actionpack 5.1.7 → 5.2.0.beta1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionpack might be problematic. Click here for more details.

Files changed (144) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +132 -490
  3. data/README.rdoc +1 -1
  4. data/lib/abstract_controller.rb +2 -0
  5. data/lib/abstract_controller/asset_paths.rb +2 -0
  6. data/lib/abstract_controller/base.rb +10 -2
  7. data/lib/abstract_controller/caching.rb +3 -2
  8. data/lib/abstract_controller/caching/fragments.rb +30 -7
  9. data/lib/abstract_controller/callbacks.rb +25 -3
  10. data/lib/abstract_controller/collector.rb +2 -0
  11. data/lib/abstract_controller/error.rb +2 -0
  12. data/lib/abstract_controller/helpers.rb +4 -5
  13. data/lib/abstract_controller/logger.rb +2 -0
  14. data/lib/abstract_controller/railties/routes_helpers.rb +2 -0
  15. data/lib/abstract_controller/rendering.rb +9 -16
  16. data/lib/abstract_controller/translation.rb +2 -0
  17. data/lib/abstract_controller/url_for.rb +2 -0
  18. data/lib/action_controller.rb +3 -0
  19. data/lib/action_controller/api.rb +2 -0
  20. data/lib/action_controller/api/api_rendering.rb +2 -0
  21. data/lib/action_controller/base.rb +3 -0
  22. data/lib/action_controller/caching.rb +2 -0
  23. data/lib/action_controller/form_builder.rb +2 -0
  24. data/lib/action_controller/log_subscriber.rb +5 -3
  25. data/lib/action_controller/metal.rb +3 -2
  26. data/lib/action_controller/metal/basic_implicit_render.rb +2 -0
  27. data/lib/action_controller/metal/conditional_get.rb +4 -3
  28. data/lib/action_controller/metal/content_security_policy.rb +26 -0
  29. data/lib/action_controller/metal/cookies.rb +2 -0
  30. data/lib/action_controller/metal/data_streaming.rb +7 -5
  31. data/lib/action_controller/metal/etag_with_flash.rb +2 -0
  32. data/lib/action_controller/metal/etag_with_template_digest.rb +3 -2
  33. data/lib/action_controller/metal/exceptions.rb +2 -3
  34. data/lib/action_controller/metal/flash.rb +3 -2
  35. data/lib/action_controller/metal/force_ssl.rb +2 -0
  36. data/lib/action_controller/metal/head.rb +2 -0
  37. data/lib/action_controller/metal/helpers.rb +4 -3
  38. data/lib/action_controller/metal/http_authentication.rb +8 -9
  39. data/lib/action_controller/metal/implicit_render.rb +2 -0
  40. data/lib/action_controller/metal/instrumentation.rb +4 -6
  41. data/lib/action_controller/metal/live.rb +3 -1
  42. data/lib/action_controller/metal/mime_responds.rb +3 -1
  43. data/lib/action_controller/metal/parameter_encoding.rb +2 -0
  44. data/lib/action_controller/metal/params_wrapper.rb +13 -9
  45. data/lib/action_controller/metal/redirecting.rb +21 -10
  46. data/lib/action_controller/metal/renderers.rb +4 -3
  47. data/lib/action_controller/metal/rendering.rb +2 -2
  48. data/lib/action_controller/metal/request_forgery_protection.rb +22 -6
  49. data/lib/action_controller/metal/rescue.rb +5 -3
  50. data/lib/action_controller/metal/streaming.rb +2 -0
  51. data/lib/action_controller/metal/strong_parameters.rb +19 -11
  52. data/lib/action_controller/metal/testing.rb +2 -6
  53. data/lib/action_controller/metal/url_for.rb +2 -0
  54. data/lib/action_controller/railtie.rb +16 -4
  55. data/lib/action_controller/railties/helpers.rb +2 -0
  56. data/lib/action_controller/renderer.rb +2 -0
  57. data/lib/action_controller/template_assertions.rb +2 -0
  58. data/lib/action_controller/test_case.rb +4 -1
  59. data/lib/action_dispatch.rb +3 -0
  60. data/lib/action_dispatch/http/cache.rb +15 -9
  61. data/lib/action_dispatch/http/content_security_policy.rb +233 -0
  62. data/lib/action_dispatch/http/filter_parameters.rb +4 -2
  63. data/lib/action_dispatch/http/filter_redirect.rb +2 -0
  64. data/lib/action_dispatch/http/headers.rb +2 -0
  65. data/lib/action_dispatch/http/mime_negotiation.rb +4 -13
  66. data/lib/action_dispatch/http/mime_type.rb +15 -13
  67. data/lib/action_dispatch/http/mime_types.rb +4 -2
  68. data/lib/action_dispatch/http/parameter_filter.rb +2 -0
  69. data/lib/action_dispatch/http/parameters.rb +6 -9
  70. data/lib/action_dispatch/http/rack_cache.rb +2 -0
  71. data/lib/action_dispatch/http/request.rb +36 -16
  72. data/lib/action_dispatch/http/response.rb +11 -9
  73. data/lib/action_dispatch/http/upload.rb +2 -0
  74. data/lib/action_dispatch/http/url.rb +4 -5
  75. data/lib/action_dispatch/journey.rb +2 -0
