actionpack 3.2.19 → 4.0.0

data/lib/action_controller.rb

@@ -1,5 +1,8 @@
+require 'active_support/rails'
 require 'abstract_controller'
 require 'action_dispatch'
+require 'action_controller/metal/live'
+require 'action_controller/metal/strong_parameters'
 
 module ActionController
   extend ActiveSupport::Autoload
@@ -31,16 +34,14 @@ module ActionController
     autoload :RequestForgeryProtection
     autoload :Rescue
     autoload :Responder
-    autoload :SessionManagement
     autoload :Streaming
+    autoload :StrongParameters
     autoload :Testing
     autoload :UrlFor
   end
 
   autoload :Integration,        'action_controller/deprecated/integration_test'
   autoload :IntegrationTest,    'action_controller/deprecated/integration_test'
-  autoload :PerformanceTest,    'action_controller/deprecated/performance_test'
-  autoload :UrlWriter,          'action_controller/deprecated'
   autoload :Routing,            'action_controller/deprecated'
   autoload :TestCase,           'action_controller/test_case'
   autoload :TemplateAssertions, 'action_controller/test_case'
@@ -48,18 +49,26 @@ module ActionController
   eager_autoload do
     autoload :RecordIdentifier
   end
+
+  def self.eager_load!
+    super
+    ActionController::Caching.eager_load!
+    HTML.eager_load!
+  end
 end
 
 # All of these simply register additional autoloads
 require 'action_view'
-require 'action_controller/vendor/html-scanner'
+require 'action_view/vendor/html-scanner'
+
+ActiveSupport.on_load(:action_view) do
+  ActionView::RoutingUrlFor.send(:include, ActionDispatch::Routing::UrlFor)
+end
 
 # Common Active Support usage in Action Controller
-require 'active_support/concern'
 require 'active_support/core_ext/class/attribute_accessors'
 require 'active_support/core_ext/load_error'
 require 'active_support/core_ext/module/attr_internal'
-require 'active_support/core_ext/module/delegation'
 require 'active_support/core_ext/name_error'
 require 'active_support/core_ext/uri'
 require 'active_support/inflector'

data/lib/action_dispatch/http/cache.rb

@@ -1,4 +1,3 @@
-require 'active_support/core_ext/object/blank'
 
 module ActionDispatch
   module Http
@@ -18,12 +17,21 @@ module ActionDispatch
           env[HTTP_IF_NONE_MATCH]
         end
 
+        def if_none_match_etags
+          (if_none_match ? if_none_match.split(/\s*,\s*/) : []).collect do |etag|
+            etag.gsub(/^\"|\"$/, "")
+          end
+        end
+
         def not_modified?(modified_at)
           if_modified_since && modified_at && if_modified_since >= modified_at
         end
 
         def etag_matches?(etag)
-          if_none_match && if_none_match == etag
+          if etag
+            etag = etag.gsub(/^\"|\"$/, "")
+            if_none_match_etags.include?(etag)
+          end
         end
 
         # Check response freshness (Last-Modified and ETag) against request
@@ -60,6 +68,20 @@ module ActionDispatch
           headers[LAST_MODIFIED] = utc_time.httpdate
         end
 
+        def date
+          if date_header = headers['Date']
+            Time.httpdate(date_header)
+          end
+        end
+
+        def date?
+          headers.include?('Date')
+        end
+
+        def date=(utc_time)
+          headers['Date'] = utc_time.httpdate
+        end
+
         def etag=(etag)
           key = ActiveSupport::Cache.expand_cache_key(etag)
           @etag = self[ETAG] = %("#{Digest::MD5.hexdigest(key)}")
@@ -70,17 +92,37 @@ module ActionDispatch
         LAST_MODIFIED = "Last-Modified".freeze
         ETAG          = "ETag".freeze
         CACHE_CONTROL = "Cache-Control".freeze
+        SPECIAL_KEYS  = %w[extras no-cache max-age public must-revalidate]
 
