actionpack 5.2.8.1 → 6.1.6.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actionpack might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +383 -346
- data/MIT-LICENSE +1 -2
- data/README.rdoc +4 -3
- data/lib/abstract_controller/base.rb +38 -4
- data/lib/abstract_controller/caching/fragments.rb +6 -22
- data/lib/abstract_controller/caching.rb +1 -1
- data/lib/abstract_controller/callbacks.rb +14 -2
- data/lib/abstract_controller/collector.rb +5 -4
- data/lib/abstract_controller/helpers.rb +106 -90
- data/lib/abstract_controller/railties/routes_helpers.rb +17 -1
- data/lib/abstract_controller/rendering.rb +9 -9
- data/lib/abstract_controller/translation.rb +11 -5
- data/lib/abstract_controller.rb +1 -0
- data/lib/action_controller/api.rb +4 -3
- data/lib/action_controller/base.rb +6 -9
- data/lib/action_controller/caching.rb +1 -3
- data/lib/action_controller/log_subscriber.rb +10 -7
- data/lib/action_controller/metal/basic_implicit_render.rb +1 -1
- data/lib/action_controller/metal/conditional_get.rb +19 -5
- data/lib/action_controller/metal/content_security_policy.rb +1 -2
- data/lib/action_controller/metal/cookies.rb +3 -1
- data/lib/action_controller/metal/data_streaming.rb +6 -7
- data/lib/action_controller/metal/default_headers.rb +17 -0
- data/lib/action_controller/metal/etag_with_template_digest.rb +4 -6
- data/lib/action_controller/metal/exceptions.rb +56 -2
- data/lib/action_controller/metal/flash.rb +5 -5
- data/lib/action_controller/metal/head.rb +7 -4
- data/lib/action_controller/metal/helpers.rb +14 -5
- data/lib/action_controller/metal/http_authentication.rb +25 -23
- data/lib/action_controller/metal/implicit_render.rb +5 -15
- data/lib/action_controller/metal/instrumentation.rb +13 -14
- data/lib/action_controller/metal/live.rb +39 -32
- data/lib/action_controller/metal/logging.rb +20 -0
- data/lib/action_controller/metal/mime_responds.rb +19 -4
- data/lib/action_controller/metal/parameter_encoding.rb +35 -4
- data/lib/action_controller/metal/params_wrapper.rb +32 -22
- data/lib/action_controller/metal/permissions_policy.rb +46 -0
- data/lib/action_controller/metal/redirecting.rb +6 -6
- data/lib/action_controller/metal/renderers.rb +4 -4
- data/lib/action_controller/metal/rendering.rb +8 -3
- data/lib/action_controller/metal/request_forgery_protection.rb +26 -49
- data/lib/action_controller/metal/rescue.rb +1 -1
- data/lib/action_controller/metal/streaming.rb +0 -1
- data/lib/action_controller/metal/strong_parameters.rb +168 -59
- data/lib/action_controller/metal/url_for.rb +1 -1
- data/lib/action_controller/metal.rb +10 -8
- data/lib/action_controller/railties/helpers.rb +1 -1
- data/lib/action_controller/renderer.rb +37 -13
- data/lib/action_controller/template_assertions.rb +1 -1
- data/lib/action_controller/test_case.rb +71 -63
- data/lib/action_controller.rb +7 -4
- data/lib/action_dispatch/http/cache.rb +31 -27
- data/lib/action_dispatch/http/content_disposition.rb +45 -0
- data/lib/action_dispatch/http/content_security_policy.rb +34 -18
- data/lib/action_dispatch/http/filter_parameters.rb +9 -8
- data/lib/action_dispatch/http/filter_redirect.rb +2 -3
- data/lib/action_dispatch/http/headers.rb +4 -4
- data/lib/action_dispatch/http/mime_negotiation.rb +26 -13
- data/lib/action_dispatch/http/mime_type.rb +43 -24
- data/lib/action_dispatch/http/parameters.rb +14 -23
- data/lib/action_dispatch/http/permissions_policy.rb +173 -0
- data/lib/action_dispatch/http/request.rb +45 -22
- data/lib/action_dispatch/http/response.rb +45 -25
- data/lib/action_dispatch/http/upload.rb +9 -1
- data/lib/action_dispatch/http/url.rb +82 -82
- data/lib/action_dispatch/journey/formatter.rb +55 -31
- data/lib/action_dispatch/journey/gtg/builder.rb +22 -37
- data/lib/action_dispatch/journey/gtg/simulator.rb +8 -7
- data/lib/action_dispatch/journey/gtg/transition_table.rb +6 -5
- data/lib/action_dispatch/journey/nfa/dot.rb +0 -11
- data/lib/action_dispatch/journey/nodes/node.rb +13 -11
- data/lib/action_dispatch/journey/parser.rb +13 -13
- data/lib/action_dispatch/journey/parser.y +1 -1
- data/lib/action_dispatch/journey/path/pattern.rb +19 -21
- data/lib/action_dispatch/journey/route.rb +10 -20
- data/lib/action_dispatch/journey/router/utils.rb +14 -12
- data/lib/action_dispatch/journey/router.rb +26 -34
- data/lib/action_dispatch/journey/routes.rb +0 -2
- data/lib/action_dispatch/journey/scanner.rb +10 -4
- data/lib/action_dispatch/journey/visitors.rb +1 -4
- data/lib/action_dispatch/journey.rb +0 -2
- data/lib/action_dispatch/middleware/actionable_exceptions.rb +46 -0