  76. data/lib/action_dispatch/journey/formatter.rb +4 -2
  77. data/lib/action_dispatch/journey/gtg/builder.rb +2 -0
  78. data/lib/action_dispatch/journey/gtg/simulator.rb +2 -8
  79. data/lib/action_dispatch/journey/gtg/transition_table.rb +3 -2
  80. data/lib/action_dispatch/journey/nfa/builder.rb +2 -0
  81. data/lib/action_dispatch/journey/nfa/dot.rb +2 -0
  82. data/lib/action_dispatch/journey/nfa/simulator.rb +2 -0
  83. data/lib/action_dispatch/journey/nfa/transition_table.rb +2 -0
  84. data/lib/action_dispatch/journey/nodes/node.rb +2 -0
  85. data/lib/action_dispatch/journey/parser_extras.rb +2 -0
  86. data/lib/action_dispatch/journey/path/pattern.rb +2 -0
  87. data/lib/action_dispatch/journey/route.rb +15 -6
  88. data/lib/action_dispatch/journey/router.rb +3 -1
  89. data/lib/action_dispatch/journey/router/utils.rb +14 -7
  90. data/lib/action_dispatch/journey/routes.rb +2 -1
  91. data/lib/action_dispatch/journey/scanner.rb +1 -0
  92. data/lib/action_dispatch/journey/visitors.rb +5 -3
  93. data/lib/action_dispatch/middleware/callbacks.rb +2 -0
  94. data/lib/action_dispatch/middleware/cookies.rb +141 -91
  95. data/lib/action_dispatch/middleware/debug_exceptions.rb +4 -2
  96. data/lib/action_dispatch/middleware/debug_locks.rb +9 -7
  97. data/lib/action_dispatch/middleware/exception_wrapper.rb +4 -6
  98. data/lib/action_dispatch/middleware/executor.rb +2 -0
  99. data/lib/action_dispatch/middleware/flash.rb +3 -1
  100. data/lib/action_dispatch/middleware/public_exceptions.rb +6 -4
  101. data/lib/action_dispatch/middleware/reloader.rb +2 -0
  102. data/lib/action_dispatch/middleware/remote_ip.rb +7 -5
  103. data/lib/action_dispatch/middleware/request_id.rb +2 -0
  104. data/lib/action_dispatch/middleware/session/abstract_store.rb +3 -1
  105. data/lib/action_dispatch/middleware/session/cache_store.rb +2 -0
  106. data/lib/action_dispatch/middleware/session/cookie_store.rb +13 -25
  107. data/lib/action_dispatch/middleware/session/mem_cache_store.rb +2 -0
  108. data/lib/action_dispatch/middleware/show_exceptions.rb +3 -1
  109. data/lib/action_dispatch/middleware/ssl.rb +42 -37
  110. data/lib/action_dispatch/middleware/stack.rb +2 -0
  111. data/lib/action_dispatch/middleware/static.rb +10 -8
  112. data/lib/action_dispatch/middleware/templates/rescues/layout.erb +1 -0
  113. data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +6 -2
  114. data/lib/action_dispatch/railtie.rb +7 -0
  115. data/lib/action_dispatch/request/session.rb +8 -4
  116. data/lib/action_dispatch/request/utils.rb +4 -4
  117. data/lib/action_dispatch/routing.rb +3 -1
  118. data/lib/action_dispatch/routing/endpoint.rb +8 -4
  119. data/lib/action_dispatch/routing/inspector.rb +5 -3
  120. data/lib/action_dispatch/routing/mapper.rb +62 -51
  121. data/lib/action_dispatch/routing/polymorphic_routes.rb +2 -0
  122. data/lib/action_dispatch/routing/redirection.rb +7 -5
  123. data/lib/action_dispatch/routing/route_set.rb +26 -33
  124. data/lib/action_dispatch/routing/routes_proxy.rb +5 -2
  125. data/lib/action_dispatch/routing/url_for.rb +6 -4
  126. data/lib/action_dispatch/system_test_case.rb +14 -6
  127. data/lib/action_dispatch/system_testing/driver.rb +20 -2
  128. data/lib/action_dispatch/system_testing/server.rb +2 -16
  129. data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +6 -4
  130. data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +2 -0
  131. data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb +26 -0
  132. data/lib/action_dispatch/testing/assertion_response.rb +2 -0
  133. data/lib/action_dispatch/testing/assertions.rb +2 -0
  134. data/lib/action_dispatch/testing/assertions/response.rb +4 -2
  135. data/lib/action_dispatch/testing/assertions/routing.rb +5 -5
  136. data/lib/action_dispatch/testing/integration.rb +24 -21
  137. data/lib/action_dispatch/testing/request_encoder.rb +2 -0
  138. data/lib/action_dispatch/testing/test_process.rb +2 -0
  139. data/lib/action_dispatch/testing/test_request.rb +3 -1
  140. data/lib/action_dispatch/testing/test_response.rb +23 -3
  141. data/lib/action_pack.rb +2 -0
  142. data/lib/action_pack/gem_version.rb +5 -3
  143. data/lib/action_pack/version.rb +2 -0
  144. metadata +17 -13
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "action_dispatch/http/parameter_filter"
2
4
 
