actionpack 6.0.3 → 6.1.0.rc1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionpack might be problematic. Click here for more details.

Files changed (114) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +246 -217
  3. data/MIT-LICENSE +1 -1
  4. data/lib/abstract_controller.rb +1 -0
  5. data/lib/abstract_controller/base.rb +35 -2
  6. data/lib/abstract_controller/callbacks.rb +2 -2
  7. data/lib/abstract_controller/helpers.rb +105 -90
  8. data/lib/abstract_controller/rendering.rb +9 -9
  9. data/lib/abstract_controller/translation.rb +8 -2
  10. data/lib/action_controller.rb +2 -3
  11. data/lib/action_controller/api.rb +2 -2
  12. data/lib/action_controller/base.rb +4 -2
  13. data/lib/action_controller/caching.rb +0 -1
  14. data/lib/action_controller/log_subscriber.rb +3 -3
  15. data/lib/action_controller/metal.rb +2 -2
  16. data/lib/action_controller/metal/conditional_get.rb +10 -2
  17. data/lib/action_controller/metal/content_security_policy.rb +1 -1
  18. data/lib/action_controller/metal/data_streaming.rb +1 -1
  19. data/lib/action_controller/metal/etag_with_template_digest.rb +2 -4
  20. data/lib/action_controller/metal/exceptions.rb +33 -0
  21. data/lib/action_controller/metal/feature_policy.rb +46 -0
  22. data/lib/action_controller/metal/head.rb +7 -4
  23. data/lib/action_controller/metal/helpers.rb +11 -1
  24. data/lib/action_controller/metal/http_authentication.rb +4 -2
  25. data/lib/action_controller/metal/implicit_render.rb +1 -1
  26. data/lib/action_controller/metal/instrumentation.rb +11 -9
  27. data/lib/action_controller/metal/live.rb +1 -1
  28. data/lib/action_controller/metal/logging.rb +20 -0
  29. data/lib/action_controller/metal/mime_responds.rb +6 -2
  30. data/lib/action_controller/metal/parameter_encoding.rb +35 -4
  31. data/lib/action_controller/metal/params_wrapper.rb +14 -8
  32. data/lib/action_controller/metal/redirecting.rb +1 -1
  33. data/lib/action_controller/metal/rendering.rb +6 -0
  34. data/lib/action_controller/metal/request_forgery_protection.rb +74 -30
  35. data/lib/action_controller/metal/rescue.rb +1 -1
  36. data/lib/action_controller/metal/strong_parameters.rb +107 -15
  37. data/lib/action_controller/renderer.rb +24 -13
  38. data/lib/action_controller/test_case.rb +62 -56
  39. data/lib/action_dispatch.rb +3 -2
  40. data/lib/action_dispatch/http/cache.rb +12 -10
  41. data/lib/action_dispatch/http/content_disposition.rb +2 -2
  42. data/lib/action_dispatch/http/content_security_policy.rb +5 -1
  43. data/lib/action_dispatch/http/feature_policy.rb +168 -0
  44. data/lib/action_dispatch/http/filter_parameters.rb +1 -1
  45. data/lib/action_dispatch/http/filter_redirect.rb +1 -1
  46. data/lib/action_dispatch/http/headers.rb +3 -2
  47. data/lib/action_dispatch/http/mime_negotiation.rb +20 -8
  48. data/lib/action_dispatch/http/mime_type.rb +28 -15
  49. data/lib/action_dispatch/http/parameters.rb +1 -19
  50. data/lib/action_dispatch/http/request.rb +26 -8
  51. data/lib/action_dispatch/http/response.rb +17 -16
  52. data/lib/action_dispatch/http/url.rb +3 -2
  53. data/lib/action_dispatch/journey.rb +0 -2
  54. data/lib/action_dispatch/journey/formatter.rb +53 -28
  55. data/lib/action_dispatch/journey/gtg/builder.rb +22 -36
  56. data/lib/action_dispatch/journey/gtg/simulator.rb +8 -7
  57. data/lib/action_dispatch/journey/gtg/transition_table.rb +6 -4
  58. data/lib/action_dispatch/journey/nfa/dot.rb +0 -11
  59. data/lib/action_dispatch/journey/nodes/node.rb +4 -3
  60. data/lib/action_dispatch/journey/parser.rb +13 -13
  61. data/lib/action_dispatch/journey/parser.y +1 -1
  62. data/lib/action_dispatch/journey/path/pattern.rb +13 -18
  63. data/lib/action_dispatch/journey/route.rb +7 -18
  64. data/lib/action_dispatch/journey/router.rb +26 -30
  65. data/lib/action_dispatch/journey/router/utils.rb +6 -4
  66. data/lib/action_dispatch/middleware/actionable_exceptions.rb +9 -2
  67. data/lib/action_dispatch/middleware/cookies.rb +74 -33
