actionpack 4.2.11.1 → 5.2.6

data/lib/action_controller/metal/live.rb

@@ -1,9 +1,11 @@
-require 'action_dispatch/http/response'
-require 'delegate'
-require 'active_support/json'
+# frozen_string_literal: true
+
+require "action_dispatch/http/response"
+require "delegate"
+require "active_support/json"
 
 module ActionController
-  # Mix this module in to your controller, and all actions in that controller
+  # Mix this module into your controller, and all actions in that controller
   # will be able to stream data to the client as it's written.
   #
   #   class MyController < ActionController::Base
@@ -20,7 +22,7 @@ module ActionController
   #     end
   #   end
   #
-  # There are a few caveats with this use. You *cannot* write headers after the
+  # There are a few caveats with this module. You *cannot* write headers after the
   # response has been committed (Response#committed? will return truthy).
   # Calling +write+ or +close+ on the response stream will cause the response
   # object to be committed. Make sure all headers are set before calling write
@@ -33,6 +35,20 @@ module ActionController
   # the main thread. Make sure your actions are thread safe, and this shouldn't
   # be a problem (don't share state across threads, etc).
   module Live
+    extend ActiveSupport::Concern
+
+    module ClassMethods
+      def make_response!(request)
+        if request.get_header("HTTP_VERSION") == "HTTP/1.0"
+          super
+        else
+          Live::Response.new.tap do |res|
+            res.request = request
+          end
+        end
+      end
+    end
+
     # This class provides the ability to write an SSE (Server Sent Event)
     # to an IO stream. The class is initialized with a stream and can be used
     # to either write a JSON string or an object which can be converted to JSON.
@@ -70,7 +86,6 @@ module ActionController
     # Note: SSEs are not currently supported by IE. However, they are supported
     # by Chrome, Firefox, Opera, and Safari.
     class SSE
-
       WHITELISTED_OPTIONS = %w( retry event id )
 
       def initialize(stream, options = {})
@@ -102,7 +117,7 @@ module ActionController
             end
           end
 
-          message = json.gsub(/\n/, "\ndata: ")
+          message = json.gsub("\n".freeze, "\ndata: ".freeze)
           @stream.write "data: #{message}\n\n"
         end
     end
@@ -131,8 +146,8 @@ module ActionController
 
       def write(string)
         unless @response.committed?
-          @response.headers["Cache-Control"] = "no-cache"
-          @response.headers.delete "Content-Length"
+          @response.set_header "Cache-Control", "no-cache"
+          @response.delete_header "Content-Length"
         end
 
         super
@@ -149,14 +164,6 @@ module ActionController
         end
       end
 
-      def each
-        @response.sending!
-        while str = @buf.pop
-          yield str
-        end
-        @response.sent!
-      end
-
       # Write a 'close' event to the buffer; the producer/writing thread
       # uses this to notify us that it's finished supplying content.
       #
@@ -189,12 +196,6 @@ module ActionController
         !@aborted
       end
 
-      def await_close
-        synchronize do
-          @cv.wait_until { @closed }
-        end
-      end
-
       def on_error(&block)
         @error_callback = block
       end
@@ -202,60 +203,36 @@ module ActionController
       def call_on_error
         @error_callback.call
       end
-    end
 
-    class Response < ActionDispatch::Response #:nodoc: all
-      class Header < DelegateClass(Hash) # :nodoc:
-        def initialize(response, header)
-          @response = response
-          super(header)
-        end
+      private
 
-        def []=(k,v)
-          if @response.committed?
-            raise ActionDispatch::IllegalStateError, 'header already sent'
+        def each_chunk(&block)
+          loop do
+            str = nil
+            ActiveSupport::Dependencies.interlock.permit_concurrent_loads do
+              str = @buf.pop
+            end
+            break unless str
+            yield str
           end
-
-          super
-        end
-
-        def merge(other)
-          self.class.new @response, __getobj__.merge(other)
         end
+    end
 