3
5
  module ActionDispatch
@@ -7,7 +9,7 @@ module ActionDispatch
7
9
  # sub-hashes of the params hash to filter. Filtering only certain sub-keys
8
10
  # from a hash is possible by using the dot notation: 'credit_card.number'.
9
11
  # If a block is given, each key and value of the params hash and all
10
- # sub-hashes is passed to it, the value or key can be replaced using
12
+ # sub-hashes is passed to it, where the value or the key can be replaced using
11
13
  # String#replace or similar method.
12
14
  #
13
15
  # env["action_dispatch.parameter_filter"] = [:password]
@@ -46,7 +48,7 @@ module ActionDispatch
46
48
  @filtered_env ||= env_filter.filter(@env)
47
49
  end
48
50
 
49
- # Reconstructed a path with all sensitive GET parameters replaced.
51
+ # Reconstructs a path with all sensitive GET parameters replaced.
50
52
  def filtered_path
51
53
  @filtered_path ||= query_string.empty? ? path : "#{path}?#{filtered_query_string}"
52
54
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module ActionDispatch
2
4
  module Http
3
5
  module FilterRedirect
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module ActionDispatch
2
4
  module Http
3
5
  # Provides access to the request's HTTP headers from the environment.
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "active_support/core_ext/module/attribute_accessors"
2
4
 
