actionpack 3.0.20 → 3.1.0.beta1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionpack might be problematic. Click here for more details.
- data/CHANGELOG +88 -142
- data/MIT-LICENSE +1 -1
- data/README.rdoc +5 -6
- data/lib/abstract_controller.rb +1 -0
- data/lib/abstract_controller/asset_paths.rb +2 -2
- data/lib/abstract_controller/base.rb +24 -19
- data/lib/abstract_controller/callbacks.rb +19 -19
- data/lib/abstract_controller/helpers.rb +11 -13
- data/lib/abstract_controller/layouts.rb +4 -5
- data/lib/abstract_controller/railties/routes_helpers.rb +18 -0
- data/lib/abstract_controller/rendering.rb +34 -31
- data/lib/abstract_controller/url_for.rb +27 -0
- data/lib/abstract_controller/view_paths.rb +31 -6
- data/lib/action_controller.rb +5 -3
- data/lib/action_controller/base.rb +15 -16
- data/lib/action_controller/caching.rb +2 -2
- data/lib/action_controller/caching/actions.rb +11 -12
- data/lib/action_controller/caching/fragments.rb +41 -19
- data/lib/action_controller/caching/pages.rb +3 -9
- data/lib/action_controller/caching/sweeping.rb +0 -1
- data/lib/action_controller/deprecated.rb +1 -1
- data/lib/action_controller/log_subscriber.rb +1 -1
- data/lib/action_controller/metal.rb +78 -20
- data/lib/action_controller/metal/compatibility.rb +0 -9
- data/lib/action_controller/metal/conditional_get.rb +9 -9
- data/lib/action_controller/metal/data_streaming.rb +145 -0
- data/lib/action_controller/metal/force_ssl.rb +35 -0
- data/lib/action_controller/metal/head.rb +1 -1
- data/lib/action_controller/metal/helpers.rb +37 -44
- data/lib/action_controller/metal/hide_actions.rb +2 -3
- data/lib/action_controller/metal/http_authentication.rb +41 -38
- data/lib/action_controller/metal/implicit_render.rb +13 -13
- data/lib/action_controller/metal/instrumentation.rb +2 -2
- data/lib/action_controller/metal/mime_responds.rb +25 -19
- data/lib/action_controller/metal/params_wrapper.rb +224 -0
- data/lib/action_controller/metal/redirecting.rb +6 -2
- data/lib/action_controller/metal/renderers.rb +50 -36
- data/lib/action_controller/metal/rendering.rb +34 -25
- data/lib/action_controller/metal/request_forgery_protection.rb +18 -36
- data/lib/action_controller/metal/responder.rb +47 -12
- data/lib/action_controller/metal/streaming.rb +244 -138
- data/lib/action_controller/metal/testing.rb +0 -9
- data/lib/action_controller/metal/url_for.rb +12 -14
- data/lib/action_controller/railtie.rb +19 -37
- data/lib/action_controller/railties/paths.rb +24 -0
- data/lib/action_controller/record_identifier.rb +4 -10
- data/lib/action_controller/test_case.rb +36 -19
- data/lib/action_controller/vendor/html-scanner/html/node.rb +5 -5
- data/lib/action_controller/vendor/html-scanner/html/sanitizer.rb +3 -3
- data/lib/action_controller/vendor/html-scanner/html/selector.rb +2 -0
- data/lib/action_dispatch.rb +4 -1
- data/lib/action_dispatch/http/cache.rb +5 -32
- data/lib/action_dispatch/http/filter_parameters.rb +3 -1
- data/lib/action_dispatch/http/mime_negotiation.rb +22 -3
- data/lib/action_dispatch/http/mime_type.rb +45 -5
- data/lib/action_dispatch/http/rack_cache.rb +58 -0
- data/lib/action_dispatch/http/request.rb +27 -41
