RubyGems - actionpack - Versions diffs - 7.1.5.1 → 8.1.2 - Mend

actionpack 7.1.5.1 → 8.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (177) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +308 -523
data/README.rdoc +1 -1
data/lib/abstract_controller/asset_paths.rb +6 -2
data/lib/abstract_controller/base.rb +104 -105
data/lib/abstract_controller/caching/fragments.rb +50 -53
data/lib/abstract_controller/caching.rb +8 -3
data/lib/abstract_controller/callbacks.rb +70 -62
data/lib/abstract_controller/collector.rb +7 -7
data/lib/abstract_controller/deprecator.rb +2 -0
data/lib/abstract_controller/error.rb +2 -0
data/lib/abstract_controller/helpers.rb +71 -84
data/lib/abstract_controller/logger.rb +4 -1
data/lib/abstract_controller/railties/routes_helpers.rb +2 -0
data/lib/abstract_controller/rendering.rb +13 -13
data/lib/abstract_controller/translation.rb +12 -13
data/lib/abstract_controller/url_for.rb +8 -6
data/lib/abstract_controller.rb +2 -0
data/lib/action_controller/api/api_rendering.rb +2 -0
data/lib/action_controller/api.rb +76 -72
data/lib/action_controller/base.rb +199 -126
data/lib/action_controller/caching.rb +16 -14
data/lib/action_controller/deprecator.rb +2 -0
data/lib/action_controller/form_builder.rb +21 -18
data/lib/action_controller/log_subscriber.rb +23 -2
data/lib/action_controller/metal/allow_browser.rb +133 -0
data/lib/action_controller/metal/basic_implicit_render.rb +2 -0
data/lib/action_controller/metal/conditional_get.rb +217 -175
data/lib/action_controller/metal/content_security_policy.rb +25 -24
data/lib/action_controller/metal/cookies.rb +4 -2
data/lib/action_controller/metal/data_streaming.rb +72 -63
data/lib/action_controller/metal/default_headers.rb +5 -3
data/lib/action_controller/metal/etag_with_flash.rb +3 -1
data/lib/action_controller/metal/etag_with_template_digest.rb +17 -15
data/lib/action_controller/metal/exceptions.rb +16 -9
data/lib/action_controller/metal/flash.rb +13 -14
data/lib/action_controller/metal/head.rb +15 -11
data/lib/action_controller/metal/helpers.rb +63 -55
data/lib/action_controller/metal/http_authentication.rb +209 -201
data/lib/action_controller/metal/implicit_render.rb +17 -15
data/lib/action_controller/metal/instrumentation.rb +16 -14
data/lib/action_controller/metal/live.rb +177 -128
data/lib/action_controller/metal/logging.rb +6 -4
data/lib/action_controller/metal/mime_responds.rb +151 -142
data/lib/action_controller/metal/parameter_encoding.rb +34 -32
data/lib/action_controller/metal/params_wrapper.rb +57 -59
data/lib/action_controller/metal/permissions_policy.rb +22 -12
data/lib/action_controller/metal/rate_limiting.rb +92 -0
data/lib/action_controller/metal/redirecting.rb +213 -94
data/lib/action_controller/metal/renderers.rb +78 -57
data/lib/action_controller/metal/rendering.rb +111 -77
data/lib/action_controller/metal/request_forgery_protection.rb +182 -143
data/lib/action_controller/metal/rescue.rb +20 -9
data/lib/action_controller/metal/streaming.rb +118 -195
data/lib/action_controller/metal/strong_parameters.rb +720 -530
data/lib/action_controller/metal/testing.rb +2 -0
data/lib/action_controller/metal/url_for.rb +17 -15
data/lib/action_controller/metal.rb +86 -60
data/lib/action_controller/railtie.rb +36 -15
data/lib/action_controller/railties/helpers.rb +2 -0
data/lib/action_controller/renderer.rb +41 -36
data/lib/action_controller/structured_event_subscriber.rb +116 -0
data/lib/action_controller/template_assertions.rb +4 -2
