actionpack 3.0.20 → 3.1.0.beta1

data/lib/action_dispatch/http/upload.rb

@@ -4,7 +4,7 @@ module ActionDispatch
       attr_accessor :original_filename, :content_type, :tempfile, :headers
 
       def initialize(hash)
-        @original_filename = encode_filename(hash[:filename])
+        @original_filename = hash[:filename]
         @content_type      = hash[:type]
         @headers           = hash[:head]
         @tempfile          = hash[:tempfile]
@@ -30,16 +30,6 @@ module ActionDispatch
       def size
         @tempfile.size
       end
-      
-      private
-      def encode_filename(filename)
-        # Encode the filename in the utf8 encoding, unless it is nil or we're in 1.8
-        if "ruby".encoding_aware? && filename
-          filename.force_encoding("UTF-8").encode!
-        else
-          filename
-        end
-      end
     end
 
     module Upload

data/lib/action_dispatch/http/url.rb

@@ -1,24 +1,89 @@
 module ActionDispatch
   module Http
     module URL
-      # Returns the complete \URL used for this request.
-      def url
-        protocol + host_with_port + fullpath
+      mattr_accessor :tld_length
+      self.tld_length = 1
+
+      class << self
+        def extract_domain(host, tld_length = @@tld_length)
+          return nil unless named_host?(host)
+          host.split('.').last(1 + tld_length).join('.')
+        end
+
+        def extract_subdomains(host, tld_length = @@tld_length)
+          return [] unless named_host?(host)
+          parts = host.split('.')
+          parts[0..-(tld_length+2)]
+        end
+
+        def extract_subdomain(host, tld_length = @@tld_length)
+          extract_subdomains(host, tld_length).join('.')
+        end
+
+        def url_for(options = {})
+          unless options[:host].present? || options[:only_path].present?
+            raise ArgumentError, 'Missing host to link to! Please provide the :host parameter, set default_url_options[:host], or set :only_path to true'
+          end
+
+          rewritten_url = ""
+
+          unless options[:only_path]
+            unless options[:protocol] == false
+              rewritten_url << (options[:protocol] || "http")
+              rewritten_url << ":" unless rewritten_url.match(%r{:|//})
+            end
+            rewritten_url << "//" unless rewritten_url.match("//")
+            rewritten_url << rewrite_authentication(options)
+            rewritten_url << host_or_subdomain_and_domain(options)
+            rewritten_url << ":#{options.delete(:port)}" if options[:port]
+          end
+
+          path = options.delete(:path) || ''
+
+          params = options[:params] || {}
+          params.reject! {|k,v| v.to_param.nil? }
+
+          rewritten_url << (options[:trailing_slash] ? path.sub(/\?|\z/) { "/" + $& } : path)
+          rewritten_url << "?#{params.to_query}" unless params.empty?
+          rewritten_url << "##{Rack::Mount::Utils.escape_uri(options[:anchor].to_param.to_s)}" if options[:anchor]
+          rewritten_url
+        end
+
+        private
+
+        def named_host?(host)
+          !(host.nil? || /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.match(host))
+        end
+
+        def rewrite_authentication(options)
+          if options[:user] && options[:password]
+            "#{Rack::Utils.escape(options[:user])}:#{Rack::Utils.escape(options[:password])}@"
+          else
+            ""
+          end
+        end
+
+        def host_or_subdomain_and_domain(options)
+          return options[:host] unless options[:subdomain] || options[:domain]
+
+          tld_length = options[:tld_length] || @@tld_length
+
+          host = ""
+          host << (options[:subdomain] || extract_subdomain(options[:host], tld_length))
+          host << "."
+          host << (options[:domain]    || extract_domain(options[:host], tld_length))
+          host
+        end
       end
 
-      # Returns 'https' if this is an SSL request and 'http' otherwise.
-      def scheme
-        ssl? ? 'https' : 'http'
+      # Returns the complete URL used for this request.
+      def url
+        protocol + host_with_port + fullpath
       end
 
       # Returns 'https://' if this is an SSL request and 'http://' otherwise.
       def protocol
-        ssl? ? 'https://' : 'http://'
-      end
-
-      # Is this an SSL request?
-      def ssl?
-        @env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] == 'https'
+        @protocol ||= ssl? ? 'https://' : 'http://'
       end
 
       # Returns the \host for this request, such as "example.com".
@@ -43,10 +108,12 @@ module ActionDispatch
 
       # Returns the port number of this request as an integer.
       def port
-        if raw_host_with_port =~ /:(\d+)$/
-          $1.to_i
-        else
-          standard_port
+        @port ||= begin
+          if raw_host_with_port =~ /:(\d+)$/
+            $1.to_i
+          else
+            standard_port
+          end
         end
       end
 