- data/lib/action_dispatch/http/response.rb +56 -54
- data/lib/action_dispatch/http/upload.rb +1 -11
- data/lib/action_dispatch/http/url.rb +102 -42
- data/lib/action_dispatch/middleware/callbacks.rb +8 -25
- data/lib/action_dispatch/middleware/closed_error.rb +7 -0
- data/lib/action_dispatch/middleware/cookies.rb +37 -15
- data/lib/action_dispatch/middleware/flash.rb +80 -11
- data/lib/action_dispatch/middleware/params_parser.rb +2 -2
- data/lib/action_dispatch/middleware/reloader.rb +76 -0
- data/lib/action_dispatch/middleware/session/abstract_store.rb +56 -226
- data/lib/action_dispatch/middleware/session/cookie_store.rb +20 -44
- data/lib/action_dispatch/middleware/session/mem_cache_store.rb +7 -46
- data/lib/action_dispatch/middleware/show_exceptions.rb +15 -2
- data/lib/action_dispatch/middleware/stack.rb +50 -17
- data/lib/action_dispatch/middleware/static.rb +41 -29
- data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb +3 -3
- data/lib/action_dispatch/middleware/templates/rescues/_trace.erb +3 -3
- data/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb +3 -3
- data/lib/action_dispatch/middleware/templates/rescues/layout.erb +4 -2
- data/lib/action_dispatch/middleware/templates/rescues/template_error.erb +2 -6
- data/lib/action_dispatch/railtie.rb +8 -0
- data/lib/action_dispatch/routing.rb +13 -1
- data/lib/action_dispatch/routing/mapper.rb +345 -227
- data/lib/action_dispatch/routing/polymorphic_routes.rb +33 -13
- data/lib/action_dispatch/routing/redirection.rb +110 -0
- data/lib/action_dispatch/routing/route.rb +15 -13
- data/lib/action_dispatch/routing/route_set.rb +116 -90
- data/lib/action_dispatch/routing/routes_proxy.rb +35 -0
- data/lib/action_dispatch/routing/url_for.rb +25 -1
- data/lib/action_dispatch/testing/assertions/response.rb +8 -10
- data/lib/action_dispatch/testing/assertions/routing.rb +15 -15
- data/lib/action_dispatch/testing/assertions/selector.rb +13 -220
- data/lib/action_dispatch/testing/integration.rb +37 -28
- data/lib/action_dispatch/testing/performance_test.rb +1 -3
- data/lib/action_dispatch/testing/test_process.rb +1 -1
- data/lib/action_dispatch/testing/test_request.rb +9 -3
- data/lib/action_dispatch/testing/test_response.rb +4 -111
- data/lib/action_pack.rb +1 -1
- data/lib/action_pack/version.rb +3 -3
- data/lib/action_view.rb +39 -24
- data/lib/action_view/base.rb +61 -86
- data/lib/action_view/buffers.rb +43 -0
- data/lib/action_view/context.rb +21 -24
- data/lib/action_view/flows.rb +79 -0
- data/lib/action_view/helpers.rb +8 -6
- data/lib/action_view/helpers/active_model_helper.rb +0 -23
- data/lib/action_view/helpers/asset_paths.rb +79 -0
- data/lib/action_view/helpers/asset_tag_helper.rb +30 -500
- data/lib/action_view/helpers/asset_tag_helpers/asset_include_tag.rb +147 -0
- data/lib/action_view/helpers/asset_tag_helpers/asset_paths.rb +101 -0
- data/lib/action_view/helpers/asset_tag_helpers/javascript_tag_helpers.rb +200 -0
- data/lib/action_view/helpers/asset_tag_helpers/stylesheet_tag_helpers.rb +152 -0
- data/lib/action_view/helpers/atom_feed_helper.rb +2 -2
- data/lib/action_view/helpers/cache_helper.rb +11 -19
- data/lib/action_view/helpers/capture_helper.rb +19 -8