- data/lib/action_dispatch/middleware/callbacks.rb +2 -4
- data/lib/action_dispatch/middleware/cookies.rb +128 -109
- data/lib/action_dispatch/middleware/debug_exceptions.rb +43 -66
- data/lib/action_dispatch/middleware/debug_locks.rb +5 -5
- data/lib/action_dispatch/middleware/debug_view.rb +66 -0
- data/lib/action_dispatch/middleware/exception_wrapper.rb +75 -30
- data/lib/action_dispatch/middleware/flash.rb +1 -1
- data/lib/action_dispatch/middleware/host_authorization.rb +170 -0
- data/lib/action_dispatch/middleware/public_exceptions.rb +6 -3
- data/lib/action_dispatch/middleware/remote_ip.rb +14 -16
- data/lib/action_dispatch/middleware/request_id.rb +5 -6
- data/lib/action_dispatch/middleware/session/abstract_store.rb +2 -3
- data/lib/action_dispatch/middleware/session/cookie_store.rb +3 -9
- data/lib/action_dispatch/middleware/show_exceptions.rb +13 -2
- data/lib/action_dispatch/middleware/ssl.rb +20 -15
- data/lib/action_dispatch/middleware/stack.rb +56 -2
- data/lib/action_dispatch/middleware/static.rb +153 -93
- data/lib/action_dispatch/middleware/templates/rescues/_actions.html.erb +13 -0
- data/lib/action_dispatch/middleware/templates/rescues/_actions.text.erb +0 -0
- data/lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb +22 -0
- data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +3 -1
- data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.text.erb +1 -1
- data/lib/action_dispatch/middleware/templates/rescues/_source.html.erb +4 -2
- data/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb +45 -35
- data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb +7 -0
- data/lib/action_dispatch/middleware/templates/rescues/blocked_host.text.erb +5 -0
- data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb +23 -4
- data/lib/action_dispatch/middleware/templates/rescues/diagnostics.text.erb +1 -1
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +6 -3
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +4 -1
- data/lib/action_dispatch/middleware/templates/rescues/layout.erb +104 -8
- data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.html.erb +19 -0
- data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.text.erb +3 -0
- data/lib/action_dispatch/middleware/templates/rescues/missing_template.html.erb +2 -2
- data/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb +1 -1
- data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +2 -2
- data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb +1 -1
- data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +24 -1
- data/lib/action_dispatch/railtie.rb +8 -2
- data/lib/action_dispatch/request/session.rb +11 -10
- data/lib/action_dispatch/request/utils.rb +26 -2
- data/lib/action_dispatch/routing/inspector.rb +100 -52
- data/lib/action_dispatch/routing/mapper.rb +155 -103
- data/lib/action_dispatch/routing/polymorphic_routes.rb +13 -15
- data/lib/action_dispatch/routing/redirection.rb +4 -4
- data/lib/action_dispatch/routing/route_set.rb +71 -69
- data/lib/action_dispatch/routing/url_for.rb +2 -2
- data/lib/action_dispatch/routing.rb +21 -20
- data/lib/action_dispatch/system_test_case.rb +60 -11
- data/lib/action_dispatch/system_testing/browser.rb +53 -16
- data/lib/action_dispatch/system_testing/driver.rb +11 -3
- data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +49 -7
- data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +8 -10
- data/lib/action_dispatch/testing/assertion_response.rb +0 -1
- data/lib/action_dispatch/testing/assertions/response.rb +4 -7
- data/lib/action_dispatch/testing/assertions/routing.rb +20 -8
- data/lib/action_dispatch/testing/assertions.rb +1 -1
- data/lib/action_dispatch/testing/integration.rb +60 -28
- data/lib/action_dispatch/testing/request_encoder.rb +2 -2
- data/lib/action_dispatch/testing/test_process.rb +32 -4
- data/lib/action_dispatch/testing/test_request.rb +3 -3
- data/lib/action_dispatch/testing/test_response.rb +4 -32
- data/lib/action_dispatch.rb +9 -3
- data/lib/action_pack/gem_version.rb +3 -3
- data/lib/action_pack.rb +1 -1
- metadata +34 -21
- data/lib/action_controller/metal/force_ssl.rb +0 -99
- data/lib/action_dispatch/http/parameter_filter.rb +0 -86
- data/lib/action_dispatch/journey/nfa/builder.rb +0 -78
- data/lib/action_dispatch/journey/nfa/simulator.rb +0 -49
- data/lib/action_dispatch/journey/nfa/transition_table.rb +0 -120
- data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb +0 -26
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require "delegate"
|
4
|
-
require "
|
4
|
+
require "io/console/size"
