actionpack 4.2.11.1 → 5.2.6
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionpack might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +328 -458
- data/MIT-LICENSE +1 -1
- data/README.rdoc +6 -7
- data/lib/abstract_controller/asset_paths.rb +2 -0
- data/lib/abstract_controller/base.rb +45 -49
- data/lib/{action_controller → abstract_controller}/caching/fragments.rb +78 -15
- data/lib/abstract_controller/caching.rb +66 -0
- data/lib/abstract_controller/callbacks.rb +47 -31
- data/lib/abstract_controller/collector.rb +8 -11
- data/lib/abstract_controller/error.rb +6 -0
- data/lib/abstract_controller/helpers.rb +25 -25
- data/lib/abstract_controller/logger.rb +2 -0
- data/lib/abstract_controller/railties/routes_helpers.rb +4 -2
- data/lib/abstract_controller/rendering.rb +42 -41
- data/lib/abstract_controller/translation.rb +10 -7
- data/lib/abstract_controller/url_for.rb +2 -0
- data/lib/abstract_controller.rb +12 -5
- data/lib/action_controller/api/api_rendering.rb +16 -0
- data/lib/action_controller/api.rb +149 -0
- data/lib/action_controller/base.rb +27 -19
- data/lib/action_controller/caching.rb +14 -57
- data/lib/action_controller/form_builder.rb +50 -0
- data/lib/action_controller/log_subscriber.rb +10 -15
- data/lib/action_controller/metal/basic_implicit_render.rb +13 -0
- data/lib/action_controller/metal/conditional_get.rb +118 -44
- data/lib/action_controller/metal/content_security_policy.rb +52 -0
- data/lib/action_controller/metal/cookies.rb +3 -3
- data/lib/action_controller/metal/data_streaming.rb +27 -46
- data/lib/action_controller/metal/etag_with_flash.rb +18 -0
- data/lib/action_controller/metal/etag_with_template_digest.rb +20 -13
- data/lib/action_controller/metal/exceptions.rb +8 -14
- data/lib/action_controller/metal/flash.rb +4 -3
- data/lib/action_controller/metal/force_ssl.rb +23 -21
- data/lib/action_controller/metal/head.rb +21 -19
- data/lib/action_controller/metal/helpers.rb +24 -14
- data/lib/action_controller/metal/http_authentication.rb +65 -58
- data/lib/action_controller/metal/implicit_render.rb +62 -8
- data/lib/action_controller/metal/instrumentation.rb +19 -21
- data/lib/action_controller/metal/live.rb +90 -106
- data/lib/action_controller/metal/mime_responds.rb +33 -46
- data/lib/action_controller/metal/parameter_encoding.rb +51 -0
- data/lib/action_controller/metal/params_wrapper.rb +61 -53
- data/lib/action_controller/metal/redirecting.rb +49 -28
- data/lib/action_controller/metal/renderers.rb +87 -44
- data/lib/action_controller/metal/rendering.rb +72 -50
- data/lib/action_controller/metal/request_forgery_protection.rb +284 -97
- data/lib/action_controller/metal/rescue.rb +9 -16
- data/lib/action_controller/metal/streaming.rb +12 -10
- data/lib/action_controller/metal/strong_parameters.rb +583 -164
- data/lib/action_controller/metal/testing.rb +2 -17
- data/lib/action_controller/metal/url_for.rb +19 -10
- data/lib/action_controller/metal.rb +98 -83
- data/lib/action_controller/railtie.rb +28 -10
- data/lib/action_controller/railties/helpers.rb +2 -0
- data/lib/action_controller/renderer.rb +117 -0
- data/lib/action_controller/template_assertions.rb +11 -0
- data/lib/action_controller/test_case.rb +282 -413
- data/lib/action_controller.rb +29 -21
- data/lib/action_dispatch/http/cache.rb +93 -47
- data/lib/action_dispatch/http/content_security_policy.rb +272 -0
- data/lib/action_dispatch/http/filter_parameters.rb +26 -20
- data/lib/action_dispatch/http/filter_redirect.rb +10 -11
- data/lib/action_dispatch/http/headers.rb +55 -22
- data/lib/action_dispatch/http/mime_negotiation.rb +56 -41
- data/lib/action_dispatch/http/mime_type.rb +134 -121
- data/lib/action_dispatch/http/mime_types.rb +20 -6
- data/lib/action_dispatch/http/parameter_filter.rb +25 -11
- data/lib/action_dispatch/http/parameters.rb +98 -39
