actionpack 6.0.5.1 → 6.1.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionpack might be problematic. Click here for more details.

Files changed (116) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +248 -344
  3. data/MIT-LICENSE +1 -1
  4. data/README.rdoc +1 -1
  5. data/lib/abstract_controller/base.rb +35 -2
  6. data/lib/abstract_controller/callbacks.rb +2 -2
  7. data/lib/abstract_controller/helpers.rb +105 -90
  8. data/lib/abstract_controller/rendering.rb +9 -9
  9. data/lib/abstract_controller/translation.rb +8 -2
  10. data/lib/abstract_controller.rb +1 -0
  11. data/lib/action_controller/api.rb +2 -2
  12. data/lib/action_controller/base.rb +4 -2
  13. data/lib/action_controller/caching.rb +0 -1
  14. data/lib/action_controller/log_subscriber.rb +3 -3
  15. data/lib/action_controller/metal/conditional_get.rb +10 -2
  16. data/lib/action_controller/metal/content_security_policy.rb +1 -1
  17. data/lib/action_controller/metal/cookies.rb +3 -1
  18. data/lib/action_controller/metal/data_streaming.rb +1 -1
  19. data/lib/action_controller/metal/etag_with_template_digest.rb +2 -4
  20. data/lib/action_controller/metal/exceptions.rb +33 -0
  21. data/lib/action_controller/metal/head.rb +7 -4
  22. data/lib/action_controller/metal/helpers.rb +11 -1
  23. data/lib/action_controller/metal/http_authentication.rb +5 -3
  24. data/lib/action_controller/metal/implicit_render.rb +1 -1
  25. data/lib/action_controller/metal/instrumentation.rb +11 -9
  26. data/lib/action_controller/metal/live.rb +1 -1
  27. data/lib/action_controller/metal/logging.rb +20 -0
  28. data/lib/action_controller/metal/mime_responds.rb +6 -2
  29. data/lib/action_controller/metal/parameter_encoding.rb +35 -4
  30. data/lib/action_controller/metal/params_wrapper.rb +16 -11
  31. data/lib/action_controller/metal/permissions_policy.rb +46 -0
  32. data/lib/action_controller/metal/redirecting.rb +1 -1
  33. data/lib/action_controller/metal/rendering.rb +6 -0
  34. data/lib/action_controller/metal/request_forgery_protection.rb +1 -1
  35. data/lib/action_controller/metal/rescue.rb +1 -1
  36. data/lib/action_controller/metal/strong_parameters.rb +103 -15
  37. data/lib/action_controller/metal.rb +2 -2
  38. data/lib/action_controller/renderer.rb +23 -13
  39. data/lib/action_controller/test_case.rb +62 -56
  40. data/lib/action_controller.rb +2 -3
  41. data/lib/action_dispatch/http/cache.rb +12 -10
  42. data/lib/action_dispatch/http/content_security_policy.rb +11 -0
  43. data/lib/action_dispatch/http/filter_parameters.rb +1 -1
  44. data/lib/action_dispatch/http/filter_redirect.rb +1 -1
  45. data/lib/action_dispatch/http/headers.rb +3 -2
  46. data/lib/action_dispatch/http/mime_negotiation.rb +14 -8
  47. data/lib/action_dispatch/http/mime_type.rb +29 -16
  48. data/lib/action_dispatch/http/parameters.rb +1 -19
  49. data/lib/action_dispatch/http/permissions_policy.rb +173 -0
  50. data/lib/action_dispatch/http/request.rb +24 -8
  51. data/lib/action_dispatch/http/response.rb +17 -16
  52. data/lib/action_dispatch/http/url.rb +3 -2
  53. data/lib/action_dispatch/journey/formatter.rb +53 -28
  54. data/lib/action_dispatch/journey/gtg/builder.rb +22 -36
  55. data/lib/action_dispatch/journey/gtg/simulator.rb +8 -7
  56. data/lib/action_dispatch/journey/gtg/transition_table.rb +6 -4
  57. data/lib/action_dispatch/journey/nfa/dot.rb +0 -11
  58. data/lib/action_dispatch/journey/nodes/node.rb +4 -3
  59. data/lib/action_dispatch/journey/parser.rb +13 -13
  60. data/lib/action_dispatch/journey/parser.y +1 -1
  61. data/lib/action_dispatch/journey/path/pattern.rb +13 -18
  62. data/lib/action_dispatch/journey/route.rb +7 -18
  63. data/lib/action_dispatch/journey/router/utils.rb +6 -4
  64. data/lib/action_dispatch/journey/router.rb +26 -30
  65. data/lib/action_dispatch/journey.rb +0 -2
  66. data/lib/action_dispatch/middleware/actionable_exceptions.rb +1 -1
  67. data/lib/action_dispatch/middleware/cookies.rb +67 -32
  68. data/lib/action_dispatch/middleware/debug_exceptions.rb +8 -15
  69. data/lib/action_dispatch/middleware/debug_view.rb +1 -1
  70. data/lib/action_dispatch/middleware/exception_wrapper.rb +28 -16
  71. data/lib/action_dispatch/middleware/executor.rb +1 -1
  72. data/lib/action_dispatch/middleware/host_authorization.rb +35 -35
  73. data/lib/action_dispatch/middleware/remote_ip.rb +5 -4
  74. data/lib/action_dispatch/middleware/request_id.rb +4 -5
  75. data/lib/action_dispatch/middleware/session/abstract_store.rb +2 -2
  76. data/lib/action_dispatch/middleware/session/cookie_store.rb +2 -2
  77. data/lib/action_dispatch/middleware/ssl.rb +9 -6
  78. data/lib/action_dispatch/middleware/stack.rb +18 -0
  79. data/lib/action_dispatch/middleware/static.rb +154 -93
  80. data/lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb +22 -0
