actionpack 4.0.1 → 4.2.11.1

data/lib/action_dispatch/http/response.rb

@@ -1,4 +1,7 @@
-require 'active_support/core_ext/class/attribute_accessors'
+require 'active_support/core_ext/module/attribute_accessors'
+require 'active_support/core_ext/string/filters'
+require 'active_support/deprecation'
+require 'action_dispatch/http/filter_redirect'
 require 'monitor'
 
 module ActionDispatch # :nodoc:
@@ -31,10 +34,17 @@ module ActionDispatch # :nodoc:
   #    end
   #  end
   class Response
-    attr_accessor :request, :header
+    # The request that the response is responding to.
+    attr_accessor :request
+
+    # The HTTP status code.
     attr_reader :status
+
     attr_writer :sending_file
 
+    # Get and set headers for this response.
+    attr_accessor :header
+
     alias_method :headers=, :header=
     alias_method :headers,  :header
 
@@ -49,9 +59,12 @@ module ActionDispatch # :nodoc:
     # If a character set has been defined for this response (see charset=) then
     # the character set information will also be included in the content type
     # information.
-    attr_accessor :charset
     attr_reader   :content_type
 
+    # The charset of the response. HTML wants to know the encoding of the
+    # content you're giving them, so we need to send that along.
+    attr_accessor :charset
+
     CONTENT_TYPE = "Content-Type".freeze
     SET_COOKIE   = "Set-Cookie".freeze
     LOCATION     = "Location".freeze
@@ -80,7 +93,13 @@ module ActionDispatch # :nodoc:
       end
 
       def each(&block)
-        @buf.each(&block)
+        @response.sending!
+        x = @buf.each(&block)
+        @response.sent!
+        x
+      end
+
+      def abort
       end
 
       def close
@@ -93,12 +112,14 @@ module ActionDispatch # :nodoc:
       end
     end
 
+    # The underlying body, as a streamable object.
     attr_reader :stream
 
-    def initialize(status = 200, header = {}, body = [])
+    def initialize(status = 200, header = {}, body = [], options = {})
       super()
 
-      header = merge_default_headers(header, self.class.default_headers)
+      default_headers = options.fetch(:default_headers, self.class.default_headers)
+      header = merge_default_headers(header, default_headers)
 
       self.body, self.header, self.status = body, header, status
 
@@ -106,6 +127,8 @@ module ActionDispatch # :nodoc:
       @blank        = false
       @cv           = new_cond
       @committed    = false
+      @sending      = false
+      @sent         = false
       @content_type = nil
       @charset      = nil
 
@@ -126,22 +149,43 @@ module ActionDispatch # :nodoc:
       end
     end
 
+    def await_sent
+      synchronize { @cv.wait_until { @sent } }
+    end
+
     def commit!
       synchronize do
+        before_committed
         @committed = true
         @cv.broadcast
       end
     end
 
-    def committed?
-      @committed
+    def sending!
+      synchronize do
+        before_sending
+        @sending = true
+        @cv.broadcast
+      end
     end
 
+    def sent!
+      synchronize do
+        @sent = true
+        @cv.broadcast
+      end
+    end
+
+    def sending?;   synchronize { @sending };   end
+    def committed?; synchronize { @committed }; end
+    def sent?;      synchronize { @sent };      end
+
     # Sets the HTTP status code.
     def status=(status)
       @status = Rack::Utils.status_code(status)
     end
 
+    # Sets the HTTP content type.
     def content_type=(content_type)
       @content_type = content_type.to_s
     end
@@ -169,18 +213,6 @@ module ActionDispatch # :nodoc:
     end
     alias_method :status_message, :message
 
-    def respond_to?(method)
-      if method.to_s == 'to_path'
-        stream.respond_to?(:to_path)
-      else
-        super
-      end
-    end
-
-    def to_path
-      stream.to_path
-    end
-
     # Returns the content of the response as a string. This contains the contents
     # of any calls to <tt>render</tt>.
     def body
@@ -218,11 +250,13 @@ module ActionDispatch # :nodoc:
       ::Rack::Utils.delete_cookie_header!(header, key, value)
     end
 
+    # The location header we'll be responding with.
     def location
       headers[LOCATION]
     end
     alias_method :redirect_url, :location
 
