actionpack 7.1.3.4 → 7.1.4.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b8322f0e0b03702b4d77eacd0f77ddc0d0578389b0f9ae056338c97ce3239aa8
4
- data.tar.gz: 04614dea6d1bab93cb2a21289272b0ee1a2705355ad260ea9be1a8c069f3c92a
3
+ metadata.gz: 6d6c0075e31a2470da87034e8352742903c176696808a902d17a33b8db79c0cd
4
+ data.tar.gz: a6c9e27f6650d1356b68de05dd835f7aa663d131410d188034d25c5f745f3a5e
5
5
  SHA512:
6
- metadata.gz: a36e9f99ced3f948578e34fc8f32fc1699e39c465374b875c4c987bbc27155bd1f57cb21a6cb92745125cb0bd0c0200ee0e8f2c5942cb008b302a054d1d65fc3
7
- data.tar.gz: ed0ce501cbff0a1c315a583b369401d47b7cb2e36300d4a0470cad9366df85cf5dc449e5ef3472170dea52e7837e16d80d2b1ab80189a4818f3f28bdcf85233c
6
+ metadata.gz: e26080c351f2d9d2218a77a7a4583473eb6ecbec52f8eb5fd2879393f4037459acfaed714c0db8ead7905aa8234b48480d1ab313eb281eda1e9a7c8bb5f2cefe
7
+ data.tar.gz: bd2fa076443257da863689d42f1ca5e076a91282f374c8389452ec8604fe5e528830cdb5cd7763c79bd4194e1c3345221f2a409e80ae24dc625bba4d08a2d0d1
data/CHANGELOG.md CHANGED
@@ -1,8 +1,83 @@
1
+ ## Rails 7.1.4.1 (October 15, 2024) ##
2
+
3
+ * Avoid regex backtracking in HTTP Token authentication
4
+
5
+ [CVE-2024-47887]
6
+
7
+ * Avoid regex backtracking in query parameter filtering
8
+
9
+ [CVE-2024-41128]
10
+
11
+ ## Rails 7.1.4 (August 22, 2024) ##
12
+
13
+ * Resolve deprecation warning in latest `selenium-webdriver`.
14
+
15
+ *Earlopain*
16
+
17
+ * Don't preload Selenium browser when remote.
18
+
19
+ *Noah Horton*
20
+
21
+ * Fix crash for invalid Content-Type in ShowExceptions middleware.
22
+
23
+ *Earlopain*
24
+
25
+ * Fix inconsistent results of `params.deep_transform_keys`.
26
+
27
+ *Iago Pimenta*
28
+
29
+ * Do not report rendered errors except 500.
30
+
31
+ *Nikita Vasilevsky*
32
+
33
+ * Improve routes source location detection.
34
+
35
+ *Jean Boussier*
36
+
37
+ * Fix `Request#raw_post` raising `NoMethodError` when `rack.input` is `nil`.
38
+
39
+ *Hartley McGuire*
40
+
41
+ * Fix url generation in nested engine when script name is empty.
42
+
43
+ *zzak*
44
+
45
+ * Fix `Mime::Type.parse` handling type parameters for HTTP Accept headers.
46
+
47
+ *Taylor Chaparro*
48
+
49
+ * Fix the error page that is displayed when a view template is missing to account for nested controller paths in the
50
+ suggested correct location for the missing template.
51
+
52
+ *Joshua Young*
53
+
54
+ * Fix a regression in 7.1.3 passing a `to:` option without a controller when the controller is already defined by a scope.
55
+
56
+ ```ruby
57
+ Rails.application.routes.draw do
58
+ controller :home do
59
+ get "recent", to: "recent_posts"
60
+ end
61
+ end
62
+ ```
63
+
64
+ *Étienne Barrié*
65
+
66
+ * Fix `ActionDispatch::Executor` middleware to report errors handled by `ActionDispatch::ShowExceptions`
67
+
68
+ In the default production environment, `ShowExceptions` rescues uncaught errors
69
+ and returns a response. Because of this the executor wouldn't report production
70
+ errors with the default Rails configuration.
71
+
72
+ *Jean Boussier*
73
+
74
+
1
75
  ## Rails 7.1.3.4 (June 04, 2024) ##
2
76
 
