RubyGems - actionpack - Versions diffs - 4.2.10 → 5.2.4.6 - Mend

actionpack 4.2.10 → 5.2.4.6

Potentially problematic release.

This version of actionpack might be problematic. Click here for more details.

Files changed (166) hide show

checksums.yaml +5 -5
data/CHANGELOG.md +300 -466
data/MIT-LICENSE +1 -1
data/README.rdoc +6 -7
data/lib/abstract_controller/asset_paths.rb +2 -0
data/lib/abstract_controller/base.rb +45 -49
data/lib/{action_controller → abstract_controller}/caching/fragments.rb +78 -15
data/lib/abstract_controller/caching.rb +66 -0
data/lib/abstract_controller/callbacks.rb +47 -31
data/lib/abstract_controller/collector.rb +8 -11
data/lib/abstract_controller/error.rb +6 -0
data/lib/abstract_controller/helpers.rb +25 -25
data/lib/abstract_controller/logger.rb +2 -0
data/lib/abstract_controller/railties/routes_helpers.rb +4 -2
data/lib/abstract_controller/rendering.rb +42 -41
data/lib/abstract_controller/translation.rb +10 -7
data/lib/abstract_controller/url_for.rb +2 -0
data/lib/abstract_controller.rb +12 -5
data/lib/action_controller/api/api_rendering.rb +16 -0
data/lib/action_controller/api.rb +149 -0
data/lib/action_controller/base.rb +27 -19
data/lib/action_controller/caching.rb +14 -57
data/lib/action_controller/form_builder.rb +50 -0
data/lib/action_controller/log_subscriber.rb +10 -15
data/lib/action_controller/metal/basic_implicit_render.rb +13 -0
data/lib/action_controller/metal/conditional_get.rb +118 -44
data/lib/action_controller/metal/content_security_policy.rb +52 -0
data/lib/action_controller/metal/cookies.rb +3 -3
data/lib/action_controller/metal/data_streaming.rb +27 -46
data/lib/action_controller/metal/etag_with_flash.rb +18 -0
data/lib/action_controller/metal/etag_with_template_digest.rb +20 -13
data/lib/action_controller/metal/exceptions.rb +8 -14
data/lib/action_controller/metal/flash.rb +4 -3
data/lib/action_controller/metal/force_ssl.rb +23 -21
data/lib/action_controller/metal/head.rb +21 -19
data/lib/action_controller/metal/helpers.rb +24 -14
data/lib/action_controller/metal/http_authentication.rb +65 -58
data/lib/action_controller/metal/implicit_render.rb +62 -8
data/lib/action_controller/metal/instrumentation.rb +19 -21
data/lib/action_controller/metal/live.rb +90 -106
data/lib/action_controller/metal/mime_responds.rb +33 -46
data/lib/action_controller/metal/parameter_encoding.rb +51 -0
data/lib/action_controller/metal/params_wrapper.rb +61 -53
data/lib/action_controller/metal/redirecting.rb +49 -28
data/lib/action_controller/metal/renderers.rb +87 -44
data/lib/action_controller/metal/rendering.rb +72 -50
data/lib/action_controller/metal/request_forgery_protection.rb +229 -93
data/lib/action_controller/metal/rescue.rb +9 -16
data/lib/action_controller/metal/streaming.rb +12 -10
data/lib/action_controller/metal/strong_parameters.rb +583 -164
data/lib/action_controller/metal/testing.rb +2 -17
data/lib/action_controller/metal/url_for.rb +19 -10
data/lib/action_controller/metal.rb +98 -83
data/lib/action_controller/railtie.rb +28 -10
data/lib/action_controller/railties/helpers.rb +2 -0
data/lib/action_controller/renderer.rb +117 -0
data/lib/action_controller/template_assertions.rb +11 -0
data/lib/action_controller/test_case.rb +280 -411
data/lib/action_controller.rb +29 -21
data/lib/action_dispatch/http/cache.rb +93 -47
data/lib/action_dispatch/http/content_security_policy.rb +272 -0
data/lib/action_dispatch/http/filter_parameters.rb +26 -20
data/lib/action_dispatch/http/filter_redirect.rb +10 -11
data/lib/action_dispatch/http/headers.rb +55 -22
data/lib/action_dispatch/http/mime_negotiation.rb +60 -41
data/lib/action_dispatch/http/mime_type.rb +134 -121
data/lib/action_dispatch/http/mime_types.rb +20 -6
data/lib/action_dispatch/http/parameter_filter.rb +25 -11
data/lib/action_dispatch/http/parameters.rb +98 -39
data/lib/action_dispatch/http/rack_cache.rb +2 -0
data/lib/action_dispatch/http/request.rb +200 -118
data/lib/action_dispatch/http/response.rb +225 -110
data/lib/action_dispatch/http/upload.rb +12 -6
data/lib/action_dispatch/http/url.rb +110 -28
data/lib/action_dispatch/journey/formatter.rb +55 -32
data/lib/action_dispatch/journey/gtg/builder.rb +7 -5
data/lib/action_dispatch/journey/gtg/simulator.rb +3 -9
data/lib/action_dispatch/journey/gtg/transition_table.rb +17 -16
data/lib/action_dispatch/journey/nfa/builder.rb +5 -3
data/lib/action_dispatch/journey/nfa/dot.rb +13 -13
data/lib/action_dispatch/journey/nfa/simulator.rb +3 -1
data/lib/action_dispatch/journey/nfa/transition_table.rb +5 -48
data/lib/action_dispatch/journey/nodes/node.rb +18 -6
data/lib/action_dispatch/journey/parser.rb +23 -22
data/lib/action_dispatch/journey/parser.y +3 -2
