actionpack 7.2.0.rc1 → 7.2.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of actionpack might be problematic. Click here for more details.

Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -8
  3. data/lib/action_controller/metal/allow_browser.rb +5 -1
  4. data/lib/action_dispatch/http/request.rb +23 -4
  5. data/lib/action_pack/gem_version.rb +2 -2
  6. metadata +11 -11
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 80bcc9f23223bce78f4446cdbf4b363b4a2c75ee8293240f5cefaa26a12458fb
4
- data.tar.gz: cb3c691b0de2c215d210e8ee20141483e5003c0c92b492d6b3dc273d82884d7c
3
+ metadata.gz: ad5df5d698f6b5b3720582f5b9668642d3c84c158c2e68ab22cf2c5553d1c2bd
4
+ data.tar.gz: 02d6dfa8681209c9e9f23c4e67122d900791473c4791b580407912b1f03de304
5
5
  SHA512:
6
- metadata.gz: f09f3561fb2ba4ab69e694994f68b65e11c40520fa6e7cc1fb96acc204194b3ef0c95cbe23dba8a142724f330e0600f5fc8fe87aba937c35d2780728c67dd584
7
- data.tar.gz: 21e9e1b256fd80d3ad26d3ec0c46b8ac1a5e50d4aba59dd15554761dfbf38be9c68b2caba5e0277940931fe098189a90994a767f1d5a76d56fd1ca909012c41d
6
+ metadata.gz: 3c21ca2e69a2b919357b3a31523069a0e07b8cd81762a42dcae0a368fa3ee7ac4e43e4dc3e4084eec7be45fca4cb50ce3585bb777ff5ad4bfdffefa8faac514b
7
+ data.tar.gz: ff39192baff8f199d5820cdf0f67f85886d4d25ba5f9953a6928677c5f849af270f6d163fd95854249f0d6b4d78b8f0bd4917c2ad1dc33036dae29bba92949c0
data/CHANGELOG.md CHANGED
@@ -1,23 +1,21 @@
1
- ## Rails 7.2.0.rc1 (August 06, 2024) ##
1
+ ## Rails 7.2.1 (August 22, 2024) ##
2
2
 
3
- * No changes.
3
+ * Fix `Request#raw_post` raising `NoMethodError` when `rack.input` is `nil`.
4
4
 
5
+ *Hartley McGuire*
5
6
 
6
- ## Rails 7.2.0.beta3 (July 11, 2024) ##
7
7
 
8
- * No changes.
8
+ ## Rails 7.2.0 (August 09, 2024) ##
9
9
 
10
+ * Allow bots to ignore `allow_browser`.
10
11
 
11
- ## Rails 7.2.0.beta2 (June 04, 2024) ##
12
+ *Matthew Nguyen*
12
13
 
13
14
  * Include the HTTP Permissions-Policy on non-HTML Content-Types
14
15
  [CVE-2024-28103]
15
16
 
16
17
  *Aaron Patterson*, *Zack Deveau*
17
18
 
18
-
19
- ## Rails 7.2.0.beta1 (May 29, 2024) ##
20
-
21
19
  * Fix `Mime::Type.parse` handling type parameters for HTTP Accept headers.
22
20
 
23
21
  *Taylor Chaparro*
data/lib/action_controller/metal/allow_browser.rb CHANGED
@@ -85,13 +85,17 @@ module ActionController # :nodoc:
85
85
  end
86
86
 
87
87
  def unsupported_browser?
88
- version_guarded_browser? && version_below_minimum_required?
88
+ version_guarded_browser? && version_below_minimum_required? && !bot?
89
89
  end
90
90
 
91
91
  def version_guarded_browser?
92
92
  minimum_browser_version_for_browser != nil
93
93
  end
94
94
 
95
+ def bot?
96
+ parsed_user_agent.bot?
97
+ end
98
+
95
99
  def version_below_minimum_required?
96
100
  if minimum_browser_version_for_browser
97
101
  parsed_user_agent.version < UserAgent::Version.new(minimum_browser_version_for_browser.to_s)
data/lib/action_dispatch/http/request.rb CHANGED
@@ -340,7 +340,6 @@ module ActionDispatch
340
340
  def raw_post
341
341
  unless has_header? "RAW_POST_DATA"
342
342
  set_header("RAW_POST_DATA", read_body_stream)
343
- body_stream.rewind if body_stream.respond_to?(:rewind)
344
343
  end
345
344
  get_header "RAW_POST_DATA"
346
345
  end
@@ -467,9 +466,29 @@ module ActionDispatch
467
466
  end
468
467
 