- data/lib/action_dispatch/http/rack_cache.rb +2 -0
- data/lib/action_dispatch/http/request.rb +200 -118
- data/lib/action_dispatch/http/response.rb +225 -110
- data/lib/action_dispatch/http/upload.rb +12 -6
- data/lib/action_dispatch/http/url.rb +110 -28
- data/lib/action_dispatch/journey/formatter.rb +55 -32
- data/lib/action_dispatch/journey/gtg/builder.rb +7 -5
- data/lib/action_dispatch/journey/gtg/simulator.rb +3 -9
- data/lib/action_dispatch/journey/gtg/transition_table.rb +17 -16
- data/lib/action_dispatch/journey/nfa/builder.rb +5 -3
- data/lib/action_dispatch/journey/nfa/dot.rb +13 -13
- data/lib/action_dispatch/journey/nfa/simulator.rb +3 -1
- data/lib/action_dispatch/journey/nfa/transition_table.rb +5 -48
- data/lib/action_dispatch/journey/nodes/node.rb +18 -6
- data/lib/action_dispatch/journey/parser.rb +23 -22
- data/lib/action_dispatch/journey/parser.y +3 -2
- data/lib/action_dispatch/journey/parser_extras.rb +12 -4
- data/lib/action_dispatch/journey/path/pattern.rb +50 -44
- data/lib/action_dispatch/journey/route.rb +106 -28
- data/lib/action_dispatch/journey/router/utils.rb +20 -11
- data/lib/action_dispatch/journey/router.rb +35 -23
- data/lib/action_dispatch/journey/routes.rb +18 -16
- data/lib/action_dispatch/journey/scanner.rb +18 -15
- data/lib/action_dispatch/journey/visitors.rb +99 -52
- data/lib/action_dispatch/journey.rb +7 -5
- data/lib/action_dispatch/middleware/callbacks.rb +1 -2
- data/lib/action_dispatch/middleware/cookies.rb +304 -193
- data/lib/action_dispatch/middleware/debug_exceptions.rb +152 -57
- data/lib/action_dispatch/middleware/debug_locks.rb +124 -0
- data/lib/action_dispatch/middleware/exception_wrapper.rb +68 -69
- data/lib/action_dispatch/middleware/executor.rb +21 -0
- data/lib/action_dispatch/middleware/flash.rb +78 -54
- data/lib/action_dispatch/middleware/public_exceptions.rb +27 -25
- data/lib/action_dispatch/middleware/reloader.rb +5 -91
- data/lib/action_dispatch/middleware/remote_ip.rb +41 -31
- data/lib/action_dispatch/middleware/request_id.rb +17 -9
- data/lib/action_dispatch/middleware/session/abstract_store.rb +41 -25
- data/lib/action_dispatch/middleware/session/cache_store.rb +24 -14
- data/lib/action_dispatch/middleware/session/cookie_store.rb +72 -67
- data/lib/action_dispatch/middleware/session/mem_cache_store.rb +8 -2
- data/lib/action_dispatch/middleware/show_exceptions.rb +26 -22
- data/lib/action_dispatch/middleware/ssl.rb +114 -36
- data/lib/action_dispatch/middleware/stack.rb +31 -44
- data/lib/action_dispatch/middleware/static.rb +57 -50
- data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +2 -14
- data/lib/action_dispatch/middleware/templates/rescues/{_source.erb → _source.html.erb} +0 -0
- data/lib/action_dispatch/middleware/templates/rescues/_source.text.erb +8 -0
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +21 -0
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +13 -0
- data/lib/action_dispatch/middleware/templates/rescues/layout.erb +1 -0
- data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +1 -1
- data/lib/action_dispatch/middleware/templates/rescues/template_error.text.erb +1 -1
- data/lib/action_dispatch/middleware/templates/routes/_route.html.erb +4 -4
- data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +64 -64
- data/lib/action_dispatch/railtie.rb +19 -11
- data/lib/action_dispatch/request/session.rb +106 -59
- data/lib/action_dispatch/request/utils.rb +67 -24
- data/lib/action_dispatch/routing/endpoint.rb +9 -2
- data/lib/action_dispatch/routing/inspector.rb +58 -67
- data/lib/action_dispatch/routing/mapper.rb +733 -447
- data/lib/action_dispatch/routing/polymorphic_routes.rb +166 -140
- data/lib/action_dispatch/routing/redirection.rb +36 -26
- data/lib/action_dispatch/routing/route_set.rb +321 -291
- data/lib/action_dispatch/routing/routes_proxy.rb +32 -5
- data/lib/action_dispatch/routing/url_for.rb +65 -25
