actionpack 5.2.1 → 7.0.2.4

data/lib/action_dispatch/journey/path/pattern.rb

@@ -4,25 +4,16 @@ module ActionDispatch
   module Journey # :nodoc:
     module Path # :nodoc:
       class Pattern # :nodoc:
-        attr_reader :spec, :requirements, :anchored
-
-        def self.from_string(string)
-          build(string, {}, "/.?", true)
-        end
-
-        def self.build(path, requirements, separators, anchored)
-          parser = Journey::Parser.new
-          ast = parser.parse path
-          new ast, requirements, separators, anchored
-        end
+        attr_reader :ast, :names, :requirements, :anchored, :spec
 
         def initialize(ast, requirements, separators, anchored)
-          @spec         = ast
+          @ast          = ast
+          @spec         = ast.root
           @requirements = requirements
           @separators   = separators
           @anchored     = anchored
 
-          @names          = nil
+          @names          = ast.names
           @optional_names = nil
           @required_names = nil
           @re             = nil
@@ -37,25 +28,28 @@ module ActionDispatch
           required_names
           offsets
           to_regexp
-          nil
+          @ast = nil
         end
 
-        def ast
-          @spec.find_all(&:symbol?).each do |node|
-            re = @requirements[node.to_sym]
-            node.regexp = re if re
-          end
+        def requirements_anchored?
+          # each required param must not be surrounded by a literal, otherwise it isn't simple to chunk-match the url piecemeal
+          terminals = ast.terminals
 
-          @spec.find_all(&:star?).each do |node|
-            node = node.left
-            node.regexp = @requirements[node.to_sym] || /(.+)/
-          end
+          terminals.each_with_index { |s, index|
+            next if index < 1
+            next if s.type == :DOT || s.type == :SLASH
 
-          @spec
-        end
+            back = terminals[index - 1]
+            fwd = terminals[index + 1]
+
+            # we also don't support this yet, constraints must be regexps
+            return false if s.symbol? && s.regexp.is_a?(Array)
+
+            return false if back.literal?
+            return false if !fwd.nil? && fwd.literal?
+          }
 
-        def names
-          @names ||= spec.find_all(&:symbol?).map(&:name)
+          true
         end
 
         def required_names
@@ -81,7 +75,7 @@ module ActionDispatch
           end
 
           def visit_CAT(node)
-            [visit(node.left), visit(node.right)].join
+            "#{visit(node.left)}#{visit(node.right)}"
           end
 
           def visit_SYMBOL(node)
@@ -90,7 +84,7 @@ module ActionDispatch
             return @separator_re unless @matchers.key?(node)
 
             re = @matchers[node]
-            "(#{re})"
+            "(#{Regexp.union(re)})"
           end
 
           def visit_GROUP(node)
@@ -107,8 +101,8 @@ module ActionDispatch
           end
 
           def visit_STAR(node)
-            re = @matchers[node.left.to_sym] || ".+"
-            "(#{re})"
+            re = @matchers[node.left.to_sym]
+            re ? "(#{re})" : "(.+)"
           end
 
           def visit_OR(node)
@@ -119,7 +113,8 @@ module ActionDispatch
 
         class UnanchoredRegexp < AnchoredRegexp # :nodoc:
           def accept(node)
-            %r{\A#{visit node}}
+            path = visit node
+            path == "/" ? %r{\A/} : %r{\A#{path}(?:\b|\Z|/)}
           end
         end
 
@@ -136,6 +131,10 @@ module ActionDispatch
             Array.new(length - 1) { |i| self[i + 1] }
           end
 
+          def named_captures
+            @names.zip(captures).to_h
+          end
+
           def [](x)
             idx = @offsets[x - 1] + x
             @match[idx]
@@ -160,6 +159,10 @@ module ActionDispatch
         end
         alias :=~ :match
 
+        def match?(other)
+          to_regexp.match?(other)
+        end
+
         def source
           to_regexp.source
         end
@@ -168,8 +171,13 @@ module ActionDispatch
           @re ||= regexp_visitor.new(@separators, @requirements).accept spec
         end
 
-        private
+        def requirements_for_missing_keys_check
+          @requirements_for_missing_keys_check ||= requirements.transform_values do |regex|
+            /\A#{regex}\Z/
+          end
+        end
 