- data/lib/action_view/helpers/controller_helper.rb +21 -0
- data/lib/action_view/helpers/csrf_helper.rb +22 -4
- data/lib/action_view/helpers/date_helper.rb +36 -22
- data/lib/action_view/helpers/form_helper.rb +199 -113
- data/lib/action_view/helpers/form_options_helper.rb +10 -11
- data/lib/action_view/helpers/form_tag_helper.rb +94 -22
- data/lib/action_view/helpers/javascript_helper.rb +24 -107
- data/lib/action_view/helpers/number_helper.rb +36 -33
- data/lib/action_view/helpers/output_safety_helper.rb +38 -0
- data/lib/action_view/helpers/record_tag_helper.rb +6 -6
- data/lib/action_view/helpers/rendering_helper.rb +90 -0
- data/lib/action_view/helpers/sanitize_helper.rb +2 -2
- data/lib/action_view/helpers/sprockets_helper.rb +69 -0
- data/lib/action_view/helpers/tag_helper.rb +34 -12
- data/lib/action_view/helpers/text_helper.rb +30 -145
- data/lib/action_view/helpers/translation_helper.rb +10 -17
- data/lib/action_view/helpers/url_helper.rb +70 -67
- data/lib/action_view/locale/en.yml +1 -1
- data/lib/action_view/lookup_context.rb +36 -14
- data/lib/action_view/{paths.rb → path_set.rb} +9 -8
- data/lib/action_view/railtie.rb +12 -4
- data/lib/action_view/renderer/abstract_renderer.rb +36 -0
- data/lib/action_view/{render/partials.rb → renderer/partial_renderer.rb} +147 -146
- data/lib/action_view/renderer/renderer.rb +54 -0
- data/lib/action_view/renderer/streaming_template_renderer.rb +106 -0
- data/lib/action_view/renderer/template_renderer.rb +74 -0
- data/lib/action_view/template.rb +91 -54
- data/lib/action_view/template/error.rb +11 -8
- data/lib/action_view/template/handler.rb +9 -1
- data/lib/action_view/template/handlers.rb +9 -9
- data/lib/action_view/template/handlers/builder.rb +4 -4
- data/lib/action_view/template/handlers/erb.rb +21 -41
- data/lib/action_view/template/resolver.rb +171 -57
- data/lib/action_view/template/text.rb +0 -4
- data/lib/action_view/test_case.rb +32 -16
- data/lib/action_view/testing/resolvers.rb +16 -10
- data/lib/sprockets/railtie.rb +100 -0
- metadata +162 -140
- checksums.yaml +0 -7
- data/lib/action_controller/deprecated/base.rb +0 -143
- data/lib/action_controller/deprecated/dispatcher.rb +0 -28
- data/lib/action_controller/deprecated/url_writer.rb +0 -14
- data/lib/action_dispatch/routing/deprecated_mapper.rb +0 -525
- data/lib/action_view/helpers/prototype_helper.rb +0 -851
- data/lib/action_view/helpers/raw_output_helper.rb +0 -18
- data/lib/action_view/helpers/scriptaculous_helper.rb +0 -263
- data/lib/action_view/render/layouts.rb +0 -83
- data/lib/action_view/render/rendering.rb +0 -67
- data/lib/action_view/template/handlers/rjs.rb +0 -17
@@ -38,7 +38,7 @@ module ActionDispatch
|
|
38
38
|
when Proc
|
39
39
|
strategy.call(request.raw_post)
|
40
40
|
when :xml_simple, :xml_node
|
41
|
-
data =
|
41
|
+
data = Hash.from_xml(request.body.read) || {}
|
42
42
|
request.body.rewind if request.body.respond_to?(:rewind)
|
43
43
|
data.with_indifferent_access
|
44
44
|
when :yaml
|
@@ -47,7 +47,7 @@ module ActionDispatch
|
|
47
47
|
data = ActiveSupport::JSON.decode(request.body)
|
48
48
|
request.body.rewind if request.body.respond_to?(:rewind)
|
49
49
|
data = {:_json => data} unless data.is_a?(Hash)