3
5
  module ActionDispatch
@@ -6,14 +8,10 @@ module ActionDispatch
6
8
  extend ActiveSupport::Concern
7
9
 
8
10
  included do
9
- mattr_accessor :ignore_accept_header
10
- self.ignore_accept_header = false
11
+ mattr_accessor :ignore_accept_header, default: false
11
12
  end
12
13
 
13
14
  # The MIME type of the HTTP request, such as Mime[:xml].
14
- #
15
- # For backward compatibility, the post \format is extracted from the
16
- # X-Post-Data-Format HTTP header if present.
17
15
  def content_mime_type
18
16
  fetch_header("action_dispatch.request.content_type") do |k|
19
17
  v = if get_header("CONTENT_TYPE") =~ /^([^,\;]*)/
@@ -76,11 +74,6 @@ module ActionDispatch
76
74
  else
77
75
  [Mime[:html]]
78
76
  end
79
-
80
- v = v.select do |format|
81
- format.symbol || format.ref == "*/*"
82
- end
83
-
84
77
  set_header k, v
85
78
  end
86
79
  end
@@ -140,9 +133,7 @@ module ActionDispatch
140
133
  }
141
134
  end
142
135
 
143
- # Receives an array of mimes and return the first user sent mime that
144
- # matches the order array.
145
- #
136
+ # Returns the first MIME type that matches the provided array of MIME types.
146
137
  def negotiate_mime(order)
147
138
  formats.each do |priority|
148
139
  if priority == Mime::ALL
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  # -*- frozen-string-literal: true -*-
2
4
 
3
5
  require "singleton"
@@ -46,7 +48,7 @@ module Mime
46
48
  end
47
49
  end
48
50
 
49
- # Encapsulates the notion of a mime type. Can be used at render time, for example, with:
51
+ # Encapsulates the notion of a MIME type. Can be used at render time, for example, with:
50
52
  #
51
53
  # class PostsController < ActionController::Base
52
54
  # def show
@@ -64,7 +66,7 @@ module Mime
64
66
 
65
67
  @register_callbacks = []
66
68
 
67
- # A simple helper class used in parsing the accept header
69
+ # A simple helper class used in parsing the accept header.
68
70
  class AcceptItem #:nodoc:
69
71
  attr_accessor :index, :name, :q
70
72
  alias :to_s :name
@@ -72,7 +74,7 @@ module Mime
72
74
  def initialize(index, name, q = nil)
73
75
  @index = index
74
76
  @name = name
75
- q ||= 0.0 if @name == "*/*".freeze # default wildcard match to end of list
77
+ q ||= 0.0 if @name == "*/*".freeze # Default wildcard match to end of list.
76
78
  @q = ((q || 1.0).to_f * 100).to_i
77
79
  end
78
80
 
@@ -90,22 +92,22 @@ module Mime
90
92
  text_xml_idx = find_item_by_name list, "text/xml"
91
93
  app_xml_idx = find_item_by_name list, Mime[:xml].to_s
92
94
 
93
- # Take care of the broken text/xml entry by renaming or deleting it
95
+ # Take care of the broken text/xml entry by renaming or deleting it.
94
96
  if text_xml_idx && app_xml_idx
95
97
  app_xml = list[app_xml_idx]
96
98
  text_xml = list[text_xml_idx]
97
99
 
98
- app_xml.q = [text_xml.q, app_xml.q].max # set the q value to the max of the two
99
- if app_xml_idx > text_xml_idx # make sure app_xml is ahead of text_xml in the list
100
+ app_xml.q = [text_xml.q, app_xml.q].max # Set the q value to the max of the two.
101
+ if app_xml_idx > text_xml_idx # Make sure app_xml is ahead of text_xml in the list.
100
102
  list[app_xml_idx], list[text_xml_idx] = text_xml, app_xml
101
103
  app_xml_idx, text_xml_idx = text_xml_idx, app_xml_idx
102
104
  end
103
- list.delete_at(text_xml_idx) # delete text_xml from the list
105
+ list.delete_at(text_xml_idx) # Delete text_xml from the list.
104
106
  elsif text_xml_idx
105
107
  list[text_xml_idx].name = Mime[:xml].to_s
106
108
  end
107
109
 
