actionpack 5.0.7.2 → 5.1.0.beta1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionpack might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/CHANGELOG.md +189 -1002
- data/MIT-LICENSE +1 -1
- data/README.rdoc +1 -1
- data/lib/abstract_controller.rb +3 -3
- data/lib/abstract_controller/base.rb +10 -12
- data/lib/abstract_controller/caching.rb +6 -3
- data/lib/abstract_controller/caching/fragments.rb +1 -1
- data/lib/abstract_controller/callbacks.rb +2 -43
- data/lib/abstract_controller/collector.rb +2 -2
- data/lib/abstract_controller/helpers.rb +19 -19
- data/lib/abstract_controller/rendering.rb +9 -11
- data/lib/abstract_controller/translation.rb +3 -3
- data/lib/action_controller.rb +15 -13
- data/lib/action_controller/api.rb +3 -3
- data/lib/action_controller/base.rb +7 -12
- data/lib/action_controller/caching.rb +1 -1
- data/lib/action_controller/log_subscriber.rb +2 -2
- data/lib/action_controller/metal.rb +34 -43
- data/lib/action_controller/metal/conditional_get.rb +10 -9
- data/lib/action_controller/metal/data_streaming.rb +8 -9
- data/lib/action_controller/metal/etag_with_flash.rb +16 -0
- data/lib/action_controller/metal/etag_with_template_digest.rb +15 -15
- data/lib/action_controller/metal/exceptions.rb +4 -14
- data/lib/action_controller/metal/flash.rb +1 -1
- data/lib/action_controller/metal/force_ssl.rb +6 -6
- data/lib/action_controller/metal/head.rb +13 -19
- data/lib/action_controller/metal/helpers.rb +6 -6
- data/lib/action_controller/metal/http_authentication.rb +22 -23
- data/lib/action_controller/metal/implicit_render.rb +2 -5
- data/lib/action_controller/metal/instrumentation.rb +14 -14
- data/lib/action_controller/metal/live.rb +15 -16
- data/lib/action_controller/metal/mime_responds.rb +3 -3
- data/lib/action_controller/metal/parameter_encoding.rb +49 -0
- data/lib/action_controller/metal/params_wrapper.rb +32 -32
- data/lib/action_controller/metal/redirecting.rb +8 -24
- data/lib/action_controller/metal/renderers.rb +2 -3
- data/lib/action_controller/metal/rendering.rb +50 -60
- data/lib/action_controller/metal/request_forgery_protection.rb +51 -49
- data/lib/action_controller/metal/rescue.rb +1 -1
- data/lib/action_controller/metal/streaming.rb +4 -4
- data/lib/action_controller/metal/strong_parameters.rb +117 -250
- data/lib/action_controller/metal/testing.rb +1 -1
- data/lib/action_controller/metal/url_for.rb +4 -4
- data/lib/action_controller/railtie.rb +9 -13
- data/lib/action_controller/renderer.rb +17 -16
- data/lib/action_controller/test_case.rb +75 -148
- data/lib/action_dispatch.rb +20 -19
- data/lib/action_dispatch/http/cache.rb +9 -10
- data/lib/action_dispatch/http/filter_parameters.rb +8 -8
- data/lib/action_dispatch/http/filter_redirect.rb +2 -4
- data/lib/action_dispatch/http/headers.rb +10 -10
- data/lib/action_dispatch/http/mime_negotiation.rb +17 -22
- data/lib/action_dispatch/http/mime_type.rb +27 -52
- data/lib/action_dispatch/http/parameter_filter.rb +8 -6
- data/lib/action_dispatch/http/parameters.rb +40 -17