|
50
|
-
|
50
|
+
data.with_indifferent_access
|
51
51
|
else
|
52
52
|
false
|
53
53
|
end
|
@@ -0,0 +1,76 @@
|
|
1
|
+
module ActionDispatch
|
2
|
+
# ActionDispatch::Reloader provides prepare and cleanup callbacks,
|
3
|
+
# intended to assist with code reloading during development.
|
4
|
+
#
|
5
|
+
# Prepare callbacks are run before each request, and cleanup callbacks
|
6
|
+
# after each request. In this respect they are analogs of ActionDispatch::Callback's
|
7
|
+
# before and after callbacks. However, cleanup callbacks are not called until the
|
8
|
+
# request is fully complete -- that is, after #close has been called on
|
9
|
+
# the response body. This is important for streaming responses such as the
|
10
|
+
# following:
|
11
|
+
#
|
12
|
+
# self.response_body = lambda { |response, output|
|
13
|
+
# # code here which refers to application models
|
14
|
+
# }
|
15
|
+
#
|
16
|
+
# Cleanup callbacks will not be called until after the response_body lambda
|
17
|
+
# is evaluated, ensuring that it can refer to application models and other
|
18
|
+
# classes before they are unloaded.
|
19
|
+
#
|
20
|
+
# By default, ActionDispatch::Reloader is included in the middleware stack
|
21
|
+
# only in the development environment; specifically, when config.cache_classes
|
22
|
+
# is false. Callbacks may be registered even when it is not included in the
|
23
|
+
# middleware stack, but are executed only when +ActionDispatch::Reloader.prepare!+
|
24
|
+
# or +ActionDispatch::Reloader.cleanup!+ are called manually.
|
25
|
+
#
|
26
|
+
class Reloader
|
27
|
+
include ActiveSupport::Callbacks
|
28
|
+
|
29
|
+
define_callbacks :prepare, :scope => :name
|
30
|
+
define_callbacks :cleanup, :scope => :name
|
31
|
+
|
32
|
+
# Add a prepare callback. Prepare callbacks are run before each request, prior
|
33
|
+
# to ActionDispatch::Callback's before callbacks.
|
34
|
+
def self.to_prepare(*args, &block)
|
35
|
+
set_callback(:prepare, *args, &block)
|
36
|
+
end
|
37
|
+
|
38
|
+
# Add a cleanup callback. Cleanup callbacks are run after each request is
|
39
|
+
# complete (after #close is called on the response body).
|
40
|
+
def self.to_cleanup(*args, &block)
|
41
|
+
set_callback(:cleanup, *args, &block)
|
42
|
+
end
|
43
|
+
|
44
|
+
# Execute all prepare callbacks.
|
45
|
+
def self.prepare!
|
46
|
+
new(nil).run_callbacks :prepare
|
47
|
+
end
|
48
|
+
|
49
|
+
# Execute all cleanup callbacks.
|
50
|
+
def self.cleanup!
|
51
|
+
new(nil).run_callbacks :cleanup
|
52
|
+
end
|
53
|
+
|
54
|
+
def initialize(app)
|
55
|
+
@app = app
|
56
|
+
end
|
57
|
+
|
58
|
+
module CleanupOnClose
|
59
|
+
def close
|
60
|
+
super if defined?(super)
|
61
|
+
ensure
|
62
|
+
ActionDispatch::Reloader.cleanup!
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
def call(env)
|
67
|
+
run_callbacks :prepare
|
68
|
+
response = @app.call(env)
|
69
|
+
response[2].extend(CleanupOnClose)
|
70
|
+
response
|
71
|
+
rescue Exception
|
72
|
+
run_callbacks :cleanup
|
73
|
+
raise
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
@@ -1,5 +1,6 @@
|
|
1
1
|
require 'rack/utils'
|
2
2
|
require 'rack/request'
|
3
|
+
require 'rack/session/abstract/id'
|
3
4
|
require 'action_dispatch/middleware/cookies'
|
4
5
|
require 'active_support/core_ext/object/blank'
|
5
6
|
|
@@ -8,249 +9,78 @@ module ActionDispatch
|
|
8
9
|
class SessionRestoreError < StandardError #:nodoc:
|
9
10
|
end
|
10
11
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
@by = by
|
20
|
-
@env = env
|
21
|
-
@session_id_loaded = false
|
22
|
-
merge!(default_options)
|
23
|
-
end
|
24
|
-
|
25
|
-
def [](key)
|
26
|
-
if key == :id
|
27
|
-
load_session_id! unless key?(:id) || has_session_id?
|
28
|
-
end
|
29
|
-
super
|
30
|
-
end
|
31
|
-
|
32
|
-
private
|
33
|
-
|
34
|
-
def has_session_id?
|
35
|
-
@session_id_loaded
|
36
|
-
end
|
37
|
-
|
38
|
-
def load_session_id!
