actionpack 4.2.8 → 5.2.4.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionpack might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/CHANGELOG.md +285 -444
- data/MIT-LICENSE +1 -1
- data/README.rdoc +6 -7
- data/lib/abstract_controller.rb +12 -5
- data/lib/abstract_controller/asset_paths.rb +2 -0
- data/lib/abstract_controller/base.rb +45 -49
- data/lib/abstract_controller/caching.rb +66 -0
- data/lib/{action_controller → abstract_controller}/caching/fragments.rb +78 -15
- data/lib/abstract_controller/callbacks.rb +47 -31
- data/lib/abstract_controller/collector.rb +8 -11
- data/lib/abstract_controller/error.rb +6 -0
- data/lib/abstract_controller/helpers.rb +25 -25
- data/lib/abstract_controller/logger.rb +2 -0
- data/lib/abstract_controller/railties/routes_helpers.rb +4 -2
- data/lib/abstract_controller/rendering.rb +42 -41
- data/lib/abstract_controller/translation.rb +10 -7
- data/lib/abstract_controller/url_for.rb +2 -0
- data/lib/action_controller.rb +29 -21
- data/lib/action_controller/api.rb +149 -0
- data/lib/action_controller/api/api_rendering.rb +16 -0
- data/lib/action_controller/base.rb +27 -19
- data/lib/action_controller/caching.rb +14 -57
- data/lib/action_controller/form_builder.rb +50 -0
- data/lib/action_controller/log_subscriber.rb +10 -15
- data/lib/action_controller/metal.rb +98 -83
- data/lib/action_controller/metal/basic_implicit_render.rb +13 -0
- data/lib/action_controller/metal/conditional_get.rb +118 -44
- data/lib/action_controller/metal/content_security_policy.rb +52 -0
- data/lib/action_controller/metal/cookies.rb +3 -3
- data/lib/action_controller/metal/data_streaming.rb +27 -46
- data/lib/action_controller/metal/etag_with_flash.rb +18 -0
- data/lib/action_controller/metal/etag_with_template_digest.rb +20 -13
- data/lib/action_controller/metal/exceptions.rb +8 -14
- data/lib/action_controller/metal/flash.rb +4 -3
- data/lib/action_controller/metal/force_ssl.rb +23 -21
- data/lib/action_controller/metal/head.rb +21 -19
- data/lib/action_controller/metal/helpers.rb +24 -14
- data/lib/action_controller/metal/http_authentication.rb +64 -57
- data/lib/action_controller/metal/implicit_render.rb +62 -8
- data/lib/action_controller/metal/instrumentation.rb +19 -21
- data/lib/action_controller/metal/live.rb +90 -106
- data/lib/action_controller/metal/mime_responds.rb +33 -46
- data/lib/action_controller/metal/parameter_encoding.rb +51 -0
- data/lib/action_controller/metal/params_wrapper.rb +61 -53
- data/lib/action_controller/metal/redirecting.rb +49 -28
- data/lib/action_controller/metal/renderers.rb +87 -44
- data/lib/action_controller/metal/rendering.rb +72 -50
- data/lib/action_controller/metal/request_forgery_protection.rb +203 -92
- data/lib/action_controller/metal/rescue.rb +9 -16
- data/lib/action_controller/metal/streaming.rb +12 -10
- data/lib/action_controller/metal/strong_parameters.rb +582 -165
- data/lib/action_controller/metal/testing.rb +2 -17
- data/lib/action_controller/metal/url_for.rb +19 -10
- data/lib/action_controller/railtie.rb +28 -10
- data/lib/action_controller/railties/helpers.rb +2 -0
- data/lib/action_controller/renderer.rb +117 -0
- data/lib/action_controller/template_assertions.rb +11 -0
- data/lib/action_controller/test_case.rb +280 -411
- data/lib/action_dispatch.rb +27 -19
- data/lib/action_dispatch/http/cache.rb +93 -47
- data/lib/action_dispatch/http/content_security_policy.rb +272 -0
- data/lib/action_dispatch/http/filter_parameters.rb +26 -20
