actionpack 5.2.4.rc1 → 6.0.0.rc2

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2004-2018 David Heinemeier Hansson
+Copyright (c) 2004-2019 David Heinemeier Hansson
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.rdoc

@@ -23,6 +23,7 @@ by default and Action View rendering is implicitly triggered by Action
 Controller. However, these modules are designed to function on their own and
 can be used outside of Rails.
 
+You can read more about Action Pack in the {Action Controller Overview}[https://guides.rubyonrails.org/action_controller_overview.html] guide.
 
 == Download and installation
 
@@ -32,7 +33,7 @@ The latest version of Action Pack can be installed with RubyGems:
 
 Source code can be downloaded as part of the Rails project on GitHub:
 
-* https://github.com/rails/rails/tree/5-2-stable/actionpack
+* https://github.com/rails/rails/tree/master/actionpack
 
 
 == License
@@ -46,7 +47,7 @@ Action Pack is released under the MIT license:
 
 API documentation is at:
 
-* http://api.rubyonrails.org
+* https://api.rubyonrails.org
 
 Bug reports for the Ruby on Rails project can be filed here:
 

data/lib/abstract_controller/base.rb

@@ -78,7 +78,9 @@ module AbstractController
             # Except for public instance methods of Base and its ancestors
             internal_methods +
             # Be sure to include shadowed public instance methods of this class
-            public_instance_methods(false)).uniq.map(&:to_s)
+            public_instance_methods(false))
+
+          methods.map!(&:to_s)
 
           methods.to_set
         end
@@ -102,7 +104,7 @@ module AbstractController
       # ==== Returns
       # * <tt>String</tt>
       def controller_path
-        @controller_path ||= name.sub(/Controller$/, "".freeze).underscore unless anonymous?
+        @controller_path ||= name.sub(/Controller$/, "").underscore unless anonymous?
       end
 
       # Refresh the cached action_methods when a new action_method is added.

data/lib/abstract_controller/caching/fragments.rb

@@ -28,7 +28,6 @@ module AbstractController
         self.fragment_cache_keys = []
 
         if respond_to?(:helper_method)
-          helper_method :fragment_cache_key
           helper_method :combined_fragment_cache_key
         end
       end
@@ -60,35 +59,20 @@ module AbstractController
         end
       end
 
-      # Given a key (as described in +expire_fragment+), returns
-      # a key suitable for use in reading, writing, or expiring a
-      # cached fragment. All keys begin with <tt>views/</tt>,
-      # followed by any controller-wide key prefix values, ending
-      # with the specified +key+ value. The key is expanded using
-      # ActiveSupport::Cache.expand_cache_key.
-      def fragment_cache_key(key)
-        ActiveSupport::Deprecation.warn(<<-MSG.squish)
-          Calling fragment_cache_key directly is deprecated and will be removed in Rails 6.0.
-          All fragment accessors now use the combined_fragment_cache_key method that retains the key as an array,
-          such that the caching stores can interrogate the parts for cache versions used in
-          recyclable cache keys.
-        MSG
-
-        head = self.class.fragment_cache_keys.map { |k| instance_exec(&k) }
-        tail = key.is_a?(Hash) ? url_for(key).split("://").last : key
-        ActiveSupport::Cache.expand_cache_key([*head, *tail], :views)
-      end
-
       # Given a key (as described in +expire_fragment+), returns
       # a key array suitable for use in reading, writing, or expiring a
       # cached fragment. All keys begin with <tt>:views</tt>,
-      # followed by ENV["RAILS_CACHE_ID"] or ENV["RAILS_APP_VERSION"] if set,
+      # followed by <tt>ENV["RAILS_CACHE_ID"]</tt> or <tt>ENV["RAILS_APP_VERSION"]</tt> if set,
       # followed by any controller-wide key prefix values, ending
       # with the specified +key+ value.
       def combined_fragment_cache_key(key)
         head = self.class.fragment_cache_keys.map { |k| instance_exec(&k) }
         tail = key.is_a?(Hash) ? url_for(key).split("://").last : key
-        [ :views, (ENV["RAILS_CACHE_ID"] || ENV["RAILS_APP_VERSION"]), *head, *tail ].compact
+
+        cache_key = [:views, ENV["RAILS_CACHE_ID"] || ENV["RAILS_APP_VERSION"], head, tail]
+        cache_key.flatten!(1)
+        cache_key.compact!
+        cache_key
       end
 
       # Writes +content+ to the location signified by

data/lib/abstract_controller/callbacks.rb

@@ -103,6 +103,10 @@ module AbstractController
       # :call-seq: before_action(names, block)
       #
       # Append a callback before actions. See _insert_callbacks for parameter details.
+      #
+      # If the callback renders or redirects, the action will not run. If there
+      # are additional callbacks scheduled to run after that callback, they are
+      # also cancelled.
 