- data/lib/action_dispatch/http/request.rb +38 -34
- data/lib/action_dispatch/http/response.rb +16 -16
- data/lib/action_dispatch/http/upload.rb +6 -10
- data/lib/action_dispatch/http/url.rb +48 -74
- data/lib/action_dispatch/journey.rb +5 -5
- data/lib/action_dispatch/journey/formatter.rb +8 -4
- data/lib/action_dispatch/journey/gtg/builder.rb +5 -5
- data/lib/action_dispatch/journey/gtg/simulator.rb +1 -1
- data/lib/action_dispatch/journey/gtg/transition_table.rb +15 -15
- data/lib/action_dispatch/journey/nfa/builder.rb +3 -3
- data/lib/action_dispatch/journey/nfa/dot.rb +2 -2
- data/lib/action_dispatch/journey/nfa/simulator.rb +1 -1
- data/lib/action_dispatch/journey/nfa/transition_table.rb +2 -2
- data/lib/action_dispatch/journey/nodes/node.rb +5 -5
- data/lib/action_dispatch/journey/parser.rb +23 -24
- data/lib/action_dispatch/journey/parser.y +3 -2
- data/lib/action_dispatch/journey/parser_extras.rb +2 -2
- data/lib/action_dispatch/journey/path/pattern.rb +10 -3
- data/lib/action_dispatch/journey/route.rb +19 -12
- data/lib/action_dispatch/journey/router.rb +19 -12
- data/lib/action_dispatch/journey/router/utils.rb +9 -9
- data/lib/action_dispatch/journey/scanner.rb +17 -15
- data/lib/action_dispatch/journey/visitors.rb +23 -23
- data/lib/action_dispatch/middleware/callbacks.rb +0 -12
- data/lib/action_dispatch/middleware/cookies.rb +39 -39
- data/lib/action_dispatch/middleware/debug_exceptions.rb +126 -112
- data/lib/action_dispatch/middleware/debug_locks.rb +8 -8
- data/lib/action_dispatch/middleware/exception_wrapper.rb +55 -55
- data/lib/action_dispatch/middleware/executor.rb +1 -1
- data/lib/action_dispatch/middleware/flash.rb +17 -16
- data/lib/action_dispatch/middleware/public_exceptions.rb +20 -20
- data/lib/action_dispatch/middleware/reloader.rb +3 -47
- data/lib/action_dispatch/middleware/remote_ip.rb +6 -8
- data/lib/action_dispatch/middleware/request_id.rb +6 -5
- data/lib/action_dispatch/middleware/session/abstract_store.rb +14 -26
- data/lib/action_dispatch/middleware/session/cache_store.rb +3 -3
- data/lib/action_dispatch/middleware/session/cookie_store.rb +35 -35
- data/lib/action_dispatch/middleware/session/mem_cache_store.rb +2 -2
- data/lib/action_dispatch/middleware/show_exceptions.rb +19 -19
- data/lib/action_dispatch/middleware/ssl.rb +9 -27
- data/lib/action_dispatch/middleware/stack.rb +7 -26
- data/lib/action_dispatch/middleware/static.rb +13 -24
- data/lib/action_dispatch/railtie.rb +9 -11
- data/lib/action_dispatch/request/session.rb +22 -22
- data/lib/action_dispatch/request/utils.rb +11 -2
- data/lib/action_dispatch/routing.rb +8 -6
- data/lib/action_dispatch/routing/inspector.rb +37 -37
- data/lib/action_dispatch/routing/mapper.rb +296 -203
- data/lib/action_dispatch/routing/polymorphic_routes.rb +160 -134
- data/lib/action_dispatch/routing/redirection.rb +27 -22
- data/lib/action_dispatch/routing/route_set.rb +206 -92
- data/lib/action_dispatch/routing/routes_proxy.rb +2 -2
- data/lib/action_dispatch/routing/url_for.rb +14 -12