-        def prepare_cache_control!
-          @cache_control = {}
-          @etag = self[ETAG]
-
+        def cache_control_segments
           if cache_control = self[CACHE_CONTROL]
-            cache_control.split(/,\s*/).each do |segment|
-              first, last = segment.split("=")
-              @cache_control[first.to_sym] = last || true
+            cache_control.delete(' ').split(',')
+          else
+            []
+          end
+        end
+
+        def cache_control_headers
+          cache_control = {}
+
+          cache_control_segments.each do |segment|
+            directive, argument = segment.split('=', 2)
+
+            if SPECIAL_KEYS.include? directive
+              key = directive.tr('-', '_')
+              cache_control[key.to_sym] = argument || true
+            else
+              cache_control[:extras] ||= []
+              cache_control[:extras] << segment
             end
           end
+
+          cache_control
+        end
+
+        def prepare_cache_control!
+          @cache_control = cache_control_headers
+          @etag = self[ETAG]
         end
 
         def handle_conditional_get!
@@ -96,14 +138,24 @@ module ActionDispatch
         MUST_REVALIDATE       = "must-revalidate".freeze
 
         def set_conditional_cache_control!
-          return if self[CACHE_CONTROL].present?
+          control = {}
+          cc_headers = cache_control_headers
+          if extras = cc_headers.delete(:extras)
+            @cache_control[:extras] ||= []
+            @cache_control[:extras] += extras
+            @cache_control[:extras].uniq!
+          end
 
-          control = @cache_control
+          control.merge! cc_headers
+          control.merge! @cache_control
 
           if control.empty?
             headers[CACHE_CONTROL] = DEFAULT_CACHE_CONTROL
           elsif control[:no_cache]
             headers[CACHE_CONTROL] = NO_CACHE
+            if control[:extras]
+              headers[CACHE_CONTROL] += ", #{control[:extras].join(', ')}"
+            end
           else
             extras  = control[:extras]
             max_age = control[:max_age]

data/lib/action_dispatch/http/filter_parameters.rb

@@ -1,6 +1,6 @@
-require 'active_support/core_ext/object/blank'
 require 'active_support/core_ext/hash/keys'
 require 'active_support/core_ext/object/duplicable'
+require 'action_dispatch/http/parameter_filter'
 
 module ActionDispatch
   module Http
@@ -10,8 +10,6 @@ module ActionDispatch
     # value of the params hash and all subhashes is passed to it, the value
     # or key can be replaced using String#replace or similar method.
     #
-    # Examples:
-    #
     #   env["action_dispatch.parameter_filter"] = [:password]
     #   => replaces the value to all keys matching /password/i with "[FILTERED]"
     #
@@ -22,9 +20,17 @@ module ActionDispatch
     #     v.reverse! if k =~ /secret/i
     #   end
     #   => reverses the value to all keys matching /secret/i
-    #
     module FilterParameters
-      extend ActiveSupport::Concern
+      ENV_MATCH = [/RAW_POST_DATA/, "rack.request.form_vars"] # :nodoc:
+      NULL_PARAM_FILTER = ParameterFilter.new # :nodoc:
+      NULL_ENV_FILTER   = ParameterFilter.new ENV_MATCH # :nodoc:
+
+      def initialize(env)
+        super
+        @filtered_parameters = nil
+        @filtered_env        = nil
+        @filtered_path       = nil
+      end
 
       # Return a hash of parameters with all sensitive data replaced.
       def filtered_parameters
@@ -44,11 +50,16 @@ module ActionDispatch
     protected
 
       def parameter_filter
-        parameter_filter_for(@env["action_dispatch.parameter_filter"])
+        parameter_filter_for @env.fetch("action_dispatch.parameter_filter") {
+          return NULL_PARAM_FILTER
+        }
       end
 
       def env_filter
-        parameter_filter_for(Array.wrap(@env["action_dispatch.parameter_filter"]) << /RAW_POST_DATA/)
+        user_key = @env.fetch("action_dispatch.parameter_filter") {
+          return NULL_ENV_FILTER
+        }
+        parameter_filter_for(Array(user_key) + ENV_MATCH)
       end
 
       def parameter_filter_for(filters)
@@ -62,7 +73,6 @@ module ActionDispatch
           parameter_filter.filter([[$1, $2]]).first.join("=")
         end
       end
-
     end
   end
 end

data/lib/action_dispatch/http/filter_redirect.rb

@@ -0,0 +1,37 @@
+module ActionDispatch
+  module Http
+    module FilterRedirect
+
+      FILTERED = '[FILTERED]'.freeze # :nodoc:
+
+      def filtered_location
+        if !location_filter.empty? && location_filter_match?
+          FILTERED
+        else
+          location
+        end
+      end
+
+    private
+
+      def location_filter
+        if request.present?
+          request.env['action_dispatch.redirect_filter'] || []
+        else
+          []
+        end
+      end
+
+      def location_filter_match?
+        location_filter.any? do |filter|
+          if String === filter
+            location.include?(filter)
+          elsif Regexp === filter
+            location.match(filter)
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/action_dispatch/http/headers.rb