|
39
|
-
self[:id] = @by.send(:extract_session_id, @env)
|
40
|
-
@session_id_loaded = true
|
41
|
-
end
|
42
|
-
end
|
43
|
-
|
44
|
-
class SessionHash < Hash
|
45
|
-
def initialize(by, env)
|
46
|
-
super()
|
47
|
-
@by = by
|
48
|
-
@env = env
|
49
|
-
@loaded = false
|
50
|
-
end
|
51
|
-
|
52
|
-
def [](key)
|
53
|
-
load_for_read!
|
54
|
-
super(key.to_s)
|
55
|
-
end
|
56
|
-
|
57
|
-
def has_key?(key)
|
58
|
-
load_for_read!
|
59
|
-
super(key.to_s)
|
60
|
-
end
|
61
|
-
|
62
|
-
def []=(key, value)
|
63
|
-
load_for_write!
|
64
|
-
super(key.to_s, value)
|
65
|
-
end
|
66
|
-
|
67
|
-
def clear
|
68
|
-
load_for_write!
|
69
|
-
super
|
70
|
-
end
|
71
|
-
|
72
|
-
def to_hash
|
73
|
-
load_for_read!
|
74
|
-
h = {}.replace(self)
|
75
|
-
h.delete_if { |k,v| v.nil? }
|
76
|
-
h
|
77
|
-
end
|
78
|
-
|
79
|
-
def update(hash)
|
80
|
-
load_for_write!
|
81
|
-
super(hash.stringify_keys)
|
82
|
-
end
|
83
|
-
|
84
|
-
def delete(key)
|
85
|
-
load_for_write!
|
86
|
-
super(key.to_s)
|
87
|
-
end
|
88
|
-
|
89
|
-
def inspect
|
90
|
-
load_for_read!
|
91
|
-
super
|
92
|
-
end
|
93
|
-
|
94
|
-
def exists?
|
95
|
-
return @exists if instance_variable_defined?(:@exists)
|
96
|
-
@exists = @by.send(:exists?, @env)
|
97
|
-
end
|
98
|
-
|
99
|
-
def loaded?
|
100
|
-
@loaded
|
101
|
-
end
|
102
|
-
|
103
|
-
def destroy
|
104
|
-
clear
|
105
|
-
@by.send(:destroy, @env) if @by
|
106
|
-
@env[ENV_SESSION_OPTIONS_KEY][:id] = nil if @env && @env[ENV_SESSION_OPTIONS_KEY]
|
107
|
-
@loaded = false
|
108
|
-
end
|
109
|
-
|
110
|
-
private
|
111
|
-
|
112
|
-
def load_for_read!
|
113
|
-
load! if !loaded? && exists?
|
114
|
-
end
|
115
|
-
|
116
|
-
def load_for_write!
|
117
|
-
load! unless loaded?
|
118
|
-
end
|
119
|
-
|
120
|
-
def load!
|
121
|
-
id, session = @by.send(:load_session, @env)
|
122
|
-
@env[ENV_SESSION_OPTIONS_KEY][:id] = id
|
123
|
-
replace(session.stringify_keys)
|
124
|
-
@loaded = true
|
125
|
-
end
|
126
|
-
|
12
|
+
module DestroyableSession
|
13
|
+
def destroy
|
14
|
+
clear
|
15
|
+
options = @env[Rack::Session::Abstract::ENV_SESSION_OPTIONS_KEY] if @env
|
16
|
+
options ||= {}
|
17
|
+
@by.send(:destroy_session, @env, options[:id], options) if @by
|
18
|
+
options[:id] = nil
|
19
|
+
@loaded = false
|
127
20
|
end
|
21
|
+
end
|
128
22
|
|
129
|
-
|
130
|
-
:key => '_session_id',
|
131
|
-
:path => '/',
|
132
|
-
:domain => nil,
|
133
|
-
:expire_after => nil,
|
134
|
-
:secure => false,
|
135
|
-
:httponly => true,
|
136
|
-
:cookie_only => true
|
137
|
-
}
|
23
|
+
::Rack::Session::Abstract::SessionHash.send :include, DestroyableSession
|
138
24
|
|
25
|
+
module Compatibility
|
139
26
|
def initialize(app, options = {})
|
140
|
-
|
141
|
-
|
142
|
-
@key = @default_options.delete(:key).freeze
|
143
|
-
@cookie_only = @default_options.delete(:cookie_only)
|
144
|
-
ensure_session_key!
