actionpack 7.2.2.1 → 8.0.5

data/lib/action_controller/metal/live.rb

@@ -53,12 +53,53 @@ module ActionController
   #       response.headers["Last-Modified"] = Time.now.httpdate # Add this line if your Rack version is 2.2.x
   #       ...
   #     end
+  #
+  # ## Streaming and Execution State
+  #
+  # When streaming, the action is executed in a separate thread. By default, this thread
+  # shares execution state from the parent thread.
+  #
+  # You can configure which execution state keys should be excluded from being shared
+  # using the `config.action_controller.live_streaming_excluded_keys` configuration:
+  #
+  #   # config/application.rb
+  #   config.action_controller.live_streaming_excluded_keys = [:active_record_connected_to_stack]
+  #
+  # This is useful when using ActionController::Live inside a `connected_to` block. For example,
+  # if the parent request is reading from a replica using `connected_to(role: :reading)`, you may
+  # want the streaming thread to use its own connection context instead of inheriting the read-only
+  # context:
+  #
+  #   # Without configuration, streaming thread inherits read-only connection
+  #   ActiveRecord::Base.connected_to(role: :reading) do
+  #     @posts = Post.all
+  #     render stream: true # Streaming thread cannot write to database
+  #   end
+  #
+  #   # With configuration, streaming thread gets fresh connection context
+  #   # config.action_controller.live_streaming_excluded_keys = [:active_record_connected_to_stack]
+  #   ActiveRecord::Base.connected_to(role: :reading) do
+  #     @posts = Post.all
+  #     render stream: true # Streaming thread can write to database if needed
+  #   end
+  #
+  # Common keys you might want to exclude:
+  # - `:active_record_connected_to_stack` - Database connection routing and roles
+  # - `:active_record_prohibit_shard_swapping` - Shard swapping restrictions
+  #
+  # By default, no keys are excluded to maintain backward compatibility.
   module Live
     extend ActiveSupport::Concern
 
+    mattr_accessor :live_streaming_excluded_keys, default: []
+
+    included do
+      class_attribute :live_streaming_excluded_keys, instance_accessor: false, default: Live.live_streaming_excluded_keys
+    end
+
     module ClassMethods
       def make_response!(request)
-        if request.get_header("HTTP_VERSION") == "HTTP/1.0"
+        if (request.get_header("SERVER_PROTOCOL") || request.get_header("HTTP_VERSION")) == "HTTP/1.0"
           super
         else
           Live::Response.new.tap do |res|
@@ -171,12 +212,6 @@ module ActionController
         @ignore_disconnect = false
       end
 
-      # ActionDispatch::Response delegates #to_ary to the internal
-      # ActionDispatch::Response::Buffer, defining #to_ary is an indicator that the
-      # response body can be buffered and/or cached by Rack middlewares, this is not
-      # the case for Live responses so we undefine it for this Buffer subclass.
-      undef_method :to_ary
-
       def write(string)
         unless @response.committed?
           @response.headers["Cache-Control"] ||= "no-cache"
@@ -288,7 +323,7 @@ module ActionController
           # Since we're processing the view in a different thread, copy the thread locals
           # from the main thread to the child thread. :'(
           locals.each { |k, v| t2[k] = v }
-          ActiveSupport::IsolatedExecutionState.share_with(t1)
+          ActiveSupport::IsolatedExecutionState.share_with(t1, except: self.class.live_streaming_excluded_keys)
 
           begin
             super(name)
@@ -307,6 +342,9 @@ module ActionController
               error = e
             end
           ensure
+            ActiveSupport::IsolatedExecutionState.clear
+            clean_up_thread_locals(locals, t2)
+
             @_response.commit!
           end
         end
@@ -328,7 +366,8 @@ module ActionController
     # or other running data where you don't want the entire file buffered in memory
     # first. Similar to send_data, but where the data is generated live.
     #
-    # Options:
+    # #### Options:
+    #
     # *   `:filename` - suggests a filename for the browser to use.
     # *   `:type` - specifies an HTTP content type. You can specify either a string
     #     or a symbol for a registered type with `Mime::Type.register`, for example
@@ -371,11 +410,20 @@ module ActionController
       # data from the response bodies. Nobody should call this method except in Rails
       # internals. Seriously!
       def new_controller_thread # :nodoc:
-        Thread.new {
+        ActionController::Live.live_thread_pool_executor.post do
           t2 = Thread.current
           t2.abort_on_exception = true
           yield
-        }
+        end
+      end
+
+      # Ensure we clean up any thread locals we copied so that the thread can reused.
+      def clean_up_thread_locals(locals, thread) # :nodoc:
+        locals.each { |k, _| thread[k] = nil }
+      end
+
+      def self.live_thread_pool_executor
+        @live_thread_pool_executor ||= Concurrent::CachedThreadPool.new(name: "action_controller.live")
       end
 