3
77
  * Include the HTTP Permissions-Policy on non-HTML Content-Types
4
78
  [CVE-2024-28103]
5
79
 
80
+ *Aaron Patterson*
6
81
 
7
82
  ## Rails 7.1.3.3 (May 16, 2024) ##
8
83
 
@@ -14,16 +89,22 @@
14
89
  * Fix `raise_on_missing_translations` not working correctly with the
15
90
  `translate` method in controllers after the patch for CVE-2024-26143.
16
91
 
92
+ *John Hawthorn*
93
+
17
94
  ## Rails 7.1.3.1 (February 21, 2024) ##
18
95
 
19
96
  * Fix possible XSS vulnerability with the `translate` method in controllers
20
97
 
21
98
  CVE-2024-26143
22
99
 
100
+ *ooooooo-q + Aaron Patterson*
101
+
23
102
  * Fix ReDoS in Accept header parsing
24
103
 
25
104
  CVE-2024-26142
26
105
 
106
+ *Aaron Patterson*
107
+
27
108
  ## Rails 7.1.3 (January 16, 2024) ##
28
109
 
29
110
  * Fix including `Rails.application.routes.url_helpers` directly in an
@@ -138,6 +219,11 @@
138
219
 
139
220
  *Mike Dalessio*
140
221
 
222
+ * Ensure an uncaught exception when rendering a Turbo Frame properly breaks
223
+ out of the Frame and shows the `DebugView` error page in development.
224
+
225
+ *Joé Dupuis*
226
+
141
227
  * The `with_routing` helper can now be called at the class level. When called at the class level, the routes will
142
228
  be setup before each test, and reset after every test. For example:
143
229
 
@@ -21,10 +21,12 @@ module AbstractController
21
21
  key = "#{path}.#{action_name}#{key}"
22
22
  end
23
23
 
24
- if options[:default]
25
- options[:default] = [options[:default]] unless options[:default].is_a?(Array)
26
- options[:default] = options[:default].map do |value|
27
- value.is_a?(String) ? ERB::Util.html_escape(value) : value
24
+ if ActiveSupport::HtmlSafeTranslation.html_safe_translation_key?(key)
25
+ if options[:default]
26
+ options[:default] = [options[:default]] unless options[:default].is_a?(Array)
27
+ options[:default] = options[:default].map do |value|
28
+ value.is_a?(String) ? ERB::Util.html_escape(value) : value
29
+ end
28
30
  end
29
31
  end
30
32
 
@@ -507,14 +507,11 @@ module ActionController
507
507
  array_params.each { |param| (param[1] || +"").gsub! %r/^"|"$/, "" }
508
508
  end
509
509
 
510
- WHITESPACED_AUTHN_PAIR_DELIMITERS = /\s*#{AUTHN_PAIR_DELIMITERS}\s*/
511
- private_constant :WHITESPACED_AUTHN_PAIR_DELIMITERS
512
-
513
510
  # This method takes an authorization body and splits up the key-value
514
511
  # pairs by the standardized <tt>:</tt>, <tt>;</tt>, or <tt>\t</tt>
515
512
  # delimiters defined in +AUTHN_PAIR_DELIMITERS+.
516
513
  def raw_params(auth)
517
- _raw_params = auth.sub(TOKEN_REGEX, "").split(WHITESPACED_AUTHN_PAIR_DELIMITERS)
514
+ _raw_params = auth.sub(TOKEN_REGEX, "").split(AUTHN_PAIR_DELIMITERS).map(&:strip)
518
515
  _raw_params.reject!(&:empty?)
519
516
 
520
517
  if !_raw_params.first&.start_with?(TOKEN_KEY)
@@ -792,7 +792,7 @@ module ActionController
792
792
  # from the root hash and from all nested hashes and arrays. The values are unchanged.
793
793
  def deep_transform_keys(&block)
794
794
  new_instance_with_inherited_permitted_status(
795
- @parameters.deep_transform_keys(&block)
795
+ _deep_transform_keys_in_object(@parameters, &block).to_unsafe_h
796
796
  )
797
797
  end
798
798
 
