actionpack 3.1.12 → 3.2.0.rc1

data/lib/action_dispatch/middleware/cookies.rb

@@ -1,4 +1,5 @@
-require "active_support/core_ext/object/blank"
+require 'active_support/core_ext/object/blank'
+require 'active_support/core_ext/hash/keys'
 
 module ActionDispatch
   class Request
@@ -59,7 +60,7 @@ module ActionDispatch
   # The option symbols for setting cookies are:
   #
   # * <tt>:value</tt> - The cookie's value or list of values (as an array).
-  # * <tt>:path</tt> - The path for which this cookie applies.  Defaults to the root
+  # * <tt>:path</tt> - The path for which this cookie applies. Defaults to the root
   #   of the application.
   # * <tt>:domain</tt> - The domain for which this cookie applies so you can
   #   restrict to the domain level. If you use a schema like www.example.com
@@ -120,10 +121,6 @@ module ActionDispatch
         @cookies = {}
       end
 
-      attr_reader :closed
-      alias :closed? :closed
-      def close!; @closed = true end
-
       def each(&block)
         @cookies.each(&block)
       end
@@ -139,7 +136,7 @@ module ActionDispatch
       alias :has_key? :key?
 
       def update(other_hash)
-        @cookies.update other_hash
+        @cookies.update other_hash.stringify_keys
         self
       end
 
@@ -164,7 +161,6 @@ module ActionDispatch
       # Sets the cookie named +name+. The second argument may be the very cookie
       # value, or a hash of options as documented above.
       def []=(key, options)
-        raise ClosedError, :cookies if closed?
         if options.is_a?(Hash)
           options.symbolize_keys!
           value = options[:value]
@@ -173,7 +169,7 @@ module ActionDispatch
           options = { :value => value }
         end
 
-        value = @cookies[key.to_s] = value
+        @cookies[key.to_s] = value
 
         handle_options(options)
 
@@ -195,6 +191,11 @@ module ActionDispatch
         value
       end
 
+      # Removes all cookies on the client machine by calling <tt>delete</tt> for each cookie
+      def clear(options = {})
+        @cookies.each_key{ |k| delete(k, options) }
+      end
+
       # Returns a jar that'll automatically set the assigned cookies to have an expiration date 20 years from now. Example:
       #
       #   cookies.permanent[:prefers_open_id] = true
@@ -232,10 +233,18 @@ module ActionDispatch
         @delete_cookies.each { |k, v| ::Rack::Utils.delete_cookie_header!(headers, k, v) }
       end
 
+      def recycle! #:nodoc:
+        @set_cookies.clear
+        @delete_cookies.clear
+      end
+
+      mattr_accessor :always_write_cookie
+      self.always_write_cookie = false
+
       private
 
         def write_cookie?(cookie)
-          @secure || !cookie[:secure] || defined?(Rails.env) && Rails.env.development?
+          @secure || !cookie[:secure] || always_write_cookie
         end
     end
 
@@ -245,7 +254,6 @@ module ActionDispatch
       end
 
       def []=(key, options)
-        raise ClosedError, :cookies if closed?
         if options.is_a?(Hash)
           options.symbolize_keys!
         else
@@ -284,7 +292,6 @@ module ActionDispatch
       end
 
       def []=(key, options)
-        raise ClosedError, :cookies if closed?
         if options.is_a?(Hash)
           options.symbolize_keys!
           options[:value] = @verifier.generate(options[:value])
@@ -315,7 +322,7 @@ module ActionDispatch
 
         if secret.length < SECRET_MIN_LENGTH
           raise ArgumentError, "Secret should be something secure, " +
-            "like \"#{SecureRandom.hex(16)}\".  The value you " +
+            "like \"#{SecureRandom.hex(16)}\". The value you " +
             "provided, \"#{secret}\", is shorter than the minimum length " +
             "of #{SECRET_MIN_LENGTH} characters"
         end
@@ -338,9 +345,6 @@ module ActionDispatch
       end
 
       [status, headers, body]
-    ensure
-      cookie_jar = ActionDispatch::Request.new(env).cookie_jar unless cookie_jar
-      cookie_jar.close!
     end
   end
 end

