actionpack 6.0.5.1 → 6.1.7.1

data/lib/action_dispatch/testing/integration.rb

@@ -2,8 +2,6 @@
 
 require "stringio"
 require "uri"
-require "active_support/core_ext/kernel/singleton_class"
-require "active_support/core_ext/object/try"
 require "rack/test"
 require "minitest"
 
@@ -48,13 +46,29 @@ module ActionDispatch
         process(:head, path, **args)
       end
 
+      # Performs an OPTIONS request with the given parameters. See ActionDispatch::Integration::Session#process
+      # for more details.
+      def options(path, **args)
+        process(:options, path, **args)
+      end
+
       # Follow a single redirect response. If the last response was not a
       # redirect, an exception will be raised. Otherwise, the redirect is
-      # performed on the location header. Any arguments are passed to the
-      # underlying call to `get`.
+      # performed on the location header. If the redirection is a 307 or 308 redirect,
+      # the same HTTP verb will be used when redirecting, otherwise a GET request
+      # will be performed. Any arguments are passed to the
+      # underlying request.
       def follow_redirect!(**args)
         raise "not a redirect! #{status} #{status_message}" unless redirect?
-        get(response.location, **args)
+
+        method =
+          if [307, 308].include?(response.status)
+            request.method.downcase
+          else
+            :get
+          end
+
+        public_send(method, response.location, **args)
         status
       end
     end
@@ -73,13 +87,8 @@ module ActionDispatch
       include Minitest::Assertions
       include TestProcess, RequestHelpers, Assertions
 
-      %w( status status_message headers body redirect? ).each do |method|
-        delegate method, to: :response, allow_nil: true
-      end
-
-      %w( path ).each do |method|
-        delegate method, to: :request, allow_nil: true
-      end
+      delegate :status, :status_message, :headers, :body, :redirect?, to: :response, allow_nil: true
+      delegate :path, to: :request, allow_nil: true
 
       # The hostname used in the last request.
       def host
@@ -123,7 +132,7 @@ module ActionDispatch
 
       def url_options
         @url_options ||= default_url_options.dup.tap do |url_options|
-          url_options.reverse_merge!(controller.url_options) if controller
+          url_options.reverse_merge!(controller.url_options) if controller.respond_to?(:url_options)
 
           if @app.respond_to?(:routes)
             url_options.reverse_merge!(@app.routes.default_url_options)
@@ -190,11 +199,11 @@ module ActionDispatch
       #   merged into the Rack env hash.
       # - +env+: Additional env to pass, as a Hash. The headers will be
       #   merged into the Rack env hash.
-      # - +xhr+: Set to `true` if you want to make and Ajax request.
+      # - +xhr+: Set to +true+ if you want to make and Ajax request.
       #   Adds request headers characteristic of XMLHttpRequest e.g. HTTP_X_REQUESTED_WITH.
       #   The headers will be merged into the Rack env hash.
       # - +as+: Used for encoding the request with different content type.
-      #   Supports `:json` by default and will set the appropriate request headers.
+      #   Supports +:json+ by default and will set the appropriate request headers.
       #   The headers will be merged into the Rack env hash.
       #
       # This method is rarely used directly. Use +#get+, +#post+, or other standard
@@ -349,20 +358,22 @@ module ActionDispatch
       end
 
       %w(get post patch put head delete cookies assigns follow_redirect!).each do |method|
-        define_method(method) do |*args, **options|
-          # reset the html_document variable, except for cookies/assigns calls
-          unless method == "cookies" || method == "assigns"
-            @html_document = nil
-          end
+        # reset the html_document variable, except for cookies/assigns calls
+        unless method == "cookies" || method == "assigns"
+          reset_html_document = "@html_document = nil"
+        end
 
-          result = if options.any?
-            integration_session.__send__(method, *args, **options)
-          else
-            integration_session.__send__(method, *args)
+        definition = RUBY_VERSION >= "2.7" ? "..." : "*args"
+
+        module_eval <<~RUBY, __FILE__, __LINE__ + 1
+          def #{method}(#{definition})
+            #{reset_html_document}
+
+            result = integration_session.#{method}(#{definition})
+            copy_session_variables!
+            result
           end
-          copy_session_variables!
-          result
-        end
+        RUBY
       end
 