data/lib/action_controller/test_case.rb +160 -131
data/lib/action_controller.rb +5 -1
data/lib/action_dispatch/constants.rb +8 -0
data/lib/action_dispatch/deprecator.rb +2 -0
data/lib/action_dispatch/http/cache.rb +163 -35
data/lib/action_dispatch/http/content_disposition.rb +2 -0
data/lib/action_dispatch/http/content_security_policy.rb +54 -39
data/lib/action_dispatch/http/filter_parameters.rb +14 -8
data/lib/action_dispatch/http/filter_redirect.rb +22 -1
data/lib/action_dispatch/http/headers.rb +22 -22
data/lib/action_dispatch/http/mime_negotiation.rb +89 -41
data/lib/action_dispatch/http/mime_type.rb +25 -21
data/lib/action_dispatch/http/mime_types.rb +3 -0
data/lib/action_dispatch/http/param_builder.rb +187 -0
data/lib/action_dispatch/http/param_error.rb +26 -0
data/lib/action_dispatch/http/parameters.rb +14 -12
data/lib/action_dispatch/http/permissions_policy.rb +25 -36
data/lib/action_dispatch/http/query_parser.rb +55 -0
data/lib/action_dispatch/http/rack_cache.rb +2 -0
data/lib/action_dispatch/http/request.rb +141 -92
data/lib/action_dispatch/http/response.rb +137 -77
data/lib/action_dispatch/http/upload.rb +18 -16
data/lib/action_dispatch/http/url.rb +187 -89
data/lib/action_dispatch/journey/formatter.rb +21 -9
data/lib/action_dispatch/journey/gtg/builder.rb +4 -3
data/lib/action_dispatch/journey/gtg/simulator.rb +34 -11
data/lib/action_dispatch/journey/gtg/transition_table.rb +47 -53
data/lib/action_dispatch/journey/nfa/dot.rb +2 -0
data/lib/action_dispatch/journey/nodes/node.rb +8 -6
data/lib/action_dispatch/journey/parser.rb +99 -195
data/lib/action_dispatch/journey/path/pattern.rb +4 -1
data/lib/action_dispatch/journey/route.rb +54 -38
data/lib/action_dispatch/journey/router/utils.rb +22 -27
data/lib/action_dispatch/journey/router.rb +63 -83
data/lib/action_dispatch/journey/routes.rb +11 -2
data/lib/action_dispatch/journey/scanner.rb +46 -42
data/lib/action_dispatch/journey/visitors.rb +57 -23
data/lib/action_dispatch/journey/visualizer/fsm.js +4 -6
data/lib/action_dispatch/journey.rb +2 -0
data/lib/action_dispatch/log_subscriber.rb +7 -1
data/lib/action_dispatch/middleware/actionable_exceptions.rb +2 -0
data/lib/action_dispatch/middleware/assume_ssl.rb +8 -5
data/lib/action_dispatch/middleware/callbacks.rb +3 -1
data/lib/action_dispatch/middleware/cookies.rb +125 -106
data/lib/action_dispatch/middleware/debug_exceptions.rb +37 -8
data/lib/action_dispatch/middleware/debug_locks.rb +15 -13
data/lib/action_dispatch/middleware/debug_view.rb +13 -5
data/lib/action_dispatch/middleware/exception_wrapper.rb +18 -23
data/lib/action_dispatch/middleware/executor.rb +19 -4
data/lib/action_dispatch/middleware/flash.rb +63 -51
data/lib/action_dispatch/middleware/host_authorization.rb +17 -15
data/lib/action_dispatch/middleware/public_exceptions.rb +14 -12
data/lib/action_dispatch/middleware/reloader.rb +5 -3
data/lib/action_dispatch/middleware/remote_ip.rb +87 -77
data/lib/action_dispatch/middleware/request_id.rb +16 -10
data/lib/action_dispatch/middleware/server_timing.rb +4 -2
data/lib/action_dispatch/middleware/session/abstract_store.rb +2 -0
data/lib/action_dispatch/middleware/session/cache_store.rb +30 -8
data/lib/action_dispatch/middleware/session/cookie_store.rb +27 -26
data/lib/action_dispatch/middleware/session/mem_cache_store.rb +7 -3
data/lib/action_dispatch/middleware/show_exceptions.rb +16 -16
data/lib/action_dispatch/middleware/ssl.rb +53 -40
data/lib/action_dispatch/middleware/stack.rb +11 -10
data/lib/action_dispatch/middleware/static.rb +33 -31
