actionpack 5.1.7 → 5.2.4.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionpack might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +282 -362
- data/MIT-LICENSE +1 -1
- data/README.rdoc +5 -5
- data/lib/abstract_controller.rb +3 -0
- data/lib/abstract_controller/asset_paths.rb +2 -0
- data/lib/abstract_controller/base.rb +10 -2
- data/lib/abstract_controller/caching.rb +3 -2
- data/lib/abstract_controller/caching/fragments.rb +30 -7
- data/lib/abstract_controller/callbacks.rb +25 -3
- data/lib/abstract_controller/collector.rb +2 -0
- data/lib/abstract_controller/error.rb +2 -0
- data/lib/abstract_controller/helpers.rb +4 -5
- data/lib/abstract_controller/logger.rb +2 -0
- data/lib/abstract_controller/railties/routes_helpers.rb +2 -0
- data/lib/abstract_controller/rendering.rb +9 -16
- data/lib/abstract_controller/translation.rb +2 -0
- data/lib/abstract_controller/url_for.rb +2 -0
- data/lib/action_controller.rb +3 -0
- data/lib/action_controller/api.rb +2 -0
- data/lib/action_controller/api/api_rendering.rb +2 -0
- data/lib/action_controller/base.rb +3 -0
- data/lib/action_controller/caching.rb +2 -0
- data/lib/action_controller/form_builder.rb +2 -0
- data/lib/action_controller/log_subscriber.rb +5 -3
- data/lib/action_controller/metal.rb +13 -14
- data/lib/action_controller/metal/basic_implicit_render.rb +2 -0
- data/lib/action_controller/metal/conditional_get.rb +4 -3
- data/lib/action_controller/metal/content_security_policy.rb +52 -0
- data/lib/action_controller/metal/cookies.rb +2 -0
- data/lib/action_controller/metal/data_streaming.rb +7 -5
- data/lib/action_controller/metal/etag_with_flash.rb +2 -0
- data/lib/action_controller/metal/etag_with_template_digest.rb +3 -2
- data/lib/action_controller/metal/exceptions.rb +2 -3
- data/lib/action_controller/metal/flash.rb +3 -2
- data/lib/action_controller/metal/force_ssl.rb +4 -2
- data/lib/action_controller/metal/head.rb +2 -0
- data/lib/action_controller/metal/helpers.rb +4 -3
- data/lib/action_controller/metal/http_authentication.rb +8 -9
- data/lib/action_controller/metal/implicit_render.rb +2 -0
- data/lib/action_controller/metal/instrumentation.rb +4 -6
- data/lib/action_controller/metal/live.rb +3 -1
- data/lib/action_controller/metal/mime_responds.rb +3 -1
- data/lib/action_controller/metal/parameter_encoding.rb +2 -0
- data/lib/action_controller/metal/params_wrapper.rb +14 -10
- data/lib/action_controller/metal/redirecting.rb +22 -11
- data/lib/action_controller/metal/renderers.rb +4 -3
- data/lib/action_controller/metal/rendering.rb +2 -2
- data/lib/action_controller/metal/request_forgery_protection.rb +62 -10
- data/lib/action_controller/metal/rescue.rb +5 -3
- data/lib/action_controller/metal/streaming.rb +3 -1
- data/lib/action_controller/metal/strong_parameters.rb +36 -25
- data/lib/action_controller/metal/testing.rb +2 -6
- data/lib/action_controller/metal/url_for.rb +2 -0
- data/lib/action_controller/railtie.rb +16 -4
- data/lib/action_controller/railties/helpers.rb +2 -0
- data/lib/action_controller/renderer.rb +2 -0
- data/lib/action_controller/template_assertions.rb +2 -0
- data/lib/action_controller/test_case.rb +16 -10
- data/lib/action_dispatch.rb +9 -5
- data/lib/action_dispatch/http/cache.rb +22 -14