       def log_error(exception)

data/lib/action_controller/metal/params_wrapper.rb

@@ -198,14 +198,14 @@ module ActionController
       #       # enables the parameter wrapper for XML format
       #
       #     wrap_parameters :person
-      #       # wraps parameters into +params[:person]+ hash
+      #       # wraps parameters into params[:person] hash
       #
       #     wrap_parameters Person
       #       # wraps parameters by determining the wrapper key from Person class
-      #       # (+person+, in this case) and the list of attribute names
+      #       # (:person, in this case) and the list of attribute names
       #
       #     wrap_parameters include: [:username, :title]
-      #       # wraps only +:username+ and +:title+ attributes from parameters.
+      #       # wraps only :username and :title attributes from parameters.
       #
       #     wrap_parameters false
       #       # disables parameters wrapping for this controller altogether.

data/lib/action_controller/metal/rate_limiting.rb

@@ -29,6 +29,9 @@ module ActionController # :nodoc:
       # datastore as your general caches, you can pass a custom store in the `store`
       # parameter.
       #
+      # If you want to use multiple rate limits per controller, you need to give each of
+      # them an explicit name via the `name:` option.
+      #
       # Examples:
       #
       #     class SessionsController < ApplicationController
@@ -44,14 +47,20 @@ module ActionController # :nodoc:
       #       RATE_LIMIT_STORE = ActiveSupport::Cache::RedisCacheStore.new(url: ENV["REDIS_URL"])
       #       rate_limit to: 10, within: 3.minutes, store: RATE_LIMIT_STORE
       #     end
-      def rate_limit(to:, within:, by: -> { request.remote_ip }, with: -> { head :too_many_requests }, store: cache_store, **options)
-        before_action -> { rate_limiting(to: to, within: within, by: by, with: with, store: store) }, **options
+      #
+      #     class SessionsController < ApplicationController
+      #       rate_limit to: 3, within: 2.seconds, name: "short-term"
+      #       rate_limit to: 10, within: 5.minutes, name: "long-term"
+      #     end
+      def rate_limit(to:, within:, by: -> { request.remote_ip }, with: -> { head :too_many_requests }, store: cache_store, name: nil, **options)
+        before_action -> { rate_limiting(to: to, within: within, by: by, with: with, store: store, name: name) }, **options
       end
     end
 
     private
-      def rate_limiting(to:, within:, by:, with:, store:)
-        count = store.increment("rate-limit:#{controller_path}:#{instance_exec(&by)}", 1, expires_in: within)
+      def rate_limiting(to:, within:, by:, with:, store:, name:)
+        cache_key = ["rate-limit", controller_path, name, instance_exec(&by)].compact.join(":")
+        count = store.increment(cache_key, 1, expires_in: within)
         if count && count > to
           ActiveSupport::Notifications.instrument("rate_limit.action_controller", request: request) do
             instance_exec(&with)

data/lib/action_controller/metal/redirecting.rb

@@ -106,13 +106,14 @@ module ActionController
 
       allow_other_host = response_options.delete(:allow_other_host) { _allow_other_host }
 
-      self.status = _extract_redirect_to_status(options, response_options)
+      proposed_status = _extract_redirect_to_status(options, response_options)
 
       redirect_to_location = _compute_redirect_to_location(request, options)
       _ensure_url_is_http_header_safe(redirect_to_location)
 
       self.location      = _enforce_open_redirect_protection(redirect_to_location, allow_other_host: allow_other_host)
       self.response_body = ""
+      self.status        = proposed_status
     end
 
     # Soft deprecated alias for #redirect_back_or_to where the `fallback_location`
@@ -211,9 +212,9 @@ module ActionController
 
       def _extract_redirect_to_status(options, response_options)
         if options.is_a?(Hash) && options.key?(:status)
-          Rack::Utils.status_code(options.delete(:status))
+          ActionDispatch::Response.rack_status_code(options.delete(:status))
         elsif response_options.key?(:status)
-          Rack::Utils.status_code(response_options[:status])
+          ActionDispatch::Response.rack_status_code(response_options[:status])
         else
           302
         end

data/lib/action_controller/metal/renderers.rb

@@ -2,8 +2,6 @@
 
 # :markup: markdown
 
-require "set"
-
 module ActionController
   # See Renderers.add
   def self.add_renderer(key, &block)
@@ -154,7 +152,8 @@ module ActionController
     end
 
     add :json do |json, options|
-      json = json.to_json(options) unless json.kind_of?(String)
+      json_options = options.except(:callback, :content_type, :status)
+      json = json.to_json(json_options) unless json.kind_of?(String)
 
