handlers when\nrunning under the development environment to display nice stack traces\nand additional debugging information in your browser.\n\n### Behavior with `raise_errors` option\n\nWhen `raise_errors` option is `true`, errors that are unhandled are raised \noutside of the application. Additionally, any errors that would have been \ncaught by the catch-all error handler are raised.\n\nFor example, consider the following configuration:\n\n```ruby\n# First handler\nerror MyCustomError do\n 'A custom message'\nend\n\n# Second handler\nerror do\n 'A catch-all message'\nend\n```\n\nIf `raise_errors` is `false`:\n\n* When `MyCustomError` or descendant is raised, the first handler is invoked.\n The HTTP response body will contain `\"A custom message\"`.\n* When any other error is raised, the second handler is invoked. The HTTP \n response body will contain `\"A catch-all message\"`.\n\nIf `raise_errors` is `true`:\n\n* When `MyCustomError` or descendant is raised, the behavior is identical to \n when `raise_errors` is `false`, described above.\n* When any other error is raised, the second handler is *not* invoked, and \n the error is raised outside of the application.\n * If the environment is `production`, the HTTP response body will contain \n a generic error message, e.g. `\"An unhandled lowlevel error occurred. The\n application logs may have details.\"`\n * If the environment is not `production`, the HTTP response body will contain\n the verbose error backtrace.\n * Regardless of environment, if `show_exceptions` is set to `:after_handler`, \n the HTTP response body will contain the verbose error backtrace.\n\nIn the `test` environment, `raise_errors` is set to `true` by default. This \nmeans that in order to write a test for a catch-all error handler, \n`raise_errors` must temporarily be set to `false` for that particular test.\n\n## Rack Middleware\n\nSinatra rides on [Rack](https://rack.github.io/), a minimal standard\ninterface for Ruby web frameworks. One of Rack's most interesting\ncapabilities for application developers is support for \"middleware\" --\ncomponents that sit between the server and your application monitoring\nand/or manipulating the HTTP request/response to provide various types\nof common functionality.\n\nSinatra makes building Rack middleware pipelines a cinch via a top-level\n`use` method:\n\n```ruby\nrequire 'sinatra'\nrequire 'my_custom_middleware'\n\nuse Rack::Lint\nuse MyCustomMiddleware\n\nget '/hello' do\n 'Hello World'\nend\n```\n\nThe semantics of `use` are identical to those defined for the\n[Rack::Builder](https://www.rubydoc.info/github/rack/rack/main/Rack/Builder) DSL\n(most frequently used from rackup files). For example, the `use` method\naccepts multiple/variable args as well as blocks:\n\n```ruby\nuse Rack::Auth::Basic do |username, password|\n username == 'admin' \u0026\u0026 password == 'secret'\nend\n```\n\nRack is distributed with a variety of standard middleware for logging,\ndebugging, URL routing, authentication, and session handling. Sinatra uses\nmany of these components automatically based on configuration so you\ntypically don't have to `use` them explicitly.\n\nYou can find useful middleware in\n[rack](https://github.com/rack/rack/tree/main/lib/rack),\n[rack-contrib](https://github.com/rack/rack-contrib#readme),\nor in the [Rack wiki](https://github.com/rack/rack/wiki/List-of-Middleware).\n\n## Testing\n\nSinatra tests can be written using any Rack-based testing library or\nframework.