       # Open a new session instance. If a block is given, the new session is
@@ -506,7 +517,7 @@ module ActionDispatch
   #
   # A simple integration test that exercises multiple controllers:
   #
-  #   require 'test_helper'
+  #   require "test_helper"
   #
   #   class UserFlowsTest < ActionDispatch::IntegrationTest
   #     test "login and browse site" do
@@ -535,7 +546,7 @@ module ActionDispatch
   #
   # Here's an example of multiple sessions and custom DSL in an integration test
   #
-  #   require 'test_helper'
+  #   require "test_helper"
   #
   #   class UserFlowsTest < ActionDispatch::IntegrationTest
   #     test "login and browse site" do

data/lib/action_dispatch/testing/test_process.rb

@@ -6,19 +6,47 @@ require "action_dispatch/middleware/flash"
 module ActionDispatch
   module TestProcess
     module FixtureFile
-      # Shortcut for <tt>Rack::Test::UploadedFile.new(File.join(ActionDispatch::IntegrationTest.fixture_path, path), type)</tt>:
+      # Shortcut for <tt>Rack::Test::UploadedFile.new(File.join(ActionDispatch::IntegrationTest.file_fixture_path, path), type)</tt>:
       #
-      #   post :change_avatar, params: { avatar: fixture_file_upload('files/spongebob.png', 'image/png') }
+      #   post :change_avatar, params: { avatar: fixture_file_upload('spongebob.png', 'image/png') }
+      #
+      # Default fixture files location is <tt>test/fixtures/files</tt>.
       #
       # To upload binary files on Windows, pass <tt>:binary</tt> as the last parameter.
       # This will not affect other platforms:
       #
-      #   post :change_avatar, params: { avatar: fixture_file_upload('files/spongebob.png', 'image/png', :binary) }
+      #   post :change_avatar, params: { avatar: fixture_file_upload('spongebob.png', 'image/png', :binary) }
       def fixture_file_upload(path, mime_type = nil, binary = false)
         if self.class.respond_to?(:fixture_path) && self.class.fixture_path &&
             !File.exist?(path)
-          path = File.join(self.class.fixture_path, path)
+          original_path = path
+          path = Pathname.new(self.class.fixture_path).join(path)
+
+          if !self.class.file_fixture_path
+            ActiveSupport::Deprecation.warn(<<~EOM)
+              Passing a path to `fixture_file_upload` relative to `fixture_path` is deprecated.
+              In Rails 7.0, the path needs to be relative to `file_fixture_path` which you
+              haven't set yet. Set `file_fixture_path` to discard this warning.
+            EOM
+          elsif path.exist?
+            non_deprecated_path = Pathname(File.absolute_path(path)).relative_path_from(Pathname(File.absolute_path(self.class.file_fixture_path)))
+
+            if Pathname(original_path) != non_deprecated_path
+              ActiveSupport::Deprecation.warn(<<~EOM)
+                Passing a path to `fixture_file_upload` relative to `fixture_path` is deprecated.
+                In Rails 7.0, the path needs to be relative to `file_fixture_path`.
+
+                Please modify the call from
+                `fixture_file_upload("#{original_path}")` to `fixture_file_upload("#{non_deprecated_path}")`.
+              EOM
+            end
+          else
+            path = file_fixture(original_path)
+          end
+        elsif self.class.file_fixture_path && !File.exist?(path)
+          path = file_fixture(path)
         end
+
         Rack::Test::UploadedFile.new(path, mime_type, binary)
       end
     end

data/lib/action_dispatch/testing/test_request.rb

@@ -6,9 +6,9 @@ require "rack/utils"
 module ActionDispatch
   class TestRequest < Request
     DEFAULT_ENV = Rack::MockRequest.env_for("/",
-      "HTTP_HOST"                => "test.host",
-      "REMOTE_ADDR"              => "0.0.0.0",
-      "HTTP_USER_AGENT"          => "Rails Testing",
+      "HTTP_HOST"                => "test.host".b,
+      "REMOTE_ADDR"              => "0.0.0.0".b,
+      "HTTP_USER_AGENT"          => "Rails Testing".b,
     )
 
