actionpack 3.0.0.rc → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG +11 -16
- data/README.rdoc +3 -3
- data/lib/abstract_controller/base.rb +28 -14
- data/lib/abstract_controller/callbacks.rb +22 -23
- data/lib/abstract_controller/helpers.rb +24 -7
- data/lib/abstract_controller/layouts.rb +12 -10
- data/lib/abstract_controller/view_paths.rb +7 -7
- data/lib/abstract_controller.rb +1 -0
- data/lib/action_controller/base.rb +165 -2
- data/lib/action_controller/deprecated/base.rb +11 -1
- data/lib/action_controller/deprecated/url_writer.rb +14 -0
- data/lib/action_controller/metal/http_authentication.rb +3 -3
- data/lib/action_controller/metal/responder.rb +2 -8
- data/lib/action_controller/middleware.rb +1 -1
- data/lib/action_controller/test_case.rb +2 -1
- data/lib/action_controller/vendor/html-scanner/html/document.rb +2 -2
- data/lib/action_controller/vendor/html-scanner/html/node.rb +29 -29
- data/lib/action_controller/vendor/html-scanner/html/sanitizer.rb +25 -25
- data/lib/action_controller/vendor/html-scanner/html/selector.rb +1 -1
- data/lib/action_controller/vendor/html-scanner/html/tokenizer.rb +8 -8
- data/lib/action_controller.rb +2 -1
- data/lib/action_dispatch/http/cache.rb +2 -2
- data/lib/action_dispatch/http/mime_negotiation.rb +1 -1
- data/lib/action_dispatch/http/mime_type.rb +10 -10
- data/lib/action_dispatch/http/parameters.rb +2 -2
- data/lib/action_dispatch/http/request.rb +7 -0
- data/lib/action_dispatch/http/url.rb +12 -2
- data/lib/action_dispatch/middleware/best_standards_support.rb +22 -0
- data/lib/action_dispatch/middleware/cookies.rb +29 -10
- data/lib/action_dispatch/middleware/flash.rb +7 -2
- data/lib/action_dispatch/middleware/session/abstract_store.rb +2 -5
- data/lib/action_dispatch/middleware/session/mem_cache_store.rb +1 -0
- data/lib/action_dispatch/middleware/show_exceptions.rb +2 -9
- data/lib/action_dispatch/middleware/stack.rb +1 -1
- data/lib/action_dispatch/railtie.rb +2 -1
- data/lib/action_dispatch/routing/deprecated_mapper.rb +1 -0
- data/lib/action_dispatch/routing/mapper.rb +120 -137
- data/lib/action_dispatch/routing/polymorphic_routes.rb +10 -10
- data/lib/action_dispatch/routing/route_set.rb +8 -5
- data/lib/action_dispatch/routing/url_for.rb +1 -1
- data/lib/action_dispatch/routing.rb +4 -4
- data/lib/action_dispatch/testing/assertions/dom.rb +1 -1
- data/lib/action_dispatch/testing/assertions/response.rb +5 -5
- data/lib/action_dispatch/testing/assertions/routing.rb +39 -16
- data/lib/action_dispatch/testing/integration.rb +1 -0
- data/lib/action_dispatch.rb +1 -0
- data/lib/action_pack/version.rb +1 -2
- data/lib/action_view/base.rb +1 -0
- data/lib/action_view/helpers/asset_tag_helper.rb +12 -0
- data/lib/action_view/helpers/capture_helper.rb +1 -1
- data/lib/action_view/helpers/date_helper.rb +13 -17
- data/lib/action_view/helpers/debug_helper.rb +1 -1
- data/lib/action_view/helpers/form_helper.rb +16 -10
- data/lib/action_view/helpers/form_options_helper.rb +21 -18
- data/lib/action_view/helpers/form_tag_helper.rb +9 -9
- data/lib/action_view/helpers/number_helper.rb +1 -1
- data/lib/action_view/helpers/raw_output_helper.rb +1 -1
- data/lib/action_view/helpers/sanitize_helper.rb +4 -2
- data/lib/action_view/helpers/text_helper.rb +5 -2
- data/lib/action_view/helpers/translation_helper.rb +9 -9
- data/lib/action_view/helpers/url_helper.rb +2 -2
- data/lib/action_view/log_subscriber.rb +1 -1
- data/lib/action_view/render/layouts.rb +8 -4
- data/lib/action_view/render/partials.rb +1 -1
- data/lib/action_view/template/handler.rb +1 -1
- data/lib/action_view/template/handlers.rb +1 -1
- data/lib/action_view/template/resolver.rb +15 -0
- data/lib/action_view/template.rb +3 -3
- data/lib/action_view/test_case.rb +1 -1
- data/lib/action_view/testing/resolvers.rb +1 -1
- metadata +20 -23
|
@@ -15,6 +15,8 @@ module ActionDispatch
|
|
|
15
15
|
include ActionDispatch::Http::Upload
|
|
16
16
|
include ActionDispatch::Http::URL
|
|
17
17
|
|
|
18
|
+
LOCALHOST = [/^127\.0\.0\.\d{1,3}$/, "::1", /^0:0:0:0:0:0:0:1(%.*)?$/].freeze
|
|
19
|
+
|
|
18
20
|
%w[ AUTH_TYPE GATEWAY_INTERFACE
|
|
19
21
|
PATH_TRANSLATED REMOTE_HOST
|
|
20
22
|
REMOTE_IDENT REMOTE_USER REMOTE_ADDR
|
|
@@ -231,5 +233,10 @@ module ActionDispatch
|
|
|
231
233
|
@env['X_HTTP_AUTHORIZATION'] ||
|
|
232
234
|
@env['REDIRECT_X_HTTP_AUTHORIZATION']
