actionpack 5.2.3

data/lib/action_controller/metal/content_security_policy.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module ActionController #:nodoc:
+  module ContentSecurityPolicy
+    # TODO: Documentation
+    extend ActiveSupport::Concern
+
+    include AbstractController::Helpers
+    include AbstractController::Callbacks
+
+    included do
+      helper_method :content_security_policy?
+      helper_method :content_security_policy_nonce
+    end
+
+    module ClassMethods
+      def content_security_policy(enabled = true, **options, &block)
+        before_action(options) do
+          if block_given?
+            policy = current_content_security_policy
+            yield policy
+            request.content_security_policy = policy
+          end
+
+          unless enabled
+            request.content_security_policy = nil
+          end
+        end
+      end
+
+      def content_security_policy_report_only(report_only = true, **options)
+        before_action(options) do
+          request.content_security_policy_report_only = report_only
+        end
+      end
+    end
+
+    private
+
+      def content_security_policy?
+        request.content_security_policy
+      end
+
+      def content_security_policy_nonce
+        request.content_security_policy_nonce
+      end
+
+      def current_content_security_policy
+        request.content_security_policy.try(:clone) || ActionDispatch::ContentSecurityPolicy.new
+      end
+  end
+end

data/lib/action_controller/metal/cookies.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module ActionController #:nodoc:
+  module Cookies
+    extend ActiveSupport::Concern
+
+    included do
+      helper_method :cookies if defined?(helper_method)
+    end
+
+    private
+      def cookies
+        request.cookie_jar
+      end
+  end
+end

