actionpack 1.9.1 → 1.10.1

data/lib/action_controller/cgi_ext/cookie_performance_fix.rb

@@ -23,28 +23,32 @@ class CGI #:nodoc:
     #          servers.
     #
     # These keywords correspond to attributes of the cookie object.
-    def initialize(name = "", *value)
-      options = if name.kind_of?(String)
-                  { "name" => name, "value" => value }
-                else
-                  name
-                end
-      unless options.has_key?("name")
+    def initialize(name = '', *value)
+      if name.kind_of?(String)
+        @name = name
+        @value = Array(value)
+        @domain = nil
+        @expires = nil
+        @secure = false
+        @path = nil
+      else
+        @name = name['name']
+        @value = Array(name['value'])
+        @domain = name['domain']
+        @expires = name['expires']
+        @secure = name['secure'] || false
+        @path = name['path']
+      end
+      
+      unless @name
         raise ArgumentError, "`name' required"
       end
 
-      @name = options["name"]
-      @value = Array(options["value"])
       # simple support for IE
-      if options["path"]
-        @path = options["path"]
-      else
-        %r|^(.*/)|.match(ENV["SCRIPT_NAME"])
-        @path = ($1 or "")
+      unless @path
+        %r|^(.*/)|.match(ENV['SCRIPT_NAME'])
+        @path = ($1 or '')
       end
-      @domain = options["domain"]
-      @expires = options["expires"]
-      @secure = options["secure"] == true ? true : false
 
       super(@value)
     end
@@ -67,28 +71,28 @@ class CGI #:nodoc:
     # Convert the Cookie to its string representation.
     def to_s
       buf = ""
-      buf += @name + '='
+      buf << @name << '='
 
       if @value.kind_of?(String)
-        buf += CGI::escape(@value)
+        buf << CGI::escape(@value)
       else
-        buf += @value.collect{|v| CGI::escape(v) }.join("&")
+        buf << @value.collect{|v| CGI::escape(v) }.join("&")
       end
 
       if @domain
-        buf += '; domain=' + @domain
+        buf << '; domain=' << @domain
       end
 
       if @path
-        buf += '; path=' + @path
+        buf << '; path=' << @path
       end
 
       if @expires
-        buf += '; expires=' + CGI::rfc1123_date(@expires)
+        buf << '; expires=' << CGI::rfc1123_date(@expires)
       end
 
       if @secure == true
-        buf += '; secure'
+        buf << '; secure'
       end
 
       buf
@@ -102,20 +106,20 @@ class CGI #:nodoc:
     #
     def self.parse(raw_cookie)
       cookies = Hash.new([])
-      return cookies unless raw_cookie
-
-      raw_cookie.split(/; /).each do |pairs|
-        name, values = pairs.split('=',2)
-        next unless name and values
-        name = CGI::unescape(name)
-        values ||= ""
-        values = values.split('&').collect{|v| CGI::unescape(v) }
-        unless cookies.has_key?(name)
-          cookies[name] = new({ "name" => name, "value" => values })
+
+      if raw_cookie
+        raw_cookie.split(/; /).each do |pairs|
+          name, values = pairs.split('=',2)
+          next unless name and values
+          name = CGI::unescape(name)
+          values = values.split('&').collect!{|v| CGI::unescape(v) }
+          unless cookies.has_key?(name)
+            cookies[name] = new(name, *values)
+          end
         end
       end
 
       cookies
     end
   end # class Cookie
-end
+end

data/lib/action_controller/cgi_ext/raw_post_data_fix.rb

@@ -6,14 +6,21 @@ class CGI #:nodoc:
     # Handles multipart forms (in particular, forms that involve file uploads).
     # Reads query parameters in the @params field, and cookies into @cookies.
     def initialize_query()
-      @cookies = CGI::Cookie::parse((env_table['HTTP_COOKIE'] || env_table['COOKIE']))
+      @cookies = CGI::Cookie::parse(env_table['HTTP_COOKIE'] || env_table['COOKIE'])
 
-      if boundary = multipart_form_boundary
+      #fix some strange request environments
+      if method = env_table['REQUEST_METHOD']
+        method = method.to_s.downcase.intern
+      else
+        method = :get
+      end
+
+      if method == :post && (boundary = multipart_form_boundary)
         @multipart = true
         @params = read_multipart(boundary, Integer(env_table['CONTENT_LENGTH']))
       else
         @multipart = false
-        @params = CGI::parse(read_query_params || "")
+        @params = CGI::parse(read_query_params(method) || "")
       end
     end
 