@@ -800,7 +800,7 @@ module ActionController
800
800
  # changed keys. This includes the keys from the root hash and from all
801
801
  # nested hashes and arrays. The values are unchanged.
802
802
  def deep_transform_keys!(&block)
803
- @parameters.deep_transform_keys!(&block)
803
+ @parameters = _deep_transform_keys_in_object(@parameters, &block).to_unsafe_h
804
804
  self
805
805
  end
806
806
 
@@ -972,7 +972,7 @@ module ActionController
972
972
  # the returned array will include empty strings.
973
973
  #
974
974
  # params = ActionController::Parameters.new(tags: "ruby,rails,,web")
975
- # params.extract_value(:tags) # => ["ruby", "rails", "", "web"]
975
+ # params.extract_value(:tags, delimiter: ",") # => ["ruby", "rails", "", "web"]
976
976
  def extract_value(key, delimiter: "_")
977
977
  @parameters[key]&.split(delimiter, -1)
978
978
  end
@@ -1035,6 +1035,46 @@ module ActionController
1035
1035
  end
1036
1036
  end
1037
1037
 
1038
+ def _deep_transform_keys_in_object(object, &block)
1039
+ case object
1040
+ when Hash
1041
+ object.each_with_object(self.class.new) do |(key, value), result|
1042
+ result[yield(key)] = _deep_transform_keys_in_object(value, &block)
1043
+ end
1044
+ when Parameters
1045
+ if object.permitted?
1046
+ object.to_h.deep_transform_keys(&block)
1047
+ else
1048
+ object.to_unsafe_h.deep_transform_keys(&block)
1049
+ end
1050
+ when Array
1051
+ object.map { |e| _deep_transform_keys_in_object(e, &block) }
1052
+ else
1053
+ object
1054
+ end
1055
+ end
1056
+
1057
+ def _deep_transform_keys_in_object!(object, &block)
1058
+ case object
1059
+ when Hash
1060
+ object.keys.each do |key|
1061
+ value = object.delete(key)
1062
+ object[yield(key)] = _deep_transform_keys_in_object!(value, &block)
1063
+ end
1064
+ object
1065
+ when Parameters
1066
+ if object.permitted?
1067
+ object.to_h.deep_transform_keys!(&block)
1068
+ else
1069
+ object.to_unsafe_h.deep_transform_keys!(&block)
1070
+ end
1071
+ when Array
1072
+ object.map! { |e| _deep_transform_keys_in_object!(e, &block) }
1073
+ else
1074
+ object
1075
+ end
1076
+ end
1077
+
1038
1078
  def specify_numeric_keys?(filter)
1039
1079
  if filter.respond_to?(:keys)
1040
1080
  filter.keys.any? { |key| /\A-?\d+\z/.match?(key) }
@@ -284,13 +284,13 @@ module ActionController
284
284
  # ActionController::TestCase will also automatically provide the following instance
285
285
  # variables for use in the tests:
286
286
  #
287
- # <b>@controller</b>::
287
+ # @controller::
288
288
  # The controller instance that will be tested.
289
- # <b>@request</b>::
289
+ # @request::
290
290
  # An ActionController::TestRequest, representing the current HTTP
291
291
  # request. You can modify this object before sending the HTTP request. For example,
292
292
  # you might want to set some session properties before sending a GET request.
293
- # <b>@response</b>::
293
+ # @response::
294
294
  # An ActionDispatch::TestResponse object, representing the response
295
295
  # of the last HTTP response. In the above example, <tt>@response</tt> becomes valid
296
296
  # after calling +post+. If the various assert methods are not sufficient, then you
@@ -62,8 +62,11 @@ module ActionController
62
62
  autoload :ApiRendering
63
63
  end
64
64
 
65
- autoload :TestCase, "action_controller/test_case"
66
- autoload :TemplateAssertions, "action_controller/test_case"
65
+ autoload_at "action_controller/test_case" do
66
+ autoload :TestCase
67
+ autoload :TestRequest
68
+ autoload :TemplateAssertions
69
+ end
67
70
  end
68
71
 