- data/lib/action_dispatch/system_test_case.rb +119 -0
- data/lib/action_dispatch/system_testing/browser.rb +28 -0
- data/lib/action_dispatch/system_testing/driver.rb +18 -0
- data/lib/action_dispatch/system_testing/server.rb +32 -0
- data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +61 -0
- data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +20 -0
- data/lib/action_dispatch/testing/assertion_response.rb +6 -6
- data/lib/action_dispatch/testing/assertions.rb +4 -4
- data/lib/action_dispatch/testing/assertions/response.rb +8 -3
- data/lib/action_dispatch/testing/assertions/routing.rb +11 -11
- data/lib/action_dispatch/testing/integration.rb +47 -138
- data/lib/action_dispatch/testing/test_process.rb +2 -2
- data/lib/action_dispatch/testing/test_request.rb +16 -16
- data/lib/action_dispatch/testing/test_response.rb +1 -1
- data/lib/action_pack.rb +2 -2
- data/lib/action_pack/gem_version.rb +3 -3
- data/lib/action_pack/version.rb +1 -1
- metadata +20 -12
- data/lib/action_dispatch/middleware/params_parser.rb +0 -46
@@ -21,7 +21,7 @@ module ActionDispatch
|
|
21
21
|
# This middleware exposes operational details of the server, with no access
|
22
22
|
# control. It should only be enabled when in use, and removed thereafter.
|
23
23
|
class DebugLocks
|
24
|
-
def initialize(app, path =
|
24
|
+
def initialize(app, path = "/rails/locks")
|
25
25
|
@app = app
|
26
26
|
@path = path
|
27
27
|
end
|
@@ -30,7 +30,7 @@ module ActionDispatch
|
|
30
30
|
req = ActionDispatch::Request.new env
|
31
31
|
|
32
32
|
if req.get?
|
33
|
-
path = req.path_info.chomp(
|
33
|
+
path = req.path_info.chomp("/".freeze)
|
34
34
|
if path == @path
|
35
35
|
return render_details(req)
|
36
36
|
end
|
@@ -61,16 +61,16 @@ module ActionDispatch
|
|
61
61
|
|
62
62
|
str = threads.map do |thread, info|
|
63
63
|
if info[:exclusive]
|
64
|
-
lock_state =
|
64
|
+
lock_state = "Exclusive"
|
65
65
|
elsif info[:sharing] > 0
|
66
|
-
lock_state =
|
66
|
+
lock_state = "Sharing"
|
67
67
|
lock_state << " x#{info[:sharing]}" if info[:sharing] > 1
|
68
68
|
else
|
69
|
-
lock_state =
|
69
|
+
lock_state = "No lock"
|
70
70
|
end
|
71
71
|
|
72
72
|
if info[:waiting]
|
73
|
-
lock_state <<
|
73
|
+
lock_state << " (yielded share)"
|
74
74
|
end
|
75
75
|
|
76
76
|
msg = "Thread #{info[:index]} [0x#{thread.__id__.to_s(16)} #{thread.status || 'dead'}] #{lock_state}\n"
|
@@ -86,11 +86,11 @@ module ActionDispatch
|
|
86
86
|
end
|
87
87
|
|
88
88
|
blockers = threads.values.select { |binfo| blocked_by?(info, binfo, threads.values) }
|
89
|
-
msg << " blocked by: #{blockers.map {|i| i[:index] }.join(', ')}\n" if blockers.any?
|
89
|
+
msg << " blocked by: #{blockers.map { |i| i[:index] }.join(', ')}\n" if blockers.any?
|
90
90
|
end
|
91
91
|
|
92
92
|
blockees = threads.values.select { |binfo| blocked_by?(binfo, info, threads.values) }
|
93
|
-
msg << " blocking: #{blockees.map {|i| i[:index] }.join(', ')}\n" if blockees.any?
|
93
|
+
msg << " blocking: #{blockees.map { |i| i[:index] }.join(', ')}\n" if blockees.any?