data/lib/action_controller/metal/data_streaming.rb

@@ -0,0 +1,152 @@
+# frozen_string_literal: true
+
+require "action_controller/metal/exceptions"
+
+module ActionController #:nodoc:
+  # Methods for sending arbitrary data and for streaming files to the browser,
+  # instead of rendering.
+  module DataStreaming
+    extend ActiveSupport::Concern
+
+    include ActionController::Rendering
+
+    DEFAULT_SEND_FILE_TYPE        = "application/octet-stream".freeze #:nodoc:
+    DEFAULT_SEND_FILE_DISPOSITION = "attachment".freeze #:nodoc:
+
+    private
+      # Sends the file. This uses a server-appropriate method (such as X-Sendfile)
+      # via the Rack::Sendfile middleware. The header to use is set via
+      # +config.action_dispatch.x_sendfile_header+.
+      # Your server can also configure this for you by setting the X-Sendfile-Type header.
+      #
+      # Be careful to sanitize the path parameter if it is coming from a web
+      # page. <tt>send_file(params[:path])</tt> allows a malicious user to
+      # download any file on your server.
+      #
+      # Options:
+      # * <tt>:filename</tt> - suggests a filename for the browser to use.
+      #   Defaults to <tt>File.basename(path)</tt>.
+      # * <tt>:type</tt> - specifies an HTTP content type.
+      #   You can specify either a string or a symbol for a registered type with <tt>Mime::Type.register</tt>, for example :json.
+      #   If omitted, the type will be inferred from the file extension specified in <tt>:filename</tt>.
+      #   If no content type is registered for the extension, the default type 'application/octet-stream' will be used.
+      # * <tt>:disposition</tt> - specifies whether the file will be shown inline or downloaded.
+      #   Valid values are 'inline' and 'attachment' (default).
+      # * <tt>:status</tt> - specifies the status code to send with the response. Defaults to 200.
+      # * <tt>:url_based_filename</tt> - set to +true+ if you want the browser to guess the filename from
+      #   the URL, which is necessary for i18n filenames on certain browsers
+      #   (setting <tt>:filename</tt> overrides this option).
+      #
+      # The default Content-Type and Content-Disposition headers are
+      # set to download arbitrary binary files in as many browsers as
+      # possible. IE versions 4, 5, 5.5, and 6 are all known to have
+      # a variety of quirks (especially when downloading over SSL).
+      #
+      # Simple download:
+      #
+      #   send_file '/path/to.zip'
+      #
+      # Show a JPEG in the browser:
+      #
+      #   send_file '/path/to.jpeg', type: 'image/jpeg', disposition: 'inline'
+      #
+      # Show a 404 page in the browser:
+      #
+      #   send_file '/path/to/404.html', type: 'text/html; charset=utf-8', status: 404
+      #
+      # Read about the other Content-* HTTP headers if you'd like to
+      # provide the user with more information (such as Content-Description) in
+      # https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11.
+      #
+      # Also be aware that the document may be cached by proxies and browsers.
+      # The Pragma and Cache-Control headers declare how the file may be cached
+      # by intermediaries. They default to require clients to validate with
+      # the server before releasing cached responses. See
+      # https://www.mnot.net/cache_docs/ for an overview of web caching and
+      # https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
+      # for the Cache-Control header spec.
+      def send_file(path, options = {}) #:doc:
+        raise MissingFile, "Cannot read file #{path}" unless File.file?(path) && File.readable?(path)
+
+        options[:filename] ||= File.basename(path) unless options[:url_based_filename]
+        send_file_headers! options
+
+        self.status = options[:status] || 200
+        self.content_type = options[:content_type] if options.key?(:content_type)
+        response.send_file path
+      end
+
+      # Sends the given binary data to the browser. This method is similar to
+      # <tt>render plain: data</tt>, but also allows you to specify whether
+      # the browser should display the response as a file attachment (i.e. in a
+      # download dialog) or as inline data. You may also set the content type,
+      # the file name, and other things.
+      #
+      # Options:
+      # * <tt>:filename</tt> - suggests a filename for the browser to use.
+      # * <tt>:type</tt> - specifies an HTTP content type. Defaults to 'application/octet-stream'.
+      #   You can specify either a string or a symbol for a registered type with <tt>Mime::Type.register</tt>, for example :json.
+      #   If omitted, type will be inferred from the file extension specified in <tt>:filename</tt>.
+      #   If no content type is registered for the extension, the default type 'application/octet-stream' will be used.
+      # * <tt>:disposition</tt> - specifies whether the file will be shown inline or downloaded.
+      #   Valid values are 'inline' and 'attachment' (default).
+      # * <tt>:status</tt> - specifies the status code to send with the response. Defaults to 200.
+      #
+      # Generic data download:
+      #
+      #   send_data buffer
+      #
+      # Download a dynamically-generated tarball:
+      #
+      #   send_data generate_tgz('dir'), filename: 'dir.tgz'
+      #
+      # Display an image Active Record in the browser:
+      #
+      #   send_data image.data, type: image.content_type, disposition: 'inline'
+      #
+      # See +send_file+ for more information on HTTP Content-* headers and caching.
+      def send_data(data, options = {}) #:doc:
+        send_file_headers! options
+        render options.slice(:status, :content_type).merge(body: data)
+      end
+
+      def send_file_headers!(options)
+        type_provided = options.has_key?(:type)
+
+        content_type = options.fetch(:type, DEFAULT_SEND_FILE_TYPE)
+        self.content_type = content_type
+        response.sending_file = true
+
+        raise ArgumentError, ":type option required" if content_type.nil?
+
+        if content_type.is_a?(Symbol)
+          extension = Mime[content_type]
+          raise ArgumentError, "Unknown MIME type #{options[:type]}" unless extension
+          self.content_type = extension
+        else
+          if !type_provided && options[:filename]
+            # If type wasn't provided, try guessing from file extension.
+            content_type = Mime::Type.lookup_by_extension(File.extname(options[:filename]).downcase.delete(".")) || content_type
+          end
+          self.content_type = content_type
+        end
+
+        disposition = options.fetch(:disposition, DEFAULT_SEND_FILE_DISPOSITION)
+        unless disposition.nil?
+          disposition  = disposition.to_s
+          disposition += %(; filename="#{options[:filename]}") if options[:filename]
+          headers["Content-Disposition"] = disposition
+        end
+
+        headers["Content-Transfer-Encoding"] = "binary"
+
+        # Fix a problem with IE 6.0 on opening downloaded files:
+        # If Cache-Control: no-cache is set (which Rails does by default),
+        # IE removes the file it just downloaded from its cache immediately
+        # after it displays the "open/save" dialog, which means that if you
+        # hit "open" the file isn't there anymore when the application that
+        # is called for handling the download is run, so let's workaround that
+        response.cache_control[:public] ||= false
+      end
+  end
+end

data/lib/action_controller/metal/etag_with_flash.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module ActionController
+  # When you're using the flash, it's generally used as a conditional on the view.
+  # This means the content of the view depends on the flash. Which in turn means
+  # that the ETag for a response should be computed with the content of the flash
+  # in mind. This does that by including the content of the flash as a component
+  # in the ETag that's generated for a response.
+  module EtagWithFlash
+    extend ActiveSupport::Concern
+
+    include ActionController::ConditionalGet
+
+    included do
+      etag { flash unless flash.empty? }
+    end
+  end
+end