       ##
       # :method: prepend_before_action
@@ -110,6 +114,10 @@ module AbstractController
       # :call-seq: prepend_before_action(names, block)
       #
       # Prepend a callback before actions. See _insert_callbacks for parameter details.
+      #
+      # If the callback renders or redirects, the action will not run. If there
+      # are additional callbacks scheduled to run after that callback, they are
+      # also cancelled.
 
       ##
       # :method: skip_before_action
@@ -124,6 +132,10 @@ module AbstractController
       # :call-seq: append_before_action(names, block)
       #
       # Append a callback before actions. See _insert_callbacks for parameter details.
+      #
+      # If the callback renders or redirects, the action will not run. If there
+      # are additional callbacks scheduled to run after that callback, they are
+      # also cancelled.
 
       ##
       # :method: after_action

data/lib/abstract_controller/collector.rb

@@ -26,7 +26,7 @@ module AbstractController
     def method_missing(symbol, &block)
       unless mime_constant = Mime[symbol]
         raise NoMethodError, "To respond to a custom format, register it as a MIME type first: " \
-          "http://guides.rubyonrails.org/action_controller_overview.html#restful-downloads. " \
+          "https://guides.rubyonrails.org/action_controller_overview.html#restful-downloads. " \
           "If you meant to respond to a variant like :tablet or :phone, not a custom format, " \
           "be sure to nest your variant response within a format response: " \
           "format.html { |html| html.tablet { ... } }"

data/lib/abstract_controller/helpers.rb

@@ -17,7 +17,7 @@ module AbstractController
         @path  = "helpers/#{path}.rb"
         set_backtrace error.backtrace
 
-        if error.path =~ /^#{path}(\.rb)?$/
+        if /^#{path}(\.rb)?$/.match?(error.path)
           super("Missing helper file helpers/%s.rb" % path)
         else
           raise error
@@ -181,7 +181,7 @@ module AbstractController
         end
 
         def default_helper_module!
-          module_name = name.sub(/Controller$/, "".freeze)
+          module_name = name.sub(/Controller$/, "")
           module_path = module_name.underscore
           helper module_path
         rescue LoadError => e

data/lib/abstract_controller/railties/routes_helpers.rb

@@ -7,7 +7,7 @@ module AbstractController
         Module.new do
           define_method(:inherited) do |klass|
             super(klass)
-            if namespace = klass.parents.detect { |m| m.respond_to?(:railtie_routes_url_helpers) }
+            if namespace = klass.module_parents.detect { |m| m.respond_to?(:railtie_routes_url_helpers) }
               klass.include(namespace.railtie_routes_url_helpers(include_path_helpers))
             else
               klass.include(routes.url_helpers(include_path_helpers))

data/lib/abstract_controller/translation.rb

@@ -11,6 +11,7 @@ module AbstractController
     # to translate many keys within the same controller / action and gives you a
     # simple framework for scoping them consistently.
     def translate(key, options = {})
+      options = options.dup
       if key.to_s.first == "."
         path = controller_path.tr("/", ".")
         defaults = [:"#{path}#{key}"]

data/lib/action_controller.rb

@@ -25,6 +25,7 @@ module ActionController
     autoload :ContentSecurityPolicy
     autoload :Cookies
     autoload :DataStreaming
+    autoload :DefaultHeaders
     autoload :EtagWithTemplateDigest
     autoload :EtagWithFlash
     autoload :Flash

data/lib/action_controller/api.rb

@@ -12,7 +12,7 @@ module ActionController
   #
   # An API Controller is different from a normal controller in the sense that
   # by default it doesn't include a number of features that are usually required
-  # by browser access only: layouts and templates rendering, cookies, sessions,
+  # by browser access only: layouts and templates rendering,
   # flash, assets, and so on. This makes the entire controller stack thinner,
   # suitable for API applications. It doesn't mean you won't have such
   # features if you need them: they're all available for you to include in
@@ -122,6 +122,7 @@ module ActionController
 