|
94
94
|
|
95
95
|
msg << "\n#{info[:backtrace].join("\n")}\n" if info[:backtrace]
|
96
96
|
end.join("\n\n---\n\n\n")
|
@@ -1,33 +1,33 @@
|
|
1
|
-
require
|
2
|
-
require
|
1
|
+
require "active_support/core_ext/module/attribute_accessors"
|
2
|
+
require "rack/utils"
|
3
3
|
|
4
4
|
module ActionDispatch
|
5
5
|
class ExceptionWrapper
|
6
6
|
cattr_accessor :rescue_responses
|
7
7
|
@@rescue_responses = Hash.new(:internal_server_error)
|
8
8
|
@@rescue_responses.merge!(
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
9
|
+
"ActionController::RoutingError" => :not_found,
|
10
|
+
"AbstractController::ActionNotFound" => :not_found,
|
11
|
+
"ActionController::MethodNotAllowed" => :method_not_allowed,
|
12
|
+
"ActionController::UnknownHttpMethod" => :method_not_allowed,
|
13
|
+
"ActionController::NotImplemented" => :not_implemented,
|
14
|
+
"ActionController::UnknownFormat" => :not_acceptable,
|
15
|
+
"ActionController::InvalidAuthenticityToken" => :unprocessable_entity,
|
16
|
+
"ActionController::InvalidCrossOriginRequest" => :unprocessable_entity,
|
17
|
+
"ActionDispatch::Http::Parameters::ParseError" => :bad_request,
|
18
|
+
"ActionController::BadRequest" => :bad_request,
|
19
|
+
"ActionController::ParameterMissing" => :bad_request,
|
20
|
+
"Rack::QueryParser::ParameterTypeError" => :bad_request,
|
21
|
+
"Rack::QueryParser::InvalidParameterError" => :bad_request
|
22
22
|
)
|
23
23
|
|
24
24
|
cattr_accessor :rescue_templates
|
25
|
-
@@rescue_templates = Hash.new(
|
25
|
+
@@rescue_templates = Hash.new("diagnostics")
|
26
26
|
@@rescue_templates.merge!(
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
27
|
+
"ActionView::MissingTemplate" => "missing_template",
|
28
|
+
"ActionController::RoutingError" => "routing_error",
|
29
|
+
"AbstractController::ActionNotFound" => "unknown_action",
|
30
|
+
"ActionView::Template::Error" => "template_error"
|
31
31
|
)
|
32
32
|
|
33
33
|
attr_reader :backtrace_cleaner, :exception, :line_number, :file
|
@@ -100,49 +100,49 @@ module ActionDispatch
|
|
100
100
|
|
101
101
|
private
|
102
102
|
|
103
|
-
|
104
|
-
|
105
|
-
|
103
|
+
def backtrace
|
104
|
+
Array(@exception.backtrace)
|
105
|
+
end
|
106
106
|
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
107
|
+
def original_exception(exception)
|
108
|
+
if @@rescue_responses.has_key?(exception.cause.class.name)
|
109
|
+
exception.cause
|
110
|
+
else
|
111
|
+
exception
|
112
|
+
end
|
112
113
|
end
|
113
|
-
end
|
114
114
|
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
115
|
+
def clean_backtrace(*args)
|
116
|
+
if backtrace_cleaner
|
117
|
+
backtrace_cleaner.clean(backtrace, *args)
|
118
|
+
else
|
119
|
+
backtrace
|
120
|
+
end
|
120
121
|
end
|
121
|
-
end
|
122
122
|
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
123
|
+
def source_fragment(path, line)
|
124
|
+
return unless Rails.respond_to?(:root) && Rails.root
|
125
|
+
full_path = Rails.root.join(path)
|
126
|
+
if File.exist?(full_path)
|
127
|
+
File.open(full_path, "r") do |file|
|
128
|
+
start = [line - 3, 0].max
|
129
|
+
lines = file.each_line.drop(start).take(6)
|
130
|
+
Hash[*(start + 1..(lines.count + start)).zip(lines).flatten]
|
131
|
+
end
|
131
132
|
end
|
132
133
|
end
|
133
|
-
end
|
134
134
|
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
135
|
+
def extract_file_and_line_number(trace)
|
136
|
+
# Split by the first colon followed by some digits, which works for both
|
137
|
+
# Windows and Unix path styles.
|
138
|
+
file, line = trace.match(/^(.+?):(\d+).*$/, &:captures) || trace
|
139
|
+
[file, line.to_i]
|
140
|
+
end
|
141
141
|
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
142
|
+
def expand_backtrace
|
143
|
+
@exception.backtrace.unshift(
|
144
|
+
@exception.to_s.split("\n")
|
145
|
+
).flatten!