@@ -22,37 +29,43 @@ class CGI #:nodoc:
         MULTIPART_FORM_BOUNDARY_RE = %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?|n #"
       end
 
-      def multipart_form_boundary        
-        if env_table['REQUEST_METHOD'] == 'POST'
-          MULTIPART_FORM_BOUNDARY_RE.match(env_table['CONTENT_TYPE']).to_a.pop
-        end
+      def multipart_form_boundary
+        MULTIPART_FORM_BOUNDARY_RE.match(env_table['CONTENT_TYPE']).to_a.pop
       end
 
-      def read_params_from_query
-        if defined? MOD_RUBY
+      if defined? MOD_RUBY
+        def read_params_from_query
           Apache::request.args || ''
-        else
-          # fixes CGI querystring parsing for POSTs
-          if env_table['QUERY_STRING'].blank? && !env_table['REQUEST_URI'].blank?
-            env_table['QUERY_STRING'] = env_table['REQUEST_URI'].split('?', 2)[1] || ''
+        end
+      else
+        def read_params_from_query
+          # fixes CGI querystring parsing for lighttpd
+          env_qs = env_table['QUERY_STRING']
+          if env_qs.blank? && !(uri = env_table['REQUEST_URI']).blank?
+            uri.split('?', 2)[1] || ''
+          else
+            env_qs
           end
-          env_table['QUERY_STRING']
         end
       end
 
       def read_params_from_post
         stdinput.binmode if stdinput.respond_to?(:binmode)
         content = stdinput.read(Integer(env_table['CONTENT_LENGTH'])) || ''
-        env_table['RAW_POST_DATA'] = content.split("&_").first.to_s.freeze # &_ is a fix for Safari Ajax postings that always append \000
+        # fix for Safari Ajax postings that always append \000
+        content.chop! if content[-1] == 0
+        env_table['RAW_POST_DATA'] = content.freeze
       end
 
-      def read_query_params
-        case env_table['REQUEST_METHOD'].to_s.upcase
-          when 'CMD'
-            read_from_cmdline
-          when 'POST', 'PUT'
+      def read_query_params(method)
+        case method
+          when :get
+            read_params_from_query
+          when :post, :put
             read_params_from_post
-          else # when 'GET', 'HEAD', 'DELETE', 'OPTIONS'
+          when :cmd
+            read_from_cmdline
+          else # when :head, :delete, :options
             read_params_from_query
         end
       end

data/lib/action_controller/cgi_process.rb

@@ -1,11 +1,6 @@
 require 'action_controller/cgi_ext/cgi_ext'
 require 'action_controller/cgi_ext/cookie_performance_fix'
 require 'action_controller/cgi_ext/raw_post_data_fix'
-require 'action_controller/session/drb_store'
-require 'action_controller/session/mem_cache_store'
-if Object.const_defined?(:ActiveRecord)
-  require 'action_controller/session/active_record_store'
-end
 
 module ActionController #:nodoc:
   class Base
@@ -37,7 +32,7 @@ module ActionController #:nodoc:
   end
 
   class CgiRequest < AbstractRequest #:nodoc:
-    attr_accessor :cgi
+    attr_accessor :cgi, :session_options
 
     DEFAULT_SESSION_OPTIONS = {
       :database_manager => CGI::Session::PStore,
@@ -52,19 +47,19 @@ module ActionController #:nodoc:
     end
 
     def query_string
-      return @cgi.query_string unless @cgi.query_string.nil? || @cgi.query_string.empty?
-      unless env['REQUEST_URI'].nil?
-        parts = env['REQUEST_URI'].split('?')
+      if (qs = @cgi.query_string) && !qs.empty?
+        qs
+      elsif uri = env['REQUEST_URI']
+        parts = uri.split('?')  
+        parts.shift
+        parts.join('?')
       else
-        return env['QUERY_STRING'] || ''
-      end      
-      parts.shift
-      return parts.join('?')
+        env['QUERY_STRING'] || ''
+      end
     end
 
     def query_parameters
-      qs = self.query_string
-      qs.empty? ? {} : CGIMethods.parse_query_parameters(query_string)
+      (qs = self.query_string).empty? ? {} : CGIMethods.parse_query_parameters(qs)
     end
 
     def request_parameters
@@ -84,7 +79,15 @@ module ActionController #:nodoc:
     end
 
     def host
-      env["HTTP_X_FORWARDED_HOST"] || @cgi.host.to_s.split(":").first
+      env["HTTP_X_FORWARDED_HOST"] || ($1 if env['HTTP_HOST'] && /^(.*):\d+$/ =~ env['HTTP_HOST']) || @cgi.host.to_s.split(":").first || ''
+    end
+    
+    def port
+      env["HTTP_X_FORWARDED_HOST"] ? standard_port : (port_from_http_host || super)
+    end
+    
+    def port_from_http_host
+      $1.to_i if env['HTTP_HOST'] && /:(\d+)$/ =~ env['HTTP_HOST']
     end
     
     def session
@@ -115,7 +118,7 @@ module ActionController #:nodoc:
     end
     
     def reset_session
-      @session.delete
+      @session.delete if CGI::Session === @session
       @session = (@session_options == false ? {} : new_session)
     end
 