data/lib/action_dispatch/middleware/templates/rescues/_copy_button.html.erb +1 -0
data/lib/action_dispatch/middleware/templates/rescues/_source.html.erb +3 -5
data/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb +9 -5
data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb +1 -0
data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb +1 -0
data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +4 -0
data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +3 -0
data/lib/action_dispatch/middleware/templates/rescues/layout.erb +50 -0
data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.html.erb +1 -0
data/lib/action_dispatch/middleware/templates/rescues/missing_template.html.erb +1 -0
data/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb +1 -0
data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +1 -0
data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb +1 -0
data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +1 -1
data/lib/action_dispatch/railtie.rb +23 -3
data/lib/action_dispatch/request/session.rb +24 -21
data/lib/action_dispatch/request/utils.rb +11 -3
data/lib/action_dispatch/routing/endpoint.rb +2 -0
data/lib/action_dispatch/routing/inspector.rb +85 -60
data/lib/action_dispatch/routing/mapper.rb +1031 -851
data/lib/action_dispatch/routing/polymorphic_routes.rb +69 -62
data/lib/action_dispatch/routing/redirection.rb +47 -39
data/lib/action_dispatch/routing/route_set.rb +79 -56
data/lib/action_dispatch/routing/routes_proxy.rb +7 -4
data/lib/action_dispatch/routing/url_for.rb +130 -125
data/lib/action_dispatch/routing.rb +150 -148
data/lib/action_dispatch/structured_event_subscriber.rb +20 -0
data/lib/action_dispatch/system_test_case.rb +91 -81
data/lib/action_dispatch/system_testing/browser.rb +16 -23
data/lib/action_dispatch/system_testing/driver.rb +2 -0
data/lib/action_dispatch/system_testing/server.rb +2 -0
data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +34 -23
data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +2 -0
data/lib/action_dispatch/testing/assertion_response.rb +9 -7
data/lib/action_dispatch/testing/assertions/response.rb +52 -25
data/lib/action_dispatch/testing/assertions/routing.rb +168 -87
data/lib/action_dispatch/testing/assertions.rb +2 -0
data/lib/action_dispatch/testing/integration.rb +233 -223
data/lib/action_dispatch/testing/request_encoder.rb +11 -9
data/lib/action_dispatch/testing/test_helpers/page_dump_helper.rb +35 -0
data/lib/action_dispatch/testing/test_process.rb +11 -8
data/lib/action_dispatch/testing/test_request.rb +3 -1
data/lib/action_dispatch/testing/test_response.rb +27 -26
data/lib/action_dispatch.rb +36 -32
data/lib/action_pack/gem_version.rb +6 -4
data/lib/action_pack/version.rb +3 -1
data/lib/action_pack.rb +17 -16
metadata +36 -32
data/lib/action_dispatch/journey/parser.y +0 -50
data/lib/action_dispatch/journey/parser_extras.rb +0 -31

data/lib/action_dispatch/request/utils.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
+# :markup: markdown
 require "active_support/core_ext/hash/indifferent_access"
 module ActionDispatch
@@ -81,8 +83,8 @@ module ActionDispatch
       end
       class CustomParamEncoder # :nodoc:
-        def self.encode(request, params, controller, action)
-          return params unless controller && controller.valid_encoding? && encoding_template = action_encoding_template(request, controller, action)
+        def self.encode_for_template(params, encoding_template)
+          return params unless encoding_template