+    # Sets the location header we'll be responding with.
     def location=(url)
       headers[LOCATION] = url
     end
@@ -231,11 +265,39 @@ module ActionDispatch # :nodoc:
       stream.close if stream.respond_to?(:close)
     end
 
+    def abort
+      if stream.respond_to?(:abort)
+        stream.abort
+      elsif stream.respond_to?(:close)
+        # `stream.close` should really be reserved for a close from the
+        # other direction, but we must fall back to it for
+        # compatibility.
+        stream.close
+      end
+    end
+
+    # Turns the Response into a Rack-compatible array of the status, headers,
+    # and body. Allows explict splatting:
+    #
+    #   status, headers, body = *response
     def to_a
       rack_response @status, @header.to_hash
     end
     alias prepare! to_a
-    alias to_ary   to_a # For implicit splat on 1.9.2
+
+    # Be super clear that a response object is not an Array. Defining this
+    # would make implicit splatting work, but it also makes adding responses
+    # as arrays work, and "flattening" responses, cascading to the rack body!
+    # Not sensible behavior.
+    def to_ary
+      ActiveSupport::Deprecation.warn(<<-MSG.squish)
+        `ActionDispatch::Response#to_ary` no longer performs implicit conversion
+        to an array. Please use `response.to_a` instead, or a splat like `status,
+        headers, body = *response`.
+      MSG
+
+      to_a
+    end
 
     # Returns the response cookies, converted to a Hash of (name => value) pairs
     #
@@ -256,10 +318,14 @@ module ActionDispatch # :nodoc:
 
   private
 
-    def merge_default_headers(original, default)
-      return original unless default.respond_to?(:merge)
+    def before_committed
+    end
+
+    def before_sending
+    end
 
-      default.merge(original)
+    def merge_default_headers(original, default)
+      default.respond_to?(:merge) ? default.merge(original) : original
     end
 
     def build_buffer(response, body)
@@ -286,6 +352,42 @@ module ActionDispatch # :nodoc:
       !@sending_file && @charset != false
     end
 
+    class RackBody
+      def initialize(response)
+        @response = response
+      end
+
+      def each(*args, &block)
+        @response.each(*args, &block)
+      end
+
+      def close
+        # Rack "close" maps to Response#abort, and *not* Response#close
+        # (which is used when the controller's finished writing)
+        @response.abort
+      end
+
+      def body
+        @response.body
+      end
+
+      def respond_to?(method, include_private = false)
+        if method.to_s == 'to_path'
+          @response.stream.respond_to?(method)
+        else
+          super
+        end
+      end
+
+      def to_path
+        @response.stream.to_path
+      end
+
+      def to_ary
+        nil
+      end
+    end
+
     def rack_response(status, header)
       assign_default_content_type_and_charset!(header)
       handle_conditional_get!
@@ -296,7 +398,7 @@ module ActionDispatch # :nodoc:
         header.delete CONTENT_TYPE
         [status, header, []]
       else
-        [status, header, self]
+        [status, header, RackBody.new(self)]
       end
     end
   end

data/lib/action_dispatch/http/upload.rb

@@ -18,6 +18,7 @@ module ActionDispatch
       # A +Tempfile+ object with the actual uploaded file. Note that some of
       # its interface is available directly.
       attr_accessor :tempfile
+      alias :to_io :tempfile
 
       # A string with the headers of the multipart request.
       attr_accessor :headers
@@ -26,7 +27,14 @@ module ActionDispatch
         @tempfile          = hash[:tempfile]
         raise(ArgumentError, ':tempfile is required') unless @tempfile
 