- data/lib/action_dispatch/http/content_security_policy.rb +272 -0
- data/lib/action_dispatch/http/filter_parameters.rb +4 -2
- data/lib/action_dispatch/http/filter_redirect.rb +2 -0
- data/lib/action_dispatch/http/headers.rb +2 -0
- data/lib/action_dispatch/http/mime_negotiation.rb +4 -8
- data/lib/action_dispatch/http/mime_type.rb +15 -13
- data/lib/action_dispatch/http/mime_types.rb +17 -2
- data/lib/action_dispatch/http/parameter_filter.rb +2 -0
- data/lib/action_dispatch/http/parameters.rb +6 -9
- data/lib/action_dispatch/http/rack_cache.rb +2 -0
- data/lib/action_dispatch/http/request.rb +36 -16
- data/lib/action_dispatch/http/response.rb +11 -9
- data/lib/action_dispatch/http/upload.rb +2 -0
- data/lib/action_dispatch/http/url.rb +5 -6
- data/lib/action_dispatch/journey.rb +2 -0
- data/lib/action_dispatch/journey/formatter.rb +4 -2
- data/lib/action_dispatch/journey/gtg/builder.rb +2 -0
- data/lib/action_dispatch/journey/gtg/simulator.rb +2 -8
- data/lib/action_dispatch/journey/gtg/transition_table.rb +3 -2
- data/lib/action_dispatch/journey/nfa/builder.rb +2 -0
- data/lib/action_dispatch/journey/nfa/dot.rb +12 -10
- data/lib/action_dispatch/journey/nfa/simulator.rb +2 -0
- data/lib/action_dispatch/journey/nfa/transition_table.rb +2 -0
- data/lib/action_dispatch/journey/nodes/node.rb +2 -0
- data/lib/action_dispatch/journey/parser_extras.rb +2 -0
- data/lib/action_dispatch/journey/path/pattern.rb +4 -1
- data/lib/action_dispatch/journey/route.rb +15 -6
- data/lib/action_dispatch/journey/router.rb +3 -1
- data/lib/action_dispatch/journey/router/utils.rb +14 -7
- data/lib/action_dispatch/journey/routes.rb +3 -1
- data/lib/action_dispatch/journey/scanner.rb +1 -0
- data/lib/action_dispatch/journey/visitors.rb +5 -3
- data/lib/action_dispatch/middleware/callbacks.rb +2 -0
- data/lib/action_dispatch/middleware/cookies.rb +148 -91
- data/lib/action_dispatch/middleware/debug_exceptions.rb +4 -2
- data/lib/action_dispatch/middleware/debug_locks.rb +9 -7
- data/lib/action_dispatch/middleware/exception_wrapper.rb +5 -6
- data/lib/action_dispatch/middleware/executor.rb +2 -0
- data/lib/action_dispatch/middleware/flash.rb +4 -2
- data/lib/action_dispatch/middleware/public_exceptions.rb +6 -4
- data/lib/action_dispatch/middleware/reloader.rb +2 -0
- data/lib/action_dispatch/middleware/remote_ip.rb +7 -5
- data/lib/action_dispatch/middleware/request_id.rb +3 -1
- data/lib/action_dispatch/middleware/session/abstract_store.rb +17 -1
- data/lib/action_dispatch/middleware/session/cache_store.rb +13 -6
- data/lib/action_dispatch/middleware/session/cookie_store.rb +31 -32
- data/lib/action_dispatch/middleware/session/mem_cache_store.rb +2 -0
- data/lib/action_dispatch/middleware/show_exceptions.rb +3 -1
- data/lib/action_dispatch/middleware/ssl.rb +44 -38
- data/lib/action_dispatch/middleware/stack.rb +4 -2
- data/lib/action_dispatch/middleware/static.rb +14 -12
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +21 -0
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +13 -0
- data/lib/action_dispatch/middleware/templates/rescues/layout.erb +1 -0
- data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +6 -2
- data/lib/action_dispatch/railtie.rb +11 -1
- data/lib/action_dispatch/request/session.rb +16 -5