           params.except(:controller, :action).each do |key, value|
             ActionDispatch::Request::Utils.each_param_value(value) do |param|
               # If `param` is frozen, it comes from the router defaults
@@ -96,8 +98,14 @@ module ActionDispatch
           params
         end
+        def self.encode(request, params, controller, action)
+          encoding_template = action_encoding_template(request, controller, action)
+          encode_for_template(params, encoding_template)
+        end
         def self.action_encoding_template(request, controller, action) # :nodoc:
-          request.controller_class_for(controller).action_encoding_template(action)
+          controller && controller.valid_encoding? &&
+            request.controller_class_for(controller).action_encoding_template(action)
         rescue MissingController
           nil
         end

data/lib/action_dispatch/routing/endpoint.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
+# :markup: markdown
 module ActionDispatch
   module Routing
     class Endpoint # :nodoc:

data/lib/action_dispatch/routing/inspector.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
+# :markup: markdown
 require "delegate"
 require "io/console/size"
@@ -62,44 +64,73 @@ module ActionDispatch
       def engine?
         app.engine?
       end
+      def to_h
+        { name: name,
+          verb: verb,
+          path: path,
+          reqs: reqs,
+          source_location: source_location }
+      end
     end
     ##
     # This class is just used for displaying route information when someone
-    # executes `bin/rails routes` or looks at the RoutingError page.
-    # People should not use this class.
+    # executes `bin/rails routes` or looks at the RoutingError page. People should
+    # not use this class.
     class RoutesInspector # :nodoc:
       def initialize(routes)
-        @engines = {}
-        @routes = routes
+        @routes = wrap_routes(routes)
+        @engines = load_engines_routes
       end
       def format(formatter, filter = {})
-        routes_to_display = filter_routes(normalize_filter(filter))
-        routes = collect_routes(routes_to_display)
-        if routes.none?
-          formatter.no_routes(collect_routes(@routes), filter)
-          return formatter.result
-        end
-        formatter.header routes
-        formatter.section routes
+        all_routes = { nil => @routes }.merge(@engines)
-        @engines.each do |name, engine_routes|
-          formatter.section_title "Routes for #{name}"
-          formatter.section engine_routes
+        all_routes.each do |engine_name, routes|
+          format_routes(formatter, filter, engine_name, routes)
         end
         formatter.result
       end
       private
+        def format_routes(formatter, filter, engine_name, routes)
+          routes = filter_routes(routes, normalize_filter(filter)).map(&:to_h)
+          formatter.section_title "Routes for #{engine_name || "application"}" if @engines.any?
+          if routes.any?
+            formatter.header routes
+            formatter.section routes
+          else
+            formatter.no_routes engine_name, routes, filter
+          end
+          formatter.footer routes
+        end
+        def wrap_routes(routes)
+          routes.routes.map { |route| RouteWrapper.new(route) }.reject(&:internal?)
+        end
+        def load_engines_routes
+          engine_routes = @routes.select(&:engine?)