|
146
|
+
end
|
147
147
|
end
|
148
148
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require
|
1
|
+
require "active_support/core_ext/hash/keys"
|
2
2
|
|
3
3
|
module ActionDispatch
|
4
4
|
# The flash provides a way to pass temporary primitive-types (String, Array, Hash) between actions. Anything you place in the flash will be exposed
|
@@ -36,7 +36,7 @@ module ActionDispatch
|
|
36
36
|
#
|
37
37
|
# See docs on the FlashHash class for more details about the flash.
|
38
38
|
class Flash
|
39
|
-
KEY =
|
39
|
+
KEY = "action_dispatch.request.flash_hash".freeze
|
40
40
|
|
41
41
|
module RequestMethods
|
42
42
|
# Access the contents of the flash. Use <tt>flash["notice"]</tt> to
|
@@ -60,14 +60,14 @@ module ActionDispatch
|
|
60
60
|
session = self.session || {}
|
61
61
|
flash_hash = self.flash_hash
|
62
62
|
|
63
|
-
if flash_hash && (flash_hash.present? || session.key?(
|
63
|
+
if flash_hash && (flash_hash.present? || session.key?("flash"))
|
64
64
|
session["flash"] = flash_hash.to_session_value
|
65
65
|
self.flash = flash_hash.dup
|
66
66
|
end
|
67
67
|
|
68
68
|
if (!session.respond_to?(:loaded?) || session.loaded?) && # (reset_session uses {}, which doesn't implement #loaded?)
|
69
|
-
session.key?(
|
70
|
-
session.delete(
|
69
|
+
session.key?("flash") && session["flash"].nil?
|
70
|
+
session.delete("flash")
|
71
71
|
end
|
72
72
|
end
|
73
73
|
|
@@ -118,8 +118,8 @@ module ActionDispatch
|
|
118
118
|
end
|
119
119
|
new(flashes, flashes.keys)
|
120
120
|
when Hash # Rails 4.0
|
121
|
-
flashes = value[
|
122
|
-
if discard = value[
|
121
|
+
flashes = value["flashes"]
|
122
|
+
if discard = value["discard"]
|
123
123
|
flashes.except!(*discard)
|
124
124
|
end
|
125
125
|
new(flashes, flashes.keys)
|
@@ -129,11 +129,11 @@ module ActionDispatch
|
|
129
129
|
end
|
130
130
|
|
131
131
|
# Builds a hash containing the flashes to keep for the next request.
|
132
|
-
# If there are none to keep, returns nil
|
132
|
+
# If there are none to keep, returns +nil+.
|
133
133
|
def to_session_value #:nodoc:
|
134
134
|
flashes_to_keep = @flashes.except(*@discard)
|
135
135
|
return nil if flashes_to_keep.empty?
|
136
|
-
{
|
136
|
+
{ "discard" => [], "flashes" => flashes_to_keep }
|
137
137
|
end
|
138
138
|
|
139
139
|
def initialize(flashes = {}, discard = []) #:nodoc:
|
@@ -277,15 +277,16 @@ module ActionDispatch
|
|
277
277
|
end
|
278
278
|
|
279
279
|
protected
|
280
|
-
|
281
|
-
|
282
|
-
|
280
|
+
def now_is_loaded?