@@ -63,10 +130,16 @@ module ActionDispatch
         port == standard_port
       end
 
-      # Returns a \port suffix like ":8080" if the \port number of this request
+      # Returns a number \port suffix like 8080 if the \port number of this request
       # is not the default HTTP \port 80 or HTTPS \port 443.
+      def optional_port
+        standard_port? ? nil : port
+      end
+
+      # Returns a string \port suffix, including colon, like ":8080" if the \port
+      # number of this request is not the default HTTP \port 80 or HTTPS \port 443.
       def port_string
-        port == standard_port ? '' : ":#{port}"
+        standard_port? ? '' : ":#{port}"
       end
 
       def server_port
@@ -75,38 +148,25 @@ module ActionDispatch
 
       # Returns the \domain part of a \host, such as "rubyonrails.org" in "www.rubyonrails.org". You can specify
       # a different <tt>tld_length</tt>, such as 2 to catch rubyonrails.co.uk in "www.rubyonrails.co.uk".
-      def domain(tld_length = 1)
-        return nil unless named_host?(host)
-
-        host.split('.').last(1 + tld_length).join('.')
+      def domain(tld_length = @@tld_length)
+        ActionDispatch::Http::URL.extract_domain(host, tld_length)
       end
 
       # Returns all the \subdomains as an array, so <tt>["dev", "www"]</tt> would be
       # returned for "dev.www.rubyonrails.org". You can specify a different <tt>tld_length</tt>,
       # such as 2 to catch <tt>["www"]</tt> instead of <tt>["www", "rubyonrails"]</tt>
       # in "www.rubyonrails.co.uk".
-      def subdomains(tld_length = 1)
-        return [] unless named_host?(host)
-        parts = host.split('.')
-        parts[0..-(tld_length+2)]
-      end
-
-      def subdomain(tld_length = 1)
-        subdomains(tld_length).join('.')
-      end
-
-      # Returns the request URI, accounting for server idiosyncrasies.
-      # WEBrick includes the full \URL. IIS leaves REQUEST_URI blank.
-      def request_uri
-        ActiveSupport::Deprecation.warn "Using #request_uri is deprecated. Use fullpath instead.", caller
-        fullpath
+      def subdomains(tld_length = @@tld_length)
+        ActionDispatch::Http::URL.extract_subdomains(host, tld_length)
       end
 
-    private
-
-      def named_host?(host)
-        !(host.nil? || /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.match(host))
+      # Returns all the \subdomains as a string, so <tt>"dev.www"</tt> would be
+      # returned for "dev.www.rubyonrails.org". You can specify a different <tt>tld_length</tt>,
+      # such as 2 to catch <tt>["www"]</tt> instead of <tt>"www.rubyonrails"</tt>
+      # in "www.rubyonrails.co.uk".
+      def subdomain(tld_length = @@tld_length)
+        subdomains(tld_length).join(".")
       end
     end
   end
-end
+end

data/lib/action_dispatch/middleware/callbacks.rb

@@ -1,30 +1,14 @@
+require 'active_support/core_ext/module/delegation'
+
 module ActionDispatch
   # Provide callbacks to be executed before and after the request dispatch.
-  #
-  # It also provides a to_prepare callback, which is performed in all requests
-  # in development by only once in production and notification callback for async
-  # operations.
-  #
   class Callbacks
     include ActiveSupport::Callbacks
 
     define_callbacks :call, :rescuable => true
-    define_callbacks :prepare, :scope => :name
 
-    # Add a preparation callback. Preparation callbacks are run before every
-    # request in development mode, and before the first request in production mode.
-    #
-    # If a symbol with a block is given, the symbol is used as an identifier.
-    # That allows to_prepare to be called again with the same identifier to
-    # replace the existing callback. Passing an identifier is a suggested
-    # practice if the code adding a preparation block may be reloaded.
-    def self.to_prepare(*args, &block)
-      if args.first.is_a?(Symbol) && block_given?
-        define_method :"__#{args.first}", &block
-        set_callback(:prepare, :"__#{args.first}")
-      else
-        set_callback(:prepare, *args, &block)
-      end
+    class << self
+      delegate :to_prepare, :to_cleanup, :to => "ActionDispatch::Reloader"
     end
 
     def self.before(*args, &block)
@@ -35,14 +19,13 @@ module ActionDispatch
       set_callback(:call, :after, *args, &block)
     end
 