data/lib/action_controller/metal/etag_with_template_digest.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+module ActionController
+  # When our views change, they should bubble up into HTTP cache freshness
+  # and bust browser caches. So the template digest for the current action
+  # is automatically included in the ETag.
+  #
+  # Enabled by default for apps that use Action View. Disable by setting
+  #
+  #   config.action_controller.etag_with_template_digest = false
+  #
+  # Override the template to digest by passing +:template+ to +fresh_when+
+  # and +stale?+ calls. For example:
+  #
+  #   # We're going to render widgets/show, not posts/show
+  #   fresh_when @post, template: 'widgets/show'
+  #
+  #   # We're not going to render a template, so omit it from the ETag.
+  #   fresh_when @post, template: false
+  #
+  module EtagWithTemplateDigest
+    extend ActiveSupport::Concern
+
+    include ActionController::ConditionalGet
+
+    included do
+      class_attribute :etag_with_template_digest, default: true
+
+      ActiveSupport.on_load :action_view, yield: true do
+        etag do |options|
+          determine_template_etag(options) if etag_with_template_digest
+        end
+      end
+    end
+
+    private
+      def determine_template_etag(options)
+        if template = pick_template_for_etag(options)
+          lookup_and_digest_template(template)
+        end
+      end
+
+      # Pick the template digest to include in the ETag. If the +:template+ option
+      # is present, use the named template. If +:template+ is +nil+ or absent, use
+      # the default controller/action template. If +:template+ is false, omit the
+      # template digest from the ETag.
+      def pick_template_for_etag(options)
+        unless options[:template] == false
+          options[:template] || "#{controller_path}/#{action_name}"
+        end
+      end
+
+      def lookup_and_digest_template(template)
+        ActionView::Digestor.digest name: template, finder: lookup_context
+      end
+  end
+end

data/lib/action_controller/metal/exceptions.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+module ActionController
+  class ActionControllerError < StandardError #:nodoc:
+  end
+
+  class BadRequest < ActionControllerError #:nodoc:
+    def initialize(msg = nil)
+      super(msg)
+      set_backtrace $!.backtrace if $!
+    end
+  end
+
+  class RenderError < ActionControllerError #:nodoc:
+  end
+
+  class RoutingError < ActionControllerError #:nodoc:
+    attr_reader :failures
+    def initialize(message, failures = [])
+      super(message)
+      @failures = failures
+    end
+  end
+
+  class ActionController::UrlGenerationError < ActionControllerError #:nodoc:
+  end
+
+  class MethodNotAllowed < ActionControllerError #:nodoc:
+    def initialize(*allowed_methods)
+      super("Only #{allowed_methods.to_sentence(locale: :en)} requests are allowed.")
+    end
+  end
+
+  class NotImplemented < MethodNotAllowed #:nodoc:
+  end
+
+  class MissingFile < ActionControllerError #:nodoc:
+  end
+
+  class SessionOverflowError < ActionControllerError #:nodoc:
+    DEFAULT_MESSAGE = "Your session data is larger than the data column in which it is to be stored. You must increase the size of your data column if you intend to store large data."
+
+    def initialize(message = nil)
+      super(message || DEFAULT_MESSAGE)
+    end
+  end
+
+  class UnknownHttpMethod < ActionControllerError #:nodoc:
+  end
+
+  class UnknownFormat < ActionControllerError #:nodoc:
+  end
+end

data/lib/action_controller/metal/flash.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module ActionController #:nodoc:
+  module Flash
+    extend ActiveSupport::Concern
+
+    included do
+      class_attribute :_flash_types, instance_accessor: false, default: []
+
+      delegate :flash, to: :request
+      add_flash_types(:alert, :notice)
+    end
+
+    module ClassMethods
+      # Creates new flash types. You can pass as many types as you want to create
+      # flash types other than the default <tt>alert</tt> and <tt>notice</tt> in
+      # your controllers and views. For instance:
+      #
+      #   # in application_controller.rb
+      #   class ApplicationController < ActionController::Base
+      #     add_flash_types :warning
+      #   end
+      #
+      #   # in your controller
+      #   redirect_to user_path(@user), warning: "Incomplete profile"
+      #
+      #   # in your view
+      #   <%= warning %>
+      #
+      # This method will automatically define a new method for each of the given
+      # names, and it will be available in your views.
+      def add_flash_types(*types)
+        types.each do |type|
+          next if _flash_types.include?(type)
+
+          define_method(type) do
+            request.flash[type]
+          end
+          helper_method type
+
+          self._flash_types += [type]
+        end
+      end
+    end
+
+    private
+      def redirect_to(options = {}, response_status_and_flash = {}) #:doc:
+        self.class._flash_types.each do |flash_type|
+          if type = response_status_and_flash.delete(flash_type)
+            flash[flash_type] = type
+          end
+        end
+
+        if other_flashes = response_status_and_flash.delete(:flash)
+          flash.update(other_flashes)
+        end
+
+        super(options, response_status_and_flash)
+      end
+  end
+end