data/lib/action_dispatch/middleware/debug_exceptions.rb

@@ -0,0 +1,82 @@
+require 'action_dispatch/http/request'
+require 'action_dispatch/middleware/exception_wrapper'
+
+module ActionDispatch
+  # This middleware is responsible for logging exceptions and
+  # showing a debugging page in case the request is local.
+  class DebugExceptions
+    RESCUES_TEMPLATE_PATH = File.join(File.dirname(__FILE__), 'templates')
+
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      begin
+        response = @app.call(env)
+
+        if response[1]['X-Cascade'] == 'pass'
+          body = response[2]
+          body.close if body.respond_to?(:close)
+          raise ActionController::RoutingError, "No route matches [#{env['REQUEST_METHOD']}] #{env['PATH_INFO'].inspect}"
+        end
+      rescue Exception => exception
+        raise exception if env['action_dispatch.show_exceptions'] == false
+      end
+
+      exception ? render_exception(env, exception) : response
+    end
+
+    private
+
+    def render_exception(env, exception)
+      wrapper = ExceptionWrapper.new(env, exception)
+      log_error(env, wrapper)
+
+      if env['action_dispatch.show_detailed_exceptions']
+        template = ActionView::Base.new([RESCUES_TEMPLATE_PATH],
+          :request => Request.new(env),
+          :exception => wrapper.exception,
+          :application_trace => wrapper.application_trace,
+          :framework_trace => wrapper.framework_trace,
+          :full_trace => wrapper.full_trace
+        )
+
+        file = "rescues/#{wrapper.rescue_template}"
+        body = template.render(:template => file, :layout => 'rescues/layout')
+        render(wrapper.status_code, body)
+      else
+        raise exception
+      end
+    end
+
+    def render(status, body)
+      [status, {'Content-Type' => "text/html; charset=#{Response.default_charset}", 'Content-Length' => body.bytesize.to_s}, [body]]
+    end
+
+    def log_error(env, wrapper)
+      logger = logger(env)
+      return unless logger
+
+      exception = wrapper.exception
+
+      trace = wrapper.application_trace
+      trace = wrapper.framework_trace if trace.empty?
+
+      ActiveSupport::Deprecation.silence do
+        message = "\n#{exception.class} (#{exception.message}):\n"
+        message << exception.annoted_source_code.to_s if exception.respond_to?(:annoted_source_code)
+        message << "  " << trace.join("\n  ")
+        logger.fatal("#{message}\n\n")
+      end
+    end
+
+    def logger(env)
+      env['action_dispatch.logger'] || stderr_logger
+    end
+
+    def stderr_logger
+      @stderr_logger ||= Logger.new($stderr)
+    end
+  end
+end

data/lib/action_dispatch/middleware/exception_wrapper.rb

@@ -0,0 +1,78 @@
+require 'action_controller/metal/exceptions'
+require 'active_support/core_ext/exception'
+
+module ActionDispatch
+  class ExceptionWrapper
+    cattr_accessor :rescue_responses
+    @@rescue_responses = Hash.new(:internal_server_error)
+    @@rescue_responses.merge!(
+      'ActionController::RoutingError'             => :not_found,
+      'AbstractController::ActionNotFound'         => :not_found,
+      'ActionController::MethodNotAllowed'         => :method_not_allowed,
+      'ActionController::NotImplemented'           => :not_implemented,
+      'ActionController::InvalidAuthenticityToken' => :unprocessable_entity
+    )
+
+    cattr_accessor :rescue_templates
+    @@rescue_templates = Hash.new('diagnostics')
+    @@rescue_templates.merge!(
+      'ActionView::MissingTemplate'         => 'missing_template',
+      'ActionController::RoutingError'      => 'routing_error',
+      'AbstractController::ActionNotFound'  => 'unknown_action',
+      'ActionView::Template::Error'         => 'template_error'
+    )
+
+    attr_reader :env, :exception
+
+    def initialize(env, exception)
+      @env = env
+      @exception = original_exception(exception)
+    end
+
+    def rescue_template
+      @@rescue_templates[@exception.class.name]
+    end
+
+    def status_code
+      Rack::Utils.status_code(@@rescue_responses[@exception.class.name])
+    end
+
+    def application_trace
+      clean_backtrace(:silent)
+    end
+
+    def framework_trace
+      clean_backtrace(:noise)
+    end
+
+    def full_trace
+      clean_backtrace(:all)
+    end
+
+    private
+
+    def original_exception(exception)
+      if registered_original_exception?(exception)
+        exception.original_exception
+      else
+        exception
+      end
+    end
+
+    def registered_original_exception?(exception)
+      exception.respond_to?(:original_exception) && @@rescue_responses.has_key?(exception.original_exception.class.name)
+    end
+
+    def clean_backtrace(*args)
+      if backtrace_cleaner
+        backtrace_cleaner.clean(@exception.backtrace, *args)
+      else
+        @exception.backtrace
+      end
+    end
+
+    def backtrace_cleaner
+      @backtrace_cleaner ||= @env['action_dispatch.backtrace_cleaner']
+    end
+  end
+end

data/lib/action_dispatch/middleware/flash.rb

@@ -4,7 +4,7 @@ module ActionDispatch
     # read a notice you put there or <tt>flash["notice"] = "hello"</tt>
     # to put a new one.
     def flash
-      @env[Flash::KEY] ||= (session["flash"] || Flash::FlashHash.new).tap(&:sweep)
+      @env[Flash::KEY] ||= (session["flash"] || Flash::FlashHash.new)
     end
   end
 
@@ -93,7 +93,6 @@ module ActionDispatch
       end
 
       def []=(k, v) #:nodoc:
-        raise ClosedError, :flash if closed?
         keep(k)
         @flashes[k] = v
       end
@@ -159,10 +158,6 @@ module ActionDispatch
         @now ||= FlashNow.new(self)
       end
 