  68. data/lib/action_dispatch/middleware/debug_exceptions.rb +10 -17
  69. data/lib/action_dispatch/middleware/debug_view.rb +1 -1
  70. data/lib/action_dispatch/middleware/exception_wrapper.rb +29 -17
  71. data/lib/action_dispatch/middleware/host_authorization.rb +23 -3
  72. data/lib/action_dispatch/middleware/public_exceptions.rb +1 -1
  73. data/lib/action_dispatch/middleware/remote_ip.rb +5 -4
  74. data/lib/action_dispatch/middleware/request_id.rb +4 -5
  75. data/lib/action_dispatch/middleware/session/abstract_store.rb +2 -2
  76. data/lib/action_dispatch/middleware/session/cookie_store.rb +2 -2
  77. data/lib/action_dispatch/middleware/ssl.rb +9 -6
  78. data/lib/action_dispatch/middleware/stack.rb +18 -0
  79. data/lib/action_dispatch/middleware/static.rb +154 -93
  80. data/lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb +18 -0
  81. data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb +2 -5
  82. data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +2 -2
  83. data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +2 -2
  84. data/lib/action_dispatch/middleware/templates/rescues/layout.erb +88 -8
  85. data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb +1 -1
  86. data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +12 -1
  87. data/lib/action_dispatch/railtie.rb +3 -2
  88. data/lib/action_dispatch/request/session.rb +2 -8
  89. data/lib/action_dispatch/request/utils.rb +26 -2
  90. data/lib/action_dispatch/routing/inspector.rb +8 -7
  91. data/lib/action_dispatch/routing/mapper.rb +102 -71
  92. data/lib/action_dispatch/routing/polymorphic_routes.rb +12 -11
  93. data/lib/action_dispatch/routing/redirection.rb +3 -3
  94. data/lib/action_dispatch/routing/route_set.rb +49 -41
  95. data/lib/action_dispatch/routing/url_for.rb +1 -0
  96. data/lib/action_dispatch/system_test_case.rb +29 -24
  97. data/lib/action_dispatch/system_testing/browser.rb +33 -27
  98. data/lib/action_dispatch/system_testing/driver.rb +6 -7
  99. data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +47 -6
  100. data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +4 -7
  101. data/lib/action_dispatch/testing/assertions.rb +1 -1
  102. data/lib/action_dispatch/testing/assertions/response.rb +2 -4
  103. data/lib/action_dispatch/testing/assertions/routing.rb +5 -5
  104. data/lib/action_dispatch/testing/integration.rb +38 -27
  105. data/lib/action_dispatch/testing/test_process.rb +29 -4
  106. data/lib/action_dispatch/testing/test_request.rb +3 -3
  107. data/lib/action_pack.rb +1 -1
  108. data/lib/action_pack/gem_version.rb +3 -3
  109. metadata +20 -21
  110. data/lib/action_controller/metal/force_ssl.rb +0 -58
  111. data/lib/action_dispatch/http/parameter_filter.rb +0 -12
  112. data/lib/action_dispatch/journey/nfa/builder.rb +0 -78
  113. data/lib/action_dispatch/journey/nfa/simulator.rb +0 -47
  114. data/lib/action_dispatch/journey/nfa/transition_table.rb +0 -119
@@ -23,7 +23,7 @@ module ActionDispatch
23
23
  # change { file: { code: "xxxx"} }
24
24
  #
25
25
  # env["action_dispatch.parameter_filter"] = -> (k, v) do
26
- # v.reverse! if k =~ /secret/i
26
+ # v.reverse! if k.match?(/secret/i)
27
27
  # end
28
28
  # => reverses the value to all keys matching /secret/i
29
29
  module FilterParameters
@@ -27,7 +27,7 @@ module ActionDispatch
27
27
  if String === filter
28
28
  location.include?(filter)
29
29
  elsif Regexp === filter
30
- location =~ filter
30
+ location.match?(filter)
31
31
  end
32
32
  end
33
33
  end
@@ -121,8 +121,9 @@ module ActionDispatch
121
121
  def env_name(key)
122
122
  key = key.to_s
123
123
  if HTTP_HEADER.match?(key)
124
- key = key.upcase.tr("-", "_")
125
- key = "HTTP_" + key unless CGI_VARIABLES.include?(key)
124
+ key = key.upcase
125
+ key.tr!("-", "_")
126
+ key.prepend("HTTP_") unless CGI_VARIABLES.include?(key)
126
127
  end
127
128
  key
128
129
  end
@@ -7,6 +7,8 @@ module ActionDispatch
7
7
  module MimeNegotiation
8
8
  extend ActiveSupport::Concern
9
9
 