       ForceSSL,
       DataStreaming,
+      DefaultHeaders,
 
       # Before callbacks should also be executed as early as possible, so
       # also include them at the bottom.

data/lib/action_controller/base.rb

@@ -78,7 +78,7 @@ module ActionController
   #
   # You can retrieve it again through the same hash:
   #
-  #   Hello #{session[:person]}
+  #   "Hello #{session[:person]}"
   #
   # For removing objects from the session, you can either assign a single key to +nil+:
   #
@@ -232,6 +232,7 @@ module ActionController
       HttpAuthentication::Basic::ControllerMethods,
       HttpAuthentication::Digest::ControllerMethods,
       HttpAuthentication::Token::ControllerMethods,
+      DefaultHeaders,
 
       # Before callbacks should also be executed as early as possible, so
       # also include them at the bottom.
@@ -264,12 +265,6 @@ module ActionController
       PROTECTED_IVARS
     end
 
-    def self.make_response!(request)
-      ActionDispatch::Response.create.tap do |res|
-        res.request = request
-      end
-    end
-
     ActiveSupport.run_load_hooks(:action_controller_base, self)
     ActiveSupport.run_load_hooks(:action_controller, self)
   end

data/lib/action_controller/caching.rb

@@ -40,7 +40,7 @@ module ActionController
       end
 
       def instrument_name
-        "action_controller".freeze
+        "action_controller"
       end
   end
 end

data/lib/action_controller/log_subscriber.rb

@@ -18,16 +18,19 @@ module ActionController
 
     def process_action(event)
       info do
-        payload   = event.payload
+        payload = event.payload
         additions = ActionController::Base.log_process_action(payload)
-
         status = payload[:status]
+
         if status.nil? && payload[:exception].present?
           exception_class_name = payload[:exception].first
           status = ActionDispatch::ExceptionWrapper.status_code_for_exception(exception_class_name)
         end
-        message = "Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms".dup
-        message << " (#{additions.join(" | ".freeze)})" unless additions.empty?
+
+        additions << "Allocations: #{event.allocations}"
+
+        message = +"Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms"
+        message << " (#{additions.join(" | ")})" unless additions.empty?
         message << "\n\n" if defined?(Rails.env) && Rails.env.development?
 
         message
@@ -53,7 +56,7 @@ module ActionController
     def unpermitted_parameters(event)
       debug do
         unpermitted_keys = event.payload[:keys]
-        "Unpermitted parameter#{'s' if unpermitted_keys.size > 1}: #{unpermitted_keys.map { |e| ":#{e}" }.join(", ")}"
+        color("Unpermitted parameter#{'s' if unpermitted_keys.size > 1}: #{unpermitted_keys.map { |e| ":#{e}" }.join(", ")}", RED)
       end
     end
 

data/lib/action_controller/metal.rb

@@ -148,7 +148,7 @@ module ActionController
     attr_internal :response, :request
     delegate :session, to: "@_request"
     delegate :headers, :status=, :location=, :content_type=,
-             :status, :location, :content_type, to: "@_response"
+             :status, :location, :content_type, :media_type, to: "@_response"
 
     def initialize
       @_request = nil

data/lib/action_controller/metal/basic_implicit_render.rb

@@ -6,7 +6,7 @@ module ActionController
       super.tap { default_render unless performed? }
     end
 
-    def default_render(*args)
+    def default_render
       head :no_content
     end
   end

data/lib/action_controller/metal/conditional_get.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "active_support/core_ext/hash/keys"
-
 module ActionController
   module ConditionalGet
     extend ActiveSupport::Concern
@@ -230,12 +228,20 @@ module ActionController
     # This method will overwrite an existing Cache-Control header.
     # See https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html for more possibilities.
     #
+    # HTTP Cache-Control Extensions for Stale Content. See https://tools.ietf.org/html/rfc5861
+    # It helps to cache an asset and serve it while is being revalidated and/or returning with an error.
+    #
+    #   expires_in 3.hours, public: true, stale_while_revalidate: 60.seconds
+    #   expires_in 3.hours, public: true, stale_while_revalidate: 60.seconds, stale_if_error: 5.minutes
+    #
     # The method will also ensure an HTTP Date header for client compatibility.
     def expires_in(seconds, options = {})
       response.cache_control.merge!(
         max_age: seconds,
         public: options.delete(:public),
-        must_revalidate: options.delete(:must_revalidate)
+        must_revalidate: options.delete(:must_revalidate),
+        stale_while_revalidate: options.delete(:stale_while_revalidate),
+        stale_if_error: options.delete(:stale_if_error),
       )
       options.delete(:private)
 