  81. data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb +1 -1
  82. data/lib/action_dispatch/middleware/templates/rescues/blocked_host.text.erb +1 -1
  83. data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb +2 -5
  84. data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +2 -2
  85. data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +2 -3
  86. data/lib/action_dispatch/middleware/templates/rescues/layout.erb +100 -8
  87. data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb +1 -1
  88. data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +12 -1
  89. data/lib/action_dispatch/railtie.rb +3 -2
  90. data/lib/action_dispatch/request/session.rb +2 -8
  91. data/lib/action_dispatch/request/utils.rb +26 -2
  92. data/lib/action_dispatch/routing/inspector.rb +8 -7
  93. data/lib/action_dispatch/routing/mapper.rb +102 -71
  94. data/lib/action_dispatch/routing/polymorphic_routes.rb +16 -19
  95. data/lib/action_dispatch/routing/redirection.rb +3 -3
  96. data/lib/action_dispatch/routing/route_set.rb +49 -41
  97. data/lib/action_dispatch/system_test_case.rb +29 -24
  98. data/lib/action_dispatch/system_testing/browser.rb +33 -27
  99. data/lib/action_dispatch/system_testing/driver.rb +6 -7
  100. data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +47 -6
  101. data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +4 -7
  102. data/lib/action_dispatch/testing/assertions/response.rb +2 -4
  103. data/lib/action_dispatch/testing/assertions/routing.rb +5 -5
  104. data/lib/action_dispatch/testing/assertions.rb +1 -1
  105. data/lib/action_dispatch/testing/integration.rb +38 -27
  106. data/lib/action_dispatch/testing/test_process.rb +29 -4
  107. data/lib/action_dispatch/testing/test_request.rb +3 -3
  108. data/lib/action_dispatch.rb +3 -2
  109. data/lib/action_pack/gem_version.rb +3 -3
  110. data/lib/action_pack.rb +1 -1
  111. metadata +21 -23
  112. data/lib/action_controller/metal/force_ssl.rb +0 -58
  113. data/lib/action_dispatch/http/parameter_filter.rb +0 -12
  114. data/lib/action_dispatch/journey/nfa/builder.rb +0 -78
  115. data/lib/action_dispatch/journey/nfa/simulator.rb +0 -47
  116. data/lib/action_dispatch/journey/nfa/transition_table.rb +0 -119
@@ -1,119 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "action_dispatch/journey/nfa/dot"
4
-
5
- module ActionDispatch
6
- module Journey # :nodoc:
7
- module NFA # :nodoc:
8
- class TransitionTable # :nodoc:
9
- include Journey::NFA::Dot
10
-
11
- attr_accessor :accepting
12
- attr_reader :memos
13
-
14
- def initialize
15
- @table = Hash.new { |h, f| h[f] = {} }
16
- @memos = {}
17
- @accepting = nil
18
- @inverted = nil
19
- end
20
-
21
- def accepting?(state)
22
- accepting == state
23
- end
24
-
25
- def accepting_states
26
- [accepting]
27
- end
28
-
29
- def add_memo(idx, memo)
30
- @memos[idx] = memo
31
- end
32
-
33
- def memo(idx)
34
- @memos[idx]
35
- end
36
-
37
- def []=(i, f, s)
38
- @table[f][i] = s
39
- end
40
-
41
- def merge(left, right)
42
- @memos[right] = @memos.delete(left)
43
- @table[right] = @table.delete(left)
44
- end
45
-
46
- def states
47
- (@table.keys + @table.values.flat_map(&:keys)).uniq
48
- end
49
-
50
- # Returns set of NFA states to which there is a transition on ast symbol
51
- # +a+ from some state +s+ in +t+.
52
- def following_states(t, a)
53
- Array(t).flat_map { |s| inverted[s][a] }.uniq
54
- end
55
-
56
- # Returns set of NFA states to which there is a transition on ast symbol
57
- # +a+ from some state +s+ in +t+.
58
- def move(t, a)
59
- Array(t).map { |s|
60
- inverted[s].keys.compact.find_all { |sym|
61
- sym === a
62
- }.map { |sym| inverted[s][sym] }
63
- }.flatten.uniq
64
- end
65
-
66
- def alphabet
67
- inverted.values.flat_map(&:keys).compact.uniq.sort_by(&:to_s)
68
- end
69
-
70
- # Returns a set of NFA states reachable from some NFA state +s+ in set
71
- # +t+ on nil-transitions alone.
72
- def eclosure(t)
73
- stack = Array(t)
74
- seen = {}
75
- children = []
76
-
77
- until stack.empty?
78
- s = stack.pop
79
- next if seen[s]
80
-
81
- seen[s] = true
82
- children << s
83
-
84
- stack.concat(inverted[s][nil])
85
- end
86
-
87
- children.uniq
88
- end
89
-
90
- def transitions
91
- @table.flat_map { |to, hash|
92
- hash.map { |from, sym| [from, sym, to] }
93
- }
94
- end
95
-
96
- private
97
- def inverted
98
- return @inverted if @inverted
99
-
100
- @inverted = Hash.new { |h, from|
101
- h[from] = Hash.new { |j, s| j[s] = [] }
102
- }
103
-
104
- @table.each { |to, hash|
105
- hash.each { |from, sym|
106
- if sym
107
- sym = Nodes::Symbol === sym ? sym.regexp : sym.left
108
- end
109
-
110
- @inverted[from][sym] << to
111
- }
112
- }
113
-
114
- @inverted
115
- end
116
- end
117
- end
118
- end
119
- end