10
+ class InvalidType < ::Mime::Type::InvalidMimeType; end
11
+
10
12
  RESCUABLE_MIME_FORMAT_ERRORS = [
11
13
  ActionController::BadRequest,
12
14
  ActionDispatch::Http::Parameters::ParseError,
@@ -25,6 +27,8 @@ module ActionDispatch
25
27
  nil
26
28
  end
27
29
  set_header k, v
30
+ rescue ::Mime::Type::InvalidMimeType => e
31
+ raise InvalidType, e.message
28
32
  end
29
33
  end
30
34
 
@@ -47,6 +51,8 @@ module ActionDispatch
47
51
  Mime::Type.parse(header)
48
52
  end
49
53
  set_header k, v
54
+ rescue ::Mime::Type::InvalidMimeType => e
55
+ raise InvalidType, e.message
50
56
  end
51
57
  end
52
58
 
@@ -62,13 +68,7 @@ module ActionDispatch
62
68
 
63
69
  def formats
64
70
  fetch_header("action_dispatch.request.formats") do |k|
65
- params_readable = begin
66
- parameters[:format]
67
- rescue *RESCUABLE_MIME_FORMAT_ERRORS
68
- false
69
- end
70
-
71
- v = if params_readable
71
+ v = if params_readable?
72
72
  Array(Mime[parameters[:format]])
73
73
  elsif use_accept_header && valid_accept_header
74
74
  accepts
@@ -153,12 +153,24 @@ module ActionDispatch
153
153
  order.include?(Mime::ALL) ? format : nil
154
154
  end
155
155
 
156
+ def should_apply_vary_header?
157
+ !params_readable? && use_accept_header && valid_accept_header
158
+ end
159
+
156
160
  private
161
+ # We use normal content negotiation unless you include */* in your list,
162
+ # in which case we assume you're a browser and send HTML.
157
163
  BROWSER_LIKE_ACCEPTS = /,\s*\*\/\*|\*\/\*\s*,/
158
164
 
165
+ def params_readable? # :doc:
166
+ parameters[:format]
167
+ rescue *RESCUABLE_MIME_FORMAT_ERRORS
168
+ false
169
+ end
170
+
159
171
  def valid_accept_header # :doc:
160
172
  (xhr? && (accept.present? || content_mime_type)) ||
161
- (accept.present? && accept !~ BROWSER_LIKE_ACCEPTS)
173
+ (accept.present? && !accept.match?(BROWSER_LIKE_ACCEPTS))
162
174
  end
163
175
 