- data/lib/action_dispatch/request/utils.rb +6 -4
- data/lib/action_dispatch/routing.rb +3 -1
- data/lib/action_dispatch/routing/endpoint.rb +9 -2
- data/lib/action_dispatch/routing/inspector.rb +6 -4
- data/lib/action_dispatch/routing/mapper.rb +64 -52
- data/lib/action_dispatch/routing/polymorphic_routes.rb +2 -0
- data/lib/action_dispatch/routing/redirection.rb +7 -5
- data/lib/action_dispatch/routing/route_set.rb +29 -24
- data/lib/action_dispatch/routing/routes_proxy.rb +5 -2
- data/lib/action_dispatch/routing/url_for.rb +25 -5
- data/lib/action_dispatch/system_test_case.rb +22 -6
- data/lib/action_dispatch/system_testing/browser.rb +49 -0
- data/lib/action_dispatch/system_testing/driver.rb +9 -3
- data/lib/action_dispatch/system_testing/server.rb +2 -16
- data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +12 -14
- data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +8 -2
- data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb +26 -0
- data/lib/action_dispatch/testing/assertion_response.rb +2 -0
- data/lib/action_dispatch/testing/assertions.rb +2 -0
- data/lib/action_dispatch/testing/assertions/response.rb +4 -2
- data/lib/action_dispatch/testing/assertions/routing.rb +5 -5
- data/lib/action_dispatch/testing/integration.rb +24 -21
- data/lib/action_dispatch/testing/request_encoder.rb +3 -1
- data/lib/action_dispatch/testing/test_process.rb +2 -0
- data/lib/action_dispatch/testing/test_request.rb +3 -1
- data/lib/action_dispatch/testing/test_response.rb +23 -3
- data/lib/action_pack.rb +3 -1
- data/lib/action_pack/gem_version.rb +5 -3
- data/lib/action_pack/version.rb +2 -0
- metadata +23 -11
data/MIT-LICENSE
CHANGED
data/README.rdoc
CHANGED
@@ -30,25 +30,25 @@ The latest version of Action Pack can be installed with RubyGems:
|
|
30
30
|
|
31
31
|
$ gem install actionpack
|
32
32
|
|
33
|
-
Source code can be downloaded as part of the Rails project on GitHub
|
33
|
+
Source code can be downloaded as part of the Rails project on GitHub:
|
34
34
|
|
35
|
-
* https://github.com/rails/rails/tree/
|
35
|
+
* https://github.com/rails/rails/tree/5-2-stable/actionpack
|
36
36
|
|
37
37
|
|
38
38
|
== License
|
39
39
|
|
40
40
|
Action Pack is released under the MIT license:
|
41
41
|
|
42
|
-
*
|
42
|
+
* https://opensource.org/licenses/MIT
|
43
43
|
|
44
44
|
|
45
45
|
== Support
|
46
46
|
|
47
|
-
API documentation is at
|
47
|
+
API documentation is at:
|
48
48
|
|
49
49
|
* http://api.rubyonrails.org
|
50
50
|
|
51
|
-
Bug reports
|
51
|
+
Bug reports for the Ruby on Rails project can be filed here:
|
52
52
|
|
53
53
|
* https://github.com/rails/rails/issues
|
54
54
|
|
data/lib/abstract_controller.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "action_pack"
|
2
4
|
require "active_support/rails"
|
3
5
|
require "active_support/i18n"
|
@@ -5,6 +7,7 @@ require "active_support/i18n"
|
|
5
7
|
module AbstractController
|
6
8
|
extend ActiveSupport::Autoload
|
7
9
|
|
10
|
+
autoload :ActionNotFound, "abstract_controller/base"
|
8
11
|
autoload :Base
|
9
12
|
autoload :Caching
|
10
13
|
autoload :Callbacks
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "abstract_controller/error"
|
2
4
|
require "active_support/configurable"
|
3
5
|
require "active_support/descendants_tracker"