data/lib/action_controller/metal/force_ssl.rb

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/hash/except"
+require "active_support/core_ext/hash/slice"
+
+module ActionController
+  # This module provides a method which will redirect the browser to use the secured HTTPS
+  # protocol. This will ensure that users' sensitive information will be
+  # transferred safely over the internet. You _should_ always force the browser
+  # to use HTTPS when you're transferring sensitive information such as
+  # user authentication, account information, or credit card information.
+  #
+  # Note that if you are really concerned about your application security,
+  # you might consider using +config.force_ssl+ in your config file instead.
+  # That will ensure all the data is transferred via HTTPS, and will
+  # prevent the user from getting their session hijacked when accessing the
+  # site over unsecured HTTP protocol.
+  module ForceSSL
+    extend ActiveSupport::Concern
+    include AbstractController::Callbacks
+
+    ACTION_OPTIONS = [:only, :except, :if, :unless]
+    URL_OPTIONS = [:protocol, :host, :domain, :subdomain, :port, :path]
+    REDIRECT_OPTIONS = [:status, :flash, :alert, :notice]
+
+    module ClassMethods
+      # Force the request to this particular controller or specified actions to be
+      # through the HTTPS protocol.
+      #
+      # If you need to disable this for any reason (e.g. development) then you can use
+      # an +:if+ or +:unless+ condition.
+      #
+      #     class AccountsController < ApplicationController
+      #       force_ssl if: :ssl_configured?
+      #
+      #       def ssl_configured?
+      #         !Rails.env.development?
+      #       end
+      #     end
+      #
+      # ==== URL Options
+      # You can pass any of the following options to affect the redirect URL
+      # * <tt>host</tt>       - Redirect to a different host name
+      # * <tt>subdomain</tt>  - Redirect to a different subdomain
+      # * <tt>domain</tt>     - Redirect to a different domain
+      # * <tt>port</tt>       - Redirect to a non-standard port
+      # * <tt>path</tt>       - Redirect to a different path
+      #
+      # ==== Redirect Options
+      # You can pass any of the following options to affect the redirect status and response
+      # * <tt>status</tt>     - Redirect with a custom status (default is 301 Moved Permanently)
+      # * <tt>flash</tt>      - Set a flash message when redirecting
+      # * <tt>alert</tt>      - Set an alert message when redirecting
+      # * <tt>notice</tt>     - Set a notice message when redirecting
+      #
+      # ==== Action Options
+      # You can pass any of the following options to affect the before_action callback
+      # * <tt>only</tt>       - The callback should be run only for this action
+      # * <tt>except</tt>     - The callback should be run for all actions except this action
+      # * <tt>if</tt>         - A symbol naming an instance method or a proc; the
+      #   callback will be called only when it returns a true value.
+      # * <tt>unless</tt>     - A symbol naming an instance method or a proc; the
+      #   callback will be called only when it returns a false value.
+      def force_ssl(options = {})
+        action_options = options.slice(*ACTION_OPTIONS)
+        redirect_options = options.except(*ACTION_OPTIONS)
+        before_action(action_options) do
+          force_ssl_redirect(redirect_options)
+        end
+      end
+    end
+
+    # Redirect the existing request to use the HTTPS protocol.
+    #
+    # ==== Parameters
+    # * <tt>host_or_options</tt> - Either a host name or any of the URL and
+    #   redirect options available to the <tt>force_ssl</tt> method.
+    def force_ssl_redirect(host_or_options = nil)
+      unless request.ssl?
+        options = {
+          protocol: "https://",
+          host: request.host,
+          path: request.fullpath,
+          status: :moved_permanently
+        }
+
+        if host_or_options.is_a?(Hash)
+          options.merge!(host_or_options)
+        elsif host_or_options
+          options[:host] = host_or_options
+        end
+
+        secure_url = ActionDispatch::Http::URL.url_for(options.slice(*URL_OPTIONS))
+        flash.keep if respond_to?(:flash) && request.respond_to?(:flash)
+        redirect_to secure_url, options.slice(*REDIRECT_OPTIONS)
+      end
+    end
+  end
+end