108
- # Look for more specific XML-based types and sort them ahead of app/xml
110
+ # Look for more specific XML-based types and sort them ahead of app/xml.
109
111
  if app_xml_idx
110
112
  app_xml = list[app_xml_idx]
111
113
  idx = app_xml_idx
@@ -147,7 +149,7 @@ module Mime
147
149
  EXTENSION_LOOKUP[extension.to_s]
148
150
  end
149
151
 
150
- # Registers an alias that's not used on mime type lookup, but can be referenced directly. Especially useful for
152
+ # Registers an alias that's not used on MIME type lookup, but can be referenced directly. Especially useful for
151
153
  # rendering different HTML versions depending on the user agent, like an iPhone.
152
154
  def register_alias(string, symbol, extension_synonyms = [])
153
155
  register(string, symbol, [], extension_synonyms, true)
@@ -326,11 +328,11 @@ module Mime
326
328
 
327
329
  def ref; end
328
330
 
329
- def respond_to_missing?(method, include_private = false)
330
- method.to_s.ends_with? "?"
331
- end
332
-
333
331
  private
332
+ def respond_to_missing?(method, _)
333
+ method.to_s.ends_with? "?"
334
+ end
335
+
334
336
  def method_missing(method, *args)
335
337
  false if method.to_s.ends_with? "?"
336
338
  end
@@ -1,5 +1,7 @@
1
+ # frozen_string_literal: true
2
+
1
3
  # Build list of Mime types for HTTP responses
2
- # http://www.iana.org/assignments/media-types/
4
+ # https://www.iana.org/assignments/media-types/
3
5
 
4
6
  Mime::Type.register "text/html", :html, %w( application/xhtml+xml ), %w( xhtml )
5
7
  Mime::Type.register "text/plain", :text, [], %w(txt)
@@ -26,7 +28,7 @@ Mime::Type.register "application/x-yaml", :yaml, %w( text/yaml ), %w(yml yaml)
26
28
  Mime::Type.register "multipart/form-data", :multipart_form
27
29
  Mime::Type.register "application/x-www-form-urlencoded", :url_encoded_form
28
30
 
29
- # http://www.ietf.org/rfc/rfc4627.txt
31
+ # https://www.ietf.org/rfc/rfc4627.txt
30
32
  # http://www.json.org/JSONRequest.html
31
33
  Mime::Type.register "application/json", :json, %w( text/x-json application/jsonrequest )
32
34
 
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "active_support/core_ext/object/duplicable"
2
4
 
3
5
  module ActionDispatch
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module ActionDispatch
2
4
  module Http
3
5
  module Parameters
@@ -13,7 +15,7 @@ module ActionDispatch
13
15
  }
14
16
 
15
17
  # Raised when raw data from the request cannot be parsed by the parser
16
- # defined for request's content mime type.
18
+ # defined for request's content MIME type.
17
19
  class ParseError < StandardError
18
20
  def initialize
19
21
  super($!.message)
@@ -30,9 +32,9 @@ module ActionDispatch
30
32
  end
31
33
 
32
34
  module ClassMethods
33
- # Configure the parameter parser for a given mime type.
35
+ # Configure the parameter parser for a given MIME type.
34
36
  #
35
- # It accepts a hash where the key is the symbol of the mime type
37
+ # It accepts a hash where the key is the symbol of the MIME type
36
38
  # and the value is a proc.
37
39
  #
38
40
  # original_parsers = ActionDispatch::Request.parameter_parsers
@@ -108,7 +110,7 @@ module ActionDispatch
108
110
 
109
111
  begin
110
112
  strategy.call(raw_post)
111
- rescue # JSON or Ruby code block errors
113
+ rescue # JSON or Ruby code block errors.
112
114
  my_logger = logger || ActiveSupport::Logger.new($stderr)
113
115
  my_logger.debug "Error occurred while parsing request parameters.\nContents:\n\n#{raw_post}"
114
116
 