|
@@ -14,8 +16,16 @@ module AbstractController
|
|
14
16
|
# expected to provide their own +render+ method, since rendering means
|
15
17
|
# different things depending on the context.
|
16
18
|
class Base
|
19
|
+
##
|
20
|
+
# Returns the body of the HTTP response sent by the controller.
|
17
21
|
attr_internal :response_body
|
22
|
+
|
23
|
+
##
|
24
|
+
# Returns the name of the action this controller is processing.
|
18
25
|
attr_internal :action_name
|
26
|
+
|
27
|
+
##
|
28
|
+
# Returns the formats that can be processed by the controller.
|
19
29
|
attr_internal :formats
|
20
30
|
|
21
31
|
include ActiveSupport::Configurable
|
@@ -170,8 +180,6 @@ module AbstractController
|
|
170
180
|
#
|
171
181
|
# ==== Parameters
|
172
182
|
# * <tt>name</tt> - The name of an action to be tested
|
173
|
-
#
|
174
|
-
# :api: private
|
175
183
|
def action_method?(name)
|
176
184
|
self.class.action_methods.include?(name)
|
177
185
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module AbstractController
|
2
4
|
module Caching
|
3
5
|
extend ActiveSupport::Concern
|
@@ -37,8 +39,7 @@ module AbstractController
|
|
37
39
|
config_accessor :enable_fragment_cache_logging
|
38
40
|
self.enable_fragment_cache_logging = false
|
39
41
|
|
40
|
-
class_attribute :_view_cache_dependencies
|
41
|
-
self._view_cache_dependencies = []
|
42
|
+
class_attribute :_view_cache_dependencies, default: []
|
42
43
|
helper_method :view_cache_dependencies if respond_to?(:helper_method)
|
43
44
|
end
|
44
45
|
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module AbstractController
|
2
4
|
module Caching
|
3
5
|
# Fragment caching is used for caching various blocks within
|
@@ -25,7 +27,10 @@ module AbstractController
|
|
25
27
|
|
26
28
|
self.fragment_cache_keys = []
|
27
29
|
|
28
|
-
|
30
|
+
if respond_to?(:helper_method)
|
31
|
+
helper_method :fragment_cache_key
|
32
|
+
helper_method :combined_fragment_cache_key
|
33
|
+
end
|
29
34
|
end
|
30
35
|
|
31
36
|
module ClassMethods
|
@@ -62,17 +67,36 @@ module AbstractController
|
|
62
67
|
# with the specified +key+ value. The key is expanded using
|
63
68
|
# ActiveSupport::Cache.expand_cache_key.
|
64
69
|
def fragment_cache_key(key)
|
70
|
+
ActiveSupport::Deprecation.warn(<<-MSG.squish)
|
71
|
+
Calling fragment_cache_key directly is deprecated and will be removed in Rails 6.0.
|
72
|
+
All fragment accessors now use the combined_fragment_cache_key method that retains the key as an array,
|
73
|
+
such that the caching stores can interrogate the parts for cache versions used in
|
74
|
+
recyclable cache keys.
|
75
|
+
MSG
|
76
|
+
|
65
77
|
head = self.class.fragment_cache_keys.map { |k| instance_exec(&k) }
|
66
78
|
tail = key.is_a?(Hash) ? url_for(key).split("://").last : key
|
67
79
|
ActiveSupport::Cache.expand_cache_key([*head, *tail], :views)
|
68
80
|
end
|
69
81
|
|
82
|
+
# Given a key (as described in +expire_fragment+), returns
|
83
|
+
# a key array suitable for use in reading, writing, or expiring a
|
84
|
+
# cached fragment. All keys begin with <tt>:views</tt>,
|
85
|
+
# followed by ENV["RAILS_CACHE_ID"] or ENV["RAILS_APP_VERSION"] if set,
|
86
|
+
# followed by any controller-wide key prefix values, ending
|
87
|
+
# with the specified +key+ value.
|
88
|
+
def combined_fragment_cache_key(key)
|
89
|
+
head = self.class.fragment_cache_keys.map { |k| instance_exec(&k) }
|
90
|
+
tail = key.is_a?(Hash) ? url_for(key).split("://").last : key
|
91
|
+
[ :views, (ENV["RAILS_CACHE_ID"] || ENV["RAILS_APP_VERSION"]), *head, *tail ].compact
|
92
|
+
end
|
93
|
+
|
70
94
|
# Writes +content+ to the location signified by
|
71
95
|
# +key+ (see +expire_fragment+ for acceptable formats).
|
72
96
|
def write_fragment(key, content, options = nil)
|
73
97
|
return content unless cache_configured?
|
74
98
|
|
75
|
-
key =
|
99
|
+
key = combined_fragment_cache_key(key)
|
76
100
|
instrument_fragment_cache :write_fragment, key do
|
77
101
|
content = content.to_str
|
78
102
|
cache_store.write(key, content, options)
|
@@ -85,7 +109,7 @@ module AbstractController
|
|
85
109
|
def read_fragment(key, options = nil)
|
86
110
|
return unless cache_configured?
|
87
111
|
|
88
|
-
key =
|
112
|
+
key = combined_fragment_cache_key(key)
|
89
113
|
instrument_fragment_cache :read_fragment, key do
|
90
114
|
result = cache_store.read(key, options)
|
91
115
|
result.respond_to?(:html_safe) ? result.html_safe : result
|
@@ -96,7 +120,7 @@ module AbstractController
|
|
96
120
|
# +key+ exists (see +expire_fragment+ for acceptable formats).
|
97
121
|
def fragment_exist?(key, options = nil)
|
98
122
|
return unless cache_configured?
|
99
|
-
key =
|
123
|
+
key = combined_fragment_cache_key(key)
|
100
124
|
|
101
125
|
instrument_fragment_cache :exist_fragment?, key do
|
102
126
|
cache_store.exist?(key, options)
|
@@ -123,7 +147,7 @@ module AbstractController
|
|
123
147
|
# method (or <tt>delete_matched</tt>, for Regexp keys).
|
124
148
|
def expire_fragment(key, options = nil)
|
125
149
|
return unless cache_configured?