-      attr_reader :closed
-      alias :closed? :closed
-      def close!; @closed = true; end
-
       # Keeps either the entire current flash or a specific flash entry available for the next action:
       #
       #    flash.keep            # keeps the entire flash
@@ -240,6 +235,10 @@ module ActionDispatch
     end
 
     def call(env)
+      if (session = env['rack.session']) && (flash = session['flash'])
+        flash.sweep
+      end
+
       @app.call(env)
     ensure
       session    = env['rack.session'] || {}
@@ -254,11 +253,9 @@ module ActionDispatch
         end
 
         env[KEY] = new_hash
-        new_hash.close!
       end
 
-      if (!session.respond_to?(:loaded?) || session.loaded?) && # (reset_session uses {}, which doesn't implement #loaded?)
-         session.key?('flash') && session['flash'].empty?
+      if session.key?('flash') && session['flash'].empty?
         session.delete('flash')
       end
     end

data/lib/action_dispatch/middleware/params_parser.rb

@@ -38,7 +38,7 @@ module ActionDispatch
         when Proc
           strategy.call(request.raw_post)
         when :xml_simple, :xml_node
-          data = request.deep_munge(Hash.from_xml(request.body.read) || {})
+          data = Hash.from_xml(request.body.read) || {}
           request.body.rewind if request.body.respond_to?(:rewind)
           data.with_indifferent_access
         when :yaml
@@ -47,19 +47,14 @@ module ActionDispatch
           data = ActiveSupport::JSON.decode(request.body)
           request.body.rewind if request.body.respond_to?(:rewind)
           data = {:_json => data} unless data.is_a?(Hash)
-          request.deep_munge(data).with_indifferent_access
+          data.with_indifferent_access
         else
           false
         end
       rescue Exception => e # YAML, XML or Ruby code block errors
-        logger.debug "Error occurred while parsing request parameters.\nContents:\n\n#{request.raw_post}"
+        logger(env).debug "Error occurred while parsing request parameters.\nContents:\n\n#{request.raw_post}"
 
-        raise
-          { "body"           => request.raw_post,
-            "content_type"   => request.content_mime_type,
-            "content_length" => request.content_length,
-            "exception"      => "#{e.message} (#{e.class})",
-            "backtrace"      => e.backtrace }
+        raise e
       end
 
       def content_type_from_legacy_post_data_format_header(env)
@@ -73,8 +68,8 @@ module ActionDispatch
         nil
       end
 
-      def logger
-        defined?(Rails.logger) ? Rails.logger : Logger.new($stderr)
+      def logger(env)
+        env['action_dispatch.logger'] || Logger.new($stderr)
       end
   end
 end

data/lib/action_dispatch/middleware/public_exceptions.rb

@@ -0,0 +1,30 @@
+module ActionDispatch
+  # A simple Rack application that renders exceptions in the given public path.
+  class PublicExceptions
+    attr_accessor :public_path
+
+    def initialize(public_path)
+      @public_path = public_path
+    end
+
+    def call(env)
+      status      = env["PATH_INFO"][1..-1]
+      locale_path = "#{public_path}/#{status}.#{I18n.locale}.html" if I18n.locale
+      path        = "#{public_path}/#{status}.html"
+
+      if locale_path && File.exist?(locale_path)
+        render(status, File.read(locale_path))
+      elsif File.exist?(path)
+        render(status, File.read(path))
+      else
+        [404, { "X-Cascade" => "pass" }, []]
+      end
+    end
+
+    private
+
+    def render(status, body)
+      [status, {'Content-Type' => "text/html; charset=#{Response.default_charset}", 'Content-Length' => body.bytesize.to_s}, [body]]
+    end
+  end
+end

data/lib/action_dispatch/middleware/reloader.rb

@@ -43,34 +43,58 @@ module ActionDispatch
 
     # Execute all prepare callbacks.
     def self.prepare!
-      new(nil).run_callbacks :prepare
+      new(nil).prepare!
     end
 
     # Execute all cleanup callbacks.
     def self.cleanup!
-      new(nil).run_callbacks :cleanup
+      new(nil).cleanup!
     end
 
-    def initialize(app)
+    def initialize(app, condition=nil)
       @app = app
-    end
-
-    module CleanupOnClose
-      def close
-        super if defined?(super)
-      ensure
-        ActionDispatch::Reloader.cleanup!
-      end
+      @condition = condition || lambda { true }
+      @validated = true
     end
 
     def call(env)
-      run_callbacks :prepare
+      @validated = @condition.call
+      prepare!
       response = @app.call(env)
-      response[2].extend(CleanupOnClose)
+      response[2].extend(module_hook)
       response
     rescue Exception
-      run_callbacks :cleanup
+      cleanup!
       raise
     end
+
+    def prepare! #:nodoc:
+      run_callbacks :prepare if validated?
+    end
+
+    def cleanup! #:nodoc:
+      run_callbacks :cleanup if validated?
+    ensure
+      @validated = true
+    end
+
+    private
+
+    def validated? #:nodoc:
+      @validated
+    end
+
+    def module_hook #:nodoc:
+      middleware = self
+      Module.new do
+        define_method :close do
+          begin
+            super() if defined?(super)
+          ensure
+            middleware.cleanup!
+          end
+        end
+      end
+    end
   end
 end