|
27
|
+
options[:key] ||= '_session_id'
|
28
|
+
super
|
145
29
|
end
|
146
30
|
|
147
|
-
def
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
session_data = env[ENV_SESSION_KEY]
|
152
|
-
options = env[ENV_SESSION_OPTIONS_KEY]
|
153
|
-
|
154
|
-
if !session_data.is_a?(AbstractStore::SessionHash) || session_data.loaded? || options[:expire_after]
|
155
|
-
session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.loaded?
|
156
|
-
|
157
|
-
sid = options[:id] || generate_sid
|
158
|
-
session_data = session_data.to_hash
|
159
|
-
|
160
|
-
value = set_session(env, sid, session_data)
|
161
|
-
return response unless value
|
162
|
-
|
163
|
-
cookie = { :value => value }
|
164
|
-
unless options[:expire_after].nil?
|
165
|
-
cookie[:expires] = Time.now + options.delete(:expire_after)
|
166
|
-
end
|
167
|
-
|
168
|
-
request = ActionDispatch::Request.new(env)
|
169
|
-
set_cookie(request, cookie.merge!(options))
|
170
|
-
end
|
171
|
-
|
172
|
-
response
|
31
|
+
def generate_sid
|
32
|
+
sid = ActiveSupport::SecureRandom.hex(16)
|
33
|
+
sid.encode!('UTF-8') if sid.respond_to?(:encode!)
|
34
|
+
sid
|
173
35
|
end
|
174
36
|
|
175
|
-
|
176
|
-
|
177
|
-
def prepare!(env)
|
178
|
-
env[ENV_SESSION_KEY] = SessionHash.new(self, env)
|
179
|
-
env[ENV_SESSION_OPTIONS_KEY] = OptionsHash.new(self, env, @default_options)
|
180
|
-
end
|
181
|
-
|
182
|
-
def generate_sid
|
183
|
-
ActiveSupport::SecureRandom.hex(16)
|
184
|
-
end
|
185
|
-
|
186
|
-
def set_cookie(request, options)
|
187
|
-
if request.cookie_jar[@key] != options[:value] || !options[:expires].nil?
|
188
|
-
request.cookie_jar[@key] = options
|
189
|
-
end
|
190
|
-
end
|
191
|
-
|
192
|
-
def load_session(env)
|
193
|
-
stale_session_check! do
|
194
|
-
sid = current_session_id(env)
|
195
|
-
sid, session = get_session(env, sid)
|
196
|
-
[sid, session]
|
197
|
-
end
|
198
|
-
end
|
37
|
+
protected
|
199
38
|
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
sid
|
206
|
-
end
|
207
|
-
end
|
39
|
+
def initialize_sid
|
40
|
+
@default_options.delete(:sidbits)
|
41
|
+
@default_options.delete(:secure_random)
|
42
|
+
end
|
43
|
+
end
|
208
44
|
|
209
|
-
|
210
|
-
|
211
|
-
|
45
|
+
module StaleSessionCheck
|
46
|
+
def load_session(env)
|
47
|
+
stale_session_check! { super }
|
48
|
+
end
|
212
49
|
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
'cookie containing the session data. Use ' +
|
217
|
-
'config.session_store SESSION_STORE, { :key => ' +
|
218
|
-
'"_myapp_session" } in config/application.rb'
|
219
|
-
end
|
220
|
-
end
|
50
|
+
def extract_session_id(env)
|
51
|
+
stale_session_check! { super }
|
52
|
+
end
|
221
53
|
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
end
|
232
|
-
retry
|
233
|
-
else
|
234
|
-
raise
|
54
|
+
def stale_session_check!
|
55
|
+
yield
|
56
|
+
rescue ArgumentError => argument_error
|
57
|
+
if argument_error.message =~ %r{undefined class/module ([\w:]*\w)}
|
58
|
+
begin
|
59
|
+
# Note that the regexp does not allow $1 to end with a ':'
|
60
|
+
$1.constantize
|
61
|
+
rescue LoadError, NameError => const_error
|
62
|
+
raise ActionDispatch::Session::SessionRestoreError, "Session contains objects whose class definition isn't available.\nRemember to require the classes for all objects kept in the session.\n(Original exception: #{const_error.message} [#{const_error.class}])\n"
|
235
63
|
end
|
64
|
+
retry
|
65
|
+
else
|
66
|
+
raise
|
236
67
|
end
|
68
|
+
end
|
69
|
+
end
|
237
70
|
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
def get_session(env, sid)
|
243
|
-
raise '#get_session needs to be implemented.'
