RubyGems - actionpack - Versions diffs - 5.2.7.1 → 6.1.4.6 - Mend

actionpack 5.2.7.1 → 6.1.4.6

Potentially problematic release.

This version of actionpack might be problematic. Click here for more details.

Files changed (155) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +329 -352
data/MIT-LICENSE +1 -1
data/README.rdoc +4 -3
data/lib/abstract_controller/base.rb +38 -4
data/lib/abstract_controller/caching/fragments.rb +6 -22
data/lib/abstract_controller/caching.rb +1 -1
data/lib/abstract_controller/callbacks.rb +14 -2
data/lib/abstract_controller/collector.rb +1 -2
data/lib/abstract_controller/helpers.rb +106 -90
data/lib/abstract_controller/railties/routes_helpers.rb +17 -1
data/lib/abstract_controller/rendering.rb +9 -9
data/lib/abstract_controller/translation.rb +11 -5
data/lib/abstract_controller.rb +1 -0
data/lib/action_controller/api.rb +4 -3
data/lib/action_controller/base.rb +6 -9
data/lib/action_controller/caching.rb +1 -3
data/lib/action_controller/log_subscriber.rb +10 -7
data/lib/action_controller/metal/basic_implicit_render.rb +1 -1
data/lib/action_controller/metal/conditional_get.rb +19 -5
data/lib/action_controller/metal/content_security_policy.rb +1 -2
data/lib/action_controller/metal/cookies.rb +3 -1
data/lib/action_controller/metal/data_streaming.rb +6 -7
data/lib/action_controller/metal/default_headers.rb +17 -0
data/lib/action_controller/metal/etag_with_template_digest.rb +4 -6
data/lib/action_controller/metal/exceptions.rb +56 -2
data/lib/action_controller/metal/flash.rb +5 -5
data/lib/action_controller/metal/head.rb +7 -4
data/lib/action_controller/metal/helpers.rb +14 -5
data/lib/action_controller/metal/http_authentication.rb +24 -23
data/lib/action_controller/metal/implicit_render.rb +5 -15
data/lib/action_controller/metal/instrumentation.rb +13 -14
data/lib/action_controller/metal/live.rb +39 -32
data/lib/action_controller/metal/logging.rb +20 -0
data/lib/action_controller/metal/mime_responds.rb +19 -4
data/lib/action_controller/metal/parameter_encoding.rb +35 -4
data/lib/action_controller/metal/params_wrapper.rb +32 -22
data/lib/action_controller/metal/permissions_policy.rb +46 -0
data/lib/action_controller/metal/redirecting.rb +6 -6
data/lib/action_controller/metal/renderers.rb +4 -4
data/lib/action_controller/metal/rendering.rb +8 -3
data/lib/action_controller/metal/request_forgery_protection.rb +26 -49
data/lib/action_controller/metal/rescue.rb +1 -1
data/lib/action_controller/metal/streaming.rb +0 -1
data/lib/action_controller/metal/strong_parameters.rb +167 -58
data/lib/action_controller/metal/url_for.rb +1 -1
data/lib/action_controller/metal.rb +10 -8
data/lib/action_controller/railties/helpers.rb +1 -1
data/lib/action_controller/renderer.rb +37 -13
data/lib/action_controller/template_assertions.rb +1 -1
data/lib/action_controller/test_case.rb +71 -63
data/lib/action_controller.rb +7 -4
data/lib/action_dispatch/http/cache.rb +31 -27
data/lib/action_dispatch/http/content_disposition.rb +45 -0
data/lib/action_dispatch/http/content_security_policy.rb +39 -17
data/lib/action_dispatch/http/filter_parameters.rb +9 -8
data/lib/action_dispatch/http/filter_redirect.rb +2 -3
data/lib/action_dispatch/http/headers.rb +4 -4
data/lib/action_dispatch/http/mime_negotiation.rb +26 -13
data/lib/action_dispatch/http/mime_type.rb +43 -24
data/lib/action_dispatch/http/parameters.rb +14 -23
data/lib/action_dispatch/http/permissions_policy.rb +173 -0
data/lib/action_dispatch/http/request.rb +45 -22
data/lib/action_dispatch/http/response.rb +45 -25
data/lib/action_dispatch/http/upload.rb +9 -1
data/lib/action_dispatch/http/url.rb +82 -82
data/lib/action_dispatch/journey/formatter.rb +55 -31
data/lib/action_dispatch/journey/gtg/builder.rb +22 -37
data/lib/action_dispatch/journey/gtg/simulator.rb +8 -7
data/lib/action_dispatch/journey/gtg/transition_table.rb +6 -5
data/lib/action_dispatch/journey/nfa/dot.rb +0 -11
data/lib/action_dispatch/journey/nodes/node.rb +13 -11
data/lib/action_dispatch/journey/parser.rb +13 -13
data/lib/action_dispatch/journey/parser.y +1 -1
data/lib/action_dispatch/journey/path/pattern.rb +19 -21
data/lib/action_dispatch/journey/route.rb +10 -20
data/lib/action_dispatch/journey/router/utils.rb +14 -12
data/lib/action_dispatch/journey/router.rb +26 -34
data/lib/action_dispatch/journey/routes.rb +0 -2
data/lib/action_dispatch/journey/scanner.rb +10 -4
data/lib/action_dispatch/journey/visitors.rb +1 -4