-        @original_filename = encode_filename(hash[:filename])
+        @original_filename = hash[:filename]
+        if @original_filename
+          begin
+            @original_filename.encode!(Encoding::UTF_8)
+          rescue EncodingError
+            @original_filename.force_encoding(Encoding::UTF_8)
+          end
+        end
         @content_type      = hash[:type]
         @headers           = hash[:head]
       end
@@ -65,26 +73,6 @@ module ActionDispatch
       def eof?
         @tempfile.eof?
       end
-
-      private
-
-      def encode_filename(filename)
-        # Encode the filename in the utf8 encoding, unless it is nil
-        filename.force_encoding(Encoding::UTF_8).encode! if filename
-      end
-    end
-
-    module Upload # :nodoc:
-      # Replace file upload hash with UploadedFile objects
-      # when normalize and encode parameters.
-      def normalize_encode_params(value)
-        if Hash === value && value.has_key?(:tempfile)
-          UploadedFile.new(value)
-        else
-          super
-        end
-      end
-      private :normalize_encode_params
     end
   end
 end

data/lib/action_dispatch/http/url.rb

@@ -5,99 +5,123 @@ module ActionDispatch
   module Http
     module URL
       IP_HOST_REGEXP  = /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/
-      HOST_REGEXP     = /(^.*:\/\/)?([^:]+)(?::(\d+$))?/
+      HOST_REGEXP     = /(^[^:]+:\/\/)?(\[[^\]]+\]|[^:]+)(?::(\d+$))?/
       PROTOCOL_REGEXP = /^([^:]+)(:)?(\/\/)?$/
 
       mattr_accessor :tld_length
       self.tld_length = 1
 
       class << self
-        def extract_domain(host, tld_length = @@tld_length)
-          host.split('.').last(1 + tld_length).join('.') if named_host?(host)
+        def extract_domain(host, tld_length)
+          extract_domain_from(host, tld_length) if named_host?(host)
         end
 
-        def extract_subdomains(host, tld_length = @@tld_length)
+        def extract_subdomains(host, tld_length)
           if named_host?(host)
-            parts = host.split('.')
-            parts[0..-(tld_length + 2)]
+            extract_subdomains_from(host, tld_length)
           else
             []
           end
         end
 
-        def extract_subdomain(host, tld_length = @@tld_length)
+        def extract_subdomain(host, tld_length)
           extract_subdomains(host, tld_length).join('.')
         end
 
-        def url_for(options = {})
-          options = options.dup
-          path  = options.delete(:script_name).to_s.chomp("/")
-          path << options.delete(:path).to_s
-
-          params = options[:params].is_a?(Hash) ? options[:params] : options.slice(:params)
-          params.reject! { |_,v| v.to_param.nil? }
-
-          result = build_host_url(options)
-          if options[:trailing_slash]
-            if path.include?('?')
-              result << path.sub(/\?/, '/\&')
-            else
-              result << path.sub(/[^\/]\z|\A\z/, '\&/')
-            end
+        def url_for(options)
+          if options[:only_path]
+            path_for options
           else
-            result << path
+            full_url_for options
           end
-          result << "?#{params.to_query}" unless params.empty?
-          result << "##{Journey::Router::Utils.escape_fragment(options[:anchor].to_param.to_s)}" if options[:anchor]
-          result
         end
 
-        private
+        def full_url_for(options)
+          host     = options[:host]
+          protocol = options[:protocol]
+          port     = options[:port]
 
-        def build_host_url(options)
-          if options[:host].blank? && options[:only_path].blank?
+          unless host
             raise ArgumentError, 'Missing host to link to! Please provide the :host parameter, set default_url_options[:host], or set :only_path to true'
           end
 
-          result = ""
+          build_host_url(host, port, protocol, options, path_for(options))
+        end
+
+        def path_for(options)
+          path  = options[:script_name].to_s.chomp("/")
+          path << options[:path] if options.key?(:path)
+
+          add_trailing_slash(path) if options[:trailing_slash]
+          add_params(path, options[:params]) if options.key?(:params)
+          add_anchor(path, options[:anchor]) if options.key?(:anchor)
 
-          unless options[:only_path]
-            if match = options[:host].match(HOST_REGEXP)
-              options[:protocol] ||= match[1] unless options[:protocol] == false
-              options[:host]       = match[2]
-              options[:port]       = match[3] unless options.key?(:port)
-            end
+          path
+        end
 
-            options[:protocol] = normalize_protocol(options)
-            options[:host]     = normalize_host(options)
-            options[:port]     = normalize_port(options)
+        private
 