@@ -121,9 +123,4 @@ module ActionDispatch
121
123
  end
122
124
  end
123
125
  end
124
-
125
- module ParamsParser
126
- include ActiveSupport::Deprecation::DeprecatedConstantAccessor
127
- deprecate_constant "ParseError", "ActionDispatch::Http::Parameters::ParseError"
128
- end
129
126
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "rack/cache"
2
4
  require "rack/cache/context"
3
5
  require "active_support/cache"
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "stringio"
2
4
 
3
5
  require "active_support/inflector"
@@ -20,6 +22,7 @@ module ActionDispatch
20
22
  include ActionDispatch::Http::Parameters
21
23
  include ActionDispatch::Http::FilterParameters
22
24
  include ActionDispatch::Http::URL
25
+ include ActionDispatch::ContentSecurityPolicy::Request
23
26
  include Rack::Request::Env
24
27
 
25
28
  autoload :Session, "action_dispatch/request/session"
@@ -96,14 +99,14 @@ module ActionDispatch
96
99
  end
97
100
 
98
101
  # List of HTTP request methods from the following RFCs:
99
- # Hypertext Transfer Protocol -- HTTP/1.1 (http://www.ietf.org/rfc/rfc2616.txt)
100
- # HTTP Extensions for Distributed Authoring -- WEBDAV (http://www.ietf.org/rfc/rfc2518.txt)
101
- # Versioning Extensions to WebDAV (http://www.ietf.org/rfc/rfc3253.txt)
102
- # Ordered Collections Protocol (WebDAV) (http://www.ietf.org/rfc/rfc3648.txt)
103
- # Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (http://www.ietf.org/rfc/rfc3744.txt)
104
- # Web Distributed Authoring and Versioning (WebDAV) SEARCH (http://www.ietf.org/rfc/rfc5323.txt)
105
- # Calendar Extensions to WebDAV (http://www.ietf.org/rfc/rfc4791.txt)
106
- # PATCH Method for HTTP (http://www.ietf.org/rfc/rfc5789.txt)
102
+ # Hypertext Transfer Protocol -- HTTP/1.1 (https://www.ietf.org/rfc/rfc2616.txt)
103
+ # HTTP Extensions for Distributed Authoring -- WEBDAV (https://www.ietf.org/rfc/rfc2518.txt)
104
+ # Versioning Extensions to WebDAV (https://www.ietf.org/rfc/rfc3253.txt)
105
+ # Ordered Collections Protocol (WebDAV) (https://www.ietf.org/rfc/rfc3648.txt)
106
+ # Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (https://www.ietf.org/rfc/rfc3744.txt)
107
+ # Web Distributed Authoring and Versioning (WebDAV) SEARCH (https://www.ietf.org/rfc/rfc5323.txt)
108
+ # Calendar Extensions to WebDAV (https://www.ietf.org/rfc/rfc4791.txt)
109
+ # PATCH Method for HTTP (https://www.ietf.org/rfc/rfc5789.txt)
107
110
  RFC2616 = %w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
108
111
  RFC2518 = %w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
109
112
  RFC3253 = %w(VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL MKACTIVITY)
@@ -117,7 +120,7 @@ module ActionDispatch
117
120
 
118
121
  HTTP_METHOD_LOOKUP = {}
119
122
 
120
- # Populate the HTTP method lookup cache
123
+ # Populate the HTTP method lookup cache.
121
124
  HTTP_METHODS.each { |method|
122
125
  HTTP_METHOD_LOOKUP[method] = method.underscore.to_sym
123
126
  }
@@ -168,12 +171,12 @@ module ActionDispatch
168
171
 