|
126
|
-
key =
|
150
|
+
key = combined_fragment_cache_key(key) unless key.is_a?(Regexp)
|
127
151
|
|
128
152
|
instrument_fragment_cache :expire_fragment, key do
|
129
153
|
if key.is_a?(Regexp)
|
@@ -135,8 +159,7 @@ module AbstractController
|
|
135
159
|
end
|
136
160
|
|
137
161
|
def instrument_fragment_cache(name, key) # :nodoc:
|
138
|
-
|
139
|
-
ActiveSupport::Notifications.instrument("#{name}.#{instrument_name}", payload) { yield }
|
162
|
+
ActiveSupport::Notifications.instrument("#{name}.#{instrument_name}", instrument_payload(key)) { yield }
|
140
163
|
end
|
141
164
|
end
|
142
165
|
end
|
@@ -1,4 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module AbstractController
|
4
|
+
# = Abstract Controller Callbacks
|
5
|
+
#
|
6
|
+
# Abstract Controller provides hooks during the life cycle of a controller action.
|
7
|
+
# Callbacks allow you to trigger logic during this cycle. Available callbacks are:
|
8
|
+
#
|
9
|
+
# * <tt>after_action</tt>
|
10
|
+
# * <tt>append_after_action</tt>
|
11
|
+
# * <tt>append_around_action</tt>
|
12
|
+
# * <tt>append_before_action</tt>
|
13
|
+
# * <tt>around_action</tt>
|
14
|
+
# * <tt>before_action</tt>
|
15
|
+
# * <tt>prepend_after_action</tt>
|
16
|
+
# * <tt>prepend_around_action</tt>
|
17
|
+
# * <tt>prepend_before_action</tt>
|
18
|
+
# * <tt>skip_after_action</tt>
|
19
|
+
# * <tt>skip_around_action</tt>
|
20
|
+
# * <tt>skip_before_action</tt>
|
21
|
+
#
|
22
|
+
# NOTE: Calling the same callback multiple times will overwrite previous callback definitions.
|
23
|
+
#
|
2
24
|
module Callbacks
|
3
25
|
extend ActiveSupport::Concern
|
4
26
|
|
@@ -9,12 +31,12 @@ module AbstractController
|
|
9
31
|
|
10
32
|
included do
|
11
33
|
define_callbacks :process_action,
|
12
|
-
terminator: ->(controller, result_lambda) { result_lambda.call
|
34
|
+
terminator: ->(controller, result_lambda) { result_lambda.call; controller.performed? },
|
13
35
|
skip_after_callbacks_if_terminated: true
|
14
36
|
end
|
15
37
|
|
16
|
-
# Override AbstractController::Base
|
17
|
-
# process_action callbacks around the normal behavior.
|
38
|
+
# Override <tt>AbstractController::Base#process_action</tt> to run the
|
39
|
+
# <tt>process_action</tt> callbacks around the normal behavior.
|
18
40
|
def process_action(*args)
|
19
41
|
run_callbacks(:process_action) do
|
20
42
|
super
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "active_support/dependencies"
|
2
4
|
|
3
5
|
module AbstractController
|
@@ -5,11 +7,8 @@ module AbstractController
|
|
5
7
|
extend ActiveSupport::Concern
|
6
8
|
|
7
9
|
included do
|
8
|
-
class_attribute :_helpers
|
9
|
-
|
10
|
-
|
11
|
-
class_attribute :_helper_methods
|
12
|
-
self._helper_methods = Array.new
|
10
|
+
class_attribute :_helpers, default: Module.new
|
11
|
+
class_attribute :_helper_methods, default: Array.new
|
13
12
|
end
|
14
13
|
|
15
14
|
class MissingHelperError < LoadError
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "abstract_controller/error"
|
2
4
|
require "action_view"
|
3
5
|
require "action_view/view_paths"