-        def to_hash
-          __getobj__.dup
-        end
-      end
-
+    class Response < ActionDispatch::Response #:nodoc: all
       private
 
-      def before_committed
-        super
-        jar = request.cookie_jar
-        # The response can be committed multiple times
-        jar.write self unless committed?
-      end
-
-      def before_sending
-        super
-        request.cookie_jar.commit!
-        headers.freeze
-      end
-
-      def build_buffer(response, body)
-        buf = Live::Buffer.new response
-        body.each { |part| buf.write part }
-        buf
-      end
-
-      def merge_default_headers(original, default)
-        Header.new self, super
-      end
+        def before_committed
+          super
+          jar = request.cookie_jar
+          # The response can be committed multiple times
+          jar.write self unless committed?
+        end
 
-      def handle_conditional_get!
-        super unless committed?
-      end
+        def build_buffer(response, body)
+          buf = Live::Buffer.new response
+          body.each { |part| buf.write part }
+          buf
+        end
     end
 
     def process(name)
@@ -264,47 +241,63 @@ module ActionController
 
       error = nil
       # This processes the action in a child thread. It lets us return the
-      # response code and headers back up the rack stack, and still process
-      # the body in parallel with sending data to the client
-      Thread.new {
-        t2 = Thread.current
-        t2.abort_on_exception = true
-
-        # Since we're processing the view in a different thread, copy the
-        # thread locals from the main thread to the child thread. :'(
-        locals.each { |k,v| t2[k] = v }
-
-        begin
-          super(name)
-        rescue => e
-          if @_response.committed?
-            begin
-              @_response.stream.write(ActionView::Base.streaming_completion_on_exception) if request.format == :html
-              @_response.stream.call_on_error
-            rescue => exception
-              log_error(exception)
-            ensure
-              log_error(e)
-              @_response.stream.close
+      # response code and headers back up the Rack stack, and still process
+      # the body in parallel with sending data to the client.
+      new_controller_thread {
+        ActiveSupport::Dependencies.interlock.running do
+          t2 = Thread.current
+
+          # Since we're processing the view in a different thread, copy the
+          # thread locals from the main thread to the child thread. :'(
+          locals.each { |k, v| t2[k] = v }
+
+          begin
+            super(name)
+          rescue => e
+            if @_response.committed?
+              begin
+                @_response.stream.write(ActionView::Base.streaming_completion_on_exception) if request.format == :html
+                @_response.stream.call_on_error
+              rescue => exception
+                log_error(exception)
+              ensure
+                log_error(e)
+                @_response.stream.close
+              end
+            else
+              error = e
             end
-          else
-            error = e
+          ensure
+            @_response.commit!
           end
-        ensure
-          @_response.commit!
         end
       }
 
-      @_response.await_commit
+      ActiveSupport::Dependencies.interlock.permit_concurrent_loads do
+        @_response.await_commit
+      end
+
       raise error if error
     end
 
+    # Spawn a new thread to serve up the controller in. This is to get
+    # around the fact that Rack isn't based around IOs and we need to use
+    # a thread to stream data from the response bodies. Nobody should call
+    # this method except in Rails internals. Seriously!
+    def new_controller_thread # :nodoc:
+      Thread.new {
+        t2 = Thread.current
+        t2.abort_on_exception = true
+        yield
+      }
+    end
+
     def log_error(exception)
       logger = ActionController::Base.logger
       return unless logger
 
       logger.fatal do
-        message = "\n#{exception.class} (#{exception.message}):\n"
+        message = "\n#{exception.class} (#{exception.message}):\n".dup
         message << exception.annoted_source_code.to_s if exception.respond_to?(:annoted_source_code)
         message << "  " << exception.backtrace.join("\n  ")
         "#{message}\n\n"
@@ -315,14 +308,5 @@ module ActionController
       super
       response.close if response
     end
-
-    def set_response!(request)
-      if request.env["HTTP_VERSION"] == "HTTP/1.0"
-        super
-      else
-        @_response         = Live::Response.new
-        @_response.request = request
-      end
-    end
   end
 end