69
72
  # Common Active Support usage in Action Controller
@@ -64,12 +64,17 @@ module ActionDispatch
64
64
  ActiveSupport::ParameterFilter.new(filters)
65
65
  end
66
66
 
67
- KV_RE = "[^&;=]+"
68
- PAIR_RE = %r{(#{KV_RE})=(#{KV_RE})}
69
67
  def filtered_query_string # :doc:
70
- query_string.gsub(PAIR_RE) do |_|
71
- parameter_filter.filter($1 => $2).first.join("=")
68
+ parts = query_string.split(/([&;])/)
69
+ filtered_parts = parts.map do |part|
70
+ if part.include?("=")
71
+ key, value = part.split("=", 2)
72
+ parameter_filter.filter(key => value).first.join("=")
73
+ else
74
+ part
75
+ end
72
76
  end
77
+ filtered_parts.join("")
73
78
  end
74
79
  end
75
80
  end
@@ -162,8 +162,11 @@ module Mime
162
162
  end
163
163
 
164
164
  def lookup(string)
165
+ return LOOKUP[string] if LOOKUP.key?(string)
166
+
165
167
  # fallback to the media-type without parameters if it was not found
166
- LOOKUP[string] || LOOKUP[string.split(";", 2)[0]&.rstrip] || Type.new(string)
168
+ string = string.split(";", 2)[0]&.rstrip
169
+ LOOKUP[string] || Type.new(string)
167
170
  end
168
171
 
169
172
  def lookup_by_extension(extension)
@@ -89,7 +89,7 @@ module ActionDispatch # :nodoc:
89
89
  geolocation: "geolocation",
90
90
  gyroscope: "gyroscope",
91
91
  hid: "hid",
92
- idle_detection: "idle_detection",
92
+ idle_detection: "idle-detection",
93
93
  magnetometer: "magnetometer",
94
94
  microphone: "microphone",
95
95
  midi: "midi",
@@ -229,11 +229,12 @@ module ActionDispatch
229
229
  # Early Hints is an HTTP/2 status code that indicates hints to help a client start
230
230
  # making preparations for processing the final response.
231
231
  #
232
- # If the env contains +rack.early_hints+ then the server accepts HTTP2 push for Link headers.
232
+ # If the env contains +rack.early_hints+ then the server accepts HTTP2 push for
233
+ # link headers.
233
234
  #
234
235
  # The +send_early_hints+ method accepts a hash of links as follows:
235
236
  #
236
- # send_early_hints("Link" => "</style.css>; rel=preload; as=style\n</script.js>; rel=preload")
237
+ # send_early_hints("link" => "</style.css>; rel=preload; as=style,</script.js>; rel=preload")
237
238
  #
238
239
  # If you are using +javascript_include_tag+ or +stylesheet_link_tag+ the
239
240
  # Early Hints headers are included by default if supported.
@@ -339,7 +340,6 @@ module ActionDispatch
339
340
  def raw_post
340
341
  unless has_header? "RAW_POST_DATA"
341
342
  set_header("RAW_POST_DATA", read_body_stream)
342
- body_stream.rewind if body_stream.respond_to?(:rewind)
343
343
  end
344
344
  get_header "RAW_POST_DATA"
345
345
  end
@@ -467,9 +467,29 @@ module ActionDispatch
467
467
  end
468
468
 