data/lib/action_dispatch/journey/parser_extras.rb +12 -4
data/lib/action_dispatch/journey/path/pattern.rb +50 -44
data/lib/action_dispatch/journey/route.rb +106 -28
data/lib/action_dispatch/journey/router/utils.rb +20 -11
data/lib/action_dispatch/journey/router.rb +35 -23
data/lib/action_dispatch/journey/routes.rb +18 -16
data/lib/action_dispatch/journey/scanner.rb +18 -15
data/lib/action_dispatch/journey/visitors.rb +99 -52
data/lib/action_dispatch/journey.rb +7 -5
data/lib/action_dispatch/middleware/callbacks.rb +1 -2
data/lib/action_dispatch/middleware/cookies.rb +304 -193
data/lib/action_dispatch/middleware/debug_exceptions.rb +152 -57
data/lib/action_dispatch/middleware/debug_locks.rb +124 -0
data/lib/action_dispatch/middleware/exception_wrapper.rb +68 -69
data/lib/action_dispatch/middleware/executor.rb +21 -0
data/lib/action_dispatch/middleware/flash.rb +78 -54
data/lib/action_dispatch/middleware/public_exceptions.rb +27 -25
data/lib/action_dispatch/middleware/reloader.rb +5 -91
data/lib/action_dispatch/middleware/remote_ip.rb +41 -31
data/lib/action_dispatch/middleware/request_id.rb +17 -9
data/lib/action_dispatch/middleware/session/abstract_store.rb +41 -25
data/lib/action_dispatch/middleware/session/cache_store.rb +24 -14
data/lib/action_dispatch/middleware/session/cookie_store.rb +72 -67
data/lib/action_dispatch/middleware/session/mem_cache_store.rb +8 -2
data/lib/action_dispatch/middleware/show_exceptions.rb +26 -22
data/lib/action_dispatch/middleware/ssl.rb +114 -36
data/lib/action_dispatch/middleware/stack.rb +31 -44
data/lib/action_dispatch/middleware/static.rb +57 -50
data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +2 -14
data/lib/action_dispatch/middleware/templates/rescues/{_source.erb → _source.html.erb} +0 -0
data/lib/action_dispatch/middleware/templates/rescues/_source.text.erb +8 -0
data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +21 -0
data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +13 -0
data/lib/action_dispatch/middleware/templates/rescues/layout.erb +1 -0
data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +1 -1
data/lib/action_dispatch/middleware/templates/rescues/template_error.text.erb +1 -1
data/lib/action_dispatch/middleware/templates/routes/_route.html.erb +4 -4
data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +64 -64
data/lib/action_dispatch/railtie.rb +19 -11
data/lib/action_dispatch/request/session.rb +106 -59
data/lib/action_dispatch/request/utils.rb +67 -24
data/lib/action_dispatch/routing/endpoint.rb +9 -2
data/lib/action_dispatch/routing/inspector.rb +58 -67
data/lib/action_dispatch/routing/mapper.rb +733 -447
data/lib/action_dispatch/routing/polymorphic_routes.rb +166 -140
data/lib/action_dispatch/routing/redirection.rb +36 -26
data/lib/action_dispatch/routing/route_set.rb +321 -291
data/lib/action_dispatch/routing/routes_proxy.rb +32 -5
data/lib/action_dispatch/routing/url_for.rb +65 -25
data/lib/action_dispatch/routing.rb +17 -18
data/lib/action_dispatch/system_test_case.rb +147 -0
data/lib/action_dispatch/system_testing/browser.rb +49 -0
data/lib/action_dispatch/system_testing/driver.rb +59 -0
data/lib/action_dispatch/system_testing/server.rb +31 -0
data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +96 -0
data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +31 -0
data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb +26 -0
data/lib/action_dispatch/testing/assertion_response.rb +47 -0
data/lib/action_dispatch/testing/assertions/response.rb +45 -20
data/lib/action_dispatch/testing/assertions/routing.rb +30 -26
data/lib/action_dispatch/testing/assertions.rb +6 -4
data/lib/action_dispatch/testing/integration.rb +347 -209
data/lib/action_dispatch/testing/request_encoder.rb +55 -0
data/lib/action_dispatch/testing/test_process.rb +28 -22
data/lib/action_dispatch/testing/test_request.rb +27 -34
data/lib/action_dispatch/testing/test_response.rb +35 -7
data/lib/action_dispatch.rb +27 -19
data/lib/action_pack/gem_version.rb +5 -3
data/lib/action_pack/version.rb +3 -1
data/lib/action_pack.rb +4 -2
metadata +59 -42
data/lib/action_controller/metal/hide_actions.rb +0 -40
data/lib/action_controller/metal/rack_delegation.rb +0 -32
data/lib/action_controller/middleware.rb +0 -39
data/lib/action_controller/model_naming.rb +0 -12
data/lib/action_dispatch/journey/backwards.rb +0 -5
data/lib/action_dispatch/journey/router/strexp.rb +0 -27
data/lib/action_dispatch/middleware/params_parser.rb +0 -60
data/lib/action_dispatch/testing/assertions/dom.rb +0 -3
data/lib/action_dispatch/testing/assertions/selector.rb +0 -3
data/lib/action_dispatch/testing/assertions/tag.rb +0 -3