- data/lib/action_dispatch/http/filter_redirect.rb +10 -11
- data/lib/action_dispatch/http/headers.rb +55 -22
- data/lib/action_dispatch/http/mime_negotiation.rb +60 -41
- data/lib/action_dispatch/http/mime_type.rb +134 -121
- data/lib/action_dispatch/http/mime_types.rb +20 -6
- data/lib/action_dispatch/http/parameter_filter.rb +25 -11
- data/lib/action_dispatch/http/parameters.rb +98 -39
- data/lib/action_dispatch/http/rack_cache.rb +2 -0
- data/lib/action_dispatch/http/request.rb +200 -118
- data/lib/action_dispatch/http/response.rb +225 -110
- data/lib/action_dispatch/http/upload.rb +12 -6
- data/lib/action_dispatch/http/url.rb +110 -28
- data/lib/action_dispatch/journey.rb +7 -5
- data/lib/action_dispatch/journey/formatter.rb +55 -32
- data/lib/action_dispatch/journey/gtg/builder.rb +7 -5
- data/lib/action_dispatch/journey/gtg/simulator.rb +3 -9
- data/lib/action_dispatch/journey/gtg/transition_table.rb +17 -16
- data/lib/action_dispatch/journey/nfa/builder.rb +5 -3
- data/lib/action_dispatch/journey/nfa/dot.rb +13 -13
- data/lib/action_dispatch/journey/nfa/simulator.rb +3 -1
- data/lib/action_dispatch/journey/nfa/transition_table.rb +5 -48
- data/lib/action_dispatch/journey/nodes/node.rb +18 -6
- data/lib/action_dispatch/journey/parser.rb +23 -22
- data/lib/action_dispatch/journey/parser.y +3 -2
- data/lib/action_dispatch/journey/parser_extras.rb +12 -4
- data/lib/action_dispatch/journey/path/pattern.rb +50 -44
- data/lib/action_dispatch/journey/route.rb +106 -28
- data/lib/action_dispatch/journey/router.rb +35 -23
- data/lib/action_dispatch/journey/router/utils.rb +20 -11
- data/lib/action_dispatch/journey/routes.rb +18 -16
- data/lib/action_dispatch/journey/scanner.rb +18 -15
- data/lib/action_dispatch/journey/visitors.rb +99 -52
- data/lib/action_dispatch/middleware/callbacks.rb +1 -2
- data/lib/action_dispatch/middleware/cookies.rb +304 -193
- data/lib/action_dispatch/middleware/debug_exceptions.rb +152 -57
- data/lib/action_dispatch/middleware/debug_locks.rb +124 -0
- data/lib/action_dispatch/middleware/exception_wrapper.rb +68 -69
- data/lib/action_dispatch/middleware/executor.rb +21 -0
- data/lib/action_dispatch/middleware/flash.rb +78 -54
- data/lib/action_dispatch/middleware/public_exceptions.rb +27 -25
- data/lib/action_dispatch/middleware/reloader.rb +5 -91
- data/lib/action_dispatch/middleware/remote_ip.rb +41 -31
- data/lib/action_dispatch/middleware/request_id.rb +17 -9
- data/lib/action_dispatch/middleware/session/abstract_store.rb +41 -25
- data/lib/action_dispatch/middleware/session/cache_store.rb +24 -14
- data/lib/action_dispatch/middleware/session/cookie_store.rb +72 -67
- data/lib/action_dispatch/middleware/session/mem_cache_store.rb +8 -2
- data/lib/action_dispatch/middleware/show_exceptions.rb +26 -22
- data/lib/action_dispatch/middleware/ssl.rb +114 -36
- data/lib/action_dispatch/middleware/stack.rb +31 -44
- data/lib/action_dispatch/middleware/static.rb +57 -50
- data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +2 -14
- data/lib/action_dispatch/middleware/templates/rescues/{_source.erb → _source.html.erb} +0 -0
- data/lib/action_dispatch/middleware/templates/rescues/_source.text.erb +8 -0
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +21 -0
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +13 -0
- data/lib/action_dispatch/middleware/templates/rescues/layout.erb +1 -0
- data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +1 -1
- data/lib/action_dispatch/middleware/templates/rescues/template_error.text.erb +1 -1