|
281
|
+
@now
|
282
|
+
end
|
283
283
|
|
284
|
-
|
285
|
-
array
|
286
|
-
|
284
|
+
private
|
285
|
+
def stringify_array(array) # :doc:
|
286
|
+
array.map do |item|
|
287
|
+
item.kind_of?(Symbol) ? item.to_s : item
|
288
|
+
end
|
287
289
|
end
|
288
|
-
end
|
289
290
|
end
|
290
291
|
|
291
292
|
def self.new(app) app; end
|
@@ -20,36 +20,36 @@ module ActionDispatch
|
|
20
20
|
request = ActionDispatch::Request.new(env)
|
21
21
|
status = request.path_info[1..-1].to_i
|
22
22
|
content_type = request.formats.first
|
23
|
-
body = { :
|
23
|
+
body = { status: status, error: Rack::Utils::HTTP_STATUS_CODES.fetch(status, Rack::Utils::HTTP_STATUS_CODES[500]) }
|
24
24
|
|
25
25
|
render(status, content_type, body)
|
26
26
|
end
|
27
27
|
|
28
28
|
private
|
29
29
|
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
30
|
+
def render(status, content_type, body)
|
31
|
+
format = "to_#{content_type.to_sym}" if content_type
|
32
|
+
if format && body.respond_to?(format)
|
33
|
+
render_format(status, content_type, body.public_send(format))
|
34
|
+
else
|
35
|
+
render_html(status)
|
36
|
+
end
|
36
37
|
end
|
37
|
-
end
|
38
38
|
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
39
|
+
def render_format(status, content_type, body)
|
40
|
+
[status, { "Content-Type" => "#{content_type}; charset=#{ActionDispatch::Response.default_charset}",
|
41
|
+
"Content-Length" => body.bytesize.to_s }, [body]]
|
42
|
+
end
|
43
43
|
|
44
|
-
|
45
|
-
|
46
|
-
|
44
|
+
def render_html(status)
|
45
|
+
path = "#{public_path}/#{status}.#{I18n.locale}.html"
|
46
|
+
path = "#{public_path}/#{status}.html" unless (found = File.exist?(path))
|
47
47
|
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
48
|
+
if found || File.exist?(path)
|
49
|
+
render_format(status, "text/html", File.read(path))
|
50
|
+
else
|
51
|
+
[404, { "X-Cascade" => "pass" }, []]
|
52
|
+
end
|
52
53
|
end
|
53
|
-
end
|
54
54
|
end
|
55
55
|
end
|
@@ -1,54 +1,10 @@
|
|
1
1
|
module ActionDispatch
|
2
|
-
# ActionDispatch::Reloader
|
3
|
-
# intended to assist with code reloading during development.
|
4
|
-
#
|
5
|
-
# Prepare callbacks are run before each request, and cleanup callbacks
|
6
|
-
# after each request. In this respect they are analogs of ActionDispatch::Callback's
|
7
|
-
# before and after callbacks. However, cleanup callbacks are not called until the
|
8
|
-
# request is fully complete -- that is, after #close has been called on
|
9
|
-
# the response body. This is important for streaming responses such as the
|
10
|
-
# following:
|
11
|
-
#
|
12
|
-
# self.response_body = -> (response, output) do
|
13
|
-
# # code here which refers to application models
|
14
|
-
# end
|
15
|
-
#
|
16
|
-
# Cleanup callbacks will not be called until after the response_body lambda
|
17
|
-
# is evaluated, ensuring that it can refer to application models and other
|
18
|
-
# classes before they are unloaded.
|
2
|
+
# ActionDispatch::Reloader wraps the request with callbacks provided by ActiveSupport::Reloader
|
3
|
+
# callbacks, intended to assist with code reloading during development.
|
19
4
|
#
|
20
5
|
# By default, ActionDispatch::Reloader is included in the middleware stack
|
21
6
|
# only in the development environment; specifically, when +config.cache_classes+
|
22
|
-
# is false.
|
23
|
-
# middleware stack, but are executed only when <tt>ActionDispatch::Reloader.prepare!</tt>
|
24
|
-
# or <tt>ActionDispatch::Reloader.cleanup!</tt> are called manually.
|
25
|
-
#
|
7
|
+
# is false.
|
26
8
|
class Reloader < Executor
|
27
|
-
def self.to_prepare(*args, &block)
|
28
|
-
ActiveSupport::Reloader.to_prepare(*args, &block)
|
29
|
-
end
|
30
|
-
|
31
|
-
def self.to_cleanup(*args, &block)
|
32
|
-
ActiveSupport::Reloader.to_complete(*args, &block)
|
33
|
-
end
|
34
|
-
|
35
|
-
def self.prepare!
|
36
|
-
default_reloader.prepare!
|
37
|
-
end
|
38
|
-
|
39
|
-
def self.cleanup!
|
40
|
-
default_reloader.reload!