469
468
  def read_body_stream
470
- body_stream.rewind if body_stream.respond_to?(:rewind)
471
- return body_stream.read if headers.key?("Transfer-Encoding") # Read body stream until EOF if "Transfer-Encoding" is present
472
- body_stream.read(content_length)
469
+ if body_stream
470
+ reset_stream(body_stream) do
471
+ if headers.key?("Transfer-Encoding")
472
+ body_stream.read # Read body stream until EOF if "Transfer-Encoding" is present
473
+ else
474
+ body_stream.read(content_length)
475
+ end
476
+ end
477
+ end
478
+ end
479
+
480
+ def reset_stream(body_stream)
481
+ if body_stream.respond_to?(:rewind)
482
+ body_stream.rewind
483
+
484
+ content = yield
485
+
486
+ body_stream.rewind
487
+
488
+ content
489
+ else
490
+ yield
491
+ end
473
492
  end
474
493
  end
475
494
  end
data/lib/action_pack/gem_version.rb CHANGED
@@ -11,8 +11,8 @@ module ActionPack
11
11
  module VERSION
12
12
  MAJOR = 7
13
13
  MINOR = 2
14
- TINY = 0
15
- PRE = "rc1"
14
+ TINY = 1
15
+ PRE = nil
16
16
 
17
17
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
18
18
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: actionpack
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.2.0.rc1
4
+ version: 7.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-08-06 00:00:00.000000000 Z
11
+ date: 2024-08-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 7.2.0.rc1
19
+ version: 7.2.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 7.2.0.rc1
26
+ version: 7.2.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: nokogiri
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -148,28 +148,28 @@ dependencies:
148
148
  requirements:
149
149
  - - '='
150
150
  - !ruby/object:Gem::Version
151
- version: 7.2.0.rc1
151
+ version: 7.2.1
152
152
  type: :runtime
153
153
  prerelease: false
154
154
  version_requirements: !ruby/object:Gem::Requirement
155
155
  requirements:
156
156
  - - '='
157
157
  - !ruby/object:Gem::Version
158
- version: 7.2.0.rc1
158
+ version: 7.2.1
159
159
  - !ruby/object:Gem::Dependency
160
160
  name: activemodel
161
161
  requirement: !ruby/object:Gem::Requirement
162
162
  requirements:
163
163
  - - '='
164
164
  - !ruby/object:Gem::Version
165
- version: 7.2.0.rc1
165
+ version: 7.2.1
166
166
  type: :development
167
167
  prerelease: false
168
168
  version_requirements: !ruby/object:Gem::Requirement
169
169
  requirements:
170
170
  - - '='
171
171
  - !ruby/object:Gem::Version
172
- version: 7.2.0.rc1
172
+ version: 7.2.1
173
173
  description: Web apps on Rails. Simple, battle-tested conventions for building and
174
174
  testing MVC web applications. Works with any Rack-compatible server.
175
175
  email: david@loudthinking.com
@@ -369,10 +369,10 @@ licenses:
369
369
  - MIT
370
370
  metadata:
371
371
  bug_tracker_uri: https://github.com/rails/rails/issues
372
- changelog_uri: https://github.com/rails/rails/blob/v7.2.0.rc1/actionpack/CHANGELOG.md
373
- documentation_uri: https://api.rubyonrails.org/v7.2.0.rc1/
372
+ changelog_uri: https://github.com/rails/rails/blob/v7.2.1/actionpack/CHANGELOG.md
373
+ documentation_uri: https://api.rubyonrails.org/v7.2.1/
374
374
  mailing_list_uri: https://discuss.rubyonrails.org/c/rubyonrails-talk
375
- source_code_uri: https://github.com/rails/rails/tree/v7.2.0.rc1/actionpack
375
+ source_code_uri: https://github.com/rails/rails/tree/v7.2.1/actionpack
376
376
  rubygems_mfa_required: 'true'
377
377
  post_install_message:
378
378
  rdoc_options: []