data/lib/action_controller/metal/rescue.rb CHANGED Viewed

@@ -1,25 +1,18 @@
+# frozen_string_literal: true
 module ActionController #:nodoc:
-  # This module is responsible to provide `rescue_from` helpers
-  # to controllers and configure when detailed exceptions must be
+  # This module is responsible for providing +rescue_from+ helpers
+  # to controllers and configuring when detailed exceptions must be
   # shown.
   module Rescue
     extend ActiveSupport::Concern
     include ActiveSupport::Rescuable
-    def rescue_with_handler(exception)
-      if (exception.respond_to?(:original_exception) &&
-          (orig_exception = exception.original_exception) &&
-          handler_for_rescue(orig_exception))
-        exception = orig_exception
-      end
-      super(exception)
-    end
     # Override this method if you want to customize when detailed
     # exceptions must be shown. This method is only called when
-    # consider_all_requests_local is false. By default, it returns
-    # false, but someone may set it to `request.local?` so local
-    # requests in production still shows the detailed exception pages.
+    # +consider_all_requests_local+ is +false+. By default, it returns
+    # +false+, but someone may set it to <tt>request.local?</tt> so local
+    # requests in production still show the detailed exception pages.
     def show_detailed_exceptions?
       false
     end
@@ -28,8 +21,8 @@ module ActionController #:nodoc:
       def process_action(*args)
         super
       rescue Exception => exception
-        request.env['action_dispatch.show_detailed_exceptions'] ||= show_detailed_exceptions?
-        rescue_with_handler(exception) || raise(exception)
+        request.env["action_dispatch.show_detailed_exceptions"] ||= show_detailed_exceptions?
+        rescue_with_handler(exception) || raise
       end
   end
 end

data/lib/action_controller/metal/streaming.rb CHANGED Viewed

@@ -1,9 +1,11 @@
-require 'rack/chunked'
+# frozen_string_literal: true
+require "rack/chunked"
 module ActionController #:nodoc:
   # Allows views to be streamed back to the client as they are rendered.
   #
-  # The default way Rails renders views is by first rendering the template
+  # By default, Rails renders views by first rendering the template
   # and then the layout. The response is sent to the client after the whole
   # template is rendered, all queries are made, and the layout is processed.
   #
@@ -110,9 +112,9 @@ module ActionController #:nodoc:
   # This means that, if you have <code>yield :title</code> in your layout
   # and you want to use streaming, you would have to render the whole template
   # (and eventually trigger all queries) before streaming the title and all
-  # assets, which kills the purpose of streaming. For this reason Rails 3.1
-  # introduces a new helper called +provide+ that does the same as +content_for+
-  # but tells the layout to stop searching for other entries and continue rendering.
+  # assets, which kills the purpose of streaming. For this purpose, you can use
+  # a helper called +provide+ that does the same as +content_for+ but tells the
+  # layout to stop searching for other entries and continue rendering.
   #
   # For instance, the template above using +provide+ would be:
   #
@@ -181,7 +183,7 @@ module ActionController #:nodoc:
   #   unicorn_rails --config-file unicorn.config.rb
   #
   # You may also want to configure other parameters like <tt>:tcp_nodelay</tt>.
-  # Please check its documentation for more information: http://unicorn.bogomips.org/Unicorn/Configurator.html#method-i-listen
+  # Please check its documentation for more information: https://bogomips.org/unicorn/Unicorn/Configurator.html#method-i-listen
   #
   # If you are using Unicorn with NGINX, you may need to tweak NGINX.
   # Streaming should work out of the box on Rainbows.
@@ -193,13 +195,13 @@ module ActionController #:nodoc:
   module Streaming
     extend ActiveSupport::Concern
-    protected
+    private
       # Set proper cache control and transfer encoding when streaming
-      def _process_options(options) #:nodoc:
+      def _process_options(options)
         super
         if options[:stream]
-          if env["HTTP_VERSION"] == "HTTP/1.0"
+          if request.version == "HTTP/1.0"
             options.delete(:stream)
           else
             headers["Cache-Control"] ||= "no-cache"
@@ -210,7 +212,7 @@ module ActionController #:nodoc:
       end
       # Call render_body if we are streaming instead of usual +render+.
-      def _render_template(options) #:nodoc:
+      def _render_template(options)
         if options.delete(:stream)
           Rack::Chunked::Body.new view_renderer.render_body(view_context, options)
         else