|
|
233
235
|
end
|
|
236
|
+
|
|
237
|
+
# True if the request came from localhost, 127.0.0.1.
|
|
238
|
+
def local?
|
|
239
|
+
LOCALHOST.any? { |local_ip| local_ip === remote_addr && local_ip === remote_ip }
|
|
240
|
+
end
|
|
234
241
|
end
|
|
235
242
|
end
|
|
@@ -1,11 +1,16 @@
|
|
|
1
1
|
module ActionDispatch
|
|
2
2
|
module Http
|
|
3
3
|
module URL
|
|
4
|
-
# Returns the complete URL used for this request.
|
|
4
|
+
# Returns the complete \URL used for this request.
|
|
5
5
|
def url
|
|
6
6
|
protocol + host_with_port + fullpath
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
+
# Returns 'https' if this is an SSL request and 'http' otherwise.
|
|
10
|
+
def scheme
|
|
11
|
+
ssl? ? 'https' : 'http'
|
|
12
|
+
end
|
|
13
|
+
|
|
9
14
|
# Returns 'https://' if this is an SSL request and 'http://' otherwise.
|
|
10
15
|
def protocol
|
|
11
16
|
ssl? ? 'https://' : 'http://'
|
|
@@ -53,6 +58,11 @@ module ActionDispatch
|
|
|
53
58
|
end
|
|
54
59
|
end
|
|
55
60
|
|
|
61
|
+
# Returns whether this request is using the standard port
|
|
62
|
+
def standard_port?
|
|
63
|
+
port == standard_port
|
|
64
|
+
end
|
|
65
|
+
|
|
56
66
|
# Returns a \port suffix like ":8080" if the \port number of this request
|
|
57
67
|
# is not the default HTTP \port 80 or HTTPS \port 443.
|
|
58
68
|
def port_string
|
|
@@ -86,7 +96,7 @@ module ActionDispatch
|
|
|
86
96
|
end
|
|
87
97
|
|
|
88
98
|
# Returns the request URI, accounting for server idiosyncrasies.
|
|
89
|
-
# WEBrick includes the full URL. IIS leaves REQUEST_URI blank.
|
|
99
|
+
# WEBrick includes the full \URL. IIS leaves REQUEST_URI blank.
|
|
90
100
|
def request_uri
|
|
91
101
|
ActiveSupport::Deprecation.warn "Using #request_uri is deprecated. Use fullpath instead.", caller
|
|
92
102
|
fullpath
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
module ActionDispatch
|
|
2
|
+
class BestStandardsSupport
|
|
3
|
+
def initialize(app, type = true)
|
|
4
|
+
@app = app
|
|
5
|
+
|
|
6
|
+
@header = case type
|
|
7
|
+
when true
|
|
8
|
+
"IE=Edge,chrome=1"
|
|
9
|
+
when :builtin
|
|
10
|
+
"IE=Edge"
|
|
11
|
+
when false
|
|
12
|
+
nil
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def call(env)
|
|
17
|
+
status, headers, body = @app.call(env)
|
|
18
|
+
headers["X-UA-Compatible"] = @header
|
|
19
|
+
[status, headers, body]