169
172
  def show_exceptions? # :nodoc:
170
173
  # We're treating `nil` as "unset", and we want the default setting to be
171
- # `true`. This logic should be extracted to `env_config` and calculated
174
+ # `true`. This logic should be extracted to `env_config` and calculated
172
175
  # once.
173
176
  !(get_header("action_dispatch.show_exceptions".freeze) == false)
174
177
  end
175
178
 
176
- # Returns a symbol form of the #request_method
179
+ # Returns a symbol form of the #request_method.
177
180
  def request_method_symbol
178
181
  HTTP_METHOD_LOOKUP[request_method]
179
182
  end
@@ -185,7 +188,7 @@ module ActionDispatch
185
188
  @method ||= check_method(get_header("rack.methodoverride.original_method") || get_header("REQUEST_METHOD"))
186
189
  end
187
190
 
188
- # Returns a symbol form of the #method
191
+ # Returns a symbol form of the #method.
189
192
  def method_symbol
190
193
  HTTP_METHOD_LOOKUP[method]
191
194
  end
@@ -197,6 +200,23 @@ module ActionDispatch
197
200
  @headers ||= Http::Headers.new(self)
198
201
  end
199
202
 
203
+ # Early Hints is an HTTP/2 status code that indicates hints to help a client start
204
+ # making preparations for processing the final response.
205
+ #
206
+ # If the env contains +rack.early_hints+ then the server accepts HTTP2 push for Link headers.
207
+ #
208
+ # The +send_early_hints+ method accepts a hash of links as follows:
209
+ #
210
+ # send_early_hints("Link" => "</style.css>; rel=preload; as=style\n</script.js>; rel=preload")
211
+ #
212
+ # If you are using +javascript_include_tag+ or +stylesheet_link_tag+ the
213
+ # Early Hints headers are included by default if supported.
214
+ def send_early_hints(links)
215
+ return unless env["rack.early_hints"]
216
+
217
+ env["rack.early_hints"].call(links)
218
+ end
219
+
200
220
  # Returns a +String+ with the last requested path including their params.
201
221
  #
202
222
  # # get '/foo'
@@ -270,7 +290,7 @@ module ActionDispatch
270
290
  # (which sets the action_dispatch.request_id environment variable).
271
291
  #
272
292
  # This unique ID is useful for tracing a request from end-to-end as part of logging or debugging.
273
- # This relies on the rack variable set by the ActionDispatch::RequestId middleware.
293
+ # This relies on the Rack variable set by the ActionDispatch::RequestId middleware.
274
294
  def request_id
275
295
  get_header ACTION_DISPATCH_REQUEST_ID
276
296
  end
@@ -301,7 +321,7 @@ module ActionDispatch
301
321
  # variable is already set, wrap it in a StringIO.
302
322
  def body
303
323
  if raw_post = get_header("RAW_POST_DATA")
304
- raw_post.force_encoding(Encoding::BINARY)
324
+ raw_post = raw_post.dup.force_encoding(Encoding::BINARY)
305
325
  StringIO.new(raw_post)
306
326
  else
307
327
  body_stream
@@ -342,7 +362,7 @@ module ActionDispatch
342
362
  Session::Options.set self, options
343
363
  end
344
364
 
345
- # Override Rack's GET method to support indifferent access
365
+ # Override Rack's GET method to support indifferent access.
346
366
  def GET
347
367
  fetch_header("action_dispatch.request.query_parameters") do |k|
348
368
  rack_query_params = super || {}
@@ -355,7 +375,7 @@ module ActionDispatch
355
375
  end
356
376
  alias :query_parameters :GET
357
377
 
358
- # Override Rack's POST method to support indifferent access
378
+ # Override Rack's POST method to support indifferent access.
359
379
  def POST
360
380
  fetch_header("action_dispatch.request.request_parameters") do
361
381
  pr = parse_formatted_parameters(params_parsers) do |params|
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "active_support/core_ext/module/attribute_accessors"
2
4
  require "action_dispatch/http/filter_redirect"
3
5
  require "action_dispatch/http/cache"
@@ -81,11 +83,11 @@ module ActionDispatch # :nodoc:
81
83
  LOCATION = "Location".freeze
82
84
  NO_CONTENT_CODES = [100, 101, 102, 204, 205, 304]
83
85
 