|
5
5
|
|
6
6
|
module ActionDispatch
|
7
7
|
module Routing
|
@@ -53,7 +53,7 @@ module ActionDispatch
|
|
53
53
|
|
54
54
|
##
|
55
55
|
# This class is just used for displaying route information when someone
|
56
|
-
# executes `rails routes` or looks at the RoutingError page.
|
56
|
+
# executes `bin/rails routes` or looks at the RoutingError page.
|
57
57
|
# People should not use this class.
|
58
58
|
class RoutesInspector # :nodoc:
|
59
59
|
def initialize(routes)
|
@@ -61,11 +61,11 @@ module ActionDispatch
|
|
61
61
|
@routes = routes
|
62
62
|
end
|
63
63
|
|
64
|
-
def format(formatter, filter =
|
64
|
+
def format(formatter, filter = {})
|
65
65
|
routes_to_display = filter_routes(normalize_filter(filter))
|
66
66
|
routes = collect_routes(routes_to_display)
|
67
67
|
if routes.none?
|
68
|
-
formatter.no_routes(collect_routes(@routes))
|
68
|
+
formatter.no_routes(collect_routes(@routes), filter)
|
69
69
|
return formatter.result
|
70
70
|
end
|
71
71
|
|
@@ -81,12 +81,12 @@ module ActionDispatch
|
|
81
81
|
end
|
82
82
|
|
83
83
|
private
|
84
|
-
|
85
84
|
def normalize_filter(filter)
|
86
|
-
if filter
|
85
|
+
if filter[:controller]
|
87
86
|
{ controller: /#{filter[:controller].underscore.sub(/_?controller\z/, "")}/ }
|
88
|
-
elsif filter
|
89
|
-
{ controller: /#{filter}/, action: /#{filter
|
87
|
+
elsif filter[:grep]
|
88
|
+
{ controller: /#{filter[:grep]}/, action: /#{filter[:grep]}/,
|
89
|
+
verb: /#{filter[:grep]}/, name: /#{filter[:grep]}/, path: /#{filter[:grep]}/ }
|
90
90
|
end
|
91
91
|
end
|
92
92
|
|
@@ -94,7 +94,7 @@ module ActionDispatch
|
|
94
94
|
if filter
|
95
95
|
@routes.select do |route|
|
96
96
|
route_wrapper = RouteWrapper.new(route)
|
97
|
-
filter.any? { |default, value| route_wrapper.send(default)
|
97
|
+
filter.any? { |default, value| value.match?(route_wrapper.send(default)) }
|
98
98
|
end
|
99
99
|
else
|
100
100
|
@routes
|
@@ -126,62 +126,110 @@ module ActionDispatch
|
|
126
126
|
end
|
127
127
|
end
|
128
128
|
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
129
|
+
module ConsoleFormatter
|
130
|
+
class Base
|
131
|
+
def initialize
|
132
|
+
@buffer = []
|
133
|
+
end
|
133
134
|
|
134
|
-
|
135
|
-
|
136
|
-
|
135
|
+
def result
|
136
|
+
@buffer.join("\n")
|
137
|
+
end
|
137
138
|
|
138
|
-
|
139
|
-
|
140
|
-
end
|
139
|
+
def section_title(title)
|
140
|
+
end
|
141
141
|
|
142
|
-
|
143
|
-
|
144
|
-
end
|
142
|
+
def section(routes)
|
143
|
+
end
|
145
144
|
|
146
|
-
|
147
|
-
|
148
|
-
end
|
145
|
+
def header(routes)
|
146
|
+
end
|
149
147
|
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
148
|
+
def no_routes(routes, filter)
|
149
|
+
@buffer <<
|
150
|
+
if routes.none?
|
151
|
+
<<~MESSAGE
|
152
|
+
You don't have any routes defined!
|
153
|
+
|
154
|
+
Please add some routes in config/routes.rb.
|
155
|
+
MESSAGE
|
156
|
+
elsif filter.key?(:controller)
|
157
|
+
"No routes were found for this controller."
|
158
|
+
elsif filter.key?(:grep)
|
159
|
+
"No routes were found for this grep pattern."