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
@@ -7,7 +7,7 @@ module ActionDispatch
|
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
9
|
|
|
10
|
-
# Cookies are read and written through ActionController#cookies.
|
|
10
|
+
# \Cookies are read and written through ActionController#cookies.
|
|
11
11
|
#
|
|
12
12
|
# The cookies being read are the ones received along with the request, the cookies
|
|
13
13
|
# being written will be sent out with the response. Reading a cookie does not get
|
|
@@ -21,6 +21,15 @@ module ActionDispatch
|
|
|
21
21
|
# # Sets a cookie that expires in 1 hour.
|
|
22
22
|
# cookies[:login] = { :value => "XJ-122", :expires => 1.hour.from_now }
|
|
23
23
|
#
|
|
24
|
+
# # Sets a signed cookie, which prevents a user from tampering with its value.
|
|
25
|
+
# # You must specify a value in ActionController::Base.cookie_verifier_secret.
|
|
26
|
+
# cookies.signed[:remember_me] = [current_user.id, current_user.salt]
|
|
27
|
+
#
|
|
28
|
+
# # Sets a "permanent" cookie (which expires in 20 years from now).
|
|
29
|
+
# cookies.permanent[:login] = "XJ-122"
|
|
30
|
+
# # You can also chain these methods:
|
|
31
|
+
# cookies.permanent.signed[:login] = "XJ-122"
|
|
32
|
+
#
|
|
24
33
|
# Examples for reading:
|
|
25
34
|
#
|
|
26
35
|
# cookies[:user_name] # => "david"
|
|
@@ -55,7 +64,7 @@ module ActionDispatch
|
|
|
55
64
|
# :domain => :all # Allow the cookie for the top most level
|
|
56
65
|
# domain and subdomains.
|
|
57
66
|
#
|
|
58
|
-
# * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
|
|
67
|
+
# * <tt>:expires</tt> - The time at which this cookie expires, as a \Time object.
|
|
59
68
|
# * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
|
|
60
69
|
# Default is +false+.
|
|
61
70
|
# * <tt>:httponly</tt> - Whether this cookie is accessible via scripting or
|
|
@@ -69,16 +78,26 @@ module ActionDispatch
|
|
|
69
78
|
|
|
70
79
|
class CookieJar < Hash #:nodoc:
|
|
71
80
|
|
|
72
|
-
# This regular expression is used to split the levels of a domain
|
|
73
|
-
#
|
|
74
|
-
#
|
|
75
|
-
#
|
|
76
|
-
#
|
|
77
|
-
|
|
81
|
+
# This regular expression is used to split the levels of a domain.
|
|
82
|
+
# The top level domain can be any string without a period or
|
|
83
|
+
# **.**, ***.** style TLDs like co.uk or com.au
|
|
84
|
+
#
|
|
85
|
+
# www.example.co.uk gives:
|
|
86
|
+
# $1 => example
|
|
87
|
+
# $2 => co.uk
|
|
88
|
+
#
|
|
89
|
+
# example.com gives:
|
|
90
|
+
# $1 => example
|
|
91
|
+
# $2 => com
|
|
92
|
+
#
|
|
93
|
+
# lots.of.subdomains.example.local gives:
|
|
94
|
+
# $1 => example
|
|
95
|
+
# $2 => local
|
|
96
|
+
DOMAIN_REGEXP = /([^.]*)\.([^.]*|..\...|...\...)$/
|
|
78
97
|
|
|
79
98
|
def self.build(request)
|
|
80
99
|
secret = request.env[TOKEN_KEY]
|
|
81
|
-
host = request.
|
|
100
|
+
host = request.host
|
|
82
101
|
|
|
83
102
|
new(secret, host).tap do |hash|
|
|
84
103
|
hash.update(request.cookies)
|
|
@@ -104,7 +123,7 @@ module ActionDispatch
|
|
|
104
123
|
|
|
105
124
|
if options[:domain] == :all
|
|
106
125
|
@host =~ DOMAIN_REGEXP
|
|
107
|
-
options[:domain] = ".#{$
|
|
126
|
+
options[:domain] = ".#{$1}.#{$2}"