84
- cattr_accessor(:default_charset) { "utf-8" }
85
- cattr_accessor(:default_headers)
86
+ cattr_accessor :default_charset, default: "utf-8"
87
+ cattr_accessor :default_headers
86
88
 
87
89
  include Rack::Response::Helpers
88
- # Aliasing these off because AD::Http::Cache::Response defines them
90
+ # Aliasing these off because AD::Http::Cache::Response defines them.
89
91
  alias :_cache_control :cache_control
90
92
  alias :_cache_control= :cache_control=
91
93
 
@@ -103,7 +105,7 @@ module ActionDispatch # :nodoc:
103
105
 
104
106
  def body
105
107
  @str_body ||= begin
106
- buf = ""
108
+ buf = "".dup
107
109
  each { |chunk| buf << chunk }
108
110
  buf
109
111
  end
@@ -142,7 +144,7 @@ module ActionDispatch # :nodoc:
142
144
  private
143
145
 
144
146
  def each_chunk(&block)
145
- @buf.each(&block) # extract into own method
147
+ @buf.each(&block)
146
148
  end
147
149
  end
148
150
 
@@ -252,16 +254,15 @@ module ActionDispatch # :nodoc:
252
254
  end
253
255
 
254
256
  # Sets the HTTP character set. In case of +nil+ parameter
255
- # it sets the charset to utf-8.
257
+ # it sets the charset to +default_charset+.
256
258
  #
257
259
  # response.charset = 'utf-16' # => 'utf-16'
258
260
  # response.charset = nil # => 'utf-8'
259
261
  def charset=(charset)
260
- header_info = parsed_content_type_header
262
+ content_type = parsed_content_type_header.mime_type
261
263
  if false == charset
262
- set_header CONTENT_TYPE, header_info.mime_type
264
+ set_content_type content_type, nil
263
265
  else
264
- content_type = header_info.mime_type
265
266
  set_content_type content_type, charset || self.class.default_charset
266
267
  end
267
268
  end
@@ -432,6 +433,7 @@ module ActionDispatch # :nodoc:
432
433
  def before_committed
433
434
  return if committed?
434
435
  assign_default_content_type_and_charset!
436
+ merge_and_normalize_cache_control!(@cache_control)
435
437
  handle_conditional_get!
436
438
  handle_no_content!
437
439
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module ActionDispatch
2
4
  module Http
3
5
  # Models uploaded files.
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "active_support/core_ext/module/attribute_accessors"
2
4
 
3
5
  module ActionDispatch
@@ -7,8 +9,7 @@ module ActionDispatch
7
9
  HOST_REGEXP = /(^[^:]+:\/\/)?(\[[^\]]+\]|[^:]+)(?::(\d+$))?/
8
10
  PROTOCOL_REGEXP = /^([^:]+)(:)?(\/\/)?$/
9
11
 
10
- mattr_accessor :tld_length
11
- self.tld_length = 1
12
+ mattr_accessor :tld_length, default: 1
12
13
 
13
14
  class << self
14
15
  # Returns the domain part of a host given the domain level.
@@ -101,10 +102,8 @@ module ActionDispatch
101
102
  end
102
103
 
103
104
  def add_trailing_slash(path)
104
- # includes querysting
105
105
  if path.include?("?")
106
106
  path.sub!(/\?/, '/\&')
107
- # does not have a .format
108
107
  elsif !path.include?(".")
109
108
  path.sub!(/[^\/]\z|\A\z/, '\&/')
110
109
  end
@@ -158,7 +157,7 @@ module ActionDispatch
158
157
  subdomain = options.fetch :subdomain, true
159
158
  domain = options[:domain]
160
159
 
161
- host = ""
160
+ host = "".dup
162
161
  if subdomain == true
163
162
  return _host if domain.nil?
164
163