+          engines = engine_routes.to_h do |engine_route|
+            engine_app_routes = engine_route.rack_app.routes
+            engine_app_routes = engine_app_routes.routes if engine_app_routes.is_a?(ActionDispatch::Routing::RouteSet)
+            [engine_route.endpoint, wrap_routes(engine_app_routes)]
+          end
+          engines
+        end
         def normalize_filter(filter)
           if filter[:controller]
             { controller: /#{filter[:controller].underscore.sub(/_?controller\z/, "")}/ }
           elsif filter[:grep]
             grep_pattern = Regexp.new(filter[:grep])
-            path = RFC2396_PARSER.escape(filter[:grep])
+            path = URI::RFC2396_PARSER.escape(filter[:grep])
             normalized_path = ("/" + path).squeeze("/")
             {
@@ -113,39 +144,13 @@ module ActionDispatch
           end
         end
-        def filter_routes(filter)
+        def filter_routes(routes, filter)
           if filter
-            @routes.select do |route|
-              route_wrapper = RouteWrapper.new(route)
-              filter.any? { |filter_type, value| route_wrapper.matches_filter?(filter_type, value) }
+            routes.select do |route|
+              filter.any? { |filter_type, value| route.matches_filter?(filter_type, value) }
             end
           else
-            @routes
-          end
-        end
-        def collect_routes(routes)
-          routes.collect do |route|
-            RouteWrapper.new(route)
-          end.reject(&:internal?).collect do |route|
-            collect_engine_routes(route)
-            { name: route.name,
-              verb: route.verb,
-              path: route.path,
-              reqs: route.reqs,
-              source_location: route.source_location }
-          end
-        end
-        def collect_engine_routes(route)
-          name = route.endpoint
-          return unless route.engine?
-          return if @engines[name]
-          routes = route.rack_app.routes
-          if routes.is_a?(ActionDispatch::Routing::RouteSet)
-            @engines[name] = collect_routes(routes.routes)
+            routes
           end
         end
     end
@@ -169,27 +174,36 @@ module ActionDispatch
         def header(routes)
         end
-        def no_routes(routes, filter)
-          @buffer <<
-            if routes.none?
-              <<~MESSAGE
-                You don't have any routes defined!
+        def footer(routes)
+        end
-                Please add some routes in config/routes.rb.
-              MESSAGE
-            elsif filter.key?(:controller)
+        def no_routes(engine, routes, filter)
+          @buffer <<
+            if filter.key?(:controller)
               "No routes were found for this controller."
             elsif filter.key?(:grep)
               "No routes were found for this grep pattern."
+            elsif routes.none?
+              if engine
+                "No routes defined."
+              else
+                <<~MESSAGE
+                  You don't have any routes defined!
+                  Please add some routes in config/routes.rb.
+                MESSAGE
+              end
             end
-          @buffer << "For more information about routes, see the Rails guide: https://guides.rubyonrails.org/routing.html."
+          unless engine
+            @buffer << "For more information about routes, see the Rails guide: https://guides.rubyonrails.org/routing.html."
+          end
         end
       end
       class Sheet < Base
         def section_title(title)
-          @buffer << "\n#{title}:"
+          @buffer << "#{title}:"
         end
         def section(routes)
@@ -200,6 +214,10 @@ module ActionDispatch
           @buffer << draw_header(routes)
         end
+        def footer(routes)
+          @buffer << ""
+        end
         private
           def draw_section(routes)
             header_lengths = ["Prefix", "Verb", "URI Pattern"].map(&:length)
@@ -230,13 +248,17 @@ module ActionDispatch
         end
         def section_title(title)
-          @buffer << "\n#{"[ #{title} ]"}"
+          @buffer << "#{"[ #{title} ]"}"
         end
         def section(routes)
           @buffer << draw_expanded_section(routes)
         end
+        def footer(routes)
+          @buffer << ""
+        end
         private
           def draw_expanded_section(routes)
             routes.map.each_with_index do |r, i|
@@ -267,7 +289,7 @@ module ActionDispatch
           super
         end
-        def no_routes(routes, filter)
+        def no_routes(engine, routes, filter)
           @buffer <<
             if filter.none?
               "No unused routes found."
@@ -287,7 +309,7 @@ module ActionDispatch
       end
       def section_title(title)
-        @buffer << %(<tr><th colspan="4">#{title}</th></tr>)
+        @buffer << %(<tr><th colspan="5">#{title}</th></tr>)
       end
       def section(routes)
@@ -298,6 +320,9 @@ module ActionDispatch
       def header(routes)
       end
+      def footer(routes)
+      end
       def no_routes(*)
         @buffer << <<~MESSAGE
           <p>You don't have any routes defined!</p>