       if options[:callback].present?
         if media_type.nil? || media_type == Mime[:json]

data/lib/action_controller/metal/rendering.rb

@@ -232,7 +232,7 @@ module ActionController
         end
 
         if options[:status]
-          options[:status] = Rack::Utils.status_code(options[:status])
+          options[:status] = ActionDispatch::Response.rack_status_code(options[:status])
         end
 
         super

data/lib/action_controller/metal/request_forgery_protection.rb

@@ -142,6 +142,7 @@ module ActionController # :nodoc:
       #
       #
       # Built-in unverified request handling methods are:
+      #
       # *   `:exception` - Raises ActionController::InvalidAuthenticityToken
       #     exception.
       # *   `:reset_session` - Resets the session.
@@ -170,6 +171,7 @@ module ActionController # :nodoc:
       #
       #
       # Built-in session token strategies are:
+      #
       # *   `:session` - Store the CSRF token in the session.  Used as default if
       #     `:store` option is not specified.
       # *   `:cookie` - Store the CSRF token in an encrypted cookie.
@@ -498,7 +500,7 @@ module ActionController # :nodoc:
       # Checks the client's masked token to see if it matches the session token.
       # Essentially the inverse of `masked_authenticity_token`.
       def valid_authenticity_token?(session, encoded_masked_token) # :doc:
-        if encoded_masked_token.nil? || encoded_masked_token.empty? || !encoded_masked_token.is_a?(String)
+        if !encoded_masked_token.is_a?(String) || encoded_masked_token.empty?
           return false
         end
 

data/lib/action_controller/metal/streaming.rb

@@ -165,95 +165,16 @@ module ActionController # :nodoc:
   #
   # ## Web server support
   #
-  # Not all web servers support streaming out-of-the-box. You need to check the
-  # instructions for each of them.
-  #
-  # #### Unicorn
-  #
-  # Unicorn supports streaming but it needs to be configured. For this, you need
-  # to create a config file as follow:
-  #
-  #     # unicorn.config.rb
-  #     listen 3000, tcp_nopush: false
-  #
-  # And use it on initialization:
-  #
-  #     unicorn_rails --config-file unicorn.config.rb
-  #
-  # You may also want to configure other parameters like `:tcp_nodelay`.
-  #
-  # For more information, please check the
-  # [documentation](https://bogomips.org/unicorn/Unicorn/Configurator.html#method-
-  # i-listen).
-  #
-  # If you are using Unicorn with NGINX, you may need to tweak NGINX. Streaming
-  # should work out of the box on Rainbows.
-  #
-  # #### Passenger
-  #
-  # Phusion Passenger with NGINX, offers two streaming mechanisms out of the box.
-  #
-  # 1.  NGINX response buffering mechanism which is dependent on the value of
-  #     `passenger_buffer_response` option (default is "off").
-  # 2.  Passenger buffering system which is always 'on' irrespective of the value
-  #     of `passenger_buffer_response`.
-  #
-  #
-  # When `passenger_buffer_response` is turned "on", then streaming would be done
-  # at the NGINX level which waits until the application is done sending the
-  # response back to the client.
-  #
-  # For more information, please check the [documentation]
-  # (https://www.phusionpassenger.com/docs/references/config_reference/nginx/#passenger_buffer_response).
+  # Rack 3+ compatible servers all support streaming.
   module Streaming
-    class Body # :nodoc:
-      TERM = "\r\n"
-      TAIL = "0#{TERM}"
-
-      # Store the response body to be chunked.
-      def initialize(body)
-        @body = body
-      end
-
-      # For each element yielded by the response body, yield the element in chunked
-      # encoding.
-      def each(&block)
-        term = TERM
-        @body.each do |chunk|
-          size = chunk.bytesize
-          next if size == 0
-
-          yield [size.to_s(16), term, chunk.b, term].join
-        end
-        yield TAIL
-        yield term
-      end
-
-      # Close the response body if the response body supports it.
-      def close
-        @body.close if @body.respond_to?(:close)
-      end
-    end
-
     private
-      # Set proper cache control and transfer encoding when streaming
-      def _process_options(options)
-        super
-        if options[:stream]
-          if request.version == "HTTP/1.0"
-            options.delete(:stream)
-          else
-            headers["Cache-Control"] ||= "no-cache"
-            headers["Transfer-Encoding"] = "chunked"
-            headers.delete("Content-Length")
-          end
-        end
-      end
-
       # Call render_body if we are streaming instead of usual `render`.
       def _render_template(options)
         if options.delete(:stream)
-          Body.new view_renderer.render_body(view_context, options)
+          # It shouldn't be necessary to set this.
+          headers["cache-control"] ||= "no-cache"
+
+          view_renderer.render_body(view_context, options)
         else
           super
         end