469
469
  def read_body_stream
470
- body_stream.rewind if body_stream.respond_to?(:rewind)
471
- return body_stream.read if headers.key?("Transfer-Encoding") # Read body stream until EOF if "Transfer-Encoding" is present
472
- body_stream.read(content_length)
470
+ if body_stream
471
+ reset_stream(body_stream) do
472
+ if headers.key?("Transfer-Encoding")
473
+ body_stream.read # Read body stream until EOF if "Transfer-Encoding" is present
474
+ else
475
+ body_stream.read(content_length)
476
+ end
477
+ end
478
+ end
479
+ end
480
+
481
+ def reset_stream(body_stream)
482
+ if body_stream.respond_to?(:rewind)
483
+ body_stream.rewind
484
+
485
+ content = yield
486
+
487
+ body_stream.rewind
488
+
489
+ content
490
+ else
491
+ yield
492
+ end
473
493
  end
474
494
  end
475
495
  end
@@ -12,6 +12,12 @@ module ActionDispatch
12
12
  state = @executor.run!(reset: true)
13
13
  begin
14
14
  response = @app.call(env)
15
+
16
+ if env["action_dispatch.report_exception"]
17
+ error = env["action_dispatch.exception"]
18
+ @executor.error_reporter.report(error, handled: false, source: "application.action_dispatch")
19
+ end
20
+
15
21
  returned = response << ::Rack::BodyProxy.new(response.pop) { state.complete! }
16
22
  rescue => error
17
23
  @executor.error_reporter.report(error, handled: false, source: "application.action_dispatch")
@@ -33,8 +33,11 @@ module ActionDispatch
33
33
  request = ActionDispatch::Request.new env
34
34
  backtrace_cleaner = request.get_header("action_dispatch.backtrace_cleaner")
35
35
  wrapper = ExceptionWrapper.new(backtrace_cleaner, exception)
36
+ request.set_header "action_dispatch.exception", wrapper.unwrapped_exception
37
+ request.set_header "action_dispatch.report_exception", !wrapper.rescue_response?
38
+
36
39
  if wrapper.show?(request)
37
- render_exception(request, wrapper)
40
+ render_exception(request.dup, wrapper)
38
41
  else
39
42
  raise exception
40
43
  end
@@ -43,7 +46,6 @@ module ActionDispatch
43
46
  private
44
47
  def render_exception(request, wrapper)
45
48
  status = wrapper.status_code
46
- request.set_header "action_dispatch.exception", wrapper.unwrapped_exception
47
49
  request.set_header "action_dispatch.original_path", request.path_info
48
50
  request.set_header "action_dispatch.original_request_method", request.raw_request_method
49
51
  fallback_to_html_format_if_invalid_mime_type(request)
@@ -65,9 +67,17 @@ module ActionDispatch
65
67
  # If the MIME type for the request is invalid then the
66
68
  # @exceptions_app may not be able to handle it. To make it
67
69
  # easier to handle, we switch to HTML.
68
- request.formats
69
- rescue ActionDispatch::Http::MimeNegotiation::InvalidType
70
- request.set_header "HTTP_ACCEPT", "text/html"
70
+ begin
71
+ request.content_mime_type
72
+ rescue ActionDispatch::Http::MimeNegotiation::InvalidType
73
+ request.set_header "CONTENT_TYPE", "text/html"
74
+ end
75
+
76
+ begin
77
+ request.formats
78
+ rescue ActionDispatch::Http::MimeNegotiation::InvalidType
79
+ request.set_header "HTTP_ACCEPT", "text/html"
80
+ end
71
81
  end
72
82
 
73
83
  def pass_response(status)
@@ -11,7 +11,7 @@
11
11
  </p>
12
12
  <p>
13
13
  For example, a <code><%= @exception.controller %>#<%= @exception.action_name %></code> action defined in <code>app/controllers/<%= @exception.controller.controller_path %>_controller.rb</code> should have a corresponding view template
14
- in a file named <code>app/views/<%= @exception.controller.controller_name %>/<%= @exception.action_name %>.html.erb</code>.
14
+ in a file named <code>app/views/<%= @exception.controller.controller_path %>/<%= @exception.action_name %>.html.erb</code>.
15
15
  </p>
16
16
  <p>
17
17
  However, if this controller is an API endpoint responding with 204 (No Content), which does not require a view template because it doesn't serve an HTML response, then this error will occur when trying to access it with a browser. In this particular scenario, you can ignore this error.
@@ -69,7 +69,6 @@ module ActionDispatch
69
69
  ActionDispatch::Cookies::CookieJar.always_write_cookie = config.action_dispatch.always_write_cookie
70
70
 
71
71
  ActionDispatch::Routing::Mapper.route_source_locations = Rails.env.development?
72
- ActionDispatch::Routing::Mapper.backtrace_cleaner = Rails.backtrace_cleaner
73
72
 