+        private
           def regexp_visitor
             @anchored ? AnchoredRegexp : UnanchoredRegexp
           end
@@ -183,7 +191,7 @@ module ActionDispatch
               node = node.to_sym
 
               if @requirements.key?(node)
-                re = /#{@requirements[node]}|/
+                re = /#{Regexp.union(@requirements[node])}|/
                 @offsets.push((re.match("").length - 1) + @offsets.last)
               else
                 @offsets << @offsets.last

data/lib/action_dispatch/journey/route.rb

@@ -4,15 +4,16 @@ module ActionDispatch
   # :stopdoc:
   module Journey
     class Route
-      attr_reader :app, :path, :defaults, :name, :precedence
+      attr_reader :app, :path, :defaults, :name, :precedence, :constraints,
+                  :internal, :scope_options, :ast
 
-      attr_reader :constraints, :internal
       alias :conditions :constraints
 
       module VerbMatchers
         VERBS = %w{ DELETE GET HEAD OPTIONS LINK PATCH POST PUT TRACE UNLINK }
         VERBS.each do |v|
           class_eval <<-eoc, __FILE__, __LINE__ + 1
+            # frozen_string_literal: true
             class #{v}
               def self.verb; name.split("::").last; end
               def self.call(req); req.#{v.downcase}?; end
@@ -27,7 +28,7 @@ module ActionDispatch
             @verb = verb
           end
 
-          def call(request); @verb === request.request_method; end
+          def call(request); @verb == request.request_method; end
         end
 
         class All
@@ -49,15 +50,10 @@ module ActionDispatch
         end
       end
 
-      def self.build(name, app, path, constraints, required_defaults, defaults)
-        request_method_match = verb_matcher(constraints.delete(:request_method))
-        new name, app, path, constraints, required_defaults, defaults, request_method_match, 0
-      end
-
       ##
       # +path+ is a path constraint.
       # +constraints+ is a hash of constraints to be applied to this route.
-      def initialize(name, app, path, constraints, required_defaults, defaults, request_method_match, precedence, internal = false)
+      def initialize(name:, app: nil, path:, constraints: {}, required_defaults: [], defaults: {}, request_method_match: nil, precedence: 0, scope_options: {}, internal: false)
         @name        = name
         @app         = app
         @path        = path
@@ -69,29 +65,23 @@ module ActionDispatch
         @_required_defaults = required_defaults
         @required_parts    = nil
         @parts             = nil
-        @decorated_ast     = nil
         @precedence        = precedence
         @path_formatter    = @path.build_formatter
+        @scope_options     = scope_options
         @internal          = internal
+
+        @ast = @path.ast.root
+        @path.ast.route = self
       end
 
       def eager_load!
         path.eager_load!
-        ast
         parts
         required_defaults
         nil
       end
 
-      def ast
-        @decorated_ast ||= begin
-          decorated_ast = path.ast
-          decorated_ast.find_all(&:terminal?).each { |n| n.memo = self }
-          decorated_ast
-        end
-      end
-
-      # Needed for `rails routes`. Picks up succinctly defined requirements
+      # Needed for `bin/rails routes`. Picks up succinctly defined requirements
       # for a route, for example route
       #
       #   get 'photo/:id', :controller => 'photos', :action => 'show',
@@ -101,7 +91,7 @@ module ActionDispatch
       # as requirements.
       def requirements
         @defaults.merge(path.requirements).delete_if { |_, v|
-          /.+?/ == v
+          /.+?/m == v
         }
       end
 
@@ -114,18 +104,11 @@ module ActionDispatch
       end
 
       def score(supplied_keys)
-        required_keys = path.required_names
-
-        required_keys.each do |k|
+        path.required_names.each do |k|
           return -1 unless supplied_keys.include?(k)
         end
 
-        score = 0
-        path.names.each do |k|
-          score += 1 if supplied_keys.include?(k)
-        end
-
-        score + (required_defaults.length * 2)
+        (required_defaults.length * 2) + path.names.count { |k| supplied_keys.include?(k) }
       end
 
       def parts
@@ -152,7 +135,7 @@ module ActionDispatch
       end
 
       def glob?
-        !path.spec.grep(Nodes::Star).empty?
+        path.ast.glob?
       end
 
       def dispatcher?