\n[Rack::Test](https://www.rubydoc.info/github/rack/rack-test/main/frames)\nis recommended:\n\n```ruby\nrequire 'my_sinatra_app'\nrequire 'minitest/autorun'\nrequire 'rack/test'\n\nclass MyAppTest \u003c Minitest::Test\n include Rack::Test::Methods\n\n def app\n Sinatra::Application\n end\n\n def test_my_default\n get '/'\n assert_equal 'Hello World!', last_response.body\n end\n\n def test_with_params\n get '/meet', :name =\u003e 'Frank'\n assert_equal 'Hello Frank!', last_response.body\n end\n\n def test_with_user_agent\n get '/', {}, 'HTTP_USER_AGENT' =\u003e 'Songbird'\n assert_equal \"You're using Songbird!\", last_response.body\n end\nend\n```\n\nNote: If you are using Sinatra in the modular style, replace\n`Sinatra::Application` above with the class name of your app.\n\n## Sinatra::Base - Middleware, Libraries, and Modular Apps\n\nDefining your app at the top-level works well for micro-apps but has\nconsiderable drawbacks when building reusable components such as Rack\nmiddleware, Rails metal, simple libraries with a server component, or even\nSinatra extensions. The top-level assumes a micro-app style configuration\n(e.g., a single application file, `./public` and `./views`\ndirectories, logging, exception detail page, etc.). That's where\n`Sinatra::Base` comes into play:\n\n```ruby\nrequire 'sinatra/base'\n\nclass MyApp \u003c Sinatra::Base\n set :sessions, true\n set :foo, 'bar'\n\n get '/' do\n 'Hello world!'\n end\nend\n```\n\nThe methods available to `Sinatra::Base` subclasses are exactly the same\nas those available via the top-level DSL. Most top-level apps can be\nconverted to `Sinatra::Base` components with two modifications:\n\n* Your file should require `sinatra/base` instead of `sinatra`;\n otherwise, all of Sinatra's DSL methods are imported into the main\n namespace.\n* Put your app's routes, error handlers, filters, and options in a subclass\n of `Sinatra::Base`.\n\n`Sinatra::Base` is a blank slate. Most options are disabled by default,\nincluding the built-in server. See [Configuring\nSettings](http://www.sinatrarb.com/configuration.html) for details on\navailable options and their behavior. If you want behavior more similar\nto when you define your app at the top level (also known as Classic\nstyle), you can subclass `Sinatra::Application`:\n\n```ruby\nrequire 'sinatra/base'\n\nclass MyApp \u003c Sinatra::Application\n get '/' do\n 'Hello world!'\n end\nend\n```\n\n### Modular vs. Classic Style\n\nContrary to common belief, there is nothing wrong with the classic\nstyle. If it suits your application, you do not have to switch to a\nmodular application.\n\nThe main disadvantage of using the classic style rather than the modular\nstyle is that you will only have one Sinatra application per Ruby\nprocess. If you plan to use more than one, switch to the modular style.\nThere is no reason you cannot mix the modular and classic styles.\n\nIf switching from one style to the other, you should be aware of\nslightly different default settings:\n\n\u003ctable\u003e\n \u003ctr\u003e\n \u003cth\u003eSetting\u003c/th\u003e\n \u003cth\u003eClassic\u003c/th\u003e\n \u003cth\u003eModular\u003c/th\u003e\n \u003cth\u003eModular\u003c/th\u003e\n \u003c/tr\u003e\n\n \u003ctr\u003e\n \u003ctd\u003eapp_file\u003c/td\u003e\n \u003ctd\u003efile loading sinatra\u003c/td\u003e\n \u003ctd\u003efile subclassing Sinatra::Base\u003c/td\u003e\n \u003ctd\u003efile subclassing Sinatra::Application\u003c/td\u003e\n \u003c/tr\u003e\n\n \u003ctr\u003e\n \u003ctd\u003erun\u003c/td\u003e\n \u003ctd\u003e$0 == app_file\u003c/td\u003e\n \u003ctd\u003efalse\u003c/td\u003e\n \u003ctd\u003efalse\u003c/td\u003e\n \u003c/tr\u003e\n\n \u003ctr\u003e\n \u003ctd\u003elogging\u003c/td\u003e\n \u003ctd\u003etrue\u003c/td\u003e\n \u003ctd\u003efalse\u003c/td\u003e\n \u003ctd\u003etrue\u003c/td\u003e\n \u003c/tr\u003e\n\n \u003ctr\u003e\n \u003ctd\u003emethod_override\u003c/td\u003e\n \u003ctd\u003etrue\u003c/td\u003e\n \u003ctd\u003efalse\u003c/td\u003e\n \u003ctd\u003etrue\u003c/td\u003e\n \u003c/tr\u003e\n\n \u003ctr\u003e\n \u003ctd\u003einline_templates\u003c/td\u003e\n \u003ctd\u003etrue\u003c/td\u003e\n \u003ctd\u003efalse\u003c/td\u003e\n \u003ctd\u003etrue\u003c/td\u003e\n \u003c/tr\u003e\n\n \u003ctr\u003e\n \u003ctd\u003estatic\u003c/td\u003e\n \u003ctd\u003etrue\u003c/td\u003e\n \u003ctd\u003eFile.exist?