actionpack 3.0.20 → 3.1.0.beta1

data/lib/action_dispatch/http/cache.rb

@@ -39,10 +39,11 @@ module ActionDispatch
       end
 
       module Response
-        attr_reader :cache_control
+        attr_reader :cache_control, :etag
+        alias :etag? :etag
 
         def initialize(*)
-          status, header, body = super
+          super
 
           @cache_control = {}
           @etag = self["ETag"]
@@ -50,8 +51,7 @@ module ActionDispatch
           if cache_control = self["Cache-Control"]
             cache_control.split(/,\s*/).each do |segment|
               first, last = segment.split("=")
-              last ||= true
-              @cache_control[first.to_sym] = last
+              @cache_control[first.to_sym] = last || true
             end
           end
         end
@@ -70,14 +70,6 @@ module ActionDispatch
           headers['Last-Modified'] = utc_time.httpdate
         end
 
-        def etag
-          @etag
-        end
-
-        def etag?
-          @etag
-        end
-
         def etag=(etag)
           key = ActiveSupport::Cache.expand_cache_key(etag)
           @etag = self["ETag"] = %("#{Digest::MD5.hexdigest(key)}")
@@ -88,28 +80,9 @@ module ActionDispatch
         def handle_conditional_get!
           if etag? || last_modified? || !@cache_control.empty?
             set_conditional_cache_control!
-          elsif nonempty_ok_response?
-            self.etag = body
-
-            if request && request.etag_matches?(etag)
-              self.status = 304
-              self.body = []
-            end
-
-            set_conditional_cache_control!
-          else
-            headers["Cache-Control"] = "no-cache"
           end
         end
 
-        def nonempty_ok_response?
-          @status == 200 && string_body?
-        end
-
-        def string_body?
-          !@blank && @body.respond_to?(:all?) && @body.all? { |part| part.is_a?(String) }
-        end
-
         DEFAULT_CACHE_CONTROL = "max-age=0, private, must-revalidate"
 
         def set_conditional_cache_control!
@@ -119,7 +92,7 @@ module ActionDispatch
 
           if control.empty?
             headers["Cache-Control"] = DEFAULT_CACHE_CONTROL
-          elsif @cache_control[:no_cache]
+          elsif control[:no_cache]
             headers["Cache-Control"] = "no-cache"
           else
             extras  = control[:extras]

data/lib/action_dispatch/http/filter_parameters.rb

@@ -26,6 +26,8 @@ module ActionDispatch
     module FilterParameters
       extend ActiveSupport::Concern
 
+      @@parameter_filter_for  = {}
+
       # Return a hash of parameters with all sensitive data replaced.
       def filtered_parameters
         @filtered_parameters ||= parameter_filter.filter(parameters)
@@ -52,7 +54,7 @@ module ActionDispatch
       end
 
       def parameter_filter_for(filters)
-        ParameterFilter.new(filters)
+        @@parameter_filter_for[filters] ||= ParameterFilter.new(filters)
       end
 
       KV_RE   = '[^&;=]+'

data/lib/action_dispatch/http/mime_negotiation.rb

@@ -1,6 +1,13 @@
 module ActionDispatch
   module Http
     module MimeNegotiation
+      extend ActiveSupport::Concern
+
+      included do
+        mattr_accessor :ignore_accept_header
+        self.ignore_accept_header = false
+      end
+
       # The MIME type of the HTTP request, such as Mime::XML.
       #
       # For backward compatibility, the post \format is extracted from the
@@ -43,13 +50,13 @@ module ActionDispatch
       end
 
       def formats
-        accept = @env['HTTP_ACCEPT']
-
         @env["action_dispatch.request.formats"] ||=
           if parameters[:format]
             Array(Mime[parameters[:format]])
-          elsif xhr? || (accept && accept !~ /,\s*\*\/\*/)
+          elsif use_accept_header && valid_accept_header
             accepts
+          elsif xhr?
+            [Mime::JS]
           else
             [Mime::HTML]
           end
@@ -85,6 +92,18 @@ module ActionDispatch
 
         order.include?(Mime::ALL) ? formats.first : nil
       end
+
+      protected
+
+      BROWSER_LIKE_ACCEPTS = /,\s*\*\/\*|\*\/\*\s*,/
+
+      def valid_accept_header
+        xhr? || (accept && accept !~ BROWSER_LIKE_ACCEPTS)
+      end
+
+      def use_accept_header
+        !self.class.ignore_accept_header
+      end
     end
   end
 end

data/lib/action_dispatch/http/mime_type.rb

@@ -80,6 +80,9 @@ module Mime
     end
 
     class << self
+
+      TRAILING_STAR_REGEXP = /(text|application)\/\*/
+
       def lookup(string)
         LOOKUP[string]
       end
@@ -105,15 +108,28 @@ module Mime
 