@@ -125,11 +128,11 @@ module ActionController #:nodoc:
 
     private
       def new_session
-        CGI::Session.new(@cgi, session_options_with_string_keys.merge("new_session" => true))
+        CGI::Session.new(@cgi, session_options_with_string_keys.update("new_session" => true))
       end
       
       def session_options_with_string_keys
-        DEFAULT_SESSION_OPTIONS.merge(@session_options).inject({}) { |options, pair| options[pair.first.to_s] = pair.last; options }
+        DEFAULT_SESSION_OPTIONS.merge(@session_options).inject({}) { |options, (k,v)| options[k.to_s] = v; options }
       end
   end
 
@@ -150,7 +153,7 @@ module ActionController #:nodoc:
         if @cgi.send(:env_table)['REQUEST_METHOD'] == 'HEAD'
           return
         elsif @body.respond_to?(:call)
-          @body.call(self)
+          @body.call(self, output)
         else
           output.write(@body)
         end

data/lib/action_controller/components.rb

@@ -38,12 +38,21 @@ module ActionController #:nodoc:
 
       # Returns the component response as a string
       def render_component_as_string(options) #:doc:
-        component_logging(options) { component_response(options, false).body }
+        component_logging(options) do
+          response = component_response(options, false)
+          unless response.redirected_to.nil?
+            render_component_as_string response.redirected_to
+          else
+            response.body
+          end
+       end
       end
   
     private
       def component_response(options, reuse_response = true)
-        component_class(options).process(request_for_component(options), reuse_response ? @response : response_for_component)
+        c = component_class(options)
+        c.after_filter {|c| flash.keep }
+        c.process(request_for_component(options), reuse_response ? @response : response_for_component)
       end
     
       def component_class(options)

data/lib/action_controller/dependencies.rb

@@ -2,7 +2,6 @@ module ActionController #:nodoc:
   module Dependencies #:nodoc:
     def self.append_features(base)
       super
-      base.class_eval { class << self; alias_method :inherited_without_model, :inherited; end }
       base.extend(ClassMethods)
     end
 
@@ -79,10 +78,6 @@ module ActionController #:nodoc:
             end
           end
         end
-
-        def inherited(child)
-          inherited_without_model(child)
-        end        
     end
   end
 end

data/lib/action_controller/deprecated_redirects.rb

@@ -0,0 +1,17 @@
+module ActionController
+  class Base
+    protected
+      # Deprecated in favor of calling redirect_to directly with the path.
+      def redirect_to_path(path)
+        redirect_to(path)
+      end
+
+      # Deprecated in favor of calling redirect_to directly with the url. If the resource has moved permanently, it's possible to pass
+      # true as the second parameter and the browser will get "301 Moved Permanently" instead of "302 Found". This can also be done through
+      # just setting the headers["Status"] to "301 Moved Permanently" before using the redirect_to.
+      def redirect_to_url(url, permanently = false)
+        headers["Status"] = "301 Moved Permanently" if permanently
+        redirect_to(url)
+      end
+  end
+end

data/lib/action_controller/filters.rb

@@ -157,7 +157,7 @@ module ActionController #:nodoc:
         conditions = extract_conditions!(filters)
         filters << block if block_given?
         add_action_conditions(filters, conditions)
-        append_filter_to_chain("before", filters)
+        append_filter_to_chain('before', filters)
       end
 
       # The passed <tt>filters</tt> will be prepended to the array of filters that's run _before_ actions
@@ -166,7 +166,7 @@ module ActionController #:nodoc:
         conditions = extract_conditions!(filters) 
         filters << block if block_given?
         add_action_conditions(filters, conditions)
-        prepend_filter_to_chain("before", filters)
+        prepend_filter_to_chain('before', filters)
       end
 