data/lib/action_dispatch/journey/router/utils.rb

@@ -17,32 +17,34 @@ module ActionDispatch
         def self.normalize_path(path)
           path ||= ""
           encoding = path.encoding
-          path = "/#{path}".dup
-          path.squeeze!("/".freeze)
-          path.sub!(%r{/+\Z}, "".freeze)
-          path.gsub!(/(%[a-f0-9]{2})/) { $1.upcase }
-          path = "/".dup if path == "".freeze
+          path = +"/#{path}"
+          path.squeeze!("/")
+
+          unless path == "/"
+            path.delete_suffix!("/")
+            path.gsub!(/(%[a-f0-9]{2})/) { $1.upcase }
+          end
+
           path.force_encoding(encoding)
-          path
         end
 
         # URI path and fragment escaping
         # https://tools.ietf.org/html/rfc3986
         class UriEncoder # :nodoc:
-          ENCODE   = "%%%02X".freeze
+          ENCODE   = "%%%02X"
           US_ASCII = Encoding::US_ASCII
           UTF_8    = Encoding::UTF_8
-          EMPTY    = "".dup.force_encoding(US_ASCII).freeze
-          DEC2HEX  = (0..255).to_a.map { |i| ENCODE % i }.map { |s| s.force_encoding(US_ASCII) }
+          EMPTY    = (+"").force_encoding(US_ASCII).freeze
+          DEC2HEX  = (0..255).map { |i| (ENCODE % i).force_encoding(US_ASCII) }
 
-          ALPHA = "a-zA-Z".freeze
-          DIGIT = "0-9".freeze
-          UNRESERVED = "#{ALPHA}#{DIGIT}\\-\\._~".freeze
-          SUB_DELIMS = "!\\$&'\\(\\)\\*\\+,;=".freeze
+          ALPHA = "a-zA-Z"
+          DIGIT = "0-9"
+          UNRESERVED = "#{ALPHA}#{DIGIT}\\-\\._~"
+          SUB_DELIMS = "!\\$&'\\(\\)\\*\\+,;="
 
           ESCAPED  = /%[a-zA-Z0-9]{2}/.freeze
 
-          FRAGMENT = /[^#{UNRESERVED}#{SUB_DELIMS}:@\/\?]/.freeze
+          FRAGMENT = /[^#{UNRESERVED}#{SUB_DELIMS}:@\/?]/.freeze
           SEGMENT  = /[^#{UNRESERVED}#{SUB_DELIMS}:@]/.freeze
           PATH     = /[^#{UNRESERVED}#{SUB_DELIMS}:@\/]/.freeze
 

data/lib/action_dispatch/journey/router.rb

@@ -15,9 +15,6 @@ require "action_dispatch/journey/path/pattern"
 module ActionDispatch
   module Journey # :nodoc:
     class Router # :nodoc:
-      class RoutingError < ::StandardError # :nodoc:
-      end
-
       attr_accessor :routes
 
       def initialize(routes)
@@ -43,11 +40,12 @@ module ActionDispatch
             req.path_info = "/" + req.path_info unless req.path_info.start_with? "/"
           end
 
-          parameters = route.defaults.merge parameters.transform_values { |val|
-            val.dup.force_encoding(::Encoding::UTF_8)
+          tmp_params = set_params.merge route.defaults
+          parameters.each_pair { |key, val|
+            tmp_params[key] = val.force_encoding(::Encoding::UTF_8)
           }
 
-          req.path_parameters = set_params.merge parameters
+          req.path_parameters = tmp_params
 
           status, headers, body = route.app.serve(req)
 
@@ -68,7 +66,8 @@ module ActionDispatch
         find_routes(rails_req).each do |match, parameters, route|
           unless route.path.anchored
             rails_req.script_name = match.to_s
-            rails_req.path_info   = match.post_match.sub(/^([^\/])/, '/\1')
+            rails_req.path_info   = match.post_match
+            rails_req.path_info   = "/" + rails_req.path_info unless rails_req.path_info.start_with? "/"
           end
 
           parameters = route.defaults.merge parameters
@@ -84,10 +83,9 @@ module ActionDispatch
       end
 
       private
-
         def partitioned_routes
           routes.partition { |r|
-            r.path.anchored && r.ast.grep(Nodes::Symbol).all? { |n| n.default_regexp?  }
+            r.path.anchored && r.path.requirements_anchored?
           }
         end
 
@@ -109,23 +107,24 @@ module ActionDispatch
         end
 
         def find_routes(req)
-          routes = filter_routes(req.path_info).concat custom_routes.find_all { |r|
-            r.path.match(req.path_info)
+          path_info = req.path_info
+          routes = filter_routes(path_info).concat custom_routes.find_all { |r|
+            r.path.match?(path_info)
           }
 