164
176
  def use_accept_header # :doc:
@@ -1,15 +1,17 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "singleton"
4
- require "active_support/core_ext/string/starts_ends_with"
4
+ require "active_support/core_ext/symbol/starts_ends_with"
5
5
 
6
6
  module Mime
7
7
  class Mimes
8
+ attr_reader :symbols
9
+
8
10
  include Enumerable
9
11
 
10
12
  def initialize
11
13
  @mimes = []
12
- @symbols = nil
14
+ @symbols = []
13
15
  end
14
16
 
15
17
  def each
@@ -18,15 +20,16 @@ module Mime
18
20
 
19
21
  def <<(type)
20
22
  @mimes << type
21
- @symbols = nil
23
+ @symbols << type.to_sym
22
24
  end
23
25
 
24
26
  def delete_if
25
- @mimes.delete_if { |x| yield x }.tap { @symbols = nil }
26
- end
27
-
28
- def symbols
29
- @symbols ||= map(&:to_sym)
27
+ @mimes.delete_if do |x|
28
+ if yield x
29
+ @symbols.delete(x.to_sym)
30
+ true
31
+ end
32
+ end
30
33
  end
31
34
  end
32
35
 
@@ -114,7 +117,7 @@ module Mime
114
117
  type = list[idx]
115
118
  break if type.q < app_xml.q
116
119
 
117
- if type.name.ends_with? "+xml"
120
+ if type.name.end_with? "+xml"
118
121
  list[app_xml_idx], list[idx] = list[idx], app_xml
119
122
  app_xml_idx = idx
120
123
  end
@@ -202,7 +205,7 @@ module Mime
202
205
  # For an input of <tt>'application'</tt>, returns <tt>[Mime[:html], Mime[:js],
203
206
  # Mime[:xml], Mime[:yaml], Mime[:atom], Mime[:json], Mime[:rss], Mime[:url_encoded_form]</tt>.
204
207
  def parse_data_with_trailing_star(type)
205
- Mime::SET.select { |m| m =~ type }
208
+ Mime::SET.select { |m| m.match?(type) }
206
209
  end
207
210
 
208
211
  # This method is opposite of register method.
@@ -283,8 +286,14 @@ module Mime
283
286
  @synonyms.any? { |synonym| synonym.to_s =~ regexp } || @string =~ regexp
284
287
  end
285
288
 
289
+ def match?(mime_type)
290
+ return false unless mime_type
291
+ regexp = Regexp.new(Regexp.quote(mime_type.to_s))
292
+ @synonyms.any? { |synonym| synonym.to_s.match?(regexp) } || @string.match?(regexp)
293
+ end
294
+
286
295
  def html?
287
- symbol == :html || @string =~ /html/
296
+ (symbol == :html) || /html/.match?(@string)
288
297
  end
289
298
 
290
299
  def all?; false; end
@@ -297,7 +306,7 @@ module Mime
297
306
  def to_a; end
298
307
 
299
308
  def method_missing(method, *args)
300
- if method.to_s.ends_with? "?"
309
+ if method.end_with?("?")
301
310
  method[0..-2].downcase.to_sym == to_sym
302
311
  else
303
312
  super
@@ -305,7 +314,7 @@ module Mime
305
314
  end
306
315
 
307
316
  def respond_to_missing?(method, include_private = false)
308
- (method.to_s.ends_with? "?") || super
317
+ method.end_with?("?") || super
309
318
  end
310
319
  end
311
320
 
@@ -332,15 +341,19 @@ module Mime
332
341
  true
333
342
  end
334
343
 
344
+ def to_s
345
+ ""
346
+ end
347
+
335
348
  def ref; end
336
349
 
337
350
  private
338
351
  def respond_to_missing?(method, _)
339
- method.to_s.ends_with? "?"
352
+ method.end_with?("?")
340
353
  end
341
354
 