data/lib/action_controller/metal/mime_responds.rb

@@ -1,29 +1,9 @@
-require 'abstract_controller/collector'
+# frozen_string_literal: true
+
+require "abstract_controller/collector"
 
 module ActionController #:nodoc:
   module MimeResponds
-    extend ActiveSupport::Concern
-
-    # :stopdoc:
-    module ClassMethods
-      def respond_to(*)
-        raise NoMethodError, "The controller-level `respond_to' feature has " \
-          "been extracted to the `responders` gem. Add it to your Gemfile to " \
-          "continue using this feature:\n" \
-          "  gem 'responders', '~> 2.0'\n" \
-          "Consult the Rails upgrade guide for details."
-      end
-    end
-
-    def respond_with(*)
-      raise NoMethodError, "The `respond_with' feature has been extracted " \
-        "to the `responders` gem. Add it to your Gemfile to continue using " \
-        "this feature:\n" \
-        "  gem 'responders', '~> 2.0'\n" \
-        "Consult the Rails upgrade guide for details."
-    end
-    # :startdoc:
-
     # Without web-service support, an action which collects the data for displaying a list of people
     # might look something like this:
     #
@@ -31,6 +11,13 @@ module ActionController #:nodoc:
     #     @people = Person.all
     #   end
     #
+    # That action implicitly responds to all formats, but formats can also be whitelisted:
+    #
+    #   def index
+    #     @people = Person.all
+    #     respond_to :html, :js
+    #   end
+    #
     # Here's the same action, with web-service support baked in:
     #
     #   def index
@@ -38,11 +25,12 @@ module ActionController #:nodoc:
     #
     #     respond_to do |format|
     #       format.html
+    #       format.js
     #       format.xml { render xml: @people }
     #     end
     #   end
     #
-    # What that says is, "if the client wants HTML in response to this action, just respond as we
+    # What that says is, "if the client wants HTML or JS in response to this action, just respond as we
     # would have before, but if the client wants XML, return them the list of people in XML format."
     # (Rails determines the desired response format from the HTTP Accept header submitted by the client.)
     #
@@ -113,11 +101,11 @@ module ActionController #:nodoc:
     # and accept Rails' defaults, life will be much easier.
     #
     # If you need to use a MIME type which isn't supported by default, you can register your own handlers in
-    # config/initializers/mime_types.rb as follows.
+    # +config/initializers/mime_types.rb+ as follows.
     #
     #   Mime::Type.register "image/jpg", :jpg
     #
-    # Respond to also allows you to specify a common block for different formats by using any:
+    # Respond to also allows you to specify a common block for different formats by using +any+:
     #
     #   def index
     #     @people = Person.all
@@ -173,21 +161,21 @@ module ActionController #:nodoc:
     #     format.html.none  { render "trash" }
     #   end
     #
-    # Variants also support common `any`/`all` block that formats have.
+    # Variants also support common +any+/+all+ block that formats have.
     #
     # It works for both inline:
     #
     #   respond_to do |format|
-    #     format.html.any   { render text: "any"   }
-    #     format.html.phone { render text: "phone" }
+    #     format.html.any   { render html: "any"   }
+    #     format.html.phone { render html: "phone" }
     #   end
     #
     # and block syntax:
     #
     #   respond_to do |format|
     #     format.html do |variant|
-    #       variant.any(:tablet, :phablet){ render text: "any" }
-    #       variant.phone { render text: "phone" }
+    #       variant.any(:tablet, :phablet){ render html: "any" }
+    #       variant.phone { render html: "phone" }
     #     end
     #   end
     #
@@ -195,16 +183,13 @@ module ActionController #:nodoc:
     #
     #   request.variant = [:tablet, :phone]
     #
-    # which will work similarly to formats and MIME types negotiation. If there will be no
-    # :tablet variant declared, :phone variant will be picked:
+    # This will work similarly to formats and MIME types negotiation. If there
+    # is no +:tablet+ variant declared, the +:phone+ variant will be used:
     #
     #   respond_to do |format|
     #     format.html.none
     #     format.html.phone # this gets rendered
     #   end
-    #
-    # Be sure to check the documentation of <tt>ActionController::MimeResponds.respond_to</tt>
-    # for more examples.
     def respond_to(*mimes)
       raise ArgumentError, "respond_to takes either types or a block, never both" if mimes.any? && block_given?
 