74
73
  ActionDispatch.test_app = app
75
74
  end
@@ -10,10 +10,19 @@ require "action_dispatch/routing/endpoint"
10
10
  module ActionDispatch
11
11
  module Routing
12
12
  class Mapper
13
+ class BacktraceCleaner < ActiveSupport::BacktraceCleaner # :nodoc:
14
+ def initialize
15
+ super
16
+ remove_silencers!
17
+ add_core_silencer
18
+ add_stdlib_silencer
19
+ end
20
+ end
21
+
13
22
  URL_OPTIONS = [:protocol, :subdomain, :domain, :host, :port]
14
23
 
15
24
  cattr_accessor :route_source_locations, instance_accessor: false, default: false
16
- cattr_accessor :backtrace_cleaner, instance_accessor: false, default: ActiveSupport::BacktraceCleaner.new
25
+ cattr_accessor :backtrace_cleaner, instance_accessor: false, default: BacktraceCleaner.new
17
26
 
18
27
  class Constraints < Routing::Endpoint # :nodoc:
19
28
  attr_reader :app, :constraints
@@ -220,12 +229,17 @@ module ActionDispatch
220
229
  if to.nil?
221
230
  controller = default_controller
222
231
  action = default_action
223
- elsif to.is_a?(String) && to.include?("#")
224
- to_endpoint = to.split("#").map!(&:-@)
225
- controller = to_endpoint[0]
226
- action = to_endpoint[1]
232
+ elsif to.is_a?(String)
233
+ if to.include?("#")
234
+ to_endpoint = to.split("#").map!(&:-@)
235
+ controller = to_endpoint[0]
236
+ action = to_endpoint[1]
237
+ else
238
+ controller = default_controller
239
+ action = to
240
+ end
227
241
  else
228
- raise ArgumentError, ":to must respond to `action` or `call`, or it must be a String that includes '#'"
242
+ raise ArgumentError, ":to must respond to `action` or `call`, or it must be a String that includes '#', or the controller should be implicit"
229
243
  end
230
244
 
231
245
  controller = add_controller_module(controller, modyoule)
@@ -359,12 +373,35 @@ module ActionDispatch
359
373
  Routing::RouteSet::Dispatcher.new raise_on_name_error
360
374
  end
361
375
 
362
- def route_source_location
363
- if Mapper.route_source_locations
364
- action_dispatch_dir = File.expand_path("..", __dir__)
365
- caller_location = caller_locations.find { |location| !location.path.include?(action_dispatch_dir) }
366
- cleaned_path = Mapper.backtrace_cleaner.clean([caller_location.path]).first
367
- "#{cleaned_path}:#{caller_location.lineno}" if cleaned_path
376
+ if Thread.respond_to?(:each_caller_location)
377
+ def route_source_location
378
+ if Mapper.route_source_locations
379
+ action_dispatch_dir = File.expand_path("..", __dir__)
380
+ Thread.each_caller_location do |location|
381
+ next if location.path.start_with?(action_dispatch_dir)
382
+
383
+ cleaned_path = Mapper.backtrace_cleaner.clean_frame(location.path)
384
+ next if cleaned_path.nil?
385
+
386
+ return "#{cleaned_path}:#{location.lineno}"
387
+ end
388
+ nil
389
+ end
390
+ end
391
+ else
392
+ def route_source_location
393
+ if Mapper.route_source_locations
394
+ action_dispatch_dir = File.expand_path("..", __dir__)
395
+ caller_locations.each do |location|
396
+ next if location.path.start_with?(action_dispatch_dir)
397
+
398
+ cleaned_path = Mapper.backtrace_cleaner.clean_frame(location.path)
399
+ next if cleaned_path.nil?
400
+
401
+ return "#{cleaned_path}:#{location.lineno}"
402
+ end
403
+ nil
404
+ end
368
405
  end
369
406
  end
370
407
  end
@@ -680,7 +717,7 @@ module ActionDispatch
680
717
  def optimize_routes_generation?; false; end
681
718
 
682
719
  define_method :find_script_name do |options|
683
- if options.key? :script_name
720
+ if options.key?(:script_name) && options[:script_name].present?
684
721
  super(options)
685
722
  else
686
723
  script_namer.call(options)
@@ -70,7 +70,12 @@ module ActionDispatch
70
70
  end
71
71
 