(public_folder)\u003c/td\u003e\n \u003ctd\u003etrue\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n### Serving a Modular Application\n\nThere are two common options for starting a modular app, actively\nstarting with `run!`:\n\n```ruby\n# my_app.rb\nrequire 'sinatra/base'\n\nclass MyApp \u003c Sinatra::Base\n # ... app code here ...\n\n # start the server if ruby file executed directly\n run! if app_file == $0\nend\n```\n\nStart with:\n\n```shell\nruby my_app.rb\n```\n\nOr with a `config.ru` file, which allows using any Rack handler:\n\n```ruby\n# config.ru (run with rackup)\nrequire './my_app'\nrun MyApp\n```\n\nRun:\n\n```shell\nrackup -p 4567\n```\n\n### Using a Classic Style Application with a config.ru\n\nWrite your app file:\n\n```ruby\n# app.rb\nrequire 'sinatra'\n\nget '/' do\n 'Hello world!'\nend\n```\n\nAnd a corresponding `config.ru`:\n\n```ruby\nrequire './app'\nrun Sinatra::Application\n```\n\n### When to use a config.ru?\n\nA `config.ru` file is recommended if:\n\n* You want to deploy with a different Rack handler (Passenger, Unicorn,\n Heroku, ...).\n* You want to use more than one subclass of `Sinatra::Base`.\n* You want to use Sinatra only for middleware, and not as an endpoint.\n\n**There is no need to switch to a `config.ru` simply because you\nswitched to the modular style, and you don't have to use the modular\nstyle for running with a `config.ru`.**\n\n### Using Sinatra as Middleware\n\nNot only is Sinatra able to use other Rack middleware, any Sinatra\napplication can, in turn, be added in front of any Rack endpoint as\nmiddleware itself. This endpoint could be another Sinatra application,\nor any other Rack-based application (Rails/Hanami/Roda/...):\n\n```ruby\nrequire 'sinatra/base'\n\nclass LoginScreen \u003c Sinatra::Base\n enable :sessions\n\n get('/login') { haml :login }\n\n post('/login') do\n if params['name'] == 'admin' \u0026\u0026 params['password'] == 'admin'\n session['user_name'] = params['name']\n else\n redirect '/login'\n end\n end\nend\n\nclass MyApp \u003c Sinatra::Base\n # middleware will run before filters\n use LoginScreen\n\n before do\n unless session['user_name']\n halt \"Access denied, please \u003ca href='/login'\u003elogin\u003c/a\u003e.\"\n end\n end\n\n get('/') { \"Hello #{session['user_name']}.\" }\nend\n```\n\n### Dynamic Application Creation\n\nSometimes you want to create new applications at runtime without having to\nassign them to a constant. You can do this with `Sinatra.new`:\n\n```ruby\nrequire 'sinatra/base'\nmy_app = Sinatra.new { get('/') { \"hi\" } }\nmy_app.run!\n```\n\nIt takes the application to inherit from as an optional argument:\n\n```ruby\n# config.ru (run with rackup)\nrequire 'sinatra/base'\n\ncontroller = Sinatra.new do\n enable :logging\n helpers MyHelpers\nend\n\nmap('/a') do\n run Sinatra.new(controller) { get('/') { 'a' } }\nend\n\nmap('/b') do\n run Sinatra.new(controller) { get('/') { 'b' } }\nend\n```\n\nThis is especially useful for testing Sinatra extensions or using Sinatra in\nyour own library.\n\nThis also makes using Sinatra as middleware extremely easy:\n\n```ruby\nrequire 'sinatra/base'\n\nuse Sinatra do\n get('/') { ... }\nend\n\nrun RailsProject::Application\n```\n\n## Scopes and Binding\n\nThe scope you are currently in determines what methods and variables are\navailable.