-    def initialize(app, prepare_each_request = false)
-      @app, @prepare_each_request = app, prepare_each_request
-      _run_prepare_callbacks
+    def initialize(app, unused = nil)
+      ActiveSupport::Deprecation.warn "Passing a second argument to ActionDispatch::Callbacks.new is deprecated." unless unused.nil?
+      @app = app
     end
 
     def call(env)
-      _run_call_callbacks do
-        _run_prepare_callbacks if @prepare_each_request
+      run_callbacks :call do
         @app.call(env)
       end
     end

data/lib/action_dispatch/middleware/closed_error.rb

@@ -0,0 +1,7 @@
+module ActionDispatch
+  class ClosedError < StandardError #:nodoc:
+    def initialize(kind)
+      super "Cannot modify #{kind} because it was closed. This means it was already streamed back to the client or converted to HTTP headers."
+    end
+  end
+end

data/lib/action_dispatch/middleware/cookies.rb

@@ -83,24 +83,21 @@ module ActionDispatch
     # Raised when storing more than 4K of session data.
     class CookieOverflow < StandardError; end
 
-    class CookieJar < Hash #:nodoc:
+    class CookieJar #:nodoc:
 
       # This regular expression is used to split the levels of a domain.
       # The top level domain can be any string without a period or
       # **.**, ***.** style TLDs like co.uk or com.au
       #
       # www.example.co.uk gives:
-      # $1 => example
-      # $2 => co.uk
+      # $& => example.co.uk
       #
       # example.com gives:
-      # $1 => example
-      # $2 => com
+      # $& => example.com
       #
       # lots.of.subdomains.example.local gives:
-      # $1 => example
-      # $2 => local
-      DOMAIN_REGEXP = /([^.]*)\.([^.]*|..\...|...\...)$/
+      # $& => example.local
+      DOMAIN_REGEXP = /[^.]*\.([^.]*|..\...|...\...)$/
 
       def self.build(request)
         secret = request.env[TOKEN_KEY]
@@ -118,27 +115,46 @@ module ActionDispatch
         @delete_cookies = {}
         @host = host
         @secure = secure
-
-        super()
+        @closed = false
+        @cookies = {}
       end
 
+      attr_reader :closed
+      alias :closed? :closed
+      def close!; @closed = true end
+
       # Returns the value of the cookie by +name+, or +nil+ if no such cookie exists.
       def [](name)
-        super(name.to_s)
+        @cookies[name.to_s]
+      end
+
+      def update(other_hash)
+        @cookies.update other_hash
+        self
       end
 
       def handle_options(options) #:nodoc:
         options[:path] ||= "/"
 
         if options[:domain] == :all
-          @host =~ DOMAIN_REGEXP
-          options[:domain] = ".#{$1}.#{$2}"
+          # if there is a provided tld length then we use it otherwise default domain regexp
+          domain_regexp = options[:tld_length] ? /([^.]+\.?){#{options[:tld_length]}}$/ : DOMAIN_REGEXP
+
+          # if host is not ip and matches domain regexp
+          # (ip confirms to domain regexp so we explicitly check for ip)
+          options[:domain] = if (@host !~ /^[\d.]+$/) && (@host =~ domain_regexp)
+            ".#{$&}"
+          end
+        elsif options[:domain].is_a? Array
+          # if host matches one of the supplied domains without a dot in front of it
+          options[:domain] = options[:domain].find {|domain| @host.include? domain[/^\.?(.*)$/, 1] }
         end
       end
 
       # Sets the cookie named +name+. The second argument may be the very cookie
       # value, or a hash of options as documented above.
       def []=(key, options)
+        raise ClosedError, :cookies if closed?
         if options.is_a?(Hash)
           options.symbolize_keys!
           value = options[:value]
@@ -147,7 +163,7 @@ module ActionDispatch
           options = { :value => value }
         end
 
-        value = super(key.to_s, value)
+        value = @cookies[key.to_s] = value
 
         handle_options(options)
 
@@ -164,7 +180,7 @@ module ActionDispatch
 
         handle_options(options)
 