       def parse(accept_header)
         if accept_header !~ /,/
-          [Mime::Type.lookup(accept_header)]
+          if accept_header =~ TRAILING_STAR_REGEXP
+            parse_data_with_trailing_star($1)
+          else
+            [Mime::Type.lookup(accept_header)]
+          end
         else
           # keep track of creation order to keep the subsequent sort stable
-          list = []
-          accept_header.split(/,/).each_with_index do |header, index|
+          list, index = [], 0
+          accept_header.split(/,/).each do |header|
             params, q = header.split(/;\s*q=/)
-            if params
+            if params.present?
               params.strip!
-              list << AcceptItem.new(index, params, q) unless params.empty?
+
+              if params =~ TRAILING_STAR_REGEXP
+                parse_data_with_trailing_star($1).each do |m|
+                  list << AcceptItem.new(index, m.to_s, q)
+                  index += 1
+                end
+              else
+                list << AcceptItem.new(index, params, q)
+                index += 1
+              end
             end
           end
           list.sort!
@@ -160,6 +176,30 @@ module Mime
           list
         end
       end
+
+      # input: 'text'
+      # returned value:  [Mime::JSON, Mime::XML, Mime::ICS, Mime::HTML, Mime::CSS, Mime::CSV, Mime::JS, Mime::YAML, Mime::TEXT]
+      #
+      # input: 'application'
+      # returned value: [Mime::HTML, Mime::JS, Mime::XML, Mime::YAML, Mime::ATOM, Mime::JSON, Mime::RSS, Mime::URL_ENCODED_FORM]
+      def parse_data_with_trailing_star(input)
+        Mime::SET.select { |m| m =~ input }
+      end
+
+      # This method is opposite of register method.
+      #
+      # Usage:
+      #
+      # Mime::Type.unregister(:mobile)
+      def unregister(symbol)
+        symbol = symbol.to_s.upcase
+        mime = Mime.const_get(symbol)
+        Mime.instance_eval { remove_const(symbol) }
+
+        SET.delete_if { |v| v.eql?(mime) }
+        LOOKUP.delete_if { |k,v| v.eql?(mime) }
+        EXTENSION_LOOKUP.delete_if { |k,v| v.eql?(mime) }
+      end
     end
 
     def initialize(string, symbol = nil, synonyms = [])

data/lib/action_dispatch/http/rack_cache.rb

@@ -0,0 +1,58 @@
+require "rack/cache"
+require "rack/cache/context"
+require "active_support/cache"
+
+module ActionDispatch
+  class RailsMetaStore < Rack::Cache::MetaStore
+    def self.resolve(uri)
+      new
+    end
+
+    # TODO: Finally deal with the RAILS_CACHE global
+    def initialize(store = RAILS_CACHE)
+      @store = store
+    end
+
+    def read(key)
+      @store.read(key) || []
+    end
+
+    def write(key, value)
+      @store.write(key, value)
+    end
+
+    ::Rack::Cache::MetaStore::RAILS = self
+  end
+
+  class RailsEntityStore < Rack::Cache::EntityStore
+    def self.resolve(uri)
+      new
+    end
+
+    def initialize(store = RAILS_CACHE)
+      @store = store
+    end
+
+    def exist?(key)
+      @store.exist?(key)
+    end
+
+    def open(key)
+      @store.read(key)
+    end
+
+    def read(key)
+      body = open(key)
+      body.join if body
+    end
+
+    def write(body)
+      buf = []
+      key, size = slurp(body) { |part| buf << part }
+      @store.write(key, buf)
+      [key, size]
+    end
+
+    ::Rack::Cache::EntityStore::RAILS = self
+  end
+end

data/lib/action_dispatch/http/request.rb

@@ -17,16 +17,17 @@ module ActionDispatch
     include ActionDispatch::Http::Upload
     include ActionDispatch::Http::URL
 
-    LOCALHOST = [/^127\.0\.0\.\d{1,3}$/, "::1", /^0:0:0:0:0:0:0:1(%.*)?$/].freeze
-
-    %w[ AUTH_TYPE GATEWAY_INTERFACE
+    LOCALHOST   = [/^127\.0\.0\.\d{1,3}$/, "::1", /^0:0:0:0:0:0:0:1(%.*)?$/].freeze
+    ENV_METHODS = %w[ AUTH_TYPE GATEWAY_INTERFACE
         PATH_TRANSLATED REMOTE_HOST
         REMOTE_IDENT REMOTE_USER REMOTE_ADDR
         SERVER_NAME SERVER_PROTOCOL
 
         HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING
         HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM
-        HTTP_NEGOTIATE HTTP_PRAGMA ].each do |env|
+        HTTP_NEGOTIATE HTTP_PRAGMA ].freeze
+      
+    ENV_METHODS.each do |env|
       class_eval <<-METHOD, __FILE__, __LINE__ + 1
         def #{env.sub(/^HTTP_/n, '').downcase}
           @env["#{env}"]
@@ -72,11 +73,7 @@ module ActionDispatch
     # the application should use), this \method returns the overridden
     # value, not the original.
     def request_method
-      @request_method ||= begin
-        method = env["REQUEST_METHOD"]
-        HTTP_METHOD_LOOKUP[method] || raise(ActionController::UnknownHttpMethod, "#{method}, accepted HTTP methods are #{HTTP_METHODS.to_sentence(:locale => :en)}")
-        method
-      end
+      @request_method ||= check_method(env["REQUEST_METHOD"])
     end
 
     # Returns a symbol form of the #request_method
@@ -88,11 +85,7 @@ module ActionDispatch
     # even if it was overridden by middleware. See #request_method for
     # more information.
     def method
-      @method ||= begin
-        method = env["rack.methodoverride.original_method"] || env['REQUEST_METHOD']
-        HTTP_METHOD_LOOKUP[method] || raise(ActionController::UnknownHttpMethod, "#{method}, accepted HTTP methods are #{HTTP_METHODS.to_sentence(:locale => :en)}")
-        method
-      end
+      @method ||= check_method(env["rack.methodoverride.original_method"] || env['REQUEST_METHOD'])
     end
 
     # Returns a symbol form of the #method
@@ -155,11 +148,11 @@ module ActionDispatch
       super.to_i
     end
 
-    # Returns true if the request's "X-Requested-With" header contains
-    # "XMLHttpRequest". (The Prototype Javascript library sends this header with
-    # every Ajax request.)
+    # Returns true if the "X-Requested-With" header contains "XMLHttpRequest"
+    # (case-insensitive). All major JavaScript libraries send this header with
+    # every Ajax request.
     def xml_http_request?
-      !(@env['HTTP_X_REQUESTED_WITH'] !~ /XMLHttpRequest/i)
+      @env['HTTP_X_REQUESTED_WITH'] =~ /XMLHttpRequest/i
     end
     alias :xhr? :xml_http_request?
 
@@ -168,8 +161,16 @@ module ActionDispatch
     end
 
     # Which IP addresses are "trusted proxies" that can be stripped from
-    # the right-hand-side of X-Forwarded-For
-    TRUSTED_PROXIES = /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i
+    # the right-hand-side of X-Forwarded-For.
+    #
+    # http://en.wikipedia.org/wiki/Private_network#Private_IPv4_address_spaces.
+    TRUSTED_PROXIES = %r{
+      ^127\.0\.0\.1$                | # localhost
+      ^(10                          | # private IP 10.x.x.x
+        172\.(1[6-9]|2[0-9]|3[0-1]) | # private IP in the range 172.16.0.0 .. 172.31.255.255
+        192\.168                      # private IP 192.168.x.x
+       )\.
+    }x
 
     # Determines originating IP address.  REMOTE_ADDR is the standard
     # but will fail if the user is behind a proxy.  HTTP_CLIENT_IP and/or
@@ -233,13 +234,13 @@ module ActionDispatch
 
     # Override Rack's GET method to support indifferent access
     def GET
-      @env["action_dispatch.request.query_parameters"] ||= normalize_parameters(super)
+      @env["action_dispatch.request.query_parameters"] ||= (normalize_parameters(super) || {})
     end
     alias :query_parameters :GET
 
     # Override Rack's POST method to support indifferent access
     def POST
-      @env["action_dispatch.request.request_parameters"] ||= normalize_parameters(super)
+      @env["action_dispatch.request.request_parameters"] ||= (normalize_parameters(super) || {})
     end
     alias :request_parameters :POST
 
@@ -258,26 +259,11 @@ module ActionDispatch
       LOCALHOST.any? { |local_ip| local_ip === remote_addr && local_ip === remote_ip }
     end
 
-    # Remove nils from the params hash
-    def deep_munge(hash)
-      hash.each do |k, v|
-        case v
-        when Array
-          v.grep(Hash) { |x| deep_munge(x) }
-          v.compact!
-          hash[k] = nil if v.empty?
-        when Hash
-          deep_munge(v)
-        end
-      end
-
-      hash
-    end
-
-    protected
+    private
 
-    def parse_query(qs)
-      deep_munge(super)
+    def check_method(name)
+      HTTP_METHOD_LOOKUP[name] || raise(ActionController::UnknownHttpMethod, "#{name}, accepted HTTP methods are #{HTTP_METHODS.to_sentence(:locale => :en)}")
+      name
     end
   end
 end

data/lib/action_dispatch/http/response.rb

@@ -32,24 +32,35 @@ module ActionDispatch # :nodoc:
   #      puts @response.body
   #    end
   #  end
-  class Response < Rack::Response
-    attr_accessor :request, :blank
+  class Response
+    attr_accessor :request, :header, :status
+    attr_writer :sending_file
 