342
355
  def method_missing(method, *args)
343
- false if method.to_s.ends_with? "?"
356
+ false if method.end_with?("?")
344
357
  end
345
358
  end
346
359
  end
@@ -57,7 +57,6 @@ module ActionDispatch
57
57
  query_parameters.dup
58
58
  end
59
59
  params.merge!(path_parameters)
60
- params = set_binary_encoding(params, params[:controller], params[:action])
61
60
  set_header("action_dispatch.request.parameters", params)
62
61
  params
63
62
  end
@@ -66,7 +65,7 @@ module ActionDispatch
66
65
  def path_parameters=(parameters) #:nodoc:
67
66
  delete_header("action_dispatch.request.parameters")
68
67
 
69
- parameters = set_binary_encoding(parameters, parameters[:controller], parameters[:action])
68
+ parameters = Request::Utils.set_binary_encoding(self, parameters, parameters[:controller], parameters[:action])
70
69
  # If any of the path parameters has an invalid encoding then
71
70
  # raise since it's likely to trigger errors further on.
72
71
  Request::Utils.check_param_encoding(parameters)
@@ -85,23 +84,6 @@ module ActionDispatch
85
84
  end
86
85
 
87
86
  private
88
- def set_binary_encoding(params, controller, action)
89
- return params unless controller && controller.valid_encoding?
90
-
91
- if binary_params_for?(controller, action)
92
- ActionDispatch::Request::Utils.each_param_value(params) do |param|
93
- param.force_encoding ::Encoding::ASCII_8BIT
94
- end
95
- end
96
- params
97
- end
98
-
99
- def binary_params_for?(controller, action)
100
- controller_class_for(controller).binary_params_for?(action)
101
- rescue MissingController
102
- false
103
- end
104
-
105
87
  def parse_formatted_parameters(parsers)
106
88
  return yield if content_length.zero? || content_mime_type.nil?
107
89
 
@@ -23,6 +23,7 @@ module ActionDispatch
23
23
  include ActionDispatch::Http::FilterParameters
24
24
  include ActionDispatch::Http::URL
25
25
  include ActionDispatch::ContentSecurityPolicy::Request
26
+ include ActionDispatch::FeaturePolicy::Request
26
27
  include Rack::Request::Env
27
28
 
28
29
  autoload :Session, "action_dispatch/request/session"
@@ -44,11 +45,14 @@ module ActionDispatch
44
45
  SERVER_ADDR
45
46
  ].freeze
46
47
 
48
+ # TODO: Remove SERVER_ADDR when we remove support to Rack 2.1.
49
+ # See https://github.com/rack/rack/commit/c173b188d81ee437b588c1e046a1c9f031dea550
47
50
  ENV_METHODS.each do |env|
48
51
  class_eval <<-METHOD, __FILE__, __LINE__ + 1
49
- def #{env.sub(/^HTTP_/n, '').downcase} # def accept_charset
50
- get_header "#{env}".freeze # get_header "HTTP_ACCEPT_CHARSET".freeze
51
- end # end
52
+ # frozen_string_literal: true
53
+ def #{env.delete_prefix("HTTP_").downcase} # def accept_charset
54
+ get_header "#{env}" # get_header "HTTP_ACCEPT_CHARSET"
55
+ end # end
52
56
  METHOD
53
57
  end
54
58
 
@@ -72,7 +76,7 @@ module ActionDispatch
72
76
  PASS_NOT_FOUND = Class.new { # :nodoc:
73
77
  def self.action(_); self; end
74
78
  def self.call(_); [404, { "X-Cascade" => "pass" }, []]; end
75
- def self.binary_params_for?(action); false; end
79
+ def self.action_encoding_template(action); false; end
76
80
  }
77
81
 
78
82
  def controller_class
@@ -84,7 +88,7 @@ module ActionDispatch
84
88
  def controller_class_for(name)
85
89
  if name
86
90
  controller_param = name.underscore
87
- const_name = "#{controller_param.camelize}Controller"
91
+ const_name = controller_param.camelize << "Controller"
88
92
  begin
89
93
  ActiveSupport::Dependencies.constantize(const_name)
90
94
  rescue NameError => error
@@ -133,6 +137,8 @@ module ActionDispatch
133
137
  HTTP_METHOD_LOOKUP[method] = method.underscore.to_sym
134
138
  }
135
139
 