@@ -1,31 +1,63 @@
 module ActionDispatch
   module Http
-    class Headers < ::Hash
-      @@env_cache = Hash.new { |h,k| h[k] = "HTTP_#{k.upcase.gsub(/-/, '_')}" }
+    class Headers
+      CGI_VARIABLES = %w(
+        CONTENT_TYPE CONTENT_LENGTH
+        HTTPS AUTH_TYPE GATEWAY_INTERFACE
+        PATH_INFO PATH_TRANSLATED QUERY_STRING
+        REMOTE_ADDR REMOTE_HOST REMOTE_IDENT REMOTE_USER
+        REQUEST_METHOD SCRIPT_NAME
+        SERVER_NAME SERVER_PORT SERVER_PROTOCOL SERVER_SOFTWARE
+      )
+      HTTP_HEADER = /\A[A-Za-z0-9-]+\z/
 
-      def initialize(*args)
+      include Enumerable
+      attr_reader :env
 
-        if args.size == 1 && args[0].is_a?(Hash)
-          super()
-          update(args[0])
-        else
-          super
-        end
+      def initialize(env = {})
+        @env = env
+      end
+
+      def [](key)
+        @env[env_name(key)]
       end
 
-      def [](header_name)
-        if include?(header_name)
-          super
-        else
-          super(env_name(header_name))
+      def []=(key, value)
+        @env[env_name(key)] = value
+      end
+
+      def key?(key); @env.key? key; end
+      alias :include? :key?
+
+      def fetch(key, *args, &block)
+        @env.fetch env_name(key), *args, &block
+      end
+
+      def each(&block)
+        @env.each(&block)
+      end
+
+      def merge(headers_or_env)
+        headers = Http::Headers.new(env.dup)
+        headers.merge!(headers_or_env)
+        headers
+      end
+
+      def merge!(headers_or_env)
+        headers_or_env.each do |key, value|
+          self[env_name(key)] = value
         end
       end
 
       private
-        # Converts a HTTP header name to an environment variable name.
-        def env_name(header_name)
-          @@env_cache[header_name]
+      def env_name(key)
+        key = key.to_s
+        if key =~ HTTP_HEADER
+          key = key.upcase.tr('-', '_')
+          key = "HTTP_" + key unless CGI_VARIABLES.include?(key)
         end
+        key
+      end
     end
   end
 end

data/lib/action_dispatch/http/mime_negotiation.rb

@@ -1,3 +1,5 @@
+require 'active_support/core_ext/module/attribute_accessors'
+
 module ActionDispatch
   module Http
     module MimeNegotiation
@@ -66,7 +68,7 @@ module ActionDispatch
       # that are not controlled by the extension.
       #
       #   class ApplicationController < ActionController::Base
-      #     before_filter :adjust_format_for_iphone
+      #     before_action :adjust_format_for_iphone
       #
       #     private
       #       def adjust_format_for_iphone
@@ -78,6 +80,27 @@ module ActionDispatch
         @env["action_dispatch.request.formats"] = [Mime::Type.lookup_by_extension(parameters[:format])]
       end
 
+      # Sets the \formats by string extensions. This differs from #format= by allowing you
+      # to set multiple, ordered formats, which is useful when you want to have a fallback.
+      #
+      # In this example, the :iphone format will be used if it's available, otherwise it'll fallback
+      # to the :html format.
+      #
+      #   class ApplicationController < ActionController::Base
+      #     before_action :adjust_format_for_iphone_with_html_fallback
+      #
+      #     private
+      #       def adjust_format_for_iphone_with_html_fallback
+      #         request.formats = [ :iphone, :html ] if request.env["HTTP_USER_AGENT"][/iPhone/]
+      #       end
+      #   end
+      def formats=(extensions)
+        parameters[:format] = extensions.first.to_s
+        @env["action_dispatch.request.formats"] = extensions.collect do |extension|
+          Mime::Type.lookup_by_extension(extension)
+        end
+      end
+
       # Receives an array of mimes and return the first user sent mime that
       # matches the order array.
       #