\n\n### Application/Class Scope\n\nEvery Sinatra application corresponds to a subclass of `Sinatra::Base`.\nIf you are using the top-level DSL (`require 'sinatra'`), then this\nclass is `Sinatra::Application`, otherwise it is the subclass you\ncreated explicitly. At the class level, you have methods like `get` or\n`before`, but you cannot access the `request` or `session` objects, as\nthere is only a single application class for all requests.\n\nOptions created via `set` are methods at class level:\n\n```ruby\nclass MyApp \u003c Sinatra::Base\n # Hey, I'm in the application scope!\n set :foo, 42\n foo # =\u003e 42\n\n get '/foo' do\n # Hey, I'm no longer in the application scope!\n end\nend\n```\n\nYou have the application scope binding inside:\n\n* Your application class body\n* Methods defined by extensions\n* The block passed to `helpers`\n* Procs/blocks used as a value for `set`\n* The block passed to `Sinatra.new`\n\nYou can reach the scope object (the class) like this:\n\n* Via the object passed to configure blocks (`configure { |c| ... }`)\n* `settings` from within the request scope\n\n### Request/Instance Scope\n\nFor every incoming request, a new instance of your application class is\ncreated, and all handler blocks run in that scope. From within this scope you\ncan access the `request` and `session` objects or call rendering methods like\n`erb` or `haml`. You can access the application scope from within the request\nscope via the `settings` helper:\n\n```ruby\nclass MyApp \u003c Sinatra::Base\n # Hey, I'm in the application scope!\n get '/define_route/:name' do\n # Request scope for '/define_route/:name'\n @value = 42\n\n settings.get(\"/#{params['name']}\") do\n # Request scope for \"/#{params['name']}\"\n @value # =\u003e nil (not the same request)\n end\n\n \"Route defined!\"\n end\nend\n```\n\nYou have the request scope binding inside:\n\n* get, head, post, put, delete, options, patch, link and unlink blocks\n* before and after filters\n* helper methods\n* templates/views\n\n### Delegation Scope\n\nThe delegation scope just forwards methods to the class scope. However, it\ndoes not behave exactly like the class scope, as you do not have the class\nbinding. Only methods explicitly marked for delegation are available, and you\ndo not share variables/state with the class scope (read: you have a different\n`self`). You can explicitly add method delegations by calling\n`Sinatra::Delegator.delegate :method_name`.\n\nYou have the delegate scope binding inside:\n\n* The top-level binding, if you did `require \"sinatra\"`\n* An object extended with the `Sinatra::Delegator` mixin\n\nHave a look at the code for yourself: here's the\n[Sinatra::Delegator mixin](https://github.com/sinatra/sinatra/blob/ca06364/lib/sinatra/base.rb#L1609-1633)\nbeing [extending the main object](https://github.com/sinatra/sinatra/blob/ca06364/lib/sinatra/main.rb#L28-30).\n\n## Command Line\n\nSinatra applications can be run directly:\n\n```shell\nruby myapp.rb [-h] [-x] [-q] [-e ENVIRONMENT] [-p PORT] [-o HOST] [-s HANDLER]\n```\n\nOptions are:\n\n```\n-h # help\n-p # set the port (default is 4567)\n-o # set the host (default is 0.0.0.0)\n-e # set the environment (default is development)\n-s # specify rack server/handler (default is puma)\n-q # turn on quiet mode for server (default is off)\n-x # turn on the mutex lock (default is off)\n```\n\n### Multi-threading\n\n_Paraphrasing from\n[this StackOverflow answer](https://stackoverflow.com/a/6282999/5245129)\nby Konstantin_\n\nSinatra doesn't impose any concurrency model but leaves that to the\nunderlying Rack handler (server) like Puma or Falcon. Sinatra\nitself is thread-safe, so there won't be any problem if the Rack handler\nuses a threaded model of concurrency.