-        value = super(key.to_s)
+        value = @cookies.delete(key.to_s)
         @delete_cookies[key] = options
         value
       end
@@ -219,6 +235,7 @@ module ActionDispatch
       end
 
       def []=(key, options)
+        raise ClosedError, :cookies if closed?
         if options.is_a?(Hash)
           options.symbolize_keys!
         else
@@ -257,6 +274,7 @@ module ActionDispatch
       end
 
       def []=(key, options)
+        raise ClosedError, :cookies if closed?
         if options.is_a?(Hash)
           options.symbolize_keys!
           options[:value] = @verifier.generate(options[:value])
@@ -299,6 +317,7 @@ module ActionDispatch
     end
 
     def call(env)
+      cookie_jar = nil
       status, headers, body = @app.call(env)
 
       if cookie_jar = env['action_dispatch.cookies']
@@ -309,6 +328,9 @@ module ActionDispatch
       end
 
       [status, headers, body]
+    ensure
+      cookie_jar = ActionDispatch::Request.new(env).cookie_jar unless cookie_jar
+      cookie_jar.close!
     end
   end
 end

data/lib/action_dispatch/middleware/flash.rb

@@ -4,7 +4,7 @@ module ActionDispatch
     # read a notice you put there or <tt>flash["notice"] = "hello"</tt>
     # to put a new one.
     def flash
-      @env['action_dispatch.request.flash_hash'] ||= (session["flash"] || Flash::FlashHash.new)
+      @env[Flash::KEY] ||= (session["flash"] || Flash::FlashHash.new)
     end
   end
 
@@ -40,7 +40,11 @@ module ActionDispatch
   #
   # See docs on the FlashHash class for more details about the flash.
   class Flash
+    KEY = 'action_dispatch.request.flash_hash'.freeze
+
     class FlashNow #:nodoc:
+      attr_accessor :flash
+
       def initialize(flash)
         @flash = flash
       end
@@ -66,27 +70,75 @@ module ActionDispatch
       end
     end
 
-    class FlashHash < Hash
+    class FlashHash
+      include Enumerable
+
       def initialize #:nodoc:
+        @used    = Set.new
+        @closed  = false
+        @flashes = {}
+        @now     = nil
+      end
+
+      def initialize_copy(other)
+        if other.now_is_loaded?
+          @now = other.now.dup
+          @now.flash = self
+        end
         super
-        @used = Set.new
       end
 
       def []=(k, v) #:nodoc:
+        raise ClosedError, :flash if closed?
         keep(k)
-        super
+        @flashes[k] = v
+      end
+
+      def [](k)
+        @flashes[k]
       end
 
       def update(h) #:nodoc:
         h.keys.each { |k| keep(k) }
-        super
+        @flashes.update h
+        self
+      end
+
+      def keys
+        @flashes.keys
+      end
+
+      def key?(name)
+        @flashes.key? name
+      end
+
+      def delete(key)
+        @flashes.delete key
+        self
+      end
+
+      def to_hash
+        @flashes.dup
+      end
+
+      def empty?
+        @flashes.empty?
+      end
+
+      def clear
+        @flashes.clear
+      end
+
+      def each(&block)
+        @flashes.each(&block)
       end
 
       alias :merge! :update
 
       def replace(h) #:nodoc:
         @used = Set.new
-        super
+        @flashes.replace h
+        self
       end
 
       # Sets a flash that will not be available to the next action, only to the current.
@@ -100,9 +152,13 @@ module ActionDispatch
       #
       # Entries set via <tt>now</tt> are accessed the same way as standard entries: <tt>flash['my-key']</tt>.
       def now
-        FlashNow.new(self)
+        @now ||= FlashNow.new(self)
       end
 
+      attr_reader :closed
+      alias :closed? :closed
+      def close!; @closed = true; end
+
       # Keeps either the entire current flash or a specific flash entry available for the next action:
       #
       #    flash.keep            # keeps the entire flash
@@ -156,7 +212,12 @@ module ActionDispatch
         self[:notice] = message
       end
 
-      private
+      protected
+
+        def now_is_loaded?
+          !!@now
+        end
+
         # Used internally by the <tt>keep</tt> and <tt>discard</tt> methods
         #     use()               # marks the entire flash as used
         #     use('msg')          # marks the "msg" entry as used
@@ -182,10 +243,18 @@ module ActionDispatch
       @app.call(env)
     ensure
       session    = env['rack.session'] || {}
-      flash_hash = env['action_dispatch.request.flash_hash']
+      flash_hash = env[KEY]
+
+      if flash_hash
+        if !flash_hash.empty? || session.key?('flash')
+          session["flash"] = flash_hash
+          new_hash = flash_hash.dup
+        else
+          new_hash = flash_hash
+        end
 
-      if flash_hash && (!flash_hash.empty? || session.key?('flash'))
-        session["flash"] = flash_hash
+        env[KEY] = new_hash
+        new_hash.close!
       end
 
       if session.key?('flash') && session['flash'].empty?