140
+ alias raw_request_method request_method # :nodoc:
141
+
136
142
  # Returns the HTTP \method that the application should see.
137
143
  # In the case where the \method was overridden by a middleware
138
144
  # (for instance, if a HEAD request was converted to a GET,
@@ -272,7 +278,7 @@ module ActionDispatch
272
278
  # (case-insensitive), which may need to be manually added depending on the
273
279
  # choice of JavaScript libraries and frameworks.
274
280
  def xml_http_request?
275
- get_header("HTTP_X_REQUESTED_WITH") =~ /XMLHttpRequest/i
281
+ /XMLHttpRequest/i.match?(get_header("HTTP_X_REQUESTED_WITH"))
276
282
  end
277
283
  alias :xhr? :xml_http_request?
278
284
 
@@ -288,6 +294,7 @@ module ActionDispatch
288
294
  end
289
295
 
290
296
  def remote_ip=(remote_ip)
297
+ @remote_ip = nil
291
298
  set_header "action_dispatch.remote_ip", remote_ip
292
299
  end
293
300
 
@@ -329,7 +336,7 @@ module ActionDispatch
329
336
  # variable is already set, wrap it in a StringIO.
330
337
  def body
331
338
  if raw_post = get_header("RAW_POST_DATA")
332
- raw_post = raw_post.dup.force_encoding(Encoding::BINARY)
339
+ raw_post = (+raw_post).force_encoding(Encoding::BINARY)
333
340
  StringIO.new(raw_post)
334
341
  else
335
342
  body_stream
@@ -374,6 +381,9 @@ module ActionDispatch
374
381
  def GET
375
382
  fetch_header("action_dispatch.request.query_parameters") do |k|
376
383
  rack_query_params = super || {}
384
+ controller = path_parameters[:controller]
385
+ action = path_parameters[:action]
386
+ rack_query_params = Request::Utils.set_binary_encoding(self, rack_query_params, controller, action)
377
387
  # Check for non UTF-8 parameter values, which would cause errors later
378
388
  Request::Utils.check_param_encoding(rack_query_params)
379
389
  set_header k, Request::Utils.normalize_encode_params(rack_query_params)
@@ -389,6 +399,8 @@ module ActionDispatch
389
399
  pr = parse_formatted_parameters(params_parsers) do |params|
390
400
  super || {}
391
401
  end
402
+ pr = Request::Utils.set_binary_encoding(self, pr, path_parameters[:controller], path_parameters[:action])
403
+ Request::Utils.check_param_encoding(pr)
392
404
  self.request_parameters = Request::Utils.normalize_encode_params(pr)
393
405
  end
394
406
  rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
@@ -407,7 +419,7 @@ module ActionDispatch
407
419
 
408
420
  # True if the request came from localhost, 127.0.0.1, or ::1.
409
421
  def local?
410
- LOCALHOST =~ remote_addr && LOCALHOST =~ remote_ip
422
+ LOCALHOST.match?(remote_addr) && LOCALHOST.match?(remote_ip)
411
423
  end
412
424
 
413
425
  def request_parameters=(params)
@@ -426,6 +438,10 @@ module ActionDispatch
426
438
  super || scheme == "wss"
427
439
  end
428
440
 