\n\n## Requirement\n\nThe following Ruby versions are officially supported:\n\u003cdl\u003e\n \u003cdt\u003eRuby\u003c/dt\u003e\n \u003cdd\u003e\n \u003ca href=\"https://www.ruby-lang.org/en/downloads/\"\u003eThe stable releases\u003c/a\u003e are fully supported and recommended.\n \u003c/dd\u003e\n\n \u003cdt\u003eTruffleRuby\u003c/dt\u003e\n \u003cdd\u003e\n The latest stable release of TruffleRuby is supported.\n \u003c/dd\u003e\n\n \u003cdt\u003eJRuby\u003c/dt\u003e\n \u003cdd\u003e\n The latest stable release of JRuby is supported. It is not\n recommended to use C extensions with JRuby.\n \u003c/dd\u003e\n\u003c/dl\u003e\n\nVersions of Ruby before 2.7.8 are no longer supported as of Sinatra 4.0.0.\n\nSinatra should work on any operating system supported by the chosen Ruby\nimplementation.\n\nRunning Sinatra on a not officially supported Ruby flavor means that if things only break there we assume it's not our issue but theirs.\n\n## The Bleeding Edge\n\nIf you would like to use Sinatra's latest bleeding-edge code, feel free\nto run your application against the main branch, it should be rather\nstable.\n\nWe also push out prerelease gems from time to time, so you can do a\n\n```shell\ngem install sinatra --pre\n```\n\nto get some of the latest features.\n\n### With Bundler\n\nIf you want to run your application with the latest Sinatra, using\n[Bundler](https://bundler.io) is the recommended way.\n\nFirst, install bundler, if you haven't:\n\n```shell\ngem install bundler\n```\n\nThen, in your project directory, create a `Gemfile`:\n\n```ruby\nsource 'https://rubygems.org'\ngem 'sinatra', :github =\u003e 'sinatra/sinatra'\n\n# other dependencies\ngem 'haml' # for instance, if you use haml\n```\n\nNote that you will have to list all your application's dependencies in\nthe `Gemfile`. Sinatra's direct dependencies (Rack and Tilt) will,\nhowever, be automatically fetched and added by Bundler.\n\nNow you can run your app like this:\n\n```shell\nbundle exec ruby myapp.rb\n```\n\n## Versioning\n\nSinatra follows [Semantic Versioning](https://semver.org/), both SemVer and\nSemVerTag.\n\n## Further Reading\n\n* [Project Website](https://sinatrarb.com/) - Additional documentation,\n news, and links to other resources.\n* [Contributing](https://sinatrarb.com/contributing) - Find a bug? Need\n help? Have a patch?\n* [Issue tracker](https://github.com/sinatra/sinatra/issues)\n* [Twitter](https://twitter.com/sinatra)\n* [Mailing List](https://groups.google.com/forum/#!forum/sinatrarb)\n* IRC: [#sinatra](irc://chat.freenode.net/#sinatra) on [Freenode](https://freenode.net)\n* [Sinatra \u0026 Friends](https://discord.gg/ncjsfsNHh7) on Discord\n* [Sinatra Book](https://github.com/sinatra/sinatra-book) - Cookbook Tutorial\n* [Sinatra Recipes](http://recipes.sinatrarb.com/) - Community contributed\n recipes\n* API documentation for the [latest release](https://www.rubydoc.info/gems/sinatra)\n or the [current HEAD](https://www.rubydoc.info/github/sinatra/sinatra) on\n [RubyDoc](https://www.rubydoc.info/)\n* [CI Actions](https://github.com/sinatra/sinatra/actions)\n","funding_links":[],"categories":["Ruby","Web Apps, Services \u0026 Interaction","General","Frameworks"],"sub_categories":["Web App Frameworks","Misc"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsinatra%2Fsinatra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsinatra%2Fsinatra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsinatra%2Fsinatra/lists"}