- data/lib/action_dispatch/middleware/templates/routes/_route.html.erb +4 -4
- data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +64 -64
- data/lib/action_dispatch/railtie.rb +19 -11
- data/lib/action_dispatch/request/session.rb +106 -59
- data/lib/action_dispatch/request/utils.rb +67 -24
- data/lib/action_dispatch/routing.rb +17 -18
- data/lib/action_dispatch/routing/endpoint.rb +9 -2
- data/lib/action_dispatch/routing/inspector.rb +58 -67
- data/lib/action_dispatch/routing/mapper.rb +734 -447
- data/lib/action_dispatch/routing/polymorphic_routes.rb +161 -139
- data/lib/action_dispatch/routing/redirection.rb +36 -26
- data/lib/action_dispatch/routing/route_set.rb +321 -291
- data/lib/action_dispatch/routing/routes_proxy.rb +32 -5
- data/lib/action_dispatch/routing/url_for.rb +65 -25
- data/lib/action_dispatch/system_test_case.rb +147 -0
- data/lib/action_dispatch/system_testing/browser.rb +49 -0
- data/lib/action_dispatch/system_testing/driver.rb +59 -0
- data/lib/action_dispatch/system_testing/server.rb +31 -0
- data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +96 -0
- data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +31 -0
- data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb +26 -0
- data/lib/action_dispatch/testing/assertion_response.rb +47 -0
- data/lib/action_dispatch/testing/assertions.rb +6 -4
- data/lib/action_dispatch/testing/assertions/response.rb +45 -20
- data/lib/action_dispatch/testing/assertions/routing.rb +30 -26
- data/lib/action_dispatch/testing/integration.rb +347 -209
- data/lib/action_dispatch/testing/request_encoder.rb +55 -0
- data/lib/action_dispatch/testing/test_process.rb +28 -22
- data/lib/action_dispatch/testing/test_request.rb +27 -34
- data/lib/action_dispatch/testing/test_response.rb +35 -7
- data/lib/action_pack.rb +4 -2
- data/lib/action_pack/gem_version.rb +5 -3
- data/lib/action_pack/version.rb +3 -1
- metadata +56 -39
- data/lib/action_controller/metal/hide_actions.rb +0 -40
- data/lib/action_controller/metal/rack_delegation.rb +0 -32
- data/lib/action_controller/middleware.rb +0 -39
- data/lib/action_controller/model_naming.rb +0 -12
- data/lib/action_dispatch/journey/backwards.rb +0 -5
- data/lib/action_dispatch/journey/router/strexp.rb +0 -27
- data/lib/action_dispatch/middleware/params_parser.rb +0 -60
- data/lib/action_dispatch/testing/assertions/dom.rb +0 -3
- data/lib/action_dispatch/testing/assertions/selector.rb +0 -3
- data/lib/action_dispatch/testing/assertions/tag.rb +0 -3
@@ -1,40 +0,0 @@
|
|
1
|
-
|
2
|
-
module ActionController
|
3
|
-
# Adds the ability to prevent public methods on a controller to be called as actions.
|
4
|
-
module HideActions
|
5
|
-
extend ActiveSupport::Concern
|
6
|
-
|
7
|
-
included do
|
8
|
-
class_attribute :hidden_actions
|
9
|
-
self.hidden_actions = Set.new.freeze
|
10
|
-
end
|