441
+ def inspect # :nodoc:
442
+ "#<#{self.class.name} #{method} #{original_url.dump} for #{remote_ip}>"
443
+ end
444
+
429
445
  private
430
446
  def check_method(name)
431
447
  HTTP_METHOD_LOOKUP[name] || raise(ActionController::UnknownHttpMethod, "#{name}, accepted HTTP methods are #{HTTP_METHODS[0...-1].join(', ')}, and #{HTTP_METHODS[-1]}")
@@ -433,3 +449,5 @@ module ActionDispatch
433
449
  end
434
450
  end
435
451
  end
452
+
453
+ ActiveSupport.run_load_hooks :action_dispatch_request, ActionDispatch::Request
@@ -81,11 +81,22 @@ module ActionDispatch # :nodoc:
81
81
  CONTENT_TYPE = "Content-Type"
82
82
  SET_COOKIE = "Set-Cookie"
83
83
  LOCATION = "Location"
84
- NO_CONTENT_CODES = [100, 101, 102, 204, 205, 304]
84
+ NO_CONTENT_CODES = [100, 101, 102, 103, 204, 205, 304]
85
85
 
86
86
  cattr_accessor :default_charset, default: "utf-8"
87
87
  cattr_accessor :default_headers
88
- cattr_accessor :return_only_media_type_on_content_type, default: false
88
+
89
+ def self.return_only_media_type_on_content_type=(*)
90
+ ActiveSupport::Deprecation.warn(
91
+ ".return_only_media_type_on_content_type= is dreprecated with no replacement and will be removed in 6.2."
92
+ )
93
+ end
94
+
95
+ def self.return_only_media_type_on_content_type
96
+ ActiveSupport::Deprecation.warn(
97
+ ".return_only_media_type_on_content_type is dreprecated with no replacement and will be removed in 6.2."
98
+ )
99
+ end
89
100
 
90
101
  include Rack::Response::Helpers
91
102
  # Aliasing these off because AD::Http::Cache::Response defines them.
@@ -243,17 +254,7 @@ module ActionDispatch # :nodoc:
243
254
 
244
255
  # Content type of response.
245
256
  def content_type
246
- if self.class.return_only_media_type_on_content_type
247
- ActiveSupport::Deprecation.warn(
248
- "Rails 6.1 will return Content-Type header without modification." \
249
- " If you want just the MIME type, please use `#media_type` instead."
250
- )
251
-
252
- content_type = super
253
- content_type ? content_type.split(/;\s*charset=/)[0].presence : content_type
254
- else
255
- super.presence
256
- end
257
+ super.presence
257
258
  end
258
259
 
259
260
  # Media type of response.
@@ -442,8 +443,8 @@ module ActionDispatch # :nodoc:
442
443
  end
443
444
 
444
445
  def set_content_type(content_type, charset)
445
- type = (content_type || "").dup
446
- type << "; charset=#{charset.to_s.downcase}" if charset
446
+ type = content_type || ""
447
+ type = "#{type}; charset=#{charset.to_s.downcase}" if charset
447
448
  set_header CONTENT_TYPE, type
448
449
  end
449
450
 
@@ -503,7 +504,7 @@ module ActionDispatch # :nodoc:
503
504
  end
504
505
 
505
506
  def respond_to?(method, include_private = false)
506
- if method.to_s == "to_path"
507
+ if method.to_sym == :to_path
507
508
  @response.stream.respond_to?(method)
508
509
  else
509
510
  super
@@ -9,6 +9,7 @@ module ActionDispatch
9
9
  HOST_REGEXP = /(^[^:]+:\/\/)?(\[[^\]]+\]|[^:]+)(?::(\d+$))?/
10
10
  PROTOCOL_REGEXP = /^([^:]+)(:)?(\/\/)?$/
11
11
 
12
+ mattr_accessor :secure_protocol, default: false
12
13
  mattr_accessor :tld_length, default: 1
13
14
 
14
15
  class << self
@@ -133,13 +134,13 @@ module ActionDispatch
133
134
  end
134
135
 
135
136
  def named_host?(host)
136
- IP_HOST_REGEXP !~ host
137
+ !IP_HOST_REGEXP.match?(host)
137
138
  end
138
139
 
139
140
  def normalize_protocol(protocol)
140
141
  case protocol
141
142
  when nil
142
- "http://"
143
+ secure_protocol ? "https://" : "http://"
143
144
  when false, "//"
144
145
  "//"
145
146
  when PROTOCOL_REGEXP