72
72
  def resolve_driver_path(namespace)
73
- namespace::Service.driver_path = ::Selenium::WebDriver::DriverFinder.path(options, namespace::Service)
73
+ # The path method has been deprecated in 4.20.0
74
+ if Gem::Version.new(::Selenium::WebDriver::VERSION) >= Gem::Version.new("4.20.0")
75
+ namespace::Service.driver_path = ::Selenium::WebDriver::DriverFinder.new(options, namespace::Service.new).driver_path
76
+ else
77
+ namespace::Service.driver_path = ::Selenium::WebDriver::DriverFinder.path(options, namespace::Service)
78
+ end
74
79
  end
75
80
  end
76
81
  end
@@ -16,7 +16,7 @@ module ActionDispatch
16
16
  gem "selenium-webdriver", ">= 4.0.0"
17
17
  require "selenium/webdriver"
18
18
  @browser = Browser.new(options[:using])
19
- @browser.preload
19
+ @browser.preload unless @options[:browser] == :remote
20
20
  else
21
21
  @browser = nil
22
22
  end
@@ -9,8 +9,8 @@ module ActionPack
9
9
  module VERSION
10
10
  MAJOR = 7
11
11
  MINOR = 1
12
- TINY = 3
13
- PRE = "4"
12
+ TINY = 4
13
+ PRE = "1"
14
14
 
15
15
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
16
16
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: actionpack
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.1.3.4
4
+ version: 7.1.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-04 00:00:00.000000000 Z
11
+ date: 2024-10-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 7.1.3.4
19
+ version: 7.1.4.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 7.1.3.4
26
+ version: 7.1.4.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: nokogiri
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -128,28 +128,28 @@ dependencies:
128
128
  requirements:
129
129
  - - '='
130
130
  - !ruby/object:Gem::Version
131
- version: 7.1.3.4
131
+ version: 7.1.4.1
132
132
  type: :runtime
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - '='
137
137
  - !ruby/object:Gem::Version
138
- version: 7.1.3.4
138
+ version: 7.1.4.1
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: activemodel
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
143
  - - '='
144
144
  - !ruby/object:Gem::Version
145
- version: 7.1.3.4
145
+ version: 7.1.4.1
146
146
  type: :development
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
150
  - - '='
151
151
  - !ruby/object:Gem::Version
152
- version: 7.1.3.4
152
+ version: 7.1.4.1
153
153
  description: Web apps on Rails. Simple, battle-tested conventions for building and
154
154
  testing MVC web applications. Works with any Rack-compatible server.
155
155
  email: david@loudthinking.com
@@ -346,12 +346,12 @@ licenses:
346
346
  - MIT
347
347
  metadata:
348
348
  bug_tracker_uri: https://github.com/rails/rails/issues
349
- changelog_uri: https://github.com/rails/rails/blob/v7.1.3.4/actionpack/CHANGELOG.md
350
- documentation_uri: https://api.rubyonrails.org/v7.1.3.4/
349
+ changelog_uri: https://github.com/rails/rails/blob/v7.1.4.1/actionpack/CHANGELOG.md
350
+ documentation_uri: https://api.rubyonrails.org/v7.1.4.1/
351
351
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
352
- source_code_uri: https://github.com/rails/rails/tree/v7.1.3.4/actionpack
352
+ source_code_uri: https://github.com/rails/rails/tree/v7.1.4.1/actionpack
353
353
  rubygems_mfa_required: 'true'
354
- post_install_message:
354
+ post_install_message:
355
355
  rdoc_options: []
356
356
  require_paths:
357
357
  - lib
@@ -367,8 +367,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
367
367
  version: '0'
368
368
  requirements:
369
369
  - none
370
- rubygems_version: 3.3.27
371
- signing_key:
370
+ rubygems_version: 3.5.16
371
+ signing_key:
372
372
  specification_version: 4
373
373
  summary: Web-flow and rendering framework putting the VC in MVC (part of Rails).
374
374
  test_files: []