-          routes =
-            if req.head?
-              match_head_routes(routes, req)
-            else
-              match_routes(routes, req)
-            end
+          if req.head?
+            routes = match_head_routes(routes, req)
+          else
+            routes.select! { |r| r.matches?(req) }
+          end
 
           routes.sort_by!(&:precedence)
 
           routes.map! { |r|
-            match_data = r.path.match(req.path_info)
+            match_data = r.path.match(path_info)
             path_parameters = {}
-            match_data.names.zip(match_data.captures) { |name, val|
+            match_data.names.each_with_index { |name, i|
+              val = match_data[i + 1]
               path_parameters[name.to_sym] = Utils.unescape_uri(val) if val
             }
             [match_data, path_parameters, r]
@@ -133,24 +132,17 @@ module ActionDispatch
         end
 
         def match_head_routes(routes, req)
-          verb_specific_routes = routes.select(&:requires_matching_verb?)
-          head_routes = match_routes(verb_specific_routes, req)
-
-          if head_routes.empty?
-            begin
-              req.request_method = "GET"
-              match_routes(routes, req)
-            ensure
-              req.request_method = "HEAD"
-            end
-          else
-            head_routes
+          head_routes = routes.select { |r| r.requires_matching_verb? && r.matches?(req) }
+          return head_routes unless head_routes.empty?
+
+          begin
+            req.request_method = "GET"
+            routes.select! { |r| r.matches?(req) }
+            routes
+          ensure
+            req.request_method = "HEAD"
           end
         end
-
-        def match_routes(routes, req)
-          routes.select { |r| r.matches?(req) }
-        end
     end
   end
 end

data/lib/action_dispatch/journey/routes.rb

@@ -41,7 +41,7 @@ module ActionDispatch
       end
 
       def partition_route(route)
-        if route.path.anchored && route.ast.grep(Nodes::Symbol).all?(&:default_regexp?)
+        if route.path.anchored && route.path.requirements_anchored?
           anchored_routes << route
         else
           custom_routes << route
@@ -50,13 +50,12 @@ module ActionDispatch
 
       def ast
         @ast ||= begin
-          asts = anchored_routes.map(&:ast)
-          Nodes::Or.new(asts)
+          nodes = anchored_routes.map(&:ast)
+          Nodes::Or.new(nodes)
         end
       end
 
       def simulator
-        return if ast.nil?
         @simulator ||= begin
           gtg = GTG::Builder.new(ast).transition_table
           GTG::Simulator.new(gtg)
@@ -72,7 +71,6 @@ module ActionDispatch
       end
 
       private
-
         def clear_cache!
           @ast                = nil
           @simulator          = nil

data/lib/action_dispatch/journey/scanner.rb

@@ -33,6 +33,12 @@ module ActionDispatch
       end
 
       private
+        # takes advantage of String @- deduping capabilities in Ruby 2.5 upwards
+        # see: https://bugs.ruby-lang.org/issues/13077
+        def dedup_scan(regex)
+          r = @ss.scan(regex)
+          r ? -r : nil
+        end
 
         def scan
           case
@@ -47,15 +53,15 @@ module ActionDispatch
             [:OR, "|"]
           when @ss.skip(/\./)
             [:DOT, "."]
-          when text = @ss.scan(/:\w+/)
+          when text = dedup_scan(/:\w+/)
             [:SYMBOL, text]
-          when text = @ss.scan(/\*\w+/)
+          when text = dedup_scan(/\*\w+/)
             [:STAR, text]
           when text = @ss.scan(/(?:[\w%\-~!$&'*+,;=@]|\\[:()])+/)
             text.tr! "\\", ""
-            [:LITERAL, text]
+            [:LITERAL, -text]
             # any char
-          when text = @ss.scan(/./)
+          when text = dedup_scan(/./)
             [:LITERAL, text]
           end
         end

data/lib/action_dispatch/journey/visitors.rb

@@ -40,7 +40,7 @@ module ActionDispatch
         @parameters.each do |index|
           param = parts[index]
           value = hash[param.name]
-          return "".freeze unless value
+          return "" if value.nil?
           parts[index] = param.escape value
         end
 