@@ -213,8 +198,9 @@ module ActionController #:nodoc:
 
       if format = collector.negotiate_format(request)
         _process_format(format)
+        _set_rendered_content_type format
         response = collector.response
-        response ? response.call : render({})
+        response.call if response
       else
         raise ActionController::UnknownFormat
       end
@@ -250,7 +236,7 @@ module ActionController #:nodoc:
         @responses = {}
         @variant = variant
 
-        mimes.each { |mime| @responses["Mime::#{mime.upcase}".constantize] = nil }
+        mimes.each { |mime| @responses[Mime[mime]] = nil }
       end
 
       def any(*args, &block)
@@ -296,8 +282,8 @@ module ActionController #:nodoc:
 
         def any(*args, &block)
           if block_given?
-            if args.any? && args.none?{ |a| a == @variant }
-              args.each{ |v| @variants[v] = block }
+            if args.any? && args.none? { |a| a == @variant }
+              args.each { |v| @variants[v] = block }
             else
               @variants[:any] = block
             end
@@ -310,16 +296,17 @@ module ActionController #:nodoc:
         end
 
         def variant
-          if @variant.nil?
+          if @variant.empty?
             @variants[:none] || @variants[:any]
-          elsif (@variants.keys & @variant).any?
-            @variant.each do |v|
-              return @variants[v] if @variants.key?(v)
-            end
           else
-            @variants[:any]
+            @variants[variant_key]
           end
         end
+
+        private
+          def variant_key
+            @variant.find { |variant| @variants.key?(variant) } || :any
+          end
       end
     end
   end

data/lib/action_controller/metal/parameter_encoding.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module ActionController
+  # Specify binary encoding for parameters for a given action.
+  module ParameterEncoding
+    extend ActiveSupport::Concern
+
+    module ClassMethods
+      def inherited(klass) # :nodoc:
+        super
+        klass.setup_param_encode
+      end
+
+      def setup_param_encode # :nodoc:
+        @_parameter_encodings = {}
+      end
+
+      def binary_params_for?(action) # :nodoc:
+        @_parameter_encodings[action.to_s]
+      end
+
+      # Specify that a given action's parameters should all be encoded as
+      # ASCII-8BIT (it "skips" the encoding default of UTF-8).
+      #
+      # For example, a controller would use it like this:
+      #
+      #   class RepositoryController < ActionController::Base
+      #     skip_parameter_encoding :show
+      #
+      #     def show
+      #       @repo = Repository.find_by_filesystem_path params[:file_path]
+      #
+      #       # `repo_name` is guaranteed to be UTF-8, but was ASCII-8BIT, so
+      #       # tag it as such
+      #       @repo_name = params[:repo_name].force_encoding 'UTF-8'
+      #     end
+      #
+      #     def index
+      #       @repositories = Repository.all
+      #     end
+      #   end
+      #
+      # The show action in the above controller would have all parameter values
+      # encoded as ASCII-8BIT. This is useful in the case where an application
+      # must handle data but encoding of the data is unknown, like file system data.
+      def skip_parameter_encoding(action)
+        @_parameter_encodings[action.to_s] = true
+      end
+    end
+  end
+end