11
|
-
|
12
|
-
private
|
13
|
-
|
14
|
-
# Overrides AbstractController::Base#action_method? to return false if the
|
15
|
-
# action name is in the list of hidden actions.
|
16
|
-
def method_for_action(action_name)
|
17
|
-
self.class.visible_action?(action_name) && super
|
18
|
-
end
|
19
|
-
|
20
|
-
module ClassMethods
|
21
|
-
# Sets all of the actions passed in as hidden actions.
|
22
|
-
#
|
23
|
-
# ==== Parameters
|
24
|
-
# * <tt>args</tt> - A list of actions
|
25
|
-
def hide_action(*args)
|
26
|
-
self.hidden_actions = hidden_actions.dup.merge(args.map(&:to_s)).freeze
|
27
|
-
end
|
28
|
-
|
29
|
-
def visible_action?(action_name)
|
30
|
-
not hidden_actions.include?(action_name)
|
31
|
-
end
|
32
|
-
|
33
|
-
# Overrides AbstractController::Base#action_methods to remove any methods
|
34
|
-
# that are listed as hidden methods.
|
35
|
-
def action_methods
|
36
|
-
@action_methods ||= Set.new(super.reject { |name| hidden_actions.include?(name) }).freeze
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
@@ -1,32 +0,0 @@
|
|
1
|
-
require 'action_dispatch/http/request'
|
2
|
-
require 'action_dispatch/http/response'
|
3
|
-
|
4
|
-
module ActionController
|
5
|
-
module RackDelegation
|
6
|
-
extend ActiveSupport::Concern
|
7
|
-
|
8
|
-
delegate :headers, :status=, :location=, :content_type=,
|
9
|
-
:status, :location, :content_type, :response_code, :to => "@_response"
|
10
|
-
|
11
|
-
def dispatch(action, request)
|
12
|
-
set_response!(request)
|
13
|
-
super(action, request)
|
14
|
-
end
|
15
|
-
|
16
|
-
def response_body=(body)
|
17
|
-
response.body = body if response
|
18
|
-
super
|
19
|
-
end
|
20
|
-
|
21
|
-
def reset_session
|
22
|
-
@_request.reset_session
|
23
|
-
end
|
24
|
-
|
25
|
-
private
|
26
|
-
|
27
|
-
def set_response!(request)
|
28
|
-
@_response = ActionDispatch::Response.new
|
29
|
-
@_response.request = request
|
30
|
-
end
|
31
|
-
end
|
32
|
-
end
|
@@ -1,39 +0,0 @@
|
|
1
|
-
module ActionController
|
2
|
-
class Middleware < Metal
|
3
|
-
class ActionMiddleware
|
4
|
-
def initialize(controller, app)
|
5
|
-
@controller, @app = controller, app
|
6
|
-
end
|
7
|
-
|
8
|
-
def call(env)
|
9
|
-
request = ActionDispatch::Request.new(env)
|
10
|
-
@controller.build(@app).dispatch(:index, request)
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
|
-
class << self
|
15
|
-
alias build new
|
16
|
-
|
17
|
-
def new(app)
|
18
|
-
ActionMiddleware.new(self, app)
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
attr_internal :app
|
23
|
-
|
24
|
-
def process(action)
|
25
|
-
response = super
|
26
|
-
self.status, self.headers, self.response_body = response if response.is_a?(Array)
|
27
|
-
response
|
28
|
-
end
|
29
|
-
|
30
|
-
def initialize(app)
|
31
|
-
super()
|
32
|
-
@_app = app
|
33
|
-
end
|
34
|
-
|
35
|
-
def index
|
36
|
-
call(env)