       # Short-hand for append_before_filter since that's the most common of the two.
@@ -178,7 +178,7 @@ module ActionController #:nodoc:
         conditions = extract_conditions!(filters) 
         filters << block if block_given?
         add_action_conditions(filters, conditions)
-        append_filter_to_chain("after", filters)
+        append_filter_to_chain('after', filters)
       end
 
       # The passed <tt>filters</tt> will be prepended to the array of filters that's run _after_ actions
@@ -272,8 +272,8 @@ module ActionController #:nodoc:
         def add_action_conditions(filters, conditions)
           return unless conditions
           included, excluded = conditions[:only], conditions[:except]
-          write_inheritable_hash("included_actions", condition_hash(filters, included)) && return if included
-          write_inheritable_hash("excluded_actions", condition_hash(filters, excluded)) if excluded
+          write_inheritable_hash('included_actions', condition_hash(filters, included)) && return if included
+          write_inheritable_hash('excluded_actions', condition_hash(filters, excluded)) if excluded
         end
 
         def condition_hash(filters, *actions)
@@ -322,19 +322,23 @@ module ActionController #:nodoc:
               else
                 raise(
                   ActionControllerError, 
-                  "Filters need to be either a symbol, proc/method, or class implementing a static filter method"
+                  'Filters need to be either a symbol, proc/method, or class implementing a static filter method'
                 )
             end
-            return false if filter_result == false
+
+            if filter_result == false
+              logger.info "Filter chain halted as [#{filter}] returned false" if logger
+              return false 
+            end
           end
         end
         
         def filter_block?(filter)
-          filter.respond_to?("call") && (filter.arity == 1 || filter.arity == -1)
+          filter.respond_to?('call') && (filter.arity == 1 || filter.arity == -1)
         end
         
         def filter_class?(filter)
-          filter.respond_to?("filter")
+          filter.respond_to?('filter')
         end
 
         def action_exempted?(filter)

data/lib/action_controller/flash.rb

@@ -1,14 +1,14 @@
 module ActionController #:nodoc:
   # The flash provides a way to pass temporary objects between actions. Anything you place in the flash will be exposed
   # to the very next action and then cleared out. This is a great way of doing notices and alerts, such as a create action
-  # that sets <tt>flash["notice"] = "Successfully created"</tt> before redirecting to a display action that can then expose 
+  # that sets <tt>flash[:notice] = "Successfully created"</tt> before redirecting to a display action that can then expose 
   # the flash to its template. Actually, that exposure is automatically done. Example:
   #
   #   class WeblogController < ActionController::Base
   #     def create
   #       # save post
-  #       flash["notice"] = "Successfully created post"
-  #       redirect_to :action => "display", :params => { "id" => post.id }
+  #       flash[:notice] = "Successfully created post"
+  #       redirect_to :action => "display", :params => { :id => post.id }
   #     end
   #
   #     def display
@@ -17,7 +17,7 @@ module ActionController #:nodoc:
   #   end
   #
   #   display.rhtml
-  #     <% if @flash["notice"] %><div class="notice"><%= @flash["notice"] %></div><% end %>
+  #     <% if @flash[:notice] %><div class="notice"><%= @flash[:notice] %></div><% end %>
   #
   # This example just places a string in the flash, but you can put any object in there. And of course, you can put as many
   # as you like at a time too. Just remember: They'll be gone by the time the next action has been performed.
@@ -67,7 +67,7 @@ module ActionController #:nodoc:
     
       # Sets a flash that will not be available to the next action, only to the current.
       #
-      #     flash.now["message"] = "Hello current action"
+      #     flash.now[:message] = "Hello current action"
       # 
       # This method enables you to use the flash as a central messaging system in your app.
       # When you need to pass an object to the next action, you use the standard flash assign (<tt>[]=</tt>).
@@ -82,7 +82,7 @@ module ActionController #:nodoc:
       # Keeps either the entire current flash or a specific flash entry available for the next action:
       #
       #    flash.keep            # keeps the entire flash
-      #    flash.keep("notice")  # keeps only the "notice" entry, the rest of the flash is discarded
+      #    flash.keep(:notice)   # keeps only the "notice" entry, the rest of the flash is discarded
       def keep(k=nil)
         use(k, false)
       end
@@ -90,7 +90,7 @@ module ActionController #:nodoc:
       # Marks the entire flash or a single flash entry to be discarded by the end of the current action
       #
       #     flash.keep                 # keep entire flash available for the next action
-      #     flash.discard('warning')   # discard the "warning" entry (it'll still be available for the current action)
+      #     flash.discard(:warning)    # discard the "warning" entry (it'll still be available for the current action)
       def discard(k=nil)
         use(k)
       end