-            result << options[:protocol]
-            result << rewrite_authentication(options)
-            result << options[:host]
-            result << ":#{options[:port]}" if options[:port]
+        def add_params(path, params)
+          params = { params: params } unless params.is_a?(Hash)
+          params.reject! { |_,v| v.to_param.nil? }
+          path << "?#{params.to_query}" unless params.empty?
+        end
+
+        def add_anchor(path, anchor)
+          if anchor
+            path << "##{Journey::Router::Utils.escape_fragment(anchor.to_param)}"
           end
-          result
         end
 
-        def named_host?(host)
-          host && IP_HOST_REGEXP !~ host
+        def extract_domain_from(host, tld_length)
+          host.split('.').last(1 + tld_length).join('.')
         end
 
-        def same_host?(options)
-          (options[:subdomain] == true || !options.key?(:subdomain)) && options[:domain].nil?
+        def extract_subdomains_from(host, tld_length)
+          parts = host.split('.')
+          parts[0..-(tld_length + 2)]
         end
 
-        def rewrite_authentication(options)
+        def add_trailing_slash(path)
+          # includes querysting
+          if path.include?('?')
+            path.sub!(/\?/, '/\&')
+          # does not have a .format
+          elsif !path.include?(".")
+            path.sub!(/[^\/]\z|\A\z/, '\&/')
+          end
+        end
+
+        def build_host_url(host, port, protocol, options, path)
+          if match = host.match(HOST_REGEXP)
+            protocol ||= match[1] unless protocol == false
+            host       = match[2]
+            port       = match[3] unless options.key? :port
+          end
+
+          protocol = normalize_protocol protocol
+          host     = normalize_host(host, options)
+
+          result = protocol.dup
+
           if options[:user] && options[:password]
-            "#{Rack::Utils.escape(options[:user])}:#{Rack::Utils.escape(options[:password])}@"
-          else
-            ""
+            result << "#{Rack::Utils.escape(options[:user])}:#{Rack::Utils.escape(options[:password])}@"
           end
+
+          result << host
+          normalize_port(port, protocol) { |normalized_port|
+            result << ":#{normalized_port}"
+          }
+
+          result.concat path
+        end
+
+        def named_host?(host)
+          IP_HOST_REGEXP !~ host
         end
 
-        def normalize_protocol(options)
-          case options[:protocol]
+        def normalize_protocol(protocol)
+          case protocol
           when nil
             "http://"
           when false, "//"
@@ -105,36 +129,39 @@ module ActionDispatch
           when PROTOCOL_REGEXP
             "#{$1}://"
           else
-            raise ArgumentError, "Invalid :protocol option: #{options[:protocol].inspect}"
+            raise ArgumentError, "Invalid :protocol option: #{protocol.inspect}"
           end
         end
 
-        def normalize_host(options)
-          return options[:host] if !named_host?(options[:host]) || same_host?(options)
+        def normalize_host(_host, options)
+          return _host unless named_host?(_host)
 
           tld_length = options[:tld_length] || @@tld_length
+          subdomain  = options.fetch :subdomain, true
+          domain     = options[:domain]
 
           host = ""
-          if options[:subdomain] == true || !options.key?(:subdomain)
-            host << extract_subdomain(options[:host], tld_length).to_param
-          elsif options[:subdomain].present?
-            host << options[:subdomain].to_param
+          if subdomain == true
+            return _host if domain.nil?
+
+            host << extract_subdomains_from(_host, tld_length).join('.')
+          elsif subdomain
+            host << subdomain.to_param
           end
           host << "." unless host.empty?
-          host << (options[:domain] || extract_domain(options[:host], tld_length))
+          host << (domain || extract_domain_from(_host, tld_length))
           host
         end
 
-        def normalize_port(options)
-          return nil if options[:port].nil? || options[:port] == false
+        def normalize_port(port, protocol)
+          return unless port
 
-          case options[:protocol]
-          when "//"
-            nil
+          case protocol
+          when "//" then yield port
           when "https://"
-            options[:port].to_i == 443 ? nil : options[:port]
+            yield port unless port.to_i == 443
           else
-            options[:port].to_i == 80 ? nil : options[:port]
+            yield port unless port.to_i == 80
           end
         end
       end
@@ -157,7 +184,7 @@ module ActionDispatch
 