-    attr_writer :header, :sending_file
     alias_method :headers=, :header=
+    alias_method :headers,  :header
+
+    delegate :[], :[]=, :to => :@header
+    delegate :each, :to => :@body
+
+    # Sets the HTTP response's content MIME type. For example, in the controller
+    # you could write this:
+    #
+    #  response.content_type = "text/plain"
+    #
+    # If a character set has been defined for this response (see charset=) then
+    # the character set information will also be included in the content type
+    # information.
+    attr_accessor :charset, :content_type
+
+    CONTENT_TYPE = "Content-Type"
+
+    cattr_accessor(:default_charset) { "utf-8" }
 
     module Setup
       def initialize(status = 200, header = {}, body = [])
-        @writer = lambda { |x| @body << x }
-        @block = nil
-        @length = 0
-
-        @status, @header = status, header
-        self.body = body
+        self.body, self.header, self.status = body, header, status
 
-        @cookie = []
         @sending_file = false
-
         @blank = false
 
         if content_type = self["Content-Type"]
@@ -62,6 +73,7 @@ module ActionDispatch # :nodoc:
       end
     end
 
+    include Rack::Response::Helpers
     include Setup
     include ActionDispatch::Http::Cache::Response
 
@@ -106,13 +118,29 @@ module ActionDispatch # :nodoc:
 
     def body=(body)
       @blank = true if body == EMPTY
-      @body = body.respond_to?(:to_str) ? [body] : body
+
+      # Explicitly check for strings. This is *wrong* theoretically
+      # but if we don't check this, the performance on string bodies
+      # is bad on Ruby 1.8 (because strings responds to each then).
+      @body = if body.respond_to?(:to_str) || !body.respond_to?(:each)
+        [body]
+      else
+        body
+      end
     end
 
     def body_parts
       @body
     end
 
+    def set_cookie(key, value)
+      ::Rack::Utils.set_cookie_header!(header, key, value)
+    end
+
+    def delete_cookie(key, value={})
+      ::Rack::Utils.delete_cookie_header!(header, key, value)
+    end
+
     def location
       headers['Location']
     end
@@ -122,47 +150,21 @@ module ActionDispatch # :nodoc:
       headers['Location'] = url
     end
 
-    # Sets the HTTP response's content MIME type. For example, in the controller
-    # you could write this:
-    #
-    #  response.content_type = "text/plain"
-    #
-    # If a character set has been defined for this response (see charset=) then
-    # the character set information will also be included in the content type
-    # information.
-    attr_accessor :charset, :content_type
-
-    CONTENT_TYPE    = "Content-Type"
-
-    cattr_accessor(:default_charset) { "utf-8" }
-
     def to_a
       assign_default_content_type_and_charset!
       handle_conditional_get!
-      self["Set-Cookie"] = self["Set-Cookie"].join("\n") if self["Set-Cookie"].respond_to?(:join)
-      self["ETag"]       = @_etag if @_etag
-      super
-    end
 
-    alias prepare! to_a
+      @header["Set-Cookie"] = @header["Set-Cookie"].join("\n") if @header["Set-Cookie"].respond_to?(:join)
 
-    def each(&callback)
-      if @body.respond_to?(:call)
-        @writer = lambda { |x| callback.call(x) }
-        @body.call(self, self)
+      if [204, 304].include?(@status)
+        @header.delete "Content-Type"
+        [@status, @header, []]
       else
-        @body.each { |part| callback.call(part.to_s) }
+        [@status, @header, self]
       end
-
-      @writer = callback
-      @block.call(self) if @block
-    end
-
-    def write(str)
-      str = str.to_s
-      @writer.call str
-      str
     end
+    alias prepare! to_a
+    alias to_ary   to_a # For implicit splat on 1.9.2
 
     # Returns the response cookies, converted to a Hash of (name => value) pairs
     #
@@ -181,18 +183,18 @@ module ActionDispatch # :nodoc:
       cookies
     end
 
-    private
-      def assign_default_content_type_and_charset!
-        return if headers[CONTENT_TYPE].present?
+  private
 
-        @content_type ||= Mime::HTML
-        @charset      ||= self.class.default_charset
+    def assign_default_content_type_and_charset!
+      return if headers[CONTENT_TYPE].present?
 
-        type = @content_type.to_s.dup
-        type << "; charset=#{@charset}" unless @sending_file
+      @content_type ||= Mime::HTML
+      @charset      ||= self.class.default_charset
 
-        headers[CONTENT_TYPE] = type
-      end
+      type = @content_type.to_s.dup
+      type << "; charset=#{@charset}" unless @sending_file
 
+      headers[CONTENT_TYPE] = type
+    end
   end
 end