data/lib/action_dispatch/journey.rb +0 -2
data/lib/action_dispatch/middleware/actionable_exceptions.rb +46 -0
data/lib/action_dispatch/middleware/callbacks.rb +2 -4
data/lib/action_dispatch/middleware/cookies.rb +128 -109
data/lib/action_dispatch/middleware/debug_exceptions.rb +43 -66
data/lib/action_dispatch/middleware/debug_locks.rb +5 -5
data/lib/action_dispatch/middleware/debug_view.rb +66 -0
data/lib/action_dispatch/middleware/exception_wrapper.rb +75 -30
data/lib/action_dispatch/middleware/flash.rb +1 -1
data/lib/action_dispatch/middleware/host_authorization.rb +141 -0
data/lib/action_dispatch/middleware/public_exceptions.rb +6 -3
data/lib/action_dispatch/middleware/remote_ip.rb +14 -16
data/lib/action_dispatch/middleware/request_id.rb +5 -6
data/lib/action_dispatch/middleware/session/abstract_store.rb +2 -3
data/lib/action_dispatch/middleware/session/cookie_store.rb +3 -9
data/lib/action_dispatch/middleware/show_exceptions.rb +3 -2
data/lib/action_dispatch/middleware/ssl.rb +20 -15
data/lib/action_dispatch/middleware/stack.rb +56 -2
data/lib/action_dispatch/middleware/static.rb +153 -93
data/lib/action_dispatch/middleware/templates/rescues/_actions.html.erb +13 -0
data/lib/action_dispatch/middleware/templates/rescues/_actions.text.erb +0 -0
data/lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb +22 -0
data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +3 -1
data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.text.erb +1 -1
data/lib/action_dispatch/middleware/templates/rescues/_source.html.erb +4 -2
data/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb +45 -35
data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb +7 -0
data/lib/action_dispatch/middleware/templates/rescues/blocked_host.text.erb +5 -0
data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb +23 -4
data/lib/action_dispatch/middleware/templates/rescues/diagnostics.text.erb +1 -1
data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +6 -3
data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +4 -1
data/lib/action_dispatch/middleware/templates/rescues/layout.erb +104 -8
data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.html.erb +19 -0
data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.text.erb +3 -0
data/lib/action_dispatch/middleware/templates/rescues/missing_template.html.erb +2 -2
data/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb +1 -1
data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +2 -2
data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb +1 -1
data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +24 -1
data/lib/action_dispatch/railtie.rb +8 -2
data/lib/action_dispatch/request/session.rb +11 -10
data/lib/action_dispatch/request/utils.rb +26 -2
data/lib/action_dispatch/routing/inspector.rb +100 -52
data/lib/action_dispatch/routing/mapper.rb +155 -103
data/lib/action_dispatch/routing/polymorphic_routes.rb +13 -15
data/lib/action_dispatch/routing/redirection.rb +4 -4
data/lib/action_dispatch/routing/route_set.rb +71 -69
data/lib/action_dispatch/routing/url_for.rb +2 -2
data/lib/action_dispatch/routing.rb +21 -20
data/lib/action_dispatch/system_test_case.rb +54 -11
data/lib/action_dispatch/system_testing/browser.rb +53 -16
data/lib/action_dispatch/system_testing/driver.rb +11 -3
data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +49 -7
data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +8 -10
data/lib/action_dispatch/testing/assertion_response.rb +0 -1
data/lib/action_dispatch/testing/assertions/response.rb +4 -7
data/lib/action_dispatch/testing/assertions/routing.rb +20 -8
data/lib/action_dispatch/testing/assertions.rb +1 -1
data/lib/action_dispatch/testing/integration.rb +60 -28
data/lib/action_dispatch/testing/request_encoder.rb +2 -2
data/lib/action_dispatch/testing/test_process.rb +29 -4
data/lib/action_dispatch/testing/test_request.rb +3 -3
data/lib/action_dispatch/testing/test_response.rb +4 -32
data/lib/action_dispatch.rb +9 -3
data/lib/action_pack/gem_version.rb +4 -4
data/lib/action_pack.rb +1 -1
metadata +35 -23
data/lib/action_controller/metal/force_ssl.rb +0 -99
data/lib/action_dispatch/http/parameter_filter.rb +0 -86
data/lib/action_dispatch/journey/nfa/builder.rb +0 -78
data/lib/action_dispatch/journey/nfa/simulator.rb +0 -49
data/lib/action_dispatch/journey/nfa/transition_table.rb +0 -120
data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb +0 -26