data/lib/action_controller/metal/data_streaming.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "action_controller/metal/exceptions"
+require "action_dispatch/http/content_disposition"
 
 module ActionController #:nodoc:
   # Methods for sending arbitrary data and for streaming files to the browser,
@@ -10,8 +11,8 @@ module ActionController #:nodoc:
 
     include ActionController::Rendering
 
-    DEFAULT_SEND_FILE_TYPE        = "application/octet-stream".freeze #:nodoc:
-    DEFAULT_SEND_FILE_DISPOSITION = "attachment".freeze #:nodoc:
+    DEFAULT_SEND_FILE_TYPE        = "application/octet-stream" #:nodoc:
+    DEFAULT_SEND_FILE_DISPOSITION = "attachment" #:nodoc:
 
     private
       # Sends the file. This uses a server-appropriate method (such as X-Sendfile)
@@ -132,10 +133,8 @@ module ActionController #:nodoc:
         end
 
         disposition = options.fetch(:disposition, DEFAULT_SEND_FILE_DISPOSITION)
-        unless disposition.nil?
-          disposition  = disposition.to_s
-          disposition += %(; filename="#{options[:filename]}") if options[:filename]
-          headers["Content-Disposition"] = disposition
+        if disposition
+          headers["Content-Disposition"] = ActionDispatch::Http::ContentDisposition.format(disposition: disposition, filename: options[:filename])
         end
 
         headers["Content-Transfer-Encoding"] = "binary"

data/lib/action_controller/metal/default_headers.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module ActionController
+  # Allows configuring default headers that will be automatically merged into
+  # each response.
+  module DefaultHeaders
+    extend ActiveSupport::Concern
+
+    module ClassMethods
+      def make_response!(request)
+        ActionDispatch::Response.create.tap do |res|
+          res.request = request
+        end
+      end
+    end
+  end
+end

data/lib/action_controller/metal/etag_with_template_digest.rb

@@ -51,7 +51,7 @@ module ActionController
       end
 
       def lookup_and_digest_template(template)
-        ActionView::Digestor.digest name: template, finder: lookup_context
+        ActionView::Digestor.digest name: template, format: nil, finder: lookup_context
       end
   end
 end

data/lib/action_controller/metal/exceptions.rb

@@ -22,7 +22,7 @@ module ActionController
     end
   end
 
-  class ActionController::UrlGenerationError < ActionControllerError #:nodoc:
+  class UrlGenerationError < ActionControllerError #:nodoc:
   end
 
   class MethodNotAllowed < ActionControllerError #:nodoc:
@@ -50,4 +50,25 @@ module ActionController
 
   class UnknownFormat < ActionControllerError #:nodoc:
   end
+
+  # Raised when a nested respond_to is triggered and the content types of each
+  # are incompatible. For example:
+  #
+  #  respond_to do |outer_type|
+  #    outer_type.js do
+  #      respond_to do |inner_type|
+  #        inner_type.html { render body: "HTML" }
+  #      end
+  #    end
+  #  end
+  class RespondToMismatchError < ActionControllerError
+    DEFAULT_MESSAGE = "respond_to was called multiple times and matched with conflicting formats in this action. Please note that you may only call respond_to and match on a single format per action."
+
+    def initialize(message = nil)
+      super(message || DEFAULT_MESSAGE)
+    end
+  end
+
+  class MissingExactTemplate < UnknownFormat #:nodoc:
+  end
 end

data/lib/action_controller/metal/flash.rb

@@ -36,7 +36,7 @@ module ActionController #:nodoc:
           define_method(type) do
             request.flash[type]
           end
-          helper_method type
+          helper_method(type) if respond_to?(:helper_method)
 
           self._flash_types += [type]
         end
@@ -44,18 +44,18 @@ module ActionController #:nodoc:
     end
 
     private
-      def redirect_to(options = {}, response_status_and_flash = {}) #:doc:
+      def redirect_to(options = {}, response_options_and_flash = {}) #:doc:
         self.class._flash_types.each do |flash_type|
-          if type = response_status_and_flash.delete(flash_type)
+          if type = response_options_and_flash.delete(flash_type)
             flash[flash_type] = type
           end
         end
 
-        if other_flashes = response_status_and_flash.delete(:flash)
+        if other_flashes = response_options_and_flash.delete(:flash)
           flash.update(other_flashes)
         end
 
-        super(options, response_status_and_flash)
+        super(options, response_options_and_flash)
       end
   end
 end