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
@@ -1,12 +0,0 @@
|
|
1
|
-
module ActionController
|
2
|
-
module ModelNaming
|
3
|
-
# Converts the given object to an ActiveModel compliant one.
|
4
|
-
def convert_to_model(object)
|
5
|
-
object.respond_to?(:to_model) ? object.to_model : object
|
6
|
-
end
|
7
|
-
|
8
|
-
def model_name_from_record_or_class(record_or_class)
|
9
|
-
convert_to_model(record_or_class).model_name
|
10
|
-
end
|
11
|
-
end
|
12
|
-
end
|
@@ -1,27 +0,0 @@
|
|
1
|
-
module ActionDispatch
|
2
|
-
module Journey # :nodoc:
|
3
|
-
class Router # :nodoc:
|
4
|
-
class Strexp # :nodoc:
|
5
|
-
class << self
|
6
|
-
alias :compile :new
|
7
|
-
end
|
8
|
-
|
9
|
-
attr_reader :path, :requirements, :separators, :anchor, :ast
|
10
|
-
|
11
|
-
def self.build(path, requirements, separators, anchor = true)
|
12
|
-
parser = Journey::Parser.new
|
13
|
-
ast = parser.parse path
|
14
|
-
new ast, path, requirements, separators, anchor
|
15
|
-
end
|
16
|
-
|
17
|
-
def initialize(ast, path, requirements, separators, anchor = true)
|
18
|
-
@ast = ast
|
19
|
-
@path = path
|
20
|
-
@requirements = requirements
|
21
|
-
@separators = separators
|
22
|
-
@anchor = anchor
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
@@ -1,60 +0,0 @@
|
|
1
|
-
require 'active_support/core_ext/hash/conversions'
|
2
|
-
require 'action_dispatch/http/request'
|
3
|
-
require 'active_support/core_ext/hash/indifferent_access'
|
4
|
-
|
5
|
-
module ActionDispatch
|
6
|
-
class ParamsParser
|
7
|
-
class ParseError < StandardError
|
8
|
-
attr_reader :original_exception
|
9
|
-
|
10
|
-
def initialize(message, original_exception)
|
11
|
-
super(message)
|
12
|
-
@original_exception = original_exception
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
DEFAULT_PARSERS = { Mime::JSON => :json }
|
17
|
-
|
18
|
-
def initialize(app, parsers = {})
|
19
|
-
@app, @parsers = app, DEFAULT_PARSERS.merge(parsers)
|
20
|
-
end
|
21
|
-
|
22
|
-
def call(env)
|
23
|
-
if params = parse_formatted_parameters(env)
|
24
|
-
env["action_dispatch.request.request_parameters"] = params
|
25
|
-
end
|
26
|
-
|
27
|
-
@app.call(env)
|
28
|
-
end
|
29
|
-
|
30
|
-
private
|
31
|
-
def parse_formatted_parameters(env)
|
32
|
-
request = Request.new(env)
|
33
|
-
|
34
|
-
return false if request.content_length.zero?
|
35
|
-
|
36
|
-
strategy = @parsers[request.content_mime_type]
|
37
|
-
|
38
|
-
return false unless strategy
|
39
|
-
|
40
|
-
case strategy
|
41
|
-
when Proc
|
42
|
-
strategy.call(request.raw_post)
|
43
|
-
when :json
|
44
|
-
data = ActiveSupport::JSON.decode(request.raw_post)
|
45
|
-
data = {:_json => data} unless data.is_a?(Hash)
|
46
|
-
Request::Utils.deep_munge(data).with_indifferent_access
|
47
|
-
else
|
48
|
-
false
|
49
|
-
end
|
50
|
-
rescue => e # JSON or Ruby code block errors
|
51
|
-
logger(env).debug "Error occurred while parsing request parameters.\nContents:\n\n#{request.raw_post}"
|
52
|
-
|
53
|
-
raise ParseError.new(e.message, e)
|
54
|
-
end
|
55
|
-
|
56
|
-
def logger(env)
|
57
|
-
env['action_dispatch.logger'] || ActiveSupport::Logger.new($stderr)
|
58
|
-
end
|
59
|
-
end
|
60
|
-
end
|