|
244
|
-
end
|
71
|
+
class AbstractStore < Rack::Session::Abstract::ID
|
72
|
+
include Compatibility
|
73
|
+
include StaleSessionCheck
|
245
74
|
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
75
|
+
def destroy_session(env, sid, options)
|
76
|
+
ActiveSupport::Deprecation.warn "Implementing #destroy in session stores is deprecated. " <<
|
77
|
+
"Please implement destroy_session(env, session_id, options) instead."
|
78
|
+
destroy(env)
|
79
|
+
end
|
250
80
|
|
251
|
-
|
252
|
-
|
253
|
-
|
81
|
+
def destroy(env)
|
82
|
+
raise '#destroy needs to be implemented.'
|
83
|
+
end
|
254
84
|
end
|
255
85
|
end
|
256
86
|
end
|
@@ -1,5 +1,7 @@
|
|
1
1
|
require 'active_support/core_ext/hash/keys'
|
2
2
|
require 'active_support/core_ext/object/blank'
|
3
|
+
require 'action_dispatch/middleware/session/abstract_store'
|
4
|
+
require 'rack/session/cookie'
|
3
5
|
|
4
6
|
module ActionDispatch
|
5
7
|
module Session
|
@@ -38,58 +40,32 @@ module ActionDispatch
|
|
38
40
|
# "rake secret" and set the key in config/initializers/secret_token.rb.
|
39
41
|
#
|
40
42
|
# Note that changing digest or secret invalidates all existing sessions!
|
41
|
-
class CookieStore <
|
42
|
-
|
43
|
-
|
44
|
-
super(app, options.merge!(:cookie_only => true))
|
45
|
-
freeze
|
46
|
-
end
|
43
|
+
class CookieStore < Rack::Session::Cookie
|
44
|
+
include Compatibility
|
45
|
+
include StaleSessionCheck
|
47
46
|
|
48
47
|
private
|
49
48
|
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
def extract_session_id(env)
|
57
|
-
if data = unpacked_cookie_data(env)
|
58
|
-
data["session_id"]
|
59
|
-
else
|
60
|
-
nil
|
61
|
-
end
|
62
|
-
end
|
63
|
-
|
64
|
-
def unpacked_cookie_data(env)
|
65
|
-
env["action_dispatch.request.unsigned_session_cookie"] ||= begin
|
66
|
-
stale_session_check! do
|
67
|
-
request = ActionDispatch::Request.new(env)
|
68
|
-
if data = request.cookie_jar.signed[@key]
|
69
|
-
data.stringify_keys!
|
70
|
-
end
|
71
|
-
data || {}
|
49
|
+
def unpacked_cookie_data(env)
|
50
|
+
env["action_dispatch.request.unsigned_session_cookie"] ||= begin
|
51
|
+
stale_session_check! do
|
52
|
+
request = ActionDispatch::Request.new(env)
|
53
|
+
if data = request.cookie_jar.signed[@key]
|
54
|
+
data.stringify_keys!
|
72
55
|
end
|
56
|
+
data || {}
|
73
57
|
end
|
74
58
|
end
|
59
|
+
end
|
75
60
|
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
def set_session(env, sid, session_data)
|
81
|
-
persistent_session_id!(session_data, sid)
|
82
|
-
end
|
83
|
-
|
84
|
-
def destroy(env)
|
85
|
-
# session data is stored on client; nothing to do here
|
86
|
-
end
|
61
|
+
def set_session(env, sid, session_data, options)
|
62
|
+
session_data.merge("session_id" => sid)
|
63
|
+
end
|
87
64
|
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
end
|
65
|
+
def set_cookie(env, session_id, cookie)
|
66
|
+
request = ActionDispatch::Request.new(env)
|
67
|
+
request.cookie_jar.signed[@key] = cookie
|
68
|
+
end
|
93
69
|
end
|
94
70
|
end
|
95
71
|
end
|