- data/lib/action_dispatch/routing.rb +17 -18
- data/lib/action_dispatch/system_test_case.rb +147 -0
- data/lib/action_dispatch/system_testing/browser.rb +49 -0
- data/lib/action_dispatch/system_testing/driver.rb +59 -0
- data/lib/action_dispatch/system_testing/server.rb +31 -0
- data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +96 -0
- data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +31 -0
- data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb +26 -0
- data/lib/action_dispatch/testing/assertion_response.rb +47 -0
- data/lib/action_dispatch/testing/assertions/response.rb +45 -20
- data/lib/action_dispatch/testing/assertions/routing.rb +30 -26
- data/lib/action_dispatch/testing/assertions.rb +6 -4
- data/lib/action_dispatch/testing/integration.rb +348 -209
- data/lib/action_dispatch/testing/request_encoder.rb +55 -0
- data/lib/action_dispatch/testing/test_process.rb +28 -22
- data/lib/action_dispatch/testing/test_request.rb +27 -34
- data/lib/action_dispatch/testing/test_response.rb +35 -7
- data/lib/action_dispatch.rb +27 -19
- data/lib/action_pack/gem_version.rb +5 -3
- data/lib/action_pack/version.rb +3 -1
- data/lib/action_pack.rb +4 -2
- metadata +56 -38
- data/lib/action_controller/metal/hide_actions.rb +0 -40
- data/lib/action_controller/metal/rack_delegation.rb +0 -32
- data/lib/action_controller/middleware.rb +0 -39
- data/lib/action_controller/model_naming.rb +0 -12
- data/lib/action_dispatch/journey/backwards.rb +0 -5
- data/lib/action_dispatch/journey/router/strexp.rb +0 -27
- data/lib/action_dispatch/middleware/params_parser.rb +0 -60
- data/lib/action_dispatch/testing/assertions/dom.rb +0 -3
- data/lib/action_dispatch/testing/assertions/selector.rb +0 -3
- data/lib/action_dispatch/testing/assertions/tag.rb +0 -3
@@ -1,8 +1,28 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module ActionController
|
2
4
|
module Rendering
|
3
5
|
extend ActiveSupport::Concern
|
4
6
|
|
5
|
-
RENDER_FORMATS_IN_PRIORITY = [:body, :
|
7
|
+
RENDER_FORMATS_IN_PRIORITY = [:body, :plain, :html]
|
8
|
+
|
9
|
+
module ClassMethods
|
10
|
+
# Documentation at ActionController::Renderer#render
|
11
|
+
delegate :render, to: :renderer
|
12
|
+
|
13
|
+
# Returns a renderer instance (inherited from ActionController::Renderer)
|
14
|
+
# for the controller.
|
15
|
+
attr_reader :renderer
|
16
|
+
|
17
|
+
def setup_renderer! # :nodoc:
|
18
|
+
@renderer = Renderer.for(self)
|
19
|
+
end
|
20
|
+
|
21
|
+
def inherited(klass)
|
22
|
+
klass.setup_renderer!
|
23
|
+
super
|
24
|
+
end
|
25
|
+
end
|
6
26
|
|
7
27
|
# Before processing, set the request formats in current controller formats.
|
8
28
|
def process_action(*) #:nodoc:
|
@@ -12,15 +32,15 @@ module ActionController
|
|
12
32
|
|
13
33
|
# Check for double render errors and set the content_type after rendering.
|
14
34
|
def render(*args) #:nodoc:
|
15
|
-
raise ::AbstractController::DoubleRenderError if
|
35
|
+
raise ::AbstractController::DoubleRenderError if response_body
|
16
36
|
super
|
17
37
|
end
|
18
38
|
|
19
|
-
# Overwrite render_to_string because body can now be set to a
|
39
|
+
# Overwrite render_to_string because body can now be set to a Rack body.
|
20
40
|
def render_to_string(*)
|
21
41
|
result = super
|
22
42
|
if result.respond_to?(:each)
|
23
|
-
string = ""
|
43
|
+
string = "".dup
|
24
44
|
result.each { |r| string << r }
|
25
45
|
string
|
26
46
|
else
|
@@ -29,72 +49,74 @@ module ActionController
|
|
29
49
|
end
|
30
50
|
|
31
51
|
def render_to_body(options = {})
|
32
|
-
super || _render_in_priorities(options) ||
|
52
|
+
super || _render_in_priorities(options) || " "
|
33
53
|
end
|
34
54
|
|
35
55
|
private
|
36
56
|
|
37
|
-
|
38
|
-
|
39
|
-
|
57
|
+
def _process_variant(options)
|
58
|
+
if defined?(request) && !request.nil? && request.variant.present?