     # Create a new test request with default +env+ values.

data/lib/action_dispatch.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 #--
-# Copyright (c) 2004-2019 David Heinemeier Hansson
+# Copyright (c) 2004-2022 David Heinemeier Hansson
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the
@@ -46,6 +46,7 @@ module ActionDispatch
   eager_autoload do
     autoload_under "http" do
       autoload :ContentSecurityPolicy
+      autoload :PermissionsPolicy
       autoload :Request
       autoload :Response
     end
@@ -82,7 +83,6 @@ module ActionDispatch
     autoload :Headers
     autoload :MimeNegotiation
     autoload :Parameters
-    autoload :ParameterFilter
     autoload :UploadedFile, "action_dispatch/http/upload"
     autoload :URL
   end
@@ -115,4 +115,5 @@ autoload :Mime, "action_dispatch/http/mime_type"
 ActiveSupport.on_load(:action_view) do
   ActionView::Base.default_formats ||= Mime::SET.symbols
   ActionView::Template::Types.delegate_to Mime
+  ActionView::LookupContext::DetailsKey.clear
 end

data/lib/action_pack/gem_version.rb

@@ -8,8 +8,8 @@ module ActionPack
 
   module VERSION
     MAJOR = 6
-    MINOR = 0
-    TINY  = 5
+    MINOR = 1
+    TINY  = 7
     PRE   = "1"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")

data/lib/action_pack.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 #--
-# Copyright (c) 2004-2019 David Heinemeier Hansson
+# Copyright (c) 2004-2022 David Heinemeier Hansson
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: actionpack
 version: !ruby/object:Gem::Version
-  version: 6.0.5.1
+  version: 6.1.7.1
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-07-12 00:00:00.000000000 Z
+date: 2023-01-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.5.1
+        version: 6.1.7.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.5.1
+        version: 6.1.7.1
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
@@ -33,7 +33,7 @@ dependencies:
         version: '2.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.8
+        version: 2.0.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -43,7 +43,7 @@ dependencies:
         version: '2.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.8
+        version: 2.0.9
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -98,28 +98,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.5.1
+        version: 6.1.7.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.5.1
+        version: 6.1.7.1
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.5.1
+        version: 6.1.7.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.5.1
+        version: 6.1.7.1
 description: Web apps on Rails. Simple, battle-tested conventions for building and
   testing MVC web applications. Works with any Rack-compatible server.
 email: david@loudthinking.com
@@ -162,16 +162,17 @@ files:
 - lib/action_controller/metal/etag_with_template_digest.rb
 - lib/action_controller/metal/exceptions.rb
 - lib/action_controller/metal/flash.rb
-- lib/action_controller/metal/force_ssl.rb
 - lib/action_controller/metal/head.rb
 - lib/action_controller/metal/helpers.rb
 - lib/action_controller/metal/http_authentication.rb
 - lib/action_controller/metal/implicit_render.rb
 - lib/action_controller/metal/instrumentation.rb
 - lib/action_controller/metal/live.rb
+- lib/action_controller/metal/logging.rb
 - lib/action_controller/metal/mime_responds.rb
 - lib/action_controller/metal/parameter_encoding.rb
 - lib/action_controller/metal/params_wrapper.rb
+- lib/action_controller/metal/permissions_policy.rb
 - lib/action_controller/metal/redirecting.rb
 - lib/action_controller/metal/renderers.rb
 - lib/action_controller/metal/rendering.rb
@@ -196,8 +197,8 @@ files:
 - lib/action_dispatch/http/mime_negotiation.rb
 - lib/action_dispatch/http/mime_type.rb
 - lib/action_dispatch/http/mime_types.rb
-- lib/action_dispatch/http/parameter_filter.rb
 - lib/action_dispatch/http/parameters.rb
+- lib/action_dispatch/http/permissions_policy.rb
 - lib/action_dispatch/http/rack_cache.rb
 - lib/action_dispatch/http/request.rb
 - lib/action_dispatch/http/response.rb
@@ -208,10 +209,7 @@ files:
 - lib/action_dispatch/journey/gtg/builder.rb
 - lib/action_dispatch/journey/gtg/simulator.rb
 - lib/action_dispatch/journey/gtg/transition_table.rb
-- lib/action_dispatch/journey/nfa/builder.rb
 - lib/action_dispatch/journey/nfa/dot.rb
-- lib/action_dispatch/journey/nfa/simulator.rb
-- lib/action_dispatch/journey/nfa/transition_table.rb
 - lib/action_dispatch/journey/nodes/node.rb
 - lib/action_dispatch/journey/parser.rb
 - lib/action_dispatch/journey/parser.y
@@ -250,6 +248,7 @@ files:
 - lib/action_dispatch/middleware/static.rb
 - lib/action_dispatch/middleware/templates/rescues/_actions.html.erb
 - lib/action_dispatch/middleware/templates/rescues/_actions.text.erb
+- lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb
 - lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb
 - lib/action_dispatch/middleware/templates/rescues/_request_and_response.text.erb
 - lib/action_dispatch/middleware/templates/rescues/_source.html.erb
@@ -310,10 +309,10 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/rails/rails/issues
-  changelog_uri: https://github.com/rails/rails/blob/v6.0.5.1/actionpack/CHANGELOG.md
-  documentation_uri: https://api.rubyonrails.org/v6.0.5.1/
+  changelog_uri: https://github.com/rails/rails/blob/v6.1.7.1/actionpack/CHANGELOG.md
+  documentation_uri: https://api.rubyonrails.org/v6.1.7.1/
   mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
-  source_code_uri: https://github.com/rails/rails/tree/v6.0.5.1/actionpack
+  source_code_uri: https://github.com/rails/rails/tree/v6.1.7.1/actionpack
   rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
@@ -331,7 +330,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements:
 - none
-rubygems_version: 3.3.3
+rubygems_version: 3.4.3
 signing_key:
 specification_version: 4
 summary: Web-flow and rendering framework putting the VC in MVC (part of Rails).