data/lib/action_dispatch/journey/nfa/transition_table.rb DELETED Viewed

@@ -1,120 +0,0 @@
-# frozen_string_literal: true
-require "action_dispatch/journey/nfa/dot"
-module ActionDispatch
-  module Journey # :nodoc:
-    module NFA # :nodoc:
-      class TransitionTable # :nodoc:
-        include Journey::NFA::Dot
-        attr_accessor :accepting
-        attr_reader :memos
-        def initialize
-          @table     = Hash.new { |h, f| h[f] = {} }
-          @memos     = {}
-          @accepting = nil
-          @inverted  = nil
-        end
-        def accepting?(state)
-          accepting == state
-        end
-        def accepting_states
-          [accepting]
-        end
-        def add_memo(idx, memo)
-          @memos[idx] = memo
-        end
-        def memo(idx)
-          @memos[idx]
-        end
-        def []=(i, f, s)
-          @table[f][i] = s
-        end
-        def merge(left, right)
-          @memos[right] = @memos.delete(left)
-          @table[right] = @table.delete(left)
-        end
-        def states
-          (@table.keys + @table.values.flat_map(&:keys)).uniq
-        end
-        # Returns set of NFA states to which there is a transition on ast symbol
-        # +a+ from some state +s+ in +t+.
-        def following_states(t, a)
-          Array(t).flat_map { |s| inverted[s][a] }.uniq
-        end
-        # Returns set of NFA states to which there is a transition on ast symbol
-        # +a+ from some state +s+ in +t+.
-        def move(t, a)
-          Array(t).map { |s|
-            inverted[s].keys.compact.find_all { |sym|
-              sym === a
-            }.map { |sym| inverted[s][sym] }
-          }.flatten.uniq
-        end
-        def alphabet
-          inverted.values.flat_map(&:keys).compact.uniq.sort_by(&:to_s)
-        end
-        # Returns a set of NFA states reachable from some NFA state +s+ in set
-        # +t+ on nil-transitions alone.
-        def eclosure(t)
-          stack = Array(t)
-          seen  = {}
-          children = []
-          until stack.empty?
-            s = stack.pop
-            next if seen[s]
-            seen[s] = true
-            children << s
-            stack.concat(inverted[s][nil])
-          end
-          children.uniq
-        end
-        def transitions
-          @table.flat_map { |to, hash|
-            hash.map { |from, sym| [from, sym, to] }
-          }
-        end
-        private
-          def inverted
-            return @inverted if @inverted
-            @inverted = Hash.new { |h, from|
-              h[from] = Hash.new { |j, s| j[s] = [] }
-            }
-            @table.each { |to, hash|
-              hash.each { |from, sym|
-                if sym
-                  sym = Nodes::Symbol === sym ? sym.regexp : sym.left
-                end
-                @inverted[from][sym] << to
-              }
-            }
-            @inverted
-          end
-      end
-    end
-  end
-end

data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb DELETED Viewed

@@ -1,26 +0,0 @@
-# frozen_string_literal: true
-module ActionDispatch
-  module SystemTesting
-    module TestHelpers
-      module UndefMethods # :nodoc:
-        extend ActiveSupport::Concern
-        included do
-          METHODS = %i(get post put patch delete).freeze
-          METHODS.each do |verb|
-            undef_method verb
-          end
-          def method_missing(method, *args, &block)
-            if METHODS.include?(method)
-              raise NoMethodError, "System tests cannot make direct requests via ##{method}; use #visit and #click_on instead. See http://www.rubydoc.info/github/teamcapybara/capybara/master#The_DSL for more information."
-            else
-              super
-            end
-          end
-        end
-      end
-    end
-  end
-end