|
41
|
-
end
|
42
|
-
|
43
|
-
class << self
|
44
|
-
attr_accessor :default_reloader # :nodoc:
|
45
|
-
|
46
|
-
deprecate to_prepare: 'use ActiveSupport::Reloader.to_prepare instead',
|
47
|
-
to_cleanup: 'use ActiveSupport::Reloader.to_complete instead',
|
48
|
-
prepare!: 'use Rails.application.reloader.prepare! instead',
|
49
|
-
cleanup!: 'use Rails.application.reloader.reload! instead of cleanup + prepare'
|
50
|
-
end
|
51
|
-
|
52
|
-
self.default_reloader = ActiveSupport::Reloader
|
53
9
|
end
|
54
10
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require
|
1
|
+
require "ipaddr"
|
2
2
|
|
3
3
|
module ActionDispatch
|
4
4
|
# This middleware calculates the IP address of the remote client that is
|
@@ -131,8 +131,8 @@ module ActionDispatch
|
|
131
131
|
should_check_ip = @check_ip && client_ips.last && forwarded_ips.last
|
132
132
|
if should_check_ip && !forwarded_ips.include?(client_ips.last)
|
133
133
|
# We don't know which came from the proxy, and which from the user
|
134
|
-
raise IpSpoofAttackError, "IP spoofing attack?! "
|
135
|
-
"HTTP_CLIENT_IP=#{@req.client_ip.inspect} "
|
134
|
+
raise IpSpoofAttackError, "IP spoofing attack?! " \
|
135
|
+
"HTTP_CLIENT_IP=#{@req.client_ip.inspect} " \
|
136
136
|
"HTTP_X_FORWARDED_FOR=#{@req.x_forwarded_for.inspect}"
|
137
137
|
end
|
138
138
|
|
@@ -153,9 +153,9 @@ module ActionDispatch
|
|
153
153
|
@ip ||= calculate_ip
|
154
154
|
end
|
155
155
|
|
156
|
-
|
156
|
+
private
|
157
157
|
|
158
|
-
def ips_from(header)
|
158
|
+
def ips_from(header) # :doc:
|
159
159
|
return [] unless header
|
160
160
|
# Split the comma-separated list into an array of strings
|
161
161
|
ips = header.strip.split(/[,\s]+/)
|
@@ -171,13 +171,11 @@ module ActionDispatch
|
|
171
171
|
end
|
172
172
|
end
|
173
173
|
|
174
|
-
def filter_proxies(ips)
|
174
|
+
def filter_proxies(ips) # :doc:
|
175
175
|
ips.reject do |ip|
|
176
176
|
@proxies.any? { |proxy| proxy === ip }
|
177
177
|
end
|
178
178
|
end
|
179
|
-
|
180
179
|
end
|
181
|
-
|
182
180
|
end
|
183
181
|
end
|
@@ -1,9 +1,10 @@
|
|
1
|
-
require
|
2
|
-
require
|
1
|
+
require "securerandom"
|
2
|
+
require "active_support/core_ext/string/access"
|
3
3
|
|
4
4
|
module ActionDispatch
|
5
|
-
# Makes a unique request id available to the action_dispatch.request_id env variable (which is then accessible
|
6
|
-
# ActionDispatch::Request#
|
5
|
+
# Makes a unique request id available to the +action_dispatch.request_id+ env variable (which is then accessible
|
6
|
+
# through <tt>ActionDispatch::Request#request_id</tt> or the alias <tt>ActionDispatch::Request#uuid</tt>) and sends
|
7
|
+
# the same id to the client via the X-Request-Id header.
|
7
8
|
#
|
8
9
|
# The unique request id is either based on the X-Request-Id header in the request, which would typically be generated
|
9
10
|
# by a firewall, load balancer, or the web server, or, if this header is not available, a random uuid. If the
|
@@ -12,7 +13,7 @@ module ActionDispatch
|
|
12
13
|
# The unique request id can be used to trace a request end-to-end and would typically end up being part of log files
|
13
14
|
# from multiple pieces of the stack.
|
14
15
|
class RequestId
|
15
|
-
X_REQUEST_ID = "X-Request-Id".freeze
|
16
|
+
X_REQUEST_ID = "X-Request-Id".freeze #:nodoc:
|
16
17
|
|
17
18
|
def initialize(app)
|
18
19
|
@app = app
|