|
|
108
127
|
end
|
|
109
128
|
end
|
|
110
129
|
|
|
@@ -10,13 +10,13 @@ module ActionDispatch
|
|
|
10
10
|
|
|
11
11
|
# The flash provides a way to pass temporary objects between actions. Anything you place in the flash will be exposed
|
|
12
12
|
# to the very next action and then cleared out. This is a great way of doing notices and alerts, such as a create
|
|
13
|
-
# action that sets <tt>flash[:notice] = "
|
|
13
|
+
# action that sets <tt>flash[:notice] = "Post successfully created"</tt> before redirecting to a display action that can
|
|
14
14
|
# then expose the flash to its template. Actually, that exposure is automatically done. Example:
|
|
15
15
|
#
|
|
16
16
|
# class PostsController < ActionController::Base
|
|
17
17
|
# def create
|
|
18
18
|
# # save post
|
|
19
|
-
# flash[:notice] = "
|
|
19
|
+
# flash[:notice] = "Post successfully created"
|
|
20
20
|
# redirect_to posts_path(@post)
|
|
21
21
|
# end
|
|
22
22
|
#
|
|
@@ -30,6 +30,11 @@ module ActionDispatch
|
|
|
30
30
|
# <div class="notice"><%= flash[:notice] %></div>
|
|
31
31
|
# <% end %>
|
|
32
32
|
#
|
|
33
|
+
# Since the +notice+ and +alert+ keys are a common idiom, convenience accessors are available:
|
|
34
|
+
#
|
|
35
|
+
# flash.alert = "You must be logged in"
|
|
36
|
+
# flash.notice = "Post successfully created"
|
|
37
|
+
#
|
|
33
38
|
# This example just places a string in the flash, but you can put any object in there. And of course, you can put as
|
|
34
39
|
# many as you like at a time too. Just remember: They'll be gone by the time the next action has been performed.
|
|
35
40
|
#
|
|
@@ -191,11 +191,8 @@ module ActionDispatch
|
|
|
191
191
|
|
|
192
192
|
def load_session(env)
|
|
193
193
|
stale_session_check! do
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
else
|
|
197
|
-
sid, session = generate_sid, {}
|
|
198
|
-
end
|
|
194
|
+
sid = current_session_id(env)
|
|
195
|
+
sid, session = get_session(env, sid)
|
|
199
196
|
[sid, session]
|
|
200
197
|
end
|
|
201
198
|
end
|
|
@@ -6,8 +6,6 @@ module ActionDispatch
|
|
|
6
6
|
# This middleware rescues any exception returned by the application and renders
|
|
7
7
|
# nice exception pages if it's being rescued locally.
|
|
8
8
|
class ShowExceptions
|
|
9
|
-
LOCALHOST = [/^127\.0\.0\.\d{1,3}$/, "::1", /^0:0:0:0:0:0:0:1(%.*)?$/].freeze
|
|
10
|
-
|
|
11
9
|
RESCUES_TEMPLATE_PATH = File.join(File.dirname(__FILE__), 'templates')
|
|
12
10
|
|
|
13
11
|
cattr_accessor :rescue_responses
|
|
@@ -66,7 +64,7 @@ module ActionDispatch
|
|
|
66
64
|
log_error(exception)
|
|
67
65
|
|
|
68
66
|
request = Request.new(env)
|
|
69
|
-
if @consider_all_requests_local ||
|
|
67
|
+
if @consider_all_requests_local || request.local?
|
|
70
68
|
rescue_action_locally(request, exception)
|
|
71
69
|
else
|
|
72
70
|
rescue_action_in_public(exception)
|
|
@@ -112,11 +110,6 @@ module ActionDispatch
|
|
|
112
110
|
end
|
|
113
111
|
end
|
|
114
112
|
|
|
115
|
-
# True if the request came from localhost, 127.0.0.1.
|
|
116
|
-
def local_request?(request)
|
|
117
|
-
LOCALHOST.any? { |local_ip| local_ip === request.remote_addr && local_ip === request.remote_ip }
|
|
118
|
-
end
|
|
119
|
-
|
|
120
113
|
def status_code(exception)
|
|
121
114
|
Rack::Utils.status_code(@@rescue_responses[exception.class.name])
|
|
122
115
|
end
|
|
@@ -134,7 +127,7 @@ module ActionDispatch
|
|
|
134
127
|
|
|
135
128
|
ActiveSupport::Deprecation.silence do
|
|
136
129
|
message = "\n#{exception.class} (#{exception.message}):\n"
|
|
137
|
-
message << exception.annoted_source_code if exception.respond_to?(:annoted_source_code)
|
|
130
|
+
message << exception.annoted_source_code.to_s if exception.respond_to?(:annoted_source_code)
|
|
138
131
|
message << " " << application_trace(exception).join("\n ")
|
|
139
132
|
logger.fatal("#{message}\n\n")
|
|
140
133
|
end
|
|
@@ -69,7 +69,7 @@ module ActionDispatch
|
|
|
69
69
|
end
|
|
70
70
|
|
|
71
71
|
def active
|
|
72
|
-
ActiveSupport::Deprecation.warn "All middlewares in the chain are active since the laziness " <<
|
|
72
|
+
ActiveSupport::Deprecation.warn "All middlewares in the chain are active since the laziness " <<
|
|
73
73
|
"was removed from the middleware stack", caller
|
|
74
74
|
end
|
|
75
75
|
|
|
@@ -7,10 +7,11 @@ module ActionDispatch
|
|
|
7
7
|
config.action_dispatch.x_sendfile_header = ""
|
|
8
8
|
config.action_dispatch.ip_spoofing_check = true
|
|
9
9
|
config.action_dispatch.show_exceptions = true
|
|
10
|
+
config.action_dispatch.best_standards_support = true
|
|
10
11
|
|
|
11
12
|
# Prepare dispatcher callbacks and run 'prepare' callbacks
|
|
12
13
|
initializer "action_dispatch.prepare_dispatcher" do |app|
|
|
13
14
|
ActionDispatch::Callbacks.to_prepare { app.routes_reloader.execute_if_updated }
|
|
14
15
|
end
|
|
15
16
|
end
|
|
16
|
-
end
|
|
17
|
+
end
|