       # Returns the \host for this request, such as "example.com".
       def raw_host_with_port
-        if forwarded = env["HTTP_X_FORWARDED_HOST"]
+        if forwarded = env["HTTP_X_FORWARDED_HOST"].presence
           forwarded.split(/,\s?/).last
         else
           env['HTTP_HOST'] || "#{env['SERVER_NAME'] || env['SERVER_ADDR']}:#{env['SERVER_PORT']}"

data/lib/action_dispatch/journey/formatter.rb

@@ -1,9 +1,10 @@
 require 'action_controller/metal/exceptions'
+require 'active_support/deprecation'
 
 module ActionDispatch
   module Journey
     # The Formatter class is used for formatting URLs. For example, parameters
-    # passed to +url_for+ in rails will eventually call Formatter#generate.
+    # passed to +url_for+ in Rails will eventually call Formatter#generate.
     class Formatter # :nodoc:
       attr_reader :routes
 
@@ -12,12 +13,12 @@ module ActionDispatch
         @cache  = nil
       end
 
-      def generate(type, name, options, recall = {}, parameterize = nil)
-        constraints = recall.merge(options)
+      def generate(name, options, path_parameters, parameterize = nil)
+        constraints = path_parameters.merge(options)
         missing_keys = []
 
         match_route(name, constraints) do |route|
-          parameterized_parts = extract_parameterized_parts(route, options, recall, parameterize)
+          parameterized_parts = extract_parameterized_parts(route, options, path_parameters, parameterize)
 
           # Skip this route unless a name has been provided or it is a
           # standard Rails route since we can't determine whether an options
@@ -30,11 +31,17 @@ module ActionDispatch
             parameterized_parts.key?(key) || route.defaults.key?(key)
           end
 
+          defaults       = route.defaults
+          required_parts = route.required_parts
+          parameterized_parts.delete_if do |key, value|
+            value.to_s == defaults[key].to_s && !required_parts.include?(key)
+          end
+
           return [route.format(parameterized_parts), params]
         end
 
-        message = "No route matches #{constraints.inspect}"
-        message << " missing required keys: #{missing_keys.inspect}" if name
+        message = "No route matches #{Hash[constraints.sort_by{|k,v| k.to_s}].inspect}"
+        message << " missing required keys: #{missing_keys.sort.inspect}" unless missing_keys.empty?
 
         raise ActionController::UrlGenerationError, message
       end
@@ -74,14 +81,28 @@ module ActionDispatch
           if named_routes.key?(name)
             yield named_routes[name]
           else
-            routes = non_recursive(cache, options.to_a)
+            # Make sure we don't show the deprecation warning more than once
+            warned = false
+
+            routes = non_recursive(cache, options)
 
             hash = routes.group_by { |_, r| r.score(options) }
 
             hash.keys.sort.reverse_each do |score|
-              next if score < 0
+              break if score < 0
 
               hash[score].sort_by { |i, _| i }.each do |_, route|
+                if name && !warned
+                  ActiveSupport::Deprecation.warn <<-MSG.squish
+                    You are trying to generate the URL for a named route called
+                    #{name.inspect} but no such route was found. In the future,
+                    this will result in an `ActionController::UrlGenerationError`
+                    exception.
+                  MSG
+
+                  warned = true
+                end
+
                 yield route
               end
             end
@@ -90,14 +111,14 @@ module ActionDispatch
 
         def non_recursive(cache, options)
           routes = []
-          stack  = [cache]
+          queue  = [cache]
 
-          while stack.any?
-            c = stack.shift
+          while queue.any?
+            c = queue.shift
             routes.concat(c[:___routes]) if c.key?(:___routes)
 
             options.each do |pair|
-              stack << c[pair] if c.key?(pair)
+              queue << c[pair] if c.key?(pair)
             end
           end
 
@@ -121,14 +142,9 @@ module ActionDispatch
         def possibles(cache, options, depth = 0)
           cache.fetch(:___routes) { [] } + options.find_all { |pair|
             cache.key?(pair)
-          }.map { |pair|
+          }.flat_map { |pair|
             possibles(cache[pair], options, depth + 1)
-          }.flatten(1)
-        end
-
-        # Returns +true+ if no missing keys are present, otherwise +false+.
-        def verify_required_parts!(route, parts)
-          missing_keys(route, parts).empty?
+          }
         end
 
         def build_cache