data/lib/action_controller/metal/force_ssl.rb

@@ -1,58 +0,0 @@
-# frozen_string_literal: true
-
-require "active_support/core_ext/hash/except"
-require "active_support/core_ext/hash/slice"
-
-module ActionController
-  # This module is deprecated in favor of +config.force_ssl+ in your environment
-  # config file. This will ensure all endpoints not explicitly marked otherwise
-  # will have all communication served over HTTPS.
-  module ForceSSL # :nodoc:
-    extend ActiveSupport::Concern
-    include AbstractController::Callbacks
-
-    ACTION_OPTIONS = [:only, :except, :if, :unless]
-    URL_OPTIONS = [:protocol, :host, :domain, :subdomain, :port, :path]
-    REDIRECT_OPTIONS = [:status, :flash, :alert, :notice]
-
-    module ClassMethods # :nodoc:
-      def force_ssl(options = {})
-        ActiveSupport::Deprecation.warn(<<-MESSAGE.squish)
-          Controller-level `force_ssl` is deprecated and will be removed from
-          Rails 6.1. Please enable `config.force_ssl` in your environment
-          configuration to enable the ActionDispatch::SSL middleware to more
-          fully enforce that your application communicate over HTTPS. If needed,
-          you can use `config.ssl_options` to exempt matching endpoints from
-          being redirected to HTTPS.
-        MESSAGE
-
-        action_options = options.slice(*ACTION_OPTIONS)
-        redirect_options = options.except(*ACTION_OPTIONS)
-        before_action(action_options) do
-          force_ssl_redirect(redirect_options)
-        end
-      end
-    end
-
-    def force_ssl_redirect(host_or_options = nil)
-      unless request.ssl?
-        options = {
-          protocol: "https://",
-          host: request.host,
-          path: request.fullpath,
-          status: :moved_permanently,
-        }
-
-        if host_or_options.is_a?(Hash)
-          options.merge!(host_or_options)
-        elsif host_or_options
-          options[:host] = host_or_options
-        end
-
-        secure_url = ActionDispatch::Http::URL.url_for(options.slice(*URL_OPTIONS))
-        flash.keep if respond_to?(:flash) && request.respond_to?(:flash)
-        redirect_to secure_url, options.slice(*REDIRECT_OPTIONS)
-      end
-    end
-  end
-end