|
@@ -18,7 +20,6 @@ module AbstractController
|
|
18
20
|
|
19
21
|
# Normalizes arguments, options and then delegates render_to_body and
|
20
22
|
# sticks the result in <tt>self.response_body</tt>.
|
21
|
-
# :api: public
|
22
23
|
def render(*args, &block)
|
23
24
|
options = _normalize_render(*args, &block)
|
24
25
|
rendered_body = render_to_body(options)
|
@@ -40,19 +41,16 @@ module AbstractController
|
|
40
41
|
# (as ActionController extends it to be anything that
|
41
42
|
# responds to the method each), this method needs to be
|
42
43
|
# overridden in order to still return a string.
|
43
|
-
# :api: plugin
|
44
44
|
def render_to_string(*args, &block)
|
45
45
|
options = _normalize_render(*args, &block)
|
46
46
|
render_to_body(options)
|
47
47
|
end
|
48
48
|
|
49
49
|
# Performs the actual template rendering.
|
50
|
-
# :api: public
|
51
50
|
def render_to_body(options = {})
|
52
51
|
end
|
53
52
|
|
54
|
-
# Returns Content-Type of rendered content
|
55
|
-
# :api: public
|
53
|
+
# Returns Content-Type of rendered content.
|
56
54
|
def rendered_format
|
57
55
|
Mime[:text]
|
58
56
|
end
|
@@ -63,7 +61,6 @@ module AbstractController
|
|
63
61
|
|
64
62
|
# This method should return a hash with assigns.
|
65
63
|
# You can overwrite this configuration per controller.
|
66
|
-
# :api: public
|
67
64
|
def view_assigns
|
68
65
|
protected_vars = _protected_ivars
|
69
66
|
variables = instance_variables
|
@@ -74,11 +71,11 @@ module AbstractController
|
|
74
71
|
}
|
75
72
|
end
|
76
73
|
|
74
|
+
private
|
77
75
|
# Normalize args by converting <tt>render "foo"</tt> to
|
78
76
|
# <tt>render :action => "foo"</tt> and <tt>render "foo/bar"</tt> to
|
79
77
|
# <tt>render :file => "foo/bar"</tt>.
|
80
|
-
# :
|
81
|
-
def _normalize_args(action = nil, options = {})
|
78
|
+
def _normalize_args(action = nil, options = {}) # :doc:
|
82
79
|
if action.respond_to?(:permitted?)
|
83
80
|
if action.permitted?
|
84
81
|
action
|
@@ -93,20 +90,17 @@ module AbstractController
|
|
93
90
|
end
|
94
91
|
|
95
92
|
# Normalize options.
|
96
|
-
# :
|
97
|
-
def _normalize_options(options)
|
93
|
+
def _normalize_options(options) # :doc:
|
98
94
|
options
|
99
95
|
end
|
100
96
|
|
101
97
|
# Process extra options.
|
102
|
-
# :
|
103
|
-
def _process_options(options)
|
98
|
+
def _process_options(options) # :doc:
|
104
99
|
options
|
105
100
|
end
|
106
101
|
|
107
102
|
# Process the rendered format.
|
108
|
-
# :
|
109
|
-
def _process_format(format)
|
103
|
+
def _process_format(format) # :nodoc:
|
110
104
|
end
|
111
105
|
|
112
106
|
def _process_variant(options)
|
@@ -119,8 +113,7 @@ module AbstractController
|
|
119
113
|
end
|
120
114
|
|
121
115
|
# Normalize args and options.
|
122
|
-
# :
|
123
|
-
def _normalize_render(*args, &block)
|
116
|
+
def _normalize_render(*args, &block) # :nodoc:
|
124
117
|
options = _normalize_args(*args, &block)
|
125
118
|
_process_variant(options)
|
126
119
|
_normalize_options(options)
|
data/lib/action_controller.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "active_support/rails"
|
2
4
|
require "abstract_controller"
|
3
5
|
require "action_dispatch"
|
@@ -20,6 +22,7 @@ module ActionController
|
|
20
22
|
|
21
23
|
autoload_under "metal" do
|
22
24
|
autoload :ConditionalGet
|
25
|
+
autoload :ContentSecurityPolicy
|
23
26
|
autoload :Cookies
|
24
27
|
autoload :DataStreaming
|
25
28
|
autoload :EtagWithTemplateDigest
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "action_view"
|
2
4
|
require "action_controller/log_subscriber"
|
3
5
|
require "action_controller/metal/params_wrapper"
|
@@ -223,6 +225,7 @@ module ActionController
|
|
223
225
|
Flash,
|
224
226
|
FormBuilder,
|
225
227
|
RequestForgeryProtection,
|
228
|
+
ContentSecurityPolicy,
|
226
229
|
ForceSSL,
|
227
230
|
Streaming,
|
228
231
|
DataStreaming,
|