@@ -59,7 +59,6 @@ module ActionDispatch
         end
 
         private
-
           def visit(node)
             send(DISPATCH_CACHE[node.type], node)
           end
@@ -168,7 +167,6 @@ module ActionDispatch
 
       class String < FunctionalVisitor # :nodoc:
         private
-
           def binary(node, seed)
             visit(node.right, visit(node.left, seed))
           end
@@ -214,7 +212,6 @@ module ActionDispatch
         end
 
         private
-
           def binary(node, seed)
             seed.last.concat node.children.map { |c|
               "#{node.object_id} -> #{c.object_id};"

data/lib/action_dispatch/journey/visualizer/fsm.js

@@ -68,7 +68,7 @@ function highlight_state(index, color) {
 }
 
 function highlight_finish(index) {
-  svg_nodes[index].select('polygon')
+  svg_nodes[index].select('ellipse')
     .style("fill", "while")
     .transition().duration(500)
     .style("fill", "blue");
@@ -76,54 +76,79 @@ function highlight_finish(index) {
 
 function match(input) {
   reset_graph();
-  var table         = tt();
-  var states        = [0];
-  var regexp_states = table['regexp_states'];
-  var string_states = table['string_states'];
-  var accepting     = table['accepting'];
+  var table           = tt();
+  var states          = [[0, null]];
+  var regexp_states   = table['regexp_states'];
+  var string_states   = table['string_states'];
+  var stdparam_states = table['stdparam_states'];
+  var accepting       = table['accepting'];
+  var default_re      = new RegExp("^[^.\/?]+$");
+  var start_index     = 0;
 
   highlight_state(0);
 
   tokenize(input, function(token) {
+    var end_index = start_index + token.length;
+
     var new_states = [];
     for(var key in states) {
-      var state = states[key];
+      var state_parts = states[key];
+      var state = state_parts[0];
+      var previous_start = state_parts[1];
+
+      if(previous_start == null) {
+        if(string_states[state] && string_states[state][token]) {
+          var new_state = string_states[state][token];
+          highlight_edge(state, new_state);
+          highlight_state(new_state);
+          new_states.push([new_state, null]);
+        }
 
-      if(string_states[state] && string_states[state][token]) {
-        var new_state = string_states[state][token];
-        highlight_edge(state, new_state);
-        highlight_state(new_state);
-        new_states.push(new_state);
+        if(stdparam_states[state] && default_re.test(token)) {
+          for(var key in stdparam_states[state]) {
+            var new_state = stdparam_states[state][key];
+            highlight_edge(state, new_state);
+            highlight_state(new_state);
+            new_states.push([new_state, null]);
+          }
+        }
       }
 
       if(regexp_states[state]) {
+        var slice_start = previous_start != null ? previous_start : start_index;
+
         for(var key in regexp_states[state]) {
           var re = new RegExp("^" + key + "$");
-          if(re.test(token)) {
+
+          var accumulation = input.slice(slice_start, end_index);
+
+          if(re.test(accumulation)) {
             var new_state = regexp_states[state][key];
             highlight_edge(state, new_state);
             highlight_state(new_state);
-            new_states.push(new_state);
+            new_states.push([new_state, null]);
           }
+
+          // retry the same regexp with the accumulated data either way
+          new_states.push([state, slice_start]);
         }
       }
     }
 
-    if(new_states.length == 0) {
-      return;
-    }
     states = new_states;
+    start_index = end_index;
   });
 
   for(var key in states) {
-    var state = states[key];
+    var state_parts = states[key];
+    var state = state_parts[0];
+    var slice_start = state_parts[1];
+
+    // we must ignore ones that are still accepting more data
+    if (slice_start != null) continue;
+
     if(accepting[state]) {
-      for(var mkey in svg_edges[state]) {
-        if(!regexp_states[mkey] && !string_states[mkey]) {
-          highlight_edge(state, mkey);
-          highlight_finish(mkey);
-        }
-      }
+      highlight_finish(state);
     } else {
       highlight_state(state, "red");
     }

data/lib/action_dispatch/journey/visualizer/index.html.erb

@@ -8,7 +8,7 @@
         <%= style %>
       <% end %>
     </style>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/d3/3.4.8/d3.min.js" type="text/javascript"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/d3/3.4.8/d3.min.js"></script>
   </head>
   <body>
     <div id="wrapper">

data/lib/action_dispatch/journey.rb

@@ -3,5 +3,3 @@
 require "action_dispatch/journey/router"
 require "action_dispatch/journey/gtg/builder"
 require "action_dispatch/journey/gtg/simulator"
-require "action_dispatch/journey/nfa/builder"
-require "action_dispatch/journey/nfa/simulator"