data/lib/action_dispatch/http/parameter_filter.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-require "active_support/deprecation/constant_accessor"
-require "active_support/parameter_filter"
-
-module ActionDispatch
-  module Http
-    include ActiveSupport::Deprecation::DeprecatedConstantAccessor
-    deprecate_constant "ParameterFilter", "ActiveSupport::ParameterFilter",
-      message: "ActionDispatch::Http::ParameterFilter is deprecated and will be removed from Rails 6.1. Use ActiveSupport::ParameterFilter instead."
-  end
-end

data/lib/action_dispatch/journey/nfa/builder.rb

@@ -1,78 +0,0 @@
-# frozen_string_literal: true
-
-require "action_dispatch/journey/nfa/transition_table"
-require "action_dispatch/journey/gtg/transition_table"
-
-module ActionDispatch
-  module Journey # :nodoc:
-    module NFA # :nodoc:
-      class Visitor < Visitors::Visitor # :nodoc:
-        def initialize(tt)
-          @tt = tt
-          @i  = -1
-        end
-
-        def visit_CAT(node)
-          left  = visit(node.left)
-          right = visit(node.right)
-
-          @tt.merge(left.last, right.first)
-
-          [left.first, right.last]
-        end
-
-        def visit_GROUP(node)
-          from  = @i += 1
-          left  = visit(node.left)
-          to    = @i += 1
-
-          @tt.accepting = to
-
-          @tt[from, left.first] = nil
-          @tt[left.last, to] = nil
-          @tt[from, to] = nil
-
-          [from, to]
-        end
-
-        def visit_OR(node)
-          from = @i += 1
-          children = node.children.map { |c| visit(c) }
-          to = @i += 1
-
-          children.each do |child|
-            @tt[from, child.first] = nil
-            @tt[child.last, to]    = nil
-          end
-
-          @tt.accepting = to
-
-          [from, to]
-        end
-
-        def terminal(node)
-          from_i = @i += 1 # new state
-          to_i   = @i += 1 # new state
-
-          @tt[from_i, to_i] = node
-          @tt.accepting = to_i
-          @tt.add_memo(to_i, node.memo)
-
-          [from_i, to_i]
-        end
-      end
-
-      class Builder # :nodoc:
-        def initialize(ast)
-          @ast = ast
-        end
-
-        def transition_table
-          tt = TransitionTable.new
-          Visitor.new(tt).accept(@ast)
-          tt
-        end
-      end
-    end
-  end
-end

data/lib/action_dispatch/journey/nfa/simulator.rb

@@ -1,47 +0,0 @@
-# frozen_string_literal: true
-
-require "strscan"
-
-module ActionDispatch
-  module Journey # :nodoc:
-    module NFA # :nodoc:
-      class MatchData # :nodoc:
-        attr_reader :memos
-
-        def initialize(memos)
-          @memos = memos
-        end
-      end
-
-      class Simulator # :nodoc:
-        attr_reader :tt
-
-        def initialize(transition_table)
-          @tt = transition_table
-        end
-
-        def simulate(string)
-          input = StringScanner.new(string)
-          state = tt.eclosure(0)
-          until input.eos?
-            sym   = input.scan(%r([/.?]|[^/.?]+))
-            state = tt.eclosure(tt.move(state, sym))
-          end
-
-          acceptance_states = state.find_all { |s|
-            tt.accepting?(tt.eclosure(s).sort.last)
-          }
-
-          return if acceptance_states.empty?
-
-          memos = acceptance_states.flat_map { |x| tt.memo(x) }.compact
-
-          MatchData.new(memos)
-        end
-
-        alias :=~    :simulate
-        alias :match :simulate
-      end
-    end
-  end
-end