|
59
|
+
options[:variant] = request.variant
|
60
|
+
end
|
40
61
|
end
|
41
62
|
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
super
|
63
|
+
def _render_in_priorities(options)
|
64
|
+
RENDER_FORMATS_IN_PRIORITY.each do |format|
|
65
|
+
return options[format] if options.key?(format)
|
66
|
+
end
|
47
67
|
|
48
|
-
|
49
|
-
self.content_type = Mime::TEXT
|
50
|
-
else
|
51
|
-
self.content_type ||= format.to_s
|
68
|
+
nil
|
52
69
|
end
|
53
|
-
end
|
54
70
|
|
55
|
-
|
56
|
-
|
57
|
-
options = super
|
58
|
-
options[:update] = blk if block_given?
|
59
|
-
options
|
60
|
-
end
|
61
|
-
|
62
|
-
# Normalize both text and status options.
|
63
|
-
def _normalize_options(options) #:nodoc:
|
64
|
-
_normalize_text(options)
|
65
|
-
|
66
|
-
if options[:html]
|
67
|
-
options[:html] = ERB::Util.html_escape(options[:html])
|
71
|
+
def _set_html_content_type
|
72
|
+
self.content_type = Mime[:html].to_s
|
68
73
|
end
|
69
74
|
|
70
|
-
|
71
|
-
|
75
|
+
def _set_rendered_content_type(format)
|
76
|
+
if format && !response.content_type
|
77
|
+
self.content_type = format.to_s
|
78
|
+
end
|
72
79
|
end
|
73
80
|
|
74
|
-
|
75
|
-
|
81
|
+
# Normalize arguments by catching blocks and setting them on :update.
|
82
|
+
def _normalize_args(action = nil, options = {}, &blk)
|
83
|
+
options = super
|
84
|
+
options[:update] = blk if block_given?
|
85
|
+
options
|
76
86
|
end
|
77
87
|
|
78
|
-
|
79
|
-
|
88
|
+
# Normalize both text and status options.
|
89
|
+
def _normalize_options(options)
|
90
|
+
_normalize_text(options)
|
91
|
+
|
92
|
+
if options[:html]
|
93
|
+
options[:html] = ERB::Util.html_escape(options[:html])
|
94
|
+
end
|
80
95
|
|
81
|
-
|
82
|
-
|
83
|
-
if options.key?(format) && options[format].respond_to?(:to_text)
|
84
|
-
options[format] = options[format].to_text
|
96
|
+
if options[:status]
|
97
|
+
options[:status] = Rack::Utils.status_code(options[:status])
|
85
98
|
end
|
99
|
+
|
100
|
+
super
|
86
101
|
end
|
87
|
-
end
|
88
102
|
|
89
|
-
|
90
|
-
|
91
|
-
|
103
|
+
def _normalize_text(options)
|
104
|
+
RENDER_FORMATS_IN_PRIORITY.each do |format|
|
105
|
+
if options.key?(format) && options[format].respond_to?(:to_text)
|
106
|
+
options[format] = options[format].to_text
|
107
|
+
end
|
108
|
+
end
|
109
|
+
end
|
92
110
|
|
93
|
-
|
94
|
-
|
95
|
-
|
111
|
+
# Process controller specific options, as status, content-type and location.
|
112
|
+
def _process_options(options)
|
113
|
+
status, content_type, location = options.values_at(:status, :content_type, :location)
|
96
114
|
|
97
|
-
|
98
|
-
|
115
|
+
self.status = status if status
|
116
|
+
self.content_type = content_type if content_type
|
117
|
+
headers["Location"] = url_for(location) if location
|
118
|
+
|
119
|
+
super
|
120
|
+
end
|
99
121
|
end
|
100
122
|
end
|