|
160
|
+
end
|
155
161
|
|
156
|
-
|
157
|
-
MESSAGE
|
158
|
-
else
|
159
|
-
"No routes were found for this controller"
|
162
|
+
@buffer << "For more information about routes, see the Rails guide: https://guides.rubyonrails.org/routing.html."
|
160
163
|
end
|
161
|
-
@buffer << "For more information about routes, see the Rails guide: http://guides.rubyonrails.org/routing.html."
|
162
164
|
end
|
163
165
|
|
164
|
-
|
165
|
-
def
|
166
|
-
|
167
|
-
|
166
|
+
class Sheet < Base
|
167
|
+
def section_title(title)
|
168
|
+
@buffer << "\n#{title}:"
|
169
|
+
end
|
168
170
|
|
169
|
-
|
170
|
-
|
171
|
-
|
171
|
+
def section(routes)
|
172
|
+
@buffer << draw_section(routes)
|
173
|
+
end
|
174
|
+
|
175
|
+
def header(routes)
|
176
|
+
@buffer << draw_header(routes)
|
172
177
|
end
|
173
178
|
|
174
|
-
|
175
|
-
|
179
|
+
private
|
180
|
+
def draw_section(routes)
|
181
|
+
header_lengths = ["Prefix", "Verb", "URI Pattern"].map(&:length)
|
182
|
+
name_width, verb_width, path_width = widths(routes).zip(header_lengths).map(&:max)
|
183
|
+
|
184
|
+
routes.map do |r|
|
185
|
+
"#{r[:name].rjust(name_width)} #{r[:verb].ljust(verb_width)} #{r[:path].ljust(path_width)} #{r[:reqs]}"
|
186
|
+
end
|
187
|
+
end
|
188
|
+
|
189
|
+
def draw_header(routes)
|
190
|
+
name_width, verb_width, path_width = widths(routes)
|
191
|
+
|
192
|
+
"#{"Prefix".rjust(name_width)} #{"Verb".ljust(verb_width)} #{"URI Pattern".ljust(path_width)} Controller#Action"
|
193
|
+
end
|
194
|
+
|
195
|
+
def widths(routes)
|
196
|
+
[routes.map { |r| r[:name].length }.max || 0,
|
197
|
+
routes.map { |r| r[:verb].length }.max || 0,
|
198
|
+
routes.map { |r| r[:path].length }.max || 0]
|
199
|
+
end
|
200
|
+
end
|
176
201
|
|
177
|
-
|
202
|
+
class Expanded < Base
|
203
|
+
def initialize(width: IO.console_size[1])
|
204
|
+
@width = width
|
205
|
+
super()
|
178
206
|
end
|
179
207
|
|
180
|
-
def
|
181
|
-
[
|
182
|
-
routes.map { |r| r[:verb].length }.max || 0,
|
183
|
-
routes.map { |r| r[:path].length }.max || 0]
|
208
|
+
def section_title(title)
|
209
|
+
@buffer << "\n#{"[ #{title} ]"}"
|
184
210
|
end
|
211
|
+
|
212
|
+
def section(routes)
|
213
|
+
@buffer << draw_expanded_section(routes)
|
214
|
+
end
|
215
|
+
|
216
|
+
private
|
217
|
+
def draw_expanded_section(routes)
|
218
|
+
routes.map.each_with_index do |r, i|
|
219
|
+
<<~MESSAGE.chomp
|
220
|
+
#{route_header(index: i + 1)}
|
221
|
+
Prefix | #{r[:name]}
|
222
|
+
Verb | #{r[:verb]}
|
223
|
+
URI | #{r[:path]}
|
224
|
+
Controller#Action | #{r[:reqs]}
|
225
|
+
MESSAGE
|
226
|
+
end
|
227
|
+
end
|
228
|
+
|
229
|
+
def route_header(index:)
|
230
|
+
"--[ Route #{index} ]".ljust(@width, "-")
|
231
|
+
end
|
232
|
+
end
|
185
233
|
end
|
186
234
|
|
187
235
|
class HtmlTableFormatter
|
@@ -203,16 +251,16 @@ module ActionDispatch
|
|
203
251
|
end
|
204
252
|
|
205
253
|
def no_routes(*)
|
206
|
-
@buffer <<
|
254
|
+
@buffer << <<~MESSAGE
|
207
255
|
<p>You don't have any routes defined!</p>
|
208
256
|
<ul>
|
209
257
|
<li>Please add some routes in <tt>config/routes.rb</tt>.</li>
|
210
258
|
<li>
|
211
259
|
For more information about routes, please see the Rails guide
|
212
|
-
<a href="
|
260
|
+
<a href="https://guides.rubyonrails.org/routing.html">Rails Routing from the Outside In</a>.
|
213
261
|
</li>
|
214
262
|
</ul>
|
215
|
-
|
263
|
+
MESSAGE
